Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/ea2ONoTt3SySSjctEUa2mvxPlk0.roa
File: ea2ONoTt3SySSjctEUa2mvxPlk0.roa (raw, json)
Hash identifier: aHDpbhU3poNDj7sgG29oLTuaOz779tw43LjPP8jq2GU=
Subject key identifier: 79:AD:8E:36:84:ED:DD:2C:92:4A:37:2D:11:46:B6:9A:FC:4F:96:4D
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 019422FC3D48AD3513600E053C9ECA9CD1C5
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/ea2ONoTt3SySSjctEUa2mvxPlk0.roa
Signing time: Wed 01 Jan 2025 17:49:03 +0000
ROA not before: Wed 01 Jan 2025 17:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202122
IP address blocks: 92.61.224.0/23 maxlen: 23
92.61.224.0/24 maxlen: 24
92.61.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:3d:48:ad:35:13:60:0e:05:3c:9e:ca:9c:d1:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Jan 1 17:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=79ad8e3684eddd2c924a372d1146b69afc4f964d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f5:ac:ac:cb:1b:eb:6b:5a:02:f6:71:50:0a:
e4:3d:08:42:37:40:80:92:1a:98:11:b7:8b:c8:b4:
98:f8:ff:52:ea:5e:be:a0:7e:17:87:11:82:f3:a2:
a2:02:7d:9d:40:be:ba:52:e7:0b:ad:4b:7a:74:15:
17:4a:0e:b4:03:73:29:ce:67:d0:ed:70:3e:cf:fd:
78:bf:56:60:8c:c5:b8:90:1d:1c:2a:0b:ab:67:3c:
04:d8:85:0b:ce:e7:a6:89:60:47:81:40:8c:85:ec:
b8:9d:2a:65:33:87:e3:3f:3a:d6:22:56:cc:05:af:
1e:6c:62:37:cb:a8:3f:ba:79:ba:1c:02:7d:7c:cb:
32:3f:32:a4:25:0c:c0:be:c0:79:7f:97:8a:7c:d4:
23:f6:86:69:21:6e:ec:cb:19:4a:67:aa:c4:63:f8:
a7:48:93:f6:11:eb:69:05:f8:ab:f0:56:88:77:e8:
e3:f7:6a:d5:26:d1:6f:5d:e5:ab:3b:bb:ca:76:6b:
26:85:a5:f3:4f:19:01:72:8f:6c:43:04:41:f1:3e:
b8:2c:59:20:9f:26:62:f0:79:2d:0f:a9:e5:d0:2d:
d9:f2:1e:d5:08:f1:d1:f5:ec:19:59:15:c6:4e:09:
79:59:16:22:22:ba:11:a9:bb:1b:7a:69:de:81:90:
4a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:AD:8E:36:84:ED:DD:2C:92:4A:37:2D:11:46:B6:9A:FC:4F:96:4D
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/ea2ONoTt3SySSjctEUa2mvxPlk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.61.224.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:f8:fd:65:c3:bc:f1:91:39:17:cb:23:fd:9e:7a:0a:55:2b:
27:03:98:91:9a:41:9d:21:59:0c:6a:cc:e1:be:e4:a6:db:38:
4a:be:9e:3c:31:0a:62:01:f8:9e:17:c7:9f:e5:1d:c2:7d:fb:
93:2a:07:3b:36:77:b5:4e:e5:82:86:fb:ae:83:62:89:ee:18:
83:71:c3:56:b4:1a:d6:85:a7:bb:1a:ab:e7:0c:27:7f:b1:59:
53:5a:ed:b3:fe:08:00:e8:51:34:76:50:cc:22:91:e9:d9:37:
61:b7:1f:26:b3:e9:50:92:e9:c7:ca:bf:e5:e7:1f:b9:85:e1:
66:fc:d8:b4:22:11:a6:28:5f:d7:b6:01:26:02:7b:14:c2:16:
6f:9a:2e:73:fb:dd:d9:cd:c5:22:19:88:de:a8:2e:a6:33:d2:
72:6a:dc:03:37:0a:c5:a5:2f:f0:1b:81:d6:fe:f3:56:e0:13:
df:da:8b:fc:ea:09:10:bd:70:af:2d:6a:54:2f:0d:3b:a6:07:
42:0a:c1:c2:e2:2e:85:4c:4d:16:f2:d4:9d:1d:2f:e0:e6:fe:
86:23:5a:60:93:e1:f1:26:45:a8:08:b5:1f:7b:f8:44:35:58:
64:2b:5b:4c:b4:bb:de:58:9a:85:64:be:8c:17:76:95:33:44:
5c:c3:ee:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/D1IrTUTYA4FPJ7KnNHFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjUwMTAxMTc0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWFkOGUzNjg0ZWRkZDJjOTI0YTM3MmQxMTQ2YjY5YWZjNGY5NjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/WsrMsb62taAvZxUArkPQhCN0CA
khqYEbeLyLSY+P9S6l6+oH4XhxGC86KiAn2dQL66UucLrUt6dBUXSg60A3MpzmfQ
7XA+z/14v1ZgjMW4kB0cKgurZzwE2IULzuemiWBHgUCMhey4nSplM4fjPzrWIlbM
Ba8ebGI3y6g/unm6HAJ9fMsyPzKkJQzAvsB5f5eKfNQj9oZpIW7syxlKZ6rEY/in
SJP2EetpBfir8FaId+jj92rVJtFvXeWrO7vKdmsmhaXzTxkBco9sQwRB8T64LFkg
nyZi8HktD6nl0C3Z8h7VCPHR9ewZWRXGTgl5WRYiIroRqbsbemnegZBKQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHmtjjaE7d0skko3LRFGtpr8T5ZNMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvZWEyT05vVHQzU3lTU2pjdEVVYTJtdnhQbGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXD3gMA0G
CSqGSIb3DQEBCwUAA4IBAQAe+P1lw7zxkTkXyyP9nnoKVSsnA5iRmkGdIVkMaszh
vuSm2zhKvp48MQpiAfieF8ef5R3CffuTKgc7Nne1TuWChvuug2KJ7hiDccNWtBrW
hae7GqvnDCd/sVlTWu2z/ggA6FE0dlDMIpHp2Tdhtx8ms+lQkunHyr/l5x+5heFm
/Ni0IhGmKF/XtgEmAnsUwhZvmi5z+93ZzcUiGYjeqC6mM9JyatwDNwrFpS/wG4HW
/vNW4BPf2ov86gkQvXCvLWpULw07pgdCCsHC4i6FTE0W8tSdHS/g5v6GI1pgk+Hx
JkWoCLUfe/hENVhkK1tMtLveWJqFZL6MF3aVM0Rcw+6Z
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:18 2025 by rpki-client