Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/j_hZBI0fqiAEG2kHXFvWv5K06gc.roa
File: j_hZBI0fqiAEG2kHXFvWv5K06gc.roa (raw, json)
Hash identifier: P1jzIhieFk4vzFU7Y01+n9OGl0IG6FLjVhdiUznDNXw=
Subject key identifier: 8F:F8:59:04:8D:1F:AA:20:04:1B:69:07:5C:5B:D6:BF:92:B4:EA:07
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 019427484FDCA8E09324B637B0C389E2FFF6
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/j_hZBI0fqiAEG2kHXFvWv5K06gc.roa
Signing time: Thu 02 Jan 2025 13:50:37 +0000
ROA not before: Thu 02 Jan 2025 13:50:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 85.203.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 05:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:4f:dc:a8:e0:93:24:b6:37:b0:c3:89:e2:ff:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 13:50:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ff859048d1faa20041b69075c5bd6bf92b4ea07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:32:17:78:e6:28:71:9b:0c:f5:a9:62:ca:96:
27:12:eb:e7:ca:b5:df:2e:5b:c4:b6:b0:ae:e8:32:
e0:93:4a:30:4a:5c:db:2e:26:fc:98:70:f4:6c:b2:
bc:df:0f:34:45:86:7c:00:b5:fd:54:a1:e2:db:1c:
04:ee:bf:4a:76:f5:bd:a5:e5:92:4d:ca:d7:12:d5:
5d:9f:11:01:43:7e:9a:48:c5:e5:77:a5:97:af:2b:
cd:31:4f:e7:06:9c:fe:b4:d1:aa:04:d5:1f:85:d8:
a3:5a:13:59:83:13:c4:60:89:19:cf:d3:2b:68:a2:
38:5b:60:55:77:4e:0b:12:be:16:d3:75:d0:e3:23:
43:4c:13:53:2a:20:34:4c:7d:cf:78:2a:82:e3:3c:
c7:f4:fc:90:cf:14:d1:f5:22:8d:90:1f:f7:51:92:
84:35:84:d2:d0:1a:b1:39:03:a6:b2:f7:6a:cb:09:
6d:05:b3:94:76:1e:4f:b6:af:8b:ca:cc:9c:61:92:
55:01:29:dd:6d:5f:8d:7d:64:25:27:1f:d8:6f:3a:
2a:ac:d0:93:6e:29:35:6f:3d:07:78:0f:28:6b:ac:
f0:37:7b:f5:02:50:0d:a2:42:94:39:b8:0b:ce:da:
e8:7f:cb:79:a8:d2:f0:57:7c:5f:af:63:32:c0:4b:
75:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:F8:59:04:8D:1F:AA:20:04:1B:69:07:5C:5B:D6:BF:92:B4:EA:07
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/j_hZBI0fqiAEG2kHXFvWv5K06gc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.40.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:77:e2:9e:23:1e:f5:fd:fc:07:6c:27:5c:88:00:54:5c:10:
27:79:23:76:64:10:c9:7e:30:1a:0c:9b:42:e4:56:3e:06:61:
b3:e0:b9:55:9c:0c:fb:94:73:09:0b:ce:13:aa:f0:d9:2e:f0:
77:c0:4c:cd:b0:a1:f1:06:96:f4:4f:26:a6:c0:86:77:5a:dd:
11:65:90:f4:d7:59:b0:69:13:69:78:ee:f9:da:e6:29:45:40:
2b:45:43:77:73:6d:aa:45:3f:3b:61:53:2e:f6:89:9e:5d:8e:
e6:32:f2:63:66:be:e8:8f:d8:13:f3:d1:a3:94:25:ae:dc:10:
38:a6:fa:93:e0:29:b6:8b:d0:fd:2f:df:af:a0:82:63:a7:f7:
4c:a7:f4:48:7a:1c:86:df:cd:5d:2a:6c:02:3d:d9:b8:7f:48:
2d:97:e4:77:2b:f4:df:2e:dc:6b:51:9a:de:a4:72:d8:7a:8b:
2c:d2:36:4a:f3:04:d5:d7:03:f4:59:9a:ea:b3:76:a0:2a:cb:
7a:4b:dc:f4:5f:f5:a8:4e:1a:d2:ce:35:ae:2a:9c:1e:c9:ae:
7c:4c:c2:57:21:d3:39:ca:12:d6:73:71:4e:bf:a3:dd:f6:42:
81:38:5f:3a:01:02:13:a3:a8:06:89:d0:28:e8:d2:67:59:24:
dc:24:4e:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSE/cqOCTJLY3sMOJ4v/2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjUwMTAyMTM1MDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmY4NTkwNDhkMWZhYTIwMDQxYjY5MDc1YzViZDZiZjkyYjRlYTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDIXeOYocZsM9aliypYnEuvnyrXf
LlvEtrCu6DLgk0owSlzbLib8mHD0bLK83w80RYZ8ALX9VKHi2xwE7r9KdvW9peWS
TcrXEtVdnxEBQ36aSMXld6WXryvNMU/nBpz+tNGqBNUfhdijWhNZgxPEYIkZz9Mr
aKI4W2BVd04LEr4W03XQ4yNDTBNTKiA0TH3PeCqC4zzH9PyQzxTR9SKNkB/3UZKE
NYTS0BqxOQOmsvdqywltBbOUdh5Ptq+LysycYZJVASndbV+NfWQlJx/YbzoqrNCT
bik1bz0HeA8oa6zwN3v1AlANokKUObgLztrof8t5qNLwV3xfr2MywEt1sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI/4WQSNH6ogBBtpB1xb1r+StOoHMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEval9oWkJJMGZxaUFFRzJrSFhGdld2NUswNmdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVcsoMA0G
CSqGSIb3DQEBCwUAA4IBAQAdd+KeIx71/fwHbCdciABUXBAneSN2ZBDJfjAaDJtC
5FY+BmGz4LlVnAz7lHMJC84TqvDZLvB3wEzNsKHxBpb0TyamwIZ3Wt0RZZD011mw
aRNpeO752uYpRUArRUN3c22qRT87YVMu9omeXY7mMvJjZr7oj9gT89GjlCWu3BA4
pvqT4Cm2i9D9L9+voIJjp/dMp/RIehyG381dKmwCPdm4f0gtl+R3K/TfLtxrUZre
pHLYeoss0jZK8wTV1wP0WZrqs3agKst6S9z0X/WoThrSzjWuKpweya58TMJXIdM5
yhLWc3FOv6Pd9kKBOF86AQITo6gGidAo6NJnWSTcJE6y
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:01:56 2025 by rpki-client