Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1_JtUKQLPWz9u2TpyC3nMGURY20.roa
File: 1_JtUKQLPWz9u2TpyC3nMGURY20.roa (raw, json)
Hash identifier: Wk8ZEHj9AIscMXK8mYfLsgX9jT9ZJe3LFRxYlFlOwI4=
Subject key identifier: D7:F2:6D:50:A4:0B:3D:6C:FD:BB:64:E9:C8:2D:E7:30:65:11:63:6D
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 01942748495807E7090085EB93D979D37A24
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1_JtUKQLPWz9u2TpyC3nMGURY20.roa
Signing time: Thu 02 Jan 2025 13:50:36 +0000
ROA not before: Thu 02 Jan 2025 13:50:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38195
IP address blocks: 85.203.60.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 05:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:49:58:07:e7:09:00:85:eb:93:d9:79:d3:7a:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 13:50:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7f26d50a40b3d6cfdbb64e9c82de7306511636d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a8:fc:ee:8d:d3:b3:c7:af:a7:0d:11:53:e2:
58:08:eb:bc:f9:f4:1d:a2:91:cd:ca:0e:2a:a5:04:
74:e4:46:5a:ab:93:b7:04:95:a7:fe:e7:17:40:fe:
79:17:5a:01:fb:16:a9:b8:35:dd:49:58:b6:7b:2b:
fd:cc:40:b8:08:e1:cd:21:df:3c:ed:13:54:8e:f9:
fb:ad:a6:5d:02:9f:aa:50:9b:a7:93:85:4a:28:67:
4b:f4:6e:f5:ae:c9:2f:d1:92:5d:aa:85:c4:e7:24:
c4:ca:81:ee:a3:53:0b:eb:6e:45:88:87:94:ac:f0:
c8:29:7f:36:4c:f8:4e:53:9b:a9:b9:af:27:9c:2c:
18:01:3f:17:ab:77:4d:58:9d:d3:2b:72:06:b3:65:
81:49:7b:a5:4f:f5:c6:39:3e:6f:0e:a2:3c:75:32:
a5:8d:f8:ba:22:09:c4:0b:d4:64:7a:9f:04:bd:ba:
11:5a:c6:4c:41:49:6a:04:b0:9d:12:3c:65:c2:3a:
94:83:c0:92:e6:77:62:50:7d:1a:43:49:e9:f0:b6:
a0:59:f1:22:d0:41:c3:67:6b:af:1c:b0:68:ce:12:
bd:6a:65:96:4b:4c:26:cf:ac:f9:de:7f:b6:53:c7:
a1:88:e8:78:98:72:86:2e:3c:d8:26:73:d9:3f:5b:
c8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:F2:6D:50:A4:0B:3D:6C:FD:BB:64:E9:C8:2D:E7:30:65:11:63:6D
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1_JtUKQLPWz9u2TpyC3nMGURY20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.60.0/22
Signature Algorithm: sha256WithRSAEncryption
18:12:ce:f9:eb:13:e7:52:e9:6c:bf:77:20:16:ff:22:bc:e9:
a6:2d:ff:d3:12:5b:40:b1:7c:56:3a:88:8b:ca:f2:68:db:26:
a5:7c:cf:c4:6c:f4:0b:bc:25:7b:bd:b0:44:1b:7c:2b:64:61:
d2:df:ff:f6:e3:a2:9e:6c:3c:c1:7f:97:fe:e7:77:36:c2:89:
9b:83:2a:96:9a:d4:a8:70:93:16:84:74:7d:93:04:90:13:fd:
ad:f6:45:a9:b7:c7:51:11:d4:0e:e7:ea:22:38:a8:81:1f:83:
45:14:6d:0f:fd:34:80:d2:07:ec:a6:15:12:99:f7:94:f7:96:
3a:bd:39:f9:18:77:94:6f:78:ee:04:0e:62:eb:55:00:88:06:
33:cc:9b:85:bb:7a:42:3f:28:d4:25:64:9f:78:b5:de:78:2a:
89:0b:bd:4e:0f:64:6c:e7:7c:a5:87:bd:39:43:8b:20:5b:f0:
1e:ad:c2:ff:2b:ae:34:69:84:0c:08:ec:79:e5:da:47:9c:aa:
ef:b5:0e:98:3b:a0:c9:c6:e3:d8:49:f5:0e:2b:ea:41:e5:ce:
b0:ca:24:6f:d8:31:92:f1:9a:c8:13:f5:63:2c:63:e0:f0:7d:
4c:23:51:7f:7e:fc:ab:61:ca:ca:56:03:da:18:4d:98:60:de:
9b:f3:13:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSElYB+cJAIXrk9l503okMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjUwMTAyMTM1MDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2YyNmQ1MGE0MGIzZDZjZmRiYjY0ZTljODJkZTczMDY1MTE2MzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqj87o3Ts8evpw0RU+JYCOu8+fQd
opHNyg4qpQR05EZaq5O3BJWn/ucXQP55F1oB+xapuDXdSVi2eyv9zEC4COHNId88
7RNUjvn7raZdAp+qUJunk4VKKGdL9G71rskv0ZJdqoXE5yTEyoHuo1ML625FiIeU
rPDIKX82TPhOU5upua8nnCwYAT8Xq3dNWJ3TK3IGs2WBSXulT/XGOT5vDqI8dTKl
jfi6IgnEC9Rkep8EvboRWsZMQUlqBLCdEjxlwjqUg8CS5ndiUH0aQ0np8LagWfEi
0EHDZ2uvHLBozhK9amWWS0wmz6z53n+2U8ehiOh4mHKGLjzYJnPZP1vIzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNfybVCkCz1s/btk6cgt5zBlEWNtMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvMV9KdFVLUUxQV3o5dTJUcHlDM25NR1VSWTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVcs8MA0G
CSqGSIb3DQEBCwUAA4IBAQAYEs756xPnUulsv3cgFv8ivOmmLf/TEltAsXxWOoiL
yvJo2yalfM/EbPQLvCV7vbBEG3wrZGHS3//246KebDzBf5f+53c2wombgyqWmtSo
cJMWhHR9kwSQE/2t9kWpt8dREdQO5+oiOKiBH4NFFG0P/TSA0gfsphUSmfeU95Y6
vTn5GHeUb3juBA5i61UAiAYzzJuFu3pCPyjUJWSfeLXeeCqJC71OD2Rs53ylh705
Q4sgW/AercL/K640aYQMCOx55dpHnKrvtQ6YO6DJxuPYSfUOK+pB5c6wyiRv2DGS
8ZrIE/VjLGPg8H1MI1F/fvyrYcrKVgPaGE2YYN6b8xOu
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:02:03 2025 by rpki-client