Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/f39a49-59ea-4c4f-98fc-53aab42f476e/1/2ttxDr4pGnjxuFL3h06WTGhjE60.roa
File: 2ttxDr4pGnjxuFL3h06WTGhjE60.roa (raw, json)
Hash identifier: gb8hbvNo/pcY/swamzsbRwiOgi4eH7YRN51AtOhEfsU=
Subject key identifier: DA:DB:71:0E:BE:29:1A:78:F1:B8:52:F7:87:4E:96:4C:68:63:13:AD
Certificate issuer: /CN=8a3fe0b9c630a33e171a0a5c793f340b43446932
Certificate serial: 0194266B7B002AD021CFCCC4875B90161140
Authority key identifier: 8A:3F:E0:B9:C6:30:A3:3E:17:1A:0A:5C:79:3F:34:0B:43:44:69:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ij_gucYwoz4XGgpceT80C0NEaTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/f39a49-59ea-4c4f-98fc-53aab42f476e/1/2ttxDr4pGnjxuFL3h06WTGhjE60.roa
Signing time: Thu 02 Jan 2025 09:49:25 +0000
ROA not before: Thu 02 Jan 2025 09:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207198
IP address blocks: 185.163.40.0/22 maxlen: 22
213.194.192.0/20 maxlen: 20
213.194.208.0/22 maxlen: 22
2a0a:a800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/f39a49-59ea-4c4f-98fc-53aab42f476e/1/ij_gucYwoz4XGgpceT80C0NEaTI.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/f39a49-59ea-4c4f-98fc-53aab42f476e/1/ij_gucYwoz4XGgpceT80C0NEaTI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ij_gucYwoz4XGgpceT80C0NEaTI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:7b:00:2a:d0:21:cf:cc:c4:87:5b:90:16:11:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a3fe0b9c630a33e171a0a5c793f340b43446932
Validity
Not Before: Jan 2 09:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dadb710ebe291a78f1b852f7874e964c686313ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:dd:33:54:59:3b:96:7e:fd:28:61:7b:9e:91:
21:d3:20:8d:94:3a:76:0a:d2:c7:d5:fb:4b:51:c9:
78:ba:68:98:64:7f:27:10:63:71:ce:89:9e:00:f6:
ba:f3:73:90:2f:b7:55:37:19:23:78:8d:16:18:fa:
fc:9b:6b:72:23:5d:3c:dc:ac:8a:a4:eb:20:dd:f4:
c4:88:48:d0:9b:5a:40:32:91:48:73:fc:02:93:f0:
ef:28:dd:b6:c8:ba:05:eb:a4:24:19:e8:9b:c2:9d:
55:db:25:ad:df:d2:2f:83:5d:0b:23:56:86:ae:70:
9b:50:b6:4a:6d:e2:6b:37:5d:31:5b:52:b4:ef:e8:
1c:cb:bc:66:51:02:76:e2:aa:82:8b:5e:02:b7:52:
e9:36:ba:e7:d6:98:aa:ed:cc:53:ee:8a:a0:b3:82:
ae:d2:9d:98:f3:b3:e9:5c:f4:b3:86:14:f5:1e:88:
a8:5a:ec:59:ad:92:29:04:30:5f:75:3d:d9:46:dc:
a1:51:dd:51:c8:fe:93:ad:41:00:7d:b8:f5:21:fe:
e0:d7:4e:3f:fe:2e:66:55:f5:e3:5a:f0:36:22:eb:
e7:ce:61:00:84:b8:5a:5f:53:6d:4b:8f:15:eb:d7:
d7:53:7b:14:99:c1:90:7e:b8:e4:2e:10:b1:78:28:
e0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:DB:71:0E:BE:29:1A:78:F1:B8:52:F7:87:4E:96:4C:68:63:13:AD
X509v3 Authority Key Identifier:
keyid:8A:3F:E0:B9:C6:30:A3:3E:17:1A:0A:5C:79:3F:34:0B:43:44:69:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ij_gucYwoz4XGgpceT80C0NEaTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/f39a49-59ea-4c4f-98fc-53aab42f476e/1/2ttxDr4pGnjxuFL3h06WTGhjE60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/f39a49-59ea-4c4f-98fc-53aab42f476e/1/ij_gucYwoz4XGgpceT80C0NEaTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.40.0/22
213.194.192.0-213.194.211.255
IPv6:
2a0a:a800::/29
Signature Algorithm: sha256WithRSAEncryption
a1:ff:54:4c:8b:0a:71:6d:e4:c3:4f:fe:5f:5e:6f:15:88:53:
55:71:d8:fc:b8:5f:58:85:67:8f:7c:19:2a:aa:d0:4d:13:15:
04:15:2c:f5:8a:82:e6:55:eb:ca:ca:95:82:fd:8e:bd:6a:ee:
77:58:e4:b0:11:16:f6:f8:b6:42:04:2c:d7:8b:3c:d5:ad:a8:
6f:04:16:10:6a:b2:4c:a3:dd:c3:fa:5a:5f:a7:64:16:30:df:
f6:b3:f9:c8:a7:17:48:9e:c0:97:dd:22:6e:b2:e8:39:4f:99:
cb:1a:df:70:97:42:0d:aa:04:07:4e:24:d5:84:c1:1e:d9:a9:
98:a7:4b:98:50:fa:93:e8:d4:b1:54:60:a2:28:e8:6e:fa:ba:
ce:27:fb:73:36:d6:9b:19:7a:95:3c:d2:7e:ef:56:80:fb:6a:
d3:0f:c3:c3:51:79:80:63:8f:5b:fc:fa:46:f8:8b:97:7d:bf:
7a:02:61:61:4e:71:59:19:1b:81:32:87:c0:b7:7a:31:a9:72:
95:43:1a:a9:00:82:89:75:90:47:dd:5f:25:f3:c4:c5:9d:e9:
b7:bf:c8:95:9f:d8:0a:84:68:91:ff:4d:88:66:1e:20:5e:09:
43:ae:ff:3f:6d:ff:2c:f6:3f:c0:49:8c:4b:22:9a:0a:c0:0b:
99:39:2d:69
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQma3sAKtAhz8zEh1uQFhFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhM2ZlMGI5YzYzMGEzM2UxNzFhMGE1Yzc5M2YzNDBiNDM0
NDY5MzIwHhcNMjUwMTAyMDk0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWRiNzEwZWJlMjkxYTc4ZjFiODUyZjc4NzRlOTY0YzY4NjMxM2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA590zVFk7ln79KGF7npEh0yCNlDp2
CtLH1ftLUcl4umiYZH8nEGNxzomeAPa683OQL7dVNxkjeI0WGPr8m2tyI1083KyK
pOsg3fTEiEjQm1pAMpFIc/wCk/DvKN22yLoF66QkGeibwp1V2yWt39Ivg10LI1aG
rnCbULZKbeJrN10xW1K07+gcy7xmUQJ24qqCi14Ct1LpNrrn1piq7cxT7oqgs4Ku
0p2Y87PpXPSzhhT1HoioWuxZrZIpBDBfdT3ZRtyhUd1RyP6TrUEAfbj1If7g104/
/i5mVfXjWvA2IuvnzmEAhLhaX1NtS48V69fXU3sUmcGQfrjkLhCxeCjg8wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNrbcQ6+KRp48bhS94dOlkxoYxOtMB8GA1UdIwQY
MBaAFIo/4LnGMKM+FxoKXHk/NAtDRGkyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWpfZ3VjWXdvejRYR2dwY2VUODBDME5FYVRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9mMzlhNDktNTllYS00YzRmLTk4ZmMt
NTNhYWI0MmY0NzZlLzEvMnR0eERyNHBHbmp4dUZMM2gwNldUR2hqRTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9mMzlhNDktNTllYS00YzRmLTk4ZmMtNTNhYWI0MmY0NzZl
LzEvaWpfZ3VjWXdvejRYR2dwY2VUODBDME5FYVRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCuaMoMAwD
BAbVwsADBALVwtAwDQQCAAIwBwMFAyoKqAAwDQYJKoZIhvcNAQELBQADggEBAKH/
VEyLCnFt5MNP/l9ebxWIU1Vx2Py4X1iFZ498GSqq0E0TFQQVLPWKguZV68rKlYL9
jr1q7ndY5LARFvb4tkIELNeLPNWtqG8EFhBqskyj3cP6Wl+nZBYw3/az+cinF0ie
wJfdIm6y6DlPmcsa33CXQg2qBAdOJNWEwR7ZqZinS5hQ+pPo1LFUYKIo6G76us4n
+3M21psZepU80n7vVoD7atMPw8NReYBjj1v8+kb4i5d9v3oCYWFOcVkZG4Eyh8C3
ejGpcpVDGqkAgol1kEfdXyXzxMWd6be/yJWf2AqEaJH/TYhmHiBeCUOu/z9t/yz2
P8BJjEsimgrAC5k5LWk=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:06:30 2025 by rpki-client