Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/h2dNJtWtnh7jF4yiiHb7hgunnC0.roa
File: h2dNJtWtnh7jF4yiiHb7hgunnC0.roa (raw, json)
Hash identifier: QiuEBKr5ki+GdfPR+vewDX1RrlUcG9USLmKMuO6nW0c=
Subject key identifier: 87:67:4D:26:D5:AD:9E:1E:E3:17:8C:A2:88:76:FB:86:0B:A7:9C:2D
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 019427484EA98E39668FEFE505373196DD0C
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/h2dNJtWtnh7jF4yiiHb7hgunnC0.roa
Signing time: Thu 02 Jan 2025 13:50:37 +0000
ROA not before: Thu 02 Jan 2025 13:50:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212042
IP address blocks: 85.203.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 05:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:4e:a9:8e:39:66:8f:ef:e5:05:37:31:96:dd:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 13:50:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87674d26d5ad9e1ee3178ca28876fb860ba79c2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:c0:42:45:bf:a4:f3:4e:c1:69:13:43:4a:cd:
bb:79:b7:3d:be:e4:a1:57:c1:0e:32:57:07:df:e3:
1c:9a:c8:20:66:1f:69:3e:fa:31:ae:55:59:7b:5e:
4f:29:e2:15:8e:85:f2:ff:bd:66:95:e6:d9:41:ab:
ee:8b:c4:1c:4c:c8:56:55:e9:b3:30:3d:d4:ed:9d:
82:0f:1d:a6:3d:71:b3:b1:46:d7:e5:fa:f2:25:61:
6f:0f:30:d4:84:45:9f:53:87:41:0d:24:60:de:5b:
22:61:90:3e:0f:72:4d:6d:d5:65:e6:f5:fc:ee:76:
41:e7:7e:1b:47:25:2a:e9:47:99:09:2c:b1:b6:e8:
46:67:b1:69:c9:b5:bb:8c:b2:14:9a:dc:46:08:69:
de:1d:37:8f:e3:62:44:ef:63:28:b1:05:d3:21:80:
32:ba:33:bd:5d:06:9a:24:95:70:75:63:cf:5c:44:
26:60:48:b9:98:26:5d:da:0a:e5:7d:c3:dc:4f:c7:
3f:f3:5e:1a:69:18:b7:1b:8d:74:b3:62:83:26:25:
af:97:83:98:89:b9:3a:7c:13:78:94:69:ba:c6:a6:
45:73:da:5a:2a:0b:f0:97:e1:6d:08:0d:62:79:75:
0a:ef:f5:41:1a:13:2d:6c:fe:b1:9a:94:a0:a8:ac:
2a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:67:4D:26:D5:AD:9E:1E:E3:17:8C:A2:88:76:FB:86:0B:A7:9C:2D
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/h2dNJtWtnh7jF4yiiHb7hgunnC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.33.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:99:62:d4:8c:f2:7d:22:0c:26:e6:75:6d:4d:b0:c5:88:6f:
e5:c2:0a:b2:24:7c:c3:4d:ce:08:d8:ce:26:0e:37:a5:a4:fa:
d4:89:f9:e4:76:01:8a:5c:81:aa:6e:68:b6:00:3c:72:4f:f4:
27:b1:1a:ec:d5:09:51:79:35:ea:23:42:46:08:90:41:83:04:
85:d8:d4:f6:1d:3a:9e:d4:04:ee:c7:2e:fd:db:45:28:4d:81:
29:cb:f4:c0:ab:1e:fc:a3:85:65:53:43:4e:05:cb:ac:75:62:
ed:62:94:35:fa:de:7e:e2:9b:f3:49:30:6f:c1:82:14:a8:79:
11:3b:bf:92:fb:b2:45:dd:2c:fd:c6:4f:b2:b8:dd:17:a4:d1:
0f:d5:c7:2d:f2:6d:e0:2c:3c:60:8c:65:ef:07:89:df:97:50:
00:ad:4c:ea:00:1a:64:6e:73:2c:61:aa:36:1e:6d:c4:36:8b:
3e:fe:37:bb:a7:c9:41:88:9e:54:ec:be:41:08:8f:44:11:fb:
f6:e5:6d:2a:87:59:4d:44:b2:96:21:5b:b3:9d:1b:d2:c8:28:
44:bb:49:63:02:55:db:03:78:63:62:77:00:c9:90:10:d1:66:
49:87:e0:f8:e6:a9:40:23:b2:a2:ab:e9:77:bf:cd:25:ba:db:
18:0b:b3:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSE6pjjlmj+/lBTcxlt0MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjUwMTAyMTM1MDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzY3NGQyNmQ1YWQ5ZTFlZTMxNzhjYTI4ODc2ZmI4NjBiYTc5YzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sBCRb+k807BaRNDSs27ebc9vuSh
V8EOMlcH3+McmsggZh9pPvoxrlVZe15PKeIVjoXy/71mlebZQavui8QcTMhWVemz
MD3U7Z2CDx2mPXGzsUbX5fryJWFvDzDUhEWfU4dBDSRg3lsiYZA+D3JNbdVl5vX8
7nZB534bRyUq6UeZCSyxtuhGZ7FpybW7jLIUmtxGCGneHTeP42JE72MosQXTIYAy
ujO9XQaaJJVwdWPPXEQmYEi5mCZd2grlfcPcT8c/814aaRi3G410s2KDJiWvl4OY
ibk6fBN4lGm6xqZFc9paKgvwl+FtCA1ieXUK7/VBGhMtbP6xmpSgqKwqTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIdnTSbVrZ4e4xeMooh2+4YLp5wtMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvaDJkTkp0V3RuaDdqRjR5aWlIYjdoZ3VubkMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcshMA0G
CSqGSIb3DQEBCwUAA4IBAQBPmWLUjPJ9Igwm5nVtTbDFiG/lwgqyJHzDTc4I2M4m
DjelpPrUifnkdgGKXIGqbmi2ADxyT/QnsRrs1QlReTXqI0JGCJBBgwSF2NT2HTqe
1ATuxy7920UoTYEpy/TAqx78o4VlU0NOBcusdWLtYpQ1+t5+4pvzSTBvwYIUqHkR
O7+S+7JF3Sz9xk+yuN0XpNEP1cct8m3gLDxgjGXvB4nfl1AArUzqABpkbnMsYao2
Hm3ENos+/je7p8lBiJ5U7L5BCI9EEfv25W0qh1lNRLKWIVuznRvSyChEu0ljAlXb
A3hjYncAyZAQ0WZJh+D45qlAI7Kiq+l3v80lutsYC7P4
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:15:36 2025 by rpki-client