Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/OTrigJ7_aPNFptL9-1H351sJknI.roa
File: OTrigJ7_aPNFptL9-1H351sJknI.roa (raw, json)
Hash identifier: K/oqf4mDjIXLt7R/zbvZCfYf4v02mbWbP2zavJ0lff8=
Subject key identifier: 39:3A:E2:80:9E:FF:68:F3:45:A6:D2:FD:FB:51:F7:E7:5B:09:92:72
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 0194258F7F0F12CED40B7A302DA83C36C426
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/OTrigJ7_aPNFptL9-1H351sJknI.roa
Signing time: Thu 02 Jan 2025 05:49:08 +0000
ROA not before: Thu 02 Jan 2025 05:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24785
IP address blocks: 213.207.0.0/24 maxlen: 24
213.207.3.0/24 maxlen: 24
213.207.4.0/24 maxlen: 24
213.207.7.0/24 maxlen: 24
213.207.8.0/24 maxlen: 24
213.207.9.0/24 maxlen: 24
213.207.11.0/24 maxlen: 24
213.207.12.0/24 maxlen: 24
213.207.15.0/24 maxlen: 24
213.207.16.0/24 maxlen: 24
213.207.17.0/24 maxlen: 24
213.207.18.0/24 maxlen: 24
213.207.19.0/24 maxlen: 24
217.170.0.0/19 maxlen: 19
217.170.0.0/24 maxlen: 24
217.170.9.0/24 maxlen: 24
217.170.10.0/24 maxlen: 24
217.170.11.0/24 maxlen: 24
217.170.18.0/24 maxlen: 24
217.170.19.0/24 maxlen: 24
217.170.20.0/24 maxlen: 24
217.170.22.0/24 maxlen: 24
217.170.23.0/24 maxlen: 24
2a02:10::/29 maxlen: 29
2a02:10:31::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 11:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:7f:0f:12:ce:d4:0b:7a:30:2d:a8:3c:36:c4:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 2 05:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=393ae2809eff68f345a6d2fdfb51f7e75b099272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1d:e3:b0:7b:99:28:c5:5e:47:7a:af:4d:dd:
ff:47:8b:54:99:30:09:ee:c4:b3:7b:64:75:e4:12:
b5:b2:89:b7:b4:94:f6:a2:f9:0e:1c:4b:53:09:34:
69:ec:e0:e4:8c:5d:2b:ee:a0:c4:6d:8f:bd:cc:12:
f0:fe:3c:3c:67:2d:e7:49:e6:89:38:d9:ef:51:28:
07:ec:87:3f:72:7b:27:d1:cf:b1:98:66:a0:f2:1f:
86:ba:eb:1d:88:b1:ed:86:b8:70:2a:80:24:62:03:
d7:15:bc:4c:3d:76:cf:d5:48:c2:32:6e:84:09:f9:
67:40:1a:d2:3b:e4:d9:08:5c:af:db:71:ec:cd:3f:
c3:59:d5:bc:7f:55:ca:e8:14:be:5d:6f:c4:e8:8d:
59:93:8e:bb:02:5c:e1:26:d3:5d:4a:e9:28:1a:d1:
9f:32:4c:ae:19:7d:9e:41:49:24:81:4b:03:77:e6:
42:f0:d6:93:18:ec:3a:e7:d4:d6:19:ce:1c:9c:26:
e9:f6:07:84:6d:de:19:10:5f:25:90:83:bc:52:7c:
5e:74:d8:15:14:0f:5c:cb:fe:e5:5b:aa:29:09:36:
b8:af:ea:f1:cb:2d:fb:cd:d6:9e:b7:74:3e:af:d4:
18:2f:d7:ea:4b:1c:19:3a:bf:c2:e7:fe:22:98:94:
9f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:3A:E2:80:9E:FF:68:F3:45:A6:D2:FD:FB:51:F7:E7:5B:09:92:72
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/OTrigJ7_aPNFptL9-1H351sJknI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.207.0.0/24
213.207.3.0-213.207.4.255
213.207.7.0-213.207.9.255
213.207.11.0-213.207.12.255
213.207.15.0-213.207.19.255
217.170.0.0/19
IPv6:
2a02:10::/29
Signature Algorithm: sha256WithRSAEncryption
26:80:df:8e:fd:72:fa:16:af:38:9b:74:19:71:22:d2:82:5b:
37:11:85:b8:17:80:02:97:93:db:09:e2:27:13:2f:7a:b5:78:
4f:5e:27:a7:5a:c5:ed:c9:b8:b3:bd:dc:0c:bf:42:df:b4:cd:
4d:5d:fa:55:72:99:2c:42:f3:5c:bb:98:51:0e:3e:8f:99:b2:
50:03:29:27:d4:73:14:88:84:e5:fe:ff:5a:6c:71:0f:60:36:
a9:40:0b:6a:42:0b:c2:da:34:6b:bc:8a:69:84:a3:c6:b5:3f:
8c:f6:82:c2:9e:03:6c:ce:80:ad:ef:0e:cb:f2:14:49:6d:df:
e5:f3:36:90:9a:6d:eb:7b:2c:41:6c:97:c6:fa:ba:20:66:aa:
a8:82:58:6c:0f:4c:8f:59:95:d2:eb:d7:fc:ba:e1:33:40:d3:
65:eb:0e:f1:87:47:4d:88:69:b0:19:ab:33:6a:3c:49:d0:b9:
34:9f:3a:40:13:66:9b:28:2f:20:39:b3:30:88:3c:16:9b:24:
24:23:2a:e2:13:03:c5:d6:a6:62:10:84:a5:74:73:e5:fc:65:
6f:c5:96:29:99:cd:24:92:26:ae:e2:62:e2:ad:2f:b8:e4:5c:
cd:c2:46:73:b0:89:d3:6e:96:40:2a:aa:85:e2:88:2c:d9:9b:
ac:50:39:07
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZQlj38PEs7UC3owLag8NsQmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjUwMTAyMDU0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTNhZTI4MDllZmY2OGYzNDVhNmQyZmRmYjUxZjdlNzViMDk5MjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqx3jsHuZKMVeR3qvTd3/R4tUmTAJ
7sSze2R15BK1som3tJT2ovkOHEtTCTRp7ODkjF0r7qDEbY+9zBLw/jw8Zy3nSeaJ
ONnvUSgH7Ic/cnsn0c+xmGag8h+GuusdiLHthrhwKoAkYgPXFbxMPXbP1UjCMm6E
CflnQBrSO+TZCFyv23HszT/DWdW8f1XK6BS+XW/E6I1Zk467AlzhJtNdSukoGtGf
MkyuGX2eQUkkgUsDd+ZC8NaTGOw659TWGc4cnCbp9geEbd4ZEF8lkIO8UnxedNgV
FA9cy/7lW6opCTa4r+rxyy37zdaet3Q+r9QYL9fqSxwZOr/C5/4imJSf7QIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFDk64oCe/2jzRabS/ftR9+dbCZJyMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvT1RyaWdKN19hUE5GcHRMOS0xSDM1MXNKa25JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQA1c8AMAwD
BADVzwMDBADVzwQwDAMEANXPBwMEAdXPCDAMAwQA1c8LAwQA1c8MMAwDBADVzw8D
BALVzxADBAXZqgAwDQQCAAIwBwMFAyoCABAwDQYJKoZIhvcNAQELBQADggEBACaA
3479cvoWrzibdBlxItKCWzcRhbgXgAKXk9sJ4icTL3q1eE9eJ6daxe3JuLO93Ay/
Qt+0zU1d+lVymSxC81y7mFEOPo+ZslADKSfUcxSIhOX+/1pscQ9gNqlAC2pCC8La
NGu8immEo8a1P4z2gsKeA2zOgK3vDsvyFElt3+XzNpCabet7LEFsl8b6uiBmqqiC
WGwPTI9ZldLr1/y64TNA02XrDvGHR02IabAZqzNqPEnQuTSfOkATZpsoLyA5szCI
PBabJCQjKuITA8XWpmIQhKV0c+X8ZW/FlimZzSSSJq7iYuKtL7jkXM3CRnOwidNu
lkAqqoXiiCzZm6xQOQc=
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:58:03 2025 by rpki-client