Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/Rhxcko7xogGD7PUNQ7GFVcIyo3E.roa
File: Rhxcko7xogGD7PUNQ7GFVcIyo3E.roa (raw, json)
Hash identifier: wxRtMGUVR1vUKsC3N9YTO9zRxZclKO3OVLRoHoS7u/o=
Subject key identifier: 46:1C:5C:92:8E:F1:A2:01:83:EC:F5:0D:43:B1:85:55:C2:32:A3:71
Certificate issuer: /CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Certificate serial: 019427B5C3DA4D9D0AE3577BF3A4374692D5
Authority key identifier: E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/Rhxcko7xogGD7PUNQ7GFVcIyo3E.roa
Signing time: Thu 02 Jan 2025 15:50:11 +0000
ROA not before: Thu 02 Jan 2025 15:50:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60267
IP address blocks: 89.29.224.0/24 maxlen: 24
89.29.229.0/24 maxlen: 24
89.29.231.0/24 maxlen: 24
89.29.246.0/24 maxlen: 24
185.64.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.mft
rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:c3:da:4d:9d:0a:e3:57:7b:f3:a4:37:46:92:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Validity
Not Before: Jan 2 15:50:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=461c5c928ef1a20183ecf50d43b18555c232a371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a1:1c:2b:3d:c0:8a:4d:a9:45:8f:85:02:85:
fa:e6:be:7f:18:aa:29:b7:81:64:89:53:7a:1f:23:
0e:ab:8e:f2:72:86:14:68:6d:bc:4d:2d:3a:66:d1:
15:cb:7d:ed:ab:e8:30:0a:0d:14:62:7a:9a:d1:d5:
57:4a:48:5c:f8:08:b2:0c:32:56:3d:cb:16:d2:3b:
1b:b7:a4:0b:72:65:08:c9:cb:3b:3a:1c:7e:d8:29:
6e:94:2e:1c:9d:68:38:c2:98:48:ff:0b:e1:b3:cb:
e3:40:e2:d2:8f:6f:9a:4c:16:01:df:c8:6a:61:24:
5a:7f:6f:16:d8:d6:aa:db:d8:35:12:5a:39:99:2f:
56:2d:0a:81:06:1e:ec:9f:28:e9:7f:04:82:1e:5f:
8f:51:12:70:ed:26:b3:f9:08:15:23:2d:25:e7:b7:
33:d1:e0:35:0a:c0:11:7f:ce:bd:36:72:bf:7c:c3:
4a:0a:3b:59:a8:e5:96:e0:9b:5a:35:f7:66:c6:b5:
3c:d1:3e:36:19:4c:d8:8b:60:cc:ab:66:d3:0f:19:
85:81:ea:87:5f:72:32:e0:e3:63:2a:88:83:2d:08:
5b:38:26:22:8b:ed:71:47:51:e6:2f:44:e9:c2:3a:
94:7c:51:a8:6e:e2:ea:5e:ed:45:09:a5:78:9e:f8:
e5:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:1C:5C:92:8E:F1:A2:01:83:EC:F5:0D:43:B1:85:55:C2:32:A3:71
X509v3 Authority Key Identifier:
keyid:E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/Rhxcko7xogGD7PUNQ7GFVcIyo3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.29.224.0/24
89.29.229.0/24
89.29.231.0/24
89.29.246.0/24
185.64.240.0/24
Signature Algorithm: sha256WithRSAEncryption
24:05:e2:9a:96:99:aa:05:11:8f:18:39:df:4a:82:b3:d4:6c:
3d:87:b2:c5:43:20:75:0c:5f:82:3d:6e:40:a3:35:0f:2b:45:
a0:5b:b7:f6:fa:6b:b2:d9:5e:17:43:e5:5e:34:01:23:56:b1:
6d:b8:59:77:2f:a6:c1:e4:20:fe:fc:92:54:c5:36:b8:e7:0a:
ce:e5:e2:ce:22:6f:fe:1b:99:71:51:f7:39:74:34:e1:39:ba:
3f:f2:28:6a:50:79:96:6f:d9:cc:11:aa:f0:15:58:e0:27:30:
3b:4d:a6:bc:8a:2a:b2:e6:05:5e:b0:b8:c5:02:1e:5c:84:db:
f7:38:5d:24:2a:61:93:a9:4b:c7:b4:f2:cb:18:0d:21:2c:ff:
f2:a3:bb:03:c2:07:ad:04:1c:e7:b3:27:4b:09:76:17:74:70:
1b:68:02:92:f8:67:28:79:c7:5c:f3:82:d0:be:ab:1d:03:b5:
33:25:53:56:b1:28:63:e1:cf:58:49:8e:e1:4a:67:f1:f8:e7:
7a:23:a8:c2:f8:3c:97:a5:43:8a:87:e5:6d:ff:ff:f3:0a:08:
08:5a:9c:be:ea:49:de:18:5a:b2:c9:e4:82:33:37:5f:d2:f1:
84:44:f3:00:0e:79:b7:31:4a:ed:c5:ca:95:4a:6e:4e:fc:58:
b9:47:d3:90
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQntcPaTZ0K41d786Q3RpLVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MmM0MTVkMTc3NWFlOTk5M2U5MDBhNzUzNmI0NmFiMTQ0
YTlhYTIwHhcNMjUwMTAyMTU1MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjFjNWM5MjhlZjFhMjAxODNlY2Y1MGQ0M2IxODU1NWMyMzJhMzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6EcKz3Aik2pRY+FAoX65r5/GKop
t4FkiVN6HyMOq47ycoYUaG28TS06ZtEVy33tq+gwCg0UYnqa0dVXSkhc+AiyDDJW
PcsW0jsbt6QLcmUIycs7Ohx+2ClulC4cnWg4wphI/wvhs8vjQOLSj2+aTBYB38hq
YSRaf28W2Naq29g1Elo5mS9WLQqBBh7snyjpfwSCHl+PURJw7Saz+QgVIy0l57cz
0eA1CsARf869NnK/fMNKCjtZqOWW4JtaNfdmxrU80T42GUzYi2DMq2bTDxmFgeqH
X3Iy4ONjKoiDLQhbOCYii+1xR1HmL0TpwjqUfFGobuLqXu1FCaV4nvjlqwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEYcXJKO8aIBg+z1DUOxhVXCMqNxMB8GA1UdIwQY
MBaAFOksQV0Xda6Zk+kAp1NrRqsUSpqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQt
MWQ5MzRhMDQ4NDc0LzEvUmh4Y2tvN3hvZ0dEN1BVTlE3R0ZWY0l5bzNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQtMWQ5MzRhMDQ4NDc0
LzEvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWR3gAwQA
WR3lAwQAWR3nAwQAWR32AwQAuUDwMA0GCSqGSIb3DQEBCwUAA4IBAQAkBeKalpmq
BRGPGDnfSoKz1Gw9h7LFQyB1DF+CPW5AozUPK0WgW7f2+muy2V4XQ+VeNAEjVrFt
uFl3L6bB5CD+/JJUxTa45wrO5eLOIm/+G5lxUfc5dDThObo/8ihqUHmWb9nMEarw
FVjgJzA7Taa8iiqy5gVesLjFAh5chNv3OF0kKmGTqUvHtPLLGA0hLP/yo7sDwget
BBznsydLCXYXdHAbaAKS+Gcoecdc84LQvqsdA7UzJVNWsShj4c9YSY7hSmfx+Od6
I6jC+DyXpUOKh+Vt///zCggIWpy+6kneGFqyyeSCMzdf0vGERPMADnm3MUrtxcqV
Sm5O/Fi5R9OQ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:01 2025 by rpki-client