Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/P_2tz9wqK_vfxvO9VeE07bgVsXE.roa
File: P_2tz9wqK_vfxvO9VeE07bgVsXE.roa (raw, json)
Hash identifier: JGCx+Goa1jdCfHzcMVqt3M21wjzd4wMkyoLEPGklc44=
Subject key identifier: 3F:FD:AD:CF:DC:2A:2B:FB:DF:C6:F3:BD:55:E1:34:ED:B8:15:B1:71
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258F90B893DF4A8999DFB86B3AB6D8E3
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/P_2tz9wqK_vfxvO9VeE07bgVsXE.roa
Signing time: Thu 02 Jan 2025 05:49:13 +0000
ROA not before: Thu 02 Jan 2025 05:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34503
IP address blocks: 31.148.217.0/24 maxlen: 24
93.170.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:90:b8:93:df:4a:89:99:df:b8:6b:3a:b6:d8:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ffdadcfdc2a2bfbdfc6f3bd55e134edb815b171
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9a:4d:e2:46:cb:6c:0b:dd:94:c5:69:58:90:
d1:3a:20:7a:de:d9:06:82:6a:c1:c8:eb:f7:bd:d8:
be:f5:26:94:25:64:df:6e:9d:2d:c3:a6:c5:94:36:
5b:c8:d5:da:a2:18:1c:ea:fe:0f:75:27:fd:01:0a:
e6:2e:3e:d5:35:ed:52:05:e7:df:b5:2d:52:79:be:
4f:08:18:b0:8b:0d:0e:d7:65:6a:16:4b:e3:23:e3:
4a:d5:1c:ca:3c:ff:77:e1:69:24:54:fc:33:8c:ba:
da:69:42:04:97:f9:20:82:22:6d:71:fc:95:3b:05:
37:f2:8a:bb:1a:9e:fd:ba:e8:0d:d8:c1:4f:80:b1:
17:ab:f9:7a:d4:08:ed:2a:f9:3f:26:e5:8d:b1:2d:
88:2d:3a:15:90:9c:2d:66:17:13:90:b7:eb:82:89:
00:f0:08:74:c2:3f:30:e1:49:73:77:bc:69:8b:e7:
20:f5:c8:60:f0:65:cc:2e:63:2b:a2:64:74:91:6a:
17:1e:ad:1c:f7:25:83:80:48:af:36:64:09:76:c2:
1e:a9:6d:a8:b5:7b:8d:0e:c2:59:f5:da:11:65:1c:
fd:01:16:5c:e5:c9:9b:8d:f3:02:43:22:04:b5:22:
41:28:e4:1e:51:ee:e9:4a:a5:7c:72:2c:de:1e:4c:
d3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:FD:AD:CF:DC:2A:2B:FB:DF:C6:F3:BD:55:E1:34:ED:B8:15:B1:71
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/P_2tz9wqK_vfxvO9VeE07bgVsXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.217.0/24
93.170.103.0/24
Signature Algorithm: sha256WithRSAEncryption
00:69:d3:19:91:ac:9f:73:c1:4d:74:87:d6:84:df:95:f1:3a:
22:1b:4c:22:9b:44:6f:c1:e4:58:c3:89:58:eb:75:cd:6e:8b:
69:21:26:5c:11:f7:85:10:15:7a:5f:9a:81:09:b5:d7:5f:cd:
c2:2d:46:0d:6f:75:d7:64:7a:62:4f:41:4d:f2:b4:a7:d6:6b:
ff:c7:45:be:d6:c4:76:89:eb:96:96:41:89:14:ce:1f:46:91:
ce:fd:4b:f4:80:da:31:b8:dd:f8:6d:0b:d2:40:11:34:1d:43:
b5:b4:59:54:45:98:8f:55:61:a9:70:e0:74:32:a7:a4:cd:2a:
c8:06:41:51:73:ea:7b:cc:a6:b2:7f:44:d0:bc:d3:1d:e5:9e:
3c:82:13:36:8d:67:45:1a:24:54:08:9f:2b:98:cc:f4:30:66:
b9:d6:06:4c:a5:cd:90:16:c5:7a:ab:f6:a2:f9:c1:bb:4e:00:
f1:f1:db:54:44:56:05:0d:e1:78:37:f4:86:5f:82:80:a5:c5:
fb:85:37:78:41:61:08:f5:2b:46:38:b6:3a:4c:ae:b8:03:27:
6b:c0:d7:60:a2:30:59:b6:c2:a4:1d:9e:04:45:80:36:e0:f9:
5a:fb:41:d5:f3:6e:ba:a0:b1:50:71:af:64:ab:9f:c7:de:90:
7a:8f:a5:a0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlj5C4k99KiZnfuGs6ttjjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmZkYWRjZmRjMmEyYmZiZGZjNmYzYmQ1NWUxMzRlZGI4MTViMTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25pN4kbLbAvdlMVpWJDROiB63tkG
gmrByOv3vdi+9SaUJWTfbp0tw6bFlDZbyNXaohgc6v4PdSf9AQrmLj7VNe1SBeff
tS1Seb5PCBiwiw0O12VqFkvjI+NK1RzKPP934WkkVPwzjLraaUIEl/kggiJtcfyV
OwU38oq7Gp79uugN2MFPgLEXq/l61AjtKvk/JuWNsS2ILToVkJwtZhcTkLfrgokA
8Ah0wj8w4Ulzd7xpi+cg9chg8GXMLmMromR0kWoXHq0c9yWDgEivNmQJdsIeqW2o
tXuNDsJZ9doRZRz9ARZc5cmbjfMCQyIEtSJBKOQeUe7pSqV8cizeHkzTKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD/9rc/cKiv738bzvVXhNO24FbFxMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvUF8ydHo5d3FLX3ZmeHZPOVZlRTA3YmdWc1hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH5TZAwQA
XapnMA0GCSqGSIb3DQEBCwUAA4IBAQAAadMZkayfc8FNdIfWhN+V8ToiG0wim0Rv
weRYw4lY63XNbotpISZcEfeFEBV6X5qBCbXXX83CLUYNb3XXZHpiT0FN8rSn1mv/
x0W+1sR2ieuWlkGJFM4fRpHO/Uv0gNoxuN34bQvSQBE0HUO1tFlURZiPVWGpcOB0
MqekzSrIBkFRc+p7zKayf0TQvNMd5Z48ghM2jWdFGiRUCJ8rmMz0MGa51gZMpc2Q
FsV6q/ai+cG7TgDx8dtURFYFDeF4N/SGX4KApcX7hTd4QWEI9StGOLY6TK64Aydr
wNdgojBZtsKkHZ4ERYA24Pla+0HV8266oLFQca9kq5/H3pB6j6Wg
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:06:03 2025 by rpki-client