Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/2f1207-ea0a-4507-9a54-94ef19707382/1/dykPFnRrky6lGH1dWuJxp5L8J-o.roa
File: dykPFnRrky6lGH1dWuJxp5L8J-o.roa (raw, json)
Hash identifier: Kd0AtYONErQFdVH78z2WFvNWXL9jJi4HQ4ImHw/+cX4=
Subject key identifier: 77:29:0F:16:74:6B:93:2E:A5:18:7D:5D:5A:E2:71:A7:92:FC:27:EA
Certificate issuer: /CN=ad4f879f3f97ad8cd73193d8069e49b01b6baddd
Certificate serial: 019489E496A1AFACF4896A5857AB4237B3A3
Authority key identifier: AD:4F:87:9F:3F:97:AD:8C:D7:31:93:D8:06:9E:49:B0:1B:6B:AD:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rU-Hnz-XrYzXMZPYBp5JsBtrrd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/2f1207-ea0a-4507-9a54-94ef19707382/1/dykPFnRrky6lGH1dWuJxp5L8J-o.roa
Signing time: Tue 21 Jan 2025 17:24:06 +0000
ROA not before: Tue 21 Jan 2025 17:24:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20648
IP address blocks: 62.164.181.0/24 maxlen: 24
62.164.185.0/24 maxlen: 24
194.46.42.0/24 maxlen: 24
194.46.47.0/24 maxlen: 24
194.164.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/2f1207-ea0a-4507-9a54-94ef19707382/1/rU-Hnz-XrYzXMZPYBp5JsBtrrd0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/2f1207-ea0a-4507-9a54-94ef19707382/1/rU-Hnz-XrYzXMZPYBp5JsBtrrd0.mft
rsync://rpki.ripe.net/repository/DEFAULT/rU-Hnz-XrYzXMZPYBp5JsBtrrd0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 23:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:89:e4:96:a1:af:ac:f4:89:6a:58:57:ab:42:37:b3:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad4f879f3f97ad8cd73193d8069e49b01b6baddd
Validity
Not Before: Jan 21 17:24:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77290f16746b932ea5187d5d5ae271a792fc27ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0c:c5:4c:45:5a:6f:16:a6:61:10:ab:1b:02:
00:75:e0:2a:83:14:51:68:84:ca:f5:fd:60:59:76:
1a:3f:4d:42:7d:d3:09:dd:21:99:da:9d:7b:f9:ca:
62:a2:70:3b:3b:24:a5:04:e4:2a:70:d5:e2:53:52:
4e:9e:35:f2:9e:51:fd:29:59:9a:bb:24:e3:07:53:
ef:71:78:01:d1:8e:a3:26:fb:41:1c:35:94:c7:8e:
60:b3:8f:9d:61:d0:5c:e7:0a:7c:77:a7:17:b0:cc:
43:e9:9f:14:ce:d0:8d:50:01:44:06:3d:b0:67:1d:
33:39:6c:16:2b:3c:27:09:31:25:38:11:59:97:aa:
9f:00:8a:b5:f8:bb:f7:72:b2:67:03:7e:b8:79:b6:
39:80:1d:32:c3:cb:1e:30:bc:71:f4:7c:e7:83:bf:
4b:7f:6c:06:b8:f3:91:a4:b3:71:8b:43:a9:9d:31:
ce:3a:c2:38:24:50:c3:96:fb:26:79:0b:1a:0c:45:
f1:6e:b5:80:cb:42:c1:a3:71:9a:6c:e5:f7:4c:7c:
ee:72:9e:84:f4:f2:f1:3f:47:6f:9e:e2:ab:6d:60:
47:66:06:ef:77:b9:3d:35:78:c4:08:6a:db:ed:4b:
9b:ce:95:b4:ed:fa:6b:a6:fa:1d:a6:07:4d:68:e8:
04:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:29:0F:16:74:6B:93:2E:A5:18:7D:5D:5A:E2:71:A7:92:FC:27:EA
X509v3 Authority Key Identifier:
keyid:AD:4F:87:9F:3F:97:AD:8C:D7:31:93:D8:06:9E:49:B0:1B:6B:AD:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rU-Hnz-XrYzXMZPYBp5JsBtrrd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/2f1207-ea0a-4507-9a54-94ef19707382/1/dykPFnRrky6lGH1dWuJxp5L8J-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/2f1207-ea0a-4507-9a54-94ef19707382/1/rU-Hnz-XrYzXMZPYBp5JsBtrrd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.181.0/24
62.164.185.0/24
194.46.42.0/24
194.46.47.0/24
194.164.218.0/24
Signature Algorithm: sha256WithRSAEncryption
48:d4:f0:b1:38:1e:36:55:cf:19:25:28:15:b4:f5:aa:23:4a:
a3:34:ca:37:93:0b:07:8f:3a:e0:bf:5f:cf:ad:d4:f7:86:4f:
09:76:bb:c8:7a:e9:ee:ea:6a:95:84:b9:cd:3f:82:8c:35:5d:
e2:0e:e0:ac:43:80:34:ab:f9:d1:4e:21:f5:f1:f2:04:28:20:
e6:1e:b1:a6:59:1d:1a:f0:76:aa:a5:38:36:b5:6d:2b:75:7a:
16:ee:4e:bd:78:6c:fd:87:54:00:08:cc:03:ff:46:67:a6:52:
44:f7:4b:4a:8a:28:ad:be:81:c0:5a:79:ff:e1:1a:cc:c5:a6:
3b:13:5f:1c:f3:87:d7:9e:a6:ab:34:67:19:b7:87:15:2f:66:
63:06:2b:0f:86:e9:f2:fa:60:7b:89:3d:63:83:91:35:02:73:
67:4e:53:7e:fc:ea:b1:6c:f1:c1:0d:c0:dc:6a:7e:ae:ff:39:
5d:9b:17:a5:b6:4c:67:4e:0e:c9:87:2c:f3:c8:10:4f:8f:8e:
63:e8:17:a4:c3:3b:8f:d6:6a:9e:d7:f2:11:80:fd:ac:bd:f0:
09:a8:4a:2f:36:66:36:5c:de:f3:89:33:dc:72:ce:d4:74:d7:
64:22:76:4d:11:29:36:1b:d0:4f:d9:54:0c:a3:7e:2f:f1:25:
2b:d5:bd:e7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZSJ5Jahr6z0iWpYV6tCN7OjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNGY4NzlmM2Y5N2FkOGNkNzMxOTNkODA2OWU0OWIwMWI2
YmFkZGQwHhcNMjUwMTIxMTcyNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzI5MGYxNjc0NmI5MzJlYTUxODdkNWQ1YWUyNzFhNzkyZmMyN2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowzFTEVabxamYRCrGwIAdeAqgxRR
aITK9f1gWXYaP01CfdMJ3SGZ2p17+cpionA7OySlBOQqcNXiU1JOnjXynlH9KVma
uyTjB1PvcXgB0Y6jJvtBHDWUx45gs4+dYdBc5wp8d6cXsMxD6Z8UztCNUAFEBj2w
Zx0zOWwWKzwnCTElOBFZl6qfAIq1+Lv3crJnA364ebY5gB0yw8seMLxx9Hzng79L
f2wGuPORpLNxi0OpnTHOOsI4JFDDlvsmeQsaDEXxbrWAy0LBo3GabOX3THzucp6E
9PLxP0dvnuKrbWBHZgbvd7k9NXjECGrb7UubzpW07fprpvodpgdNaOgEWQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHcpDxZ0a5MupRh9XVricaeS/CfqMB8GA1UdIwQY
MBaAFK1Ph58/l62M1zGT2AaeSbAba63dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclUtSG56LVhyWXpYTVpQWUJwNUpzQnRycmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8yZjEyMDctZWEwYS00NTA3LTlhNTQt
OTRlZjE5NzA3MzgyLzEvZHlrUEZuUnJreTZsR0gxZFd1SnhwNUw4Si1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8yZjEyMDctZWEwYS00NTA3LTlhNTQtOTRlZjE5NzA3Mzgy
LzEvclUtSG56LVhyWXpYTVpQWUJwNUpzQnRycmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAPqS1AwQA
PqS5AwQAwi4qAwQAwi4vAwQAwqTaMA0GCSqGSIb3DQEBCwUAA4IBAQBI1PCxOB42
Vc8ZJSgVtPWqI0qjNMo3kwsHjzrgv1/PrdT3hk8JdrvIeunu6mqVhLnNP4KMNV3i
DuCsQ4A0q/nRTiH18fIEKCDmHrGmWR0a8HaqpTg2tW0rdXoW7k69eGz9h1QACMwD
/0ZnplJE90tKiiitvoHAWnn/4RrMxaY7E18c84fXnqarNGcZt4cVL2ZjBisPhuny
+mB7iT1jg5E1AnNnTlN+/OqxbPHBDcDcan6u/zldmxeltkxnTg7JhyzzyBBPj45j
6BekwzuP1mqe1/IRgP2svfAJqEovNmY2XN7ziTPccs7UdNdkInZNESk2G9BP2VQM
o34v8SUr1b3n
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:54:25 2025 by rpki-client