Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/71bf6f-1e3c-404a-82d0-788c5b75754b/1/Tzki6iltnTfeWgXmhmNHdvTkXfw.roa
File: Tzki6iltnTfeWgXmhmNHdvTkXfw.roa (raw, json)
Hash identifier: BT59NYOurUOA8F73KnNlObUV8Me+wZDVlkZuurx7DMA=
Subject key identifier: 4F:39:22:EA:29:6D:9D:37:DE:5A:05:E6:86:63:47:76:F4:E4:5D:FC
Certificate issuer: /CN=d95e046e7d393c14fcbaee7f1c43980e3da11fb1
Certificate serial: 0194228E011DEA43CA69520A8361438A6028
Authority key identifier: D9:5E:04:6E:7D:39:3C:14:FC:BA:EE:7F:1C:43:98:0E:3D:A1:1F:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2V4Ebn05PBT8uu5_HEOYDj2hH7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/71bf6f-1e3c-404a-82d0-788c5b75754b/1/Tzki6iltnTfeWgXmhmNHdvTkXfw.roa
Signing time: Wed 01 Jan 2025 15:48:39 +0000
ROA not before: Wed 01 Jan 2025 15:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211091
IP address blocks: 185.188.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/71bf6f-1e3c-404a-82d0-788c5b75754b/1/2V4Ebn05PBT8uu5_HEOYDj2hH7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/71bf6f-1e3c-404a-82d0-788c5b75754b/1/2V4Ebn05PBT8uu5_HEOYDj2hH7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/2V4Ebn05PBT8uu5_HEOYDj2hH7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:01:1d:ea:43:ca:69:52:0a:83:61:43:8a:60:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d95e046e7d393c14fcbaee7f1c43980e3da11fb1
Validity
Not Before: Jan 1 15:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f3922ea296d9d37de5a05e686634776f4e45dfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d9:a5:c7:94:63:45:5a:a7:15:4c:de:41:46:
40:71:fc:ec:ba:20:be:e3:eb:05:96:53:1e:80:e2:
ce:a0:d2:73:ec:0c:09:0a:ac:50:cf:ce:ec:f7:bb:
93:64:77:6b:51:6d:77:5a:b7:3b:a1:f9:64:89:ce:
c4:02:8d:76:48:33:3c:62:aa:e3:b8:64:0f:e1:1c:
3e:af:8c:25:96:62:77:1e:7e:b4:f1:21:ae:40:0b:
1a:fe:e1:b2:a6:b5:23:b6:c6:89:7f:80:77:58:28:
d0:3e:ec:b0:ae:16:a1:52:89:dd:77:13:3e:00:4e:
09:c7:0f:be:b5:ca:94:b2:c9:c6:aa:c8:c0:4a:2f:
20:60:72:c5:b4:1e:7b:c8:1a:20:3b:3a:37:2d:a1:
d9:db:fa:6d:65:b3:9c:40:32:de:ea:cb:b1:66:a7:
20:3e:37:e7:32:fb:d2:22:7c:9d:10:18:5f:15:0a:
5d:81:86:1b:71:a2:5f:f6:02:df:c1:f9:0b:59:fa:
07:ed:d5:8d:cc:b6:7f:13:b2:cf:3d:21:95:ee:2a:
f1:01:ff:50:71:a6:b1:ee:a2:99:57:9b:05:19:16:
e7:e2:71:ef:e7:3f:b8:62:f9:00:24:49:96:19:0a:
44:3c:56:cf:bc:78:26:a1:2d:35:77:e0:38:51:5b:
cc:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:39:22:EA:29:6D:9D:37:DE:5A:05:E6:86:63:47:76:F4:E4:5D:FC
X509v3 Authority Key Identifier:
keyid:D9:5E:04:6E:7D:39:3C:14:FC:BA:EE:7F:1C:43:98:0E:3D:A1:1F:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2V4Ebn05PBT8uu5_HEOYDj2hH7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/71bf6f-1e3c-404a-82d0-788c5b75754b/1/Tzki6iltnTfeWgXmhmNHdvTkXfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/71bf6f-1e3c-404a-82d0-788c5b75754b/1/2V4Ebn05PBT8uu5_HEOYDj2hH7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.42.0/24
Signature Algorithm: sha256WithRSAEncryption
16:70:49:93:bf:59:90:e1:1e:1e:a3:82:61:a3:19:8e:de:e2:
fe:cb:b0:36:5e:5c:b0:f2:bf:d8:0b:19:7f:c5:16:13:0e:c8:
ca:9b:cf:10:18:fc:12:79:04:94:42:88:c6:97:35:f7:79:a6:
1a:2c:55:4b:36:40:b1:bc:f2:70:3b:7f:1c:d1:14:ea:63:db:
f9:a6:75:cb:fd:0b:70:e6:42:75:f2:0e:15:e2:a9:18:4a:a9:
f9:a1:c0:08:cc:a6:a7:9b:32:8a:ad:94:75:a8:3d:02:3c:9f:
5c:d8:68:d8:2a:89:46:7b:ef:e6:5c:da:6c:40:e9:f9:9b:04:
ad:c6:2f:53:24:80:17:fa:cb:eb:75:a2:3c:0f:38:30:fc:fb:
c5:90:25:21:56:81:36:ea:e4:90:9a:3d:03:6f:0e:cf:58:7e:
eb:50:a5:32:90:f0:02:0d:fb:c4:a4:d2:44:b5:b6:28:eb:6b:
a8:4e:aa:07:43:ec:bc:08:12:54:2b:16:29:d4:ad:c2:53:39:
fa:50:55:52:c4:70:72:aa:33:9e:4f:95:af:03:93:d4:14:71:
0a:a2:98:f7:6b:61:55:b2:40:98:78:29:88:bb:68:a4:79:dd:
dc:76:84:bd:84:f3:44:97:93:fa:fd:38:a1:db:59:c6:3e:56:
66:4f:28:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijgEd6kPKaVIKg2FDimAoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NWUwNDZlN2QzOTNjMTRmY2JhZWU3ZjFjNDM5ODBlM2Rh
MTFmYjEwHhcNMjUwMTAxMTU0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjM5MjJlYTI5NmQ5ZDM3ZGU1YTA1ZTY4NjYzNDc3NmY0ZTQ1ZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdmlx5RjRVqnFUzeQUZAcfzsuiC+
4+sFllMegOLOoNJz7AwJCqxQz87s97uTZHdrUW13Wrc7oflkic7EAo12SDM8Yqrj
uGQP4Rw+r4wllmJ3Hn608SGuQAsa/uGyprUjtsaJf4B3WCjQPuywrhahUonddxM+
AE4Jxw++tcqUssnGqsjASi8gYHLFtB57yBogOzo3LaHZ2/ptZbOcQDLe6suxZqcg
PjfnMvvSInydEBhfFQpdgYYbcaJf9gLfwfkLWfoH7dWNzLZ/E7LPPSGV7irxAf9Q
caax7qKZV5sFGRbn4nHv5z+4YvkAJEmWGQpEPFbPvHgmoS01d+A4UVvMIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE85IuopbZ033loF5oZjR3b05F38MB8GA1UdIwQY
MBaAFNleBG59OTwU/LrufxxDmA49oR+xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlY0RWJuMDVQQlQ4dXU1X0hFT1lEajJoSDdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MWJmNmYtMWUzYy00MDRhLTgyZDAt
Nzg4YzViNzU3NTRiLzEvVHpraTZpbHRuVGZlV2dYbWhtTkhkdlRrWGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MWJmNmYtMWUzYy00MDRhLTgyZDAtNzg4YzViNzU3NTRi
LzEvMlY0RWJuMDVQQlQ4dXU1X0hFT1lEajJoSDdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubwqMA0G
CSqGSIb3DQEBCwUAA4IBAQAWcEmTv1mQ4R4eo4JhoxmO3uL+y7A2Xlyw8r/YCxl/
xRYTDsjKm88QGPwSeQSUQojGlzX3eaYaLFVLNkCxvPJwO38c0RTqY9v5pnXL/Qtw
5kJ18g4V4qkYSqn5ocAIzKanmzKKrZR1qD0CPJ9c2GjYKolGe+/mXNpsQOn5mwSt
xi9TJIAX+svrdaI8Dzgw/PvFkCUhVoE26uSQmj0Dbw7PWH7rUKUykPACDfvEpNJE
tbYo62uoTqoHQ+y8CBJUKxYp1K3CUzn6UFVSxHByqjOeT5WvA5PUFHEKopj3a2FV
skCYeCmIu2iked3cdoS9hPNEl5P6/Tih21nGPlZmTyid
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:16:17 2025 by rpki-client