Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/Kx_HhRKSclovibYPTKsUbvIcnP4.roa
File: Kx_HhRKSclovibYPTKsUbvIcnP4.roa (raw, json)
Hash identifier: JQyTdc/rfi6m77h0pBZ1O2Zt7h/QM9DkjjB00attiWg=
Subject key identifier: 2B:1F:C7:85:12:92:72:5A:2F:89:B6:0F:4C:AB:14:6E:F2:1C:9C:FE
Certificate issuer: /CN=1ed3d8e29e063b9d2740ab3de6c72255ec8d0557
Certificate serial: 01942521EC9E8A7CADB97BB09A596214D0AC
Authority key identifier: 1E:D3:D8:E2:9E:06:3B:9D:27:40:AB:3D:E6:C7:22:55:EC:8D:05:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HtPY4p4GO50nQKs95sciVeyNBVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/Kx_HhRKSclovibYPTKsUbvIcnP4.roa
Signing time: Thu 02 Jan 2025 03:49:27 +0000
ROA not before: Thu 02 Jan 2025 03:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8903
IP address blocks: 212.31.198.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/HtPY4p4GO50nQKs95sciVeyNBVc.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/HtPY4p4GO50nQKs95sciVeyNBVc.mft
rsync://rpki.ripe.net/repository/DEFAULT/HtPY4p4GO50nQKs95sciVeyNBVc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 12:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:ec:9e:8a:7c:ad:b9:7b:b0:9a:59:62:14:d0:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ed3d8e29e063b9d2740ab3de6c72255ec8d0557
Validity
Not Before: Jan 2 03:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b1fc7851292725a2f89b60f4cab146ef21c9cfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ab:f0:48:c0:63:af:60:27:3e:c2:f8:6a:ca:
d9:1a:ca:79:33:c1:7a:f6:78:7f:a2:12:ee:57:8d:
34:42:be:2d:e2:0d:fb:c8:35:7b:af:ed:db:81:72:
e6:96:6c:cc:5c:0e:c2:e0:fc:b5:23:77:b6:5b:0c:
61:0a:d9:85:00:9b:8b:d2:87:42:6b:50:1e:f9:d7:
6a:82:7c:85:b0:05:a0:12:8b:9d:84:20:36:da:83:
4b:a3:87:dd:04:42:21:d4:7c:86:67:3d:8f:78:bc:
04:ff:dc:79:37:99:2b:06:2f:c2:2d:ea:a6:80:e4:
ef:69:88:c3:6f:10:4c:d6:87:06:4f:d9:40:be:3e:
fa:fa:7a:4d:cc:85:b9:4f:86:ff:1a:09:78:25:9c:
75:77:91:2a:21:02:3e:89:e2:59:7a:97:e9:84:38:
ff:8a:98:3f:0b:49:93:3d:ee:3f:69:fd:e6:cb:cb:
01:30:c4:e7:3f:4d:97:2c:57:17:c8:98:f3:58:65:
da:31:0a:4f:59:8f:59:f0:40:db:ab:bc:4f:73:4b:
1e:64:b3:de:53:ad:a0:d6:b9:a7:64:61:ce:bd:3c:
fd:2f:f8:b6:b6:cb:4b:fd:fa:d3:5d:9c:01:57:79:
dc:df:ca:91:5c:f1:2e:da:98:20:ad:83:9a:50:12:
d4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:1F:C7:85:12:92:72:5A:2F:89:B6:0F:4C:AB:14:6E:F2:1C:9C:FE
X509v3 Authority Key Identifier:
keyid:1E:D3:D8:E2:9E:06:3B:9D:27:40:AB:3D:E6:C7:22:55:EC:8D:05:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HtPY4p4GO50nQKs95sciVeyNBVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/Kx_HhRKSclovibYPTKsUbvIcnP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/HtPY4p4GO50nQKs95sciVeyNBVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.31.198.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:a2:80:0b:bb:05:c8:52:70:6d:56:9e:49:75:3d:b4:4e:b1:
73:23:24:8f:9b:32:01:58:2a:0e:e0:8f:fe:91:d1:f0:07:df:
f8:e1:72:5c:32:03:ce:e7:fe:33:bb:48:18:79:4d:e5:09:12:
f3:e0:f5:e5:b5:44:df:f3:17:56:a9:96:1b:10:46:6c:cc:e3:
ce:d9:bd:61:5b:c9:e9:94:5e:5c:18:d5:15:e1:0d:c0:50:5c:
6a:c8:66:dd:b5:2a:70:f6:89:39:ec:30:18:8f:72:a8:01:88:
37:22:50:e1:72:f7:c1:73:1f:36:6d:c6:4f:4c:79:ab:6a:bf:
c1:df:94:d4:38:93:3a:98:48:0f:4f:e7:70:ed:6a:ac:eb:24:
d9:e6:3a:24:0a:21:74:5a:a1:a5:6b:13:75:a7:4d:d9:e0:bd:
a6:a1:f5:58:0a:af:13:6f:48:10:2e:27:85:fd:92:09:a9:54:
0c:f0:3a:aa:98:ca:11:9e:37:bc:d8:44:ab:e6:2e:a0:b9:a4:
17:97:0e:2a:08:5c:f1:67:84:a0:c2:10:7d:ec:e7:e7:fc:de:
d1:47:11:eb:f7:ce:c6:da:4a:2b:10:d8:ec:b9:5c:7d:b8:89:
78:a1:fb:a6:49:ad:38:e2:55:3c:e8:44:5f:49:6b:b2:58:1b:
b5:55:ca:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIeyeinytuXuwmlliFNCsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZDNkOGUyOWUwNjNiOWQyNzQwYWIzZGU2YzcyMjU1ZWM4
ZDA1NTcwHhcNMjUwMTAyMDM0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjFmYzc4NTEyOTI3MjVhMmY4OWI2MGY0Y2FiMTQ2ZWYyMWM5Y2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzavwSMBjr2AnPsL4asrZGsp5M8F6
9nh/ohLuV400Qr4t4g37yDV7r+3bgXLmlmzMXA7C4Py1I3e2WwxhCtmFAJuL0odC
a1Ae+ddqgnyFsAWgEoudhCA22oNLo4fdBEIh1HyGZz2PeLwE/9x5N5krBi/CLeqm
gOTvaYjDbxBM1ocGT9lAvj76+npNzIW5T4b/Ggl4JZx1d5EqIQI+ieJZepfphDj/
ipg/C0mTPe4/af3my8sBMMTnP02XLFcXyJjzWGXaMQpPWY9Z8EDbq7xPc0seZLPe
U62g1rmnZGHOvTz9L/i2tstL/frTXZwBV3nc38qRXPEu2pggrYOaUBLUJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCsfx4USknJaL4m2D0yrFG7yHJz+MB8GA1UdIwQY
MBaAFB7T2OKeBjudJ0CrPebHIlXsjQVXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHRQWTRwNEdPNTBuUUtzOTVzY2lWZXlOQlZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80ZDljODMtZjk2MC00OGFjLWJiZjUt
OWRjYTVjYzgwZGQ5LzEvS3hfSGhSS1NjbG92aWJZUFRLc1VidkljblA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80ZDljODMtZjk2MC00OGFjLWJiZjUtOWRjYTVjYzgwZGQ5
LzEvSHRQWTRwNEdPNTBuUUtzOTVzY2lWZXlOQlZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1B/GMA0G
CSqGSIb3DQEBCwUAA4IBAQA8ooALuwXIUnBtVp5JdT20TrFzIySPmzIBWCoO4I/+
kdHwB9/44XJcMgPO5/4zu0gYeU3lCRLz4PXltUTf8xdWqZYbEEZszOPO2b1hW8np
lF5cGNUV4Q3AUFxqyGbdtSpw9ok57DAYj3KoAYg3IlDhcvfBcx82bcZPTHmrar/B
35TUOJM6mEgPT+dw7Wqs6yTZ5jokCiF0WqGlaxN1p03Z4L2mofVYCq8Tb0gQLieF
/ZIJqVQM8DqqmMoRnje82ESr5i6guaQXlw4qCFzxZ4SgwhB97Ofn/N7RRxHr987G
2korENjsuVx9uIl4ofumSa044lU86ERfSWuyWBu1Vcqg
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:50:09 2025 by rpki-client