Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/9e884e-17e4-4271-ac89-cb3fa407e0f4/1/EfwdFjXVhRXWX5ii0NrhIm4Va4g.roa
File: EfwdFjXVhRXWX5ii0NrhIm4Va4g.roa (raw, json)
Hash identifier: rkgBBwT7155haQFS5qhcb+40oim+InAz1f/X+wiaZP8=
Subject key identifier: 11:FC:1D:16:35:D5:85:15:D6:5F:98:A2:D0:DA:E1:22:6E:15:6B:88
Certificate issuer: /CN=13b4f6b90167b71bd663fa0391e038a0155bb939
Certificate serial: 019425217FE7AED5FAE62132EBF6034A9FB4
Authority key identifier: 13:B4:F6:B9:01:67:B7:1B:D6:63:FA:03:91:E0:38:A0:15:5B:B9:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E7T2uQFntxvWY_oDkeA4oBVbuTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/9e884e-17e4-4271-ac89-cb3fa407e0f4/1/EfwdFjXVhRXWX5ii0NrhIm4Va4g.roa
Signing time: Thu 02 Jan 2025 03:48:59 +0000
ROA not before: Thu 02 Jan 2025 03:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210095
IP address blocks: 85.31.40.0/24 maxlen: 24
85.31.41.0/24 maxlen: 24
85.31.42.0/24 maxlen: 24
85.31.43.0/24 maxlen: 24
2a0d:da40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/9e884e-17e4-4271-ac89-cb3fa407e0f4/1/E7T2uQFntxvWY_oDkeA4oBVbuTk.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/9e884e-17e4-4271-ac89-cb3fa407e0f4/1/E7T2uQFntxvWY_oDkeA4oBVbuTk.mft
rsync://rpki.ripe.net/repository/DEFAULT/E7T2uQFntxvWY_oDkeA4oBVbuTk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Mar 2025 17:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:7f:e7:ae:d5:fa:e6:21:32:eb:f6:03:4a:9f:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13b4f6b90167b71bd663fa0391e038a0155bb939
Validity
Not Before: Jan 2 03:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11fc1d1635d58515d65f98a2d0dae1226e156b88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:51:07:db:d5:ea:94:ac:f0:47:75:09:0f:b8:
6e:fb:10:57:78:52:08:33:9e:c9:96:20:68:e4:f1:
6a:9a:5e:43:14:2b:78:a5:13:95:6c:29:60:6b:b5:
3d:95:b3:79:e7:c1:11:a0:ff:6f:6c:3c:bf:8d:de:
d3:ad:b3:80:8a:0c:ac:79:e3:37:c6:99:24:e3:5a:
95:84:66:1c:8c:e4:8f:b3:ee:d4:63:38:b5:ea:2a:
c1:2d:a5:ee:d7:ff:92:3a:a4:32:88:c4:91:a4:50:
95:ce:74:cc:47:b4:fd:10:d3:3b:5b:8b:dc:7f:e0:
39:fc:20:76:1f:39:f7:2e:65:5b:7b:9a:34:b8:91:
9f:39:a8:59:0d:07:f9:6e:6d:65:1c:5b:8b:cb:51:
56:19:32:8c:a9:c5:9c:b9:2e:b9:89:5e:5e:c2:94:
d7:82:94:78:17:9e:11:0b:cc:fe:13:7a:6e:13:c9:
32:bd:fa:b3:5c:d7:a5:e8:5d:1f:ed:5a:fd:7a:51:
27:6d:a0:db:38:90:65:ff:6c:b6:35:3f:a9:26:8b:
e2:e0:97:ef:9c:8d:4e:74:4c:cf:c3:55:71:4e:cc:
ab:70:d7:a3:83:f6:f7:a3:32:02:d8:87:9e:84:5a:
a6:a7:84:e0:f2:4b:ee:9e:51:82:7a:e2:4d:67:c8:
dc:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:FC:1D:16:35:D5:85:15:D6:5F:98:A2:D0:DA:E1:22:6E:15:6B:88
X509v3 Authority Key Identifier:
keyid:13:B4:F6:B9:01:67:B7:1B:D6:63:FA:03:91:E0:38:A0:15:5B:B9:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E7T2uQFntxvWY_oDkeA4oBVbuTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/9e884e-17e4-4271-ac89-cb3fa407e0f4/1/EfwdFjXVhRXWX5ii0NrhIm4Va4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/9e884e-17e4-4271-ac89-cb3fa407e0f4/1/E7T2uQFntxvWY_oDkeA4oBVbuTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.31.40.0/22
IPv6:
2a0d:da40::/29
Signature Algorithm: sha256WithRSAEncryption
b0:f3:db:4f:4a:83:b5:13:55:cd:12:fd:5f:46:c9:f1:b4:ce:
dd:38:80:09:62:fa:59:c9:de:41:01:70:9c:34:8f:5c:47:cf:
c0:c5:e3:be:82:8b:30:fc:47:41:b3:a8:3e:96:94:47:29:3b:
71:32:4b:04:51:e3:18:2a:cc:08:98:d6:b5:6c:cf:5b:0b:1a:
32:53:3d:ad:cd:e1:d4:d4:99:70:1d:89:ab:54:34:dd:4c:fa:
d7:d4:49:89:9e:dc:c9:dc:d0:49:d9:0d:37:0d:53:6a:6d:8d:
55:5a:13:3f:c0:6e:0d:2f:2b:39:ba:02:92:9b:4f:34:34:b4:
70:8a:20:93:36:4b:c8:fe:e0:a9:f3:72:f8:ce:cc:04:c9:c5:
d5:23:02:4e:e0:86:1b:71:79:8d:88:fc:5e:7d:c5:db:f5:7b:
52:5d:9b:2c:f7:0c:6a:2d:9a:3c:75:d5:a0:28:43:59:6c:45:
a2:ab:0b:76:eb:02:4e:59:13:fd:b1:38:1c:36:15:b8:43:84:
3a:70:64:da:ac:72:f3:ad:0e:1b:34:e8:25:51:54:42:6e:cc:
37:39:d5:18:81:68:cd:4b:c9:ec:55:ea:2d:c1:6d:c7:bf:22:
41:9c:52:ae:5c:d7:6a:7d:12:c8:38:56:cf:b4:27:2f:26:5d:
fb:bf:32:91
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIX/nrtX65iEy6/YDSp+0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYjRmNmI5MDE2N2I3MWJkNjYzZmEwMzkxZTAzOGEwMTU1
YmI5MzkwHhcNMjUwMTAyMDM0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWZjMWQxNjM1ZDU4NTE1ZDY1Zjk4YTJkMGRhZTEyMjZlMTU2Yjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFEH29XqlKzwR3UJD7hu+xBXeFII
M57JliBo5PFqml5DFCt4pROVbClga7U9lbN558ERoP9vbDy/jd7TrbOAigyseeM3
xpkk41qVhGYcjOSPs+7UYzi16irBLaXu1/+SOqQyiMSRpFCVznTMR7T9ENM7W4vc
f+A5/CB2Hzn3LmVbe5o0uJGfOahZDQf5bm1lHFuLy1FWGTKMqcWcuS65iV5ewpTX
gpR4F54RC8z+E3puE8kyvfqzXNel6F0f7Vr9elEnbaDbOJBl/2y2NT+pJovi4Jfv
nI1OdEzPw1VxTsyrcNejg/b3ozIC2IeehFqmp4Tg8kvunlGCeuJNZ8jcpQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBH8HRY11YUV1l+YotDa4SJuFWuIMB8GA1UdIwQY
MBaAFBO09rkBZ7cb1mP6A5HgOKAVW7k5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTdUMnVRRm50eHZXWV9vRGtlQTRvQlZidVRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85ZTg4NGUtMTdlNC00MjcxLWFjODkt
Y2IzZmE0MDdlMGY0LzEvRWZ3ZEZqWFZoUlhXWDVpaTBOcmhJbTRWYTRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85ZTg4NGUtMTdlNC00MjcxLWFjODktY2IzZmE0MDdlMGY0
LzEvRTdUMnVRRm50eHZXWV9vRGtlQTRvQlZidVRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVR8oMA0E
AgACMAcDBQMqDdpAMA0GCSqGSIb3DQEBCwUAA4IBAQCw89tPSoO1E1XNEv1fRsnx
tM7dOIAJYvpZyd5BAXCcNI9cR8/AxeO+gosw/EdBs6g+lpRHKTtxMksEUeMYKswI
mNa1bM9bCxoyUz2tzeHU1JlwHYmrVDTdTPrX1EmJntzJ3NBJ2Q03DVNqbY1VWhM/
wG4NLys5ugKSm080NLRwiiCTNkvI/uCp83L4zswEycXVIwJO4IYbcXmNiPxefcXb
9XtSXZss9wxqLZo8ddWgKENZbEWiqwt26wJOWRP9sTgcNhW4Q4Q6cGTarHLzrQ4b
NOglUVRCbsw3OdUYgWjNS8nsVeotwW3HvyJBnFKuXNdqfRLIOFbPtCcvJl37vzKR
-----END CERTIFICATE-----
Generated at Sun Mar 9 02:52:16 2025 by rpki-client