Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/4TPUxBZQjPMFC7b1mfrFjCvLGlY.roa
File: 4TPUxBZQjPMFC7b1mfrFjCvLGlY.roa (raw, json)
Hash identifier: JkcUiwxVUZ6Y1IABb79mPduZ40ATbeXmGRW1UsM28Lg=
Subject key identifier: E1:33:D4:C4:16:50:8C:F3:05:0B:B6:F5:99:FA:C5:8C:2B:CB:1A:56
Certificate issuer: /CN=101287927ad7b1db479ae5ab92ab87c4a4faf496
Certificate serial: 019421B2020F00B7F4993CD49841CE825BF1
Authority key identifier: 10:12:87:92:7A:D7:B1:DB:47:9A:E5:AB:92:AB:87:C4:A4:FA:F4:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EBKHknrXsdtHmuWrkquHxKT69JY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/4TPUxBZQjPMFC7b1mfrFjCvLGlY.roa
Signing time: Wed 01 Jan 2025 11:48:21 +0000
ROA not before: Wed 01 Jan 2025 11:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 81.14.0.0/17 maxlen: 24
95.176.0.0/17 maxlen: 24
185.147.220.0/22 maxlen: 24
2a00:be80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/EBKHknrXsdtHmuWrkquHxKT69JY.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/EBKHknrXsdtHmuWrkquHxKT69JY.mft
rsync://rpki.ripe.net/repository/DEFAULT/EBKHknrXsdtHmuWrkquHxKT69JY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:02:0f:00:b7:f4:99:3c:d4:98:41:ce:82:5b:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=101287927ad7b1db479ae5ab92ab87c4a4faf496
Validity
Not Before: Jan 1 11:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e133d4c416508cf3050bb6f599fac58c2bcb1a56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7f:46:be:eb:bf:e5:34:a8:40:9a:ac:8f:4c:
2a:62:86:92:22:b7:b7:f5:fd:50:e0:d8:47:31:a5:
4b:84:57:dc:9d:f9:23:c1:25:b6:14:d5:61:85:23:
ac:c7:d9:d9:2e:ca:59:37:b7:48:e0:4f:1a:ff:3b:
c2:ef:b2:06:3b:b7:19:47:fe:c5:ac:c5:bc:25:07:
20:5c:02:98:32:d5:5c:94:ab:26:96:f9:16:f8:a3:
fc:76:13:3b:24:65:2f:f6:af:32:81:b2:72:af:59:
57:77:ae:72:e0:6f:92:d3:90:f1:fe:8f:f9:d1:e3:
a9:85:38:86:44:bc:c4:90:81:b4:5c:69:bc:48:f6:
8b:51:0f:86:14:1e:d7:83:f4:89:b7:a5:59:b7:0a:
0e:6d:a8:e7:64:5b:88:80:e2:2e:08:a1:fe:25:a1:
50:90:9d:e9:c3:53:7b:98:74:ec:85:e2:44:7a:eb:
9a:e1:6a:06:bf:5e:13:67:49:cf:c3:1d:86:48:f7:
2e:85:66:44:01:ff:b5:f8:07:86:4e:a9:cb:dc:36:
c6:07:d6:6a:9e:fa:7b:d2:3f:07:0f:14:91:0d:55:
62:30:21:60:11:6c:98:48:36:66:ce:bb:f7:8c:4b:
83:b3:b4:28:6f:d6:7f:4e:54:f6:19:49:2d:16:36:
23:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:33:D4:C4:16:50:8C:F3:05:0B:B6:F5:99:FA:C5:8C:2B:CB:1A:56
X509v3 Authority Key Identifier:
keyid:10:12:87:92:7A:D7:B1:DB:47:9A:E5:AB:92:AB:87:C4:A4:FA:F4:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EBKHknrXsdtHmuWrkquHxKT69JY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/4TPUxBZQjPMFC7b1mfrFjCvLGlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/EBKHknrXsdtHmuWrkquHxKT69JY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.14.0.0/17
95.176.0.0/17
185.147.220.0/22
IPv6:
2a00:be80::/32
Signature Algorithm: sha256WithRSAEncryption
6e:9e:53:6e:6c:66:6c:5a:ee:03:d7:62:8b:48:a1:5a:69:86:
77:4b:e9:75:e6:4c:d2:35:18:d8:c4:37:17:00:aa:01:27:d9:
b4:fa:e6:7e:a0:43:82:5a:19:07:c0:1a:81:16:48:a1:83:16:
03:d1:30:9c:d4:f2:38:97:76:55:88:56:5d:ef:43:59:7d:65:
db:ba:3a:93:77:d2:1b:51:b3:ed:bf:9b:c4:b6:50:54:62:93:
03:78:07:01:42:cd:a2:9f:c8:90:58:35:f2:e9:b6:5d:04:b5:
e7:d5:bb:3e:e7:aa:dc:81:ef:cd:28:6b:7a:f0:20:87:70:29:
67:28:e2:f6:77:d9:d0:55:c4:62:79:db:66:80:36:89:24:98:
00:f7:b4:99:44:b9:fe:92:c1:9a:04:e0:39:bb:79:29:2f:73:
02:85:c7:e4:b1:c3:46:12:9c:37:61:a8:ee:4c:98:99:5d:3b:
19:13:c9:8a:82:23:a5:53:14:89:e4:c6:75:23:0f:20:80:27:
cf:2c:ac:60:88:ba:1a:6f:91:4c:19:2a:d8:f5:ed:63:9a:44:
d9:c4:3d:bf:9e:87:d8:45:2b:2d:52:b8:d6:00:e6:8e:45:3c:
68:3f:67:a9:29:3e:2b:79:2c:fc:f5:d2:c9:1f:14:4c:b5:87:
df:fd:15:aa
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQhsgIPALf0mTzUmEHOglvxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMTI4NzkyN2FkN2IxZGI0NzlhZTVhYjkyYWI4N2M0YTRm
YWY0OTYwHhcNMjUwMTAxMTE0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTMzZDRjNDE2NTA4Y2YzMDUwYmI2ZjU5OWZhYzU4YzJiY2IxYTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvH9Gvuu/5TSoQJqsj0wqYoaSIre3
9f1Q4NhHMaVLhFfcnfkjwSW2FNVhhSOsx9nZLspZN7dI4E8a/zvC77IGO7cZR/7F
rMW8JQcgXAKYMtVclKsmlvkW+KP8dhM7JGUv9q8ygbJyr1lXd65y4G+S05Dx/o/5
0eOphTiGRLzEkIG0XGm8SPaLUQ+GFB7Xg/SJt6VZtwoObajnZFuIgOIuCKH+JaFQ
kJ3pw1N7mHTsheJEeuua4WoGv14TZ0nPwx2GSPcuhWZEAf+1+AeGTqnL3DbGB9Zq
nvp70j8HDxSRDVViMCFgEWyYSDZmzrv3jEuDs7Qob9Z/TlT2GUktFjYjWQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOEz1MQWUIzzBQu29Zn6xYwryxpWMB8GA1UdIwQY
MBaAFBASh5J617HbR5rlq5Krh8Sk+vSWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUJLSGtuclhzZHRIbXVXcmtxdUh4S1Q2OUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xMjM5MWQtNWZiNi00ZGVhLWE3MTMt
NzNhNDUyYmFmYjQ2LzEvNFRQVXhCWlFqUE1GQzdiMW1mckZqQ3ZMR2xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8xMjM5MWQtNWZiNi00ZGVhLWE3MTMtNzNhNDUyYmFmYjQ2
LzEvRUJLSGtuclhzZHRIbXVXcmtxdUh4S1Q2OUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQHUQ4AAwQH
X7AAAwQCuZPcMA0EAgACMAcDBQAqAL6AMA0GCSqGSIb3DQEBCwUAA4IBAQBunlNu
bGZsWu4D12KLSKFaaYZ3S+l15kzSNRjYxDcXAKoBJ9m0+uZ+oEOCWhkHwBqBFkih
gxYD0TCc1PI4l3ZViFZd70NZfWXbujqTd9IbUbPtv5vEtlBUYpMDeAcBQs2in8iQ
WDXy6bZdBLXn1bs+56rcge/NKGt68CCHcClnKOL2d9nQVcRiedtmgDaJJJgA97SZ
RLn+ksGaBOA5u3kpL3MChcfkscNGEpw3YajuTJiZXTsZE8mKgiOlUxSJ5MZ1Iw8g
gCfPLKxgiLoab5FMGSrY9e1jmkTZxD2/nofYRSstUrjWAOaORTxoP2epKT4reSz8
9dLJHxRMtYff/RWq
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:05:32 2025 by rpki-client