Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/2MTpcYnM1k7_eZxG4JM1vyDTgyk.roa
File: 2MTpcYnM1k7_eZxG4JM1vyDTgyk.roa (raw, json)
Hash identifier: ymmdwaUbb6XKWmKTfQm4pWw8ouzRa7gwqokbxv+gmWU=
Subject key identifier: D8:C4:E9:71:89:CC:D6:4E:FF:79:9C:46:E0:93:35:BF:20:D3:83:29
Certificate issuer: /CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Certificate serial: 019427B53C742164C9C3B6D0F462B472E3D1
Authority key identifier: 02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/2MTpcYnM1k7_eZxG4JM1vyDTgyk.roa
Signing time: Thu 02 Jan 2025 15:49:36 +0000
ROA not before: Thu 02 Jan 2025 15:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26114
IP address blocks: 62.67.43.0/24 maxlen: 24
62.140.11.0/24 maxlen: 24
213.244.141.0/24 maxlen: 24
213.244.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:3c:74:21:64:c9:c3:b6:d0:f4:62:b4:72:e3:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Validity
Not Before: Jan 2 15:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8c4e97189ccd64eff799c46e09335bf20d38329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ef:51:00:3e:d1:52:6f:21:0a:68:35:c9:16:
ed:32:ec:73:e7:ab:5e:af:a8:84:b6:86:e2:03:f2:
dd:27:09:e7:b5:86:fe:63:3b:22:b4:e0:02:7c:47:
ca:0d:8e:41:75:36:c5:6b:7c:15:34:e2:3c:33:c8:
90:39:77:57:3e:ec:bb:b5:8f:50:21:4d:18:4e:a7:
7d:f9:33:87:24:a9:d8:f7:29:2a:77:c8:53:5e:fe:
f0:c3:4d:83:88:a7:1c:41:de:a5:e2:4e:92:42:30:
52:34:32:fc:ca:ff:53:68:19:36:f0:05:0b:76:31:
16:c0:e2:eb:e0:e6:16:0f:d7:f4:82:90:7c:20:c1:
53:c8:50:20:66:ea:cc:fa:54:63:2d:4f:f7:a1:2b:
7f:f9:7f:77:3f:f9:c4:a5:5a:f0:fd:cf:23:38:93:
25:2f:e0:49:c6:80:cd:6c:ed:2e:81:0e:38:40:e9:
8d:b2:ff:4e:ce:8d:f8:05:d1:5b:e0:c8:41:b6:c8:
3b:a4:02:4f:b9:3b:3e:0f:88:68:e5:a4:60:57:b9:
8f:ad:ea:8b:8a:fd:ea:a3:85:d4:16:a8:f8:c7:7e:
82:95:30:4c:fd:ab:15:1f:bb:6d:32:4b:50:ca:c4:
0f:13:97:5b:5d:3d:db:41:42:ee:60:82:ff:c5:9b:
7f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:C4:E9:71:89:CC:D6:4E:FF:79:9C:46:E0:93:35:BF:20:D3:83:29
X509v3 Authority Key Identifier:
keyid:02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/2MTpcYnM1k7_eZxG4JM1vyDTgyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.67.43.0/24
62.140.11.0/24
213.244.141.0/24
213.244.163.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:f7:c8:5f:41:98:74:fc:43:35:e3:46:d2:ad:1e:b2:c6:1f:
0e:85:7c:1e:d1:43:35:84:02:ce:5e:54:ce:f3:c6:cd:cb:d0:
b4:9a:e7:84:19:7d:48:e9:31:93:fb:83:17:37:49:2c:78:fe:
9d:ce:12:e7:2b:6b:42:ff:f5:3a:1b:6b:47:2d:eb:2c:db:94:
24:2d:5b:68:c1:c2:12:d3:9a:f6:3e:04:50:73:86:1d:43:0f:
43:b9:db:d8:1e:80:78:70:cf:a2:f6:c3:c4:4f:15:c7:4e:fa:
e2:b2:18:f9:a4:14:d1:6f:b0:35:dd:a6:35:3f:9d:60:07:78:
74:5e:4e:01:a9:8f:b0:94:de:86:a9:fd:99:4f:75:57:7b:d6:
40:62:da:7b:a6:94:d1:71:36:94:93:39:6d:cd:b3:63:89:ca:
df:b7:e8:f9:ad:ab:5e:a9:6c:3b:2b:84:43:50:10:b3:74:de:
4b:cf:40:c7:95:c8:9e:80:f0:39:d5:90:32:2d:a6:3d:f7:91:
12:e4:ac:e9:f9:bf:4f:bf:50:e6:9e:ce:ac:b8:57:08:65:73:
12:d8:ce:a6:6f:74:9b:55:a1:63:c3:b4:1f:db:20:1e:b1:4c:
0b:01:c9:49:ff:b5:bd:1b:72:87:17:17:75:40:c6:ae:a7:e6:
76:d6:af:18
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQntTx0IWTJw7bQ9GK0cuPRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzJhNGJmYjc3OTY0MDVhNTU2Yjc1OWYxZDE5M2U0YzRk
MzcxMjkwHhcNMjUwMTAyMTU0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGM0ZTk3MTg5Y2NkNjRlZmY3OTljNDZlMDkzMzViZjIwZDM4MzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvO9RAD7RUm8hCmg1yRbtMuxz56te
r6iEtobiA/LdJwnntYb+YzsitOACfEfKDY5BdTbFa3wVNOI8M8iQOXdXPuy7tY9Q
IU0YTqd9+TOHJKnY9ykqd8hTXv7ww02DiKccQd6l4k6SQjBSNDL8yv9TaBk28AUL
djEWwOLr4OYWD9f0gpB8IMFTyFAgZurM+lRjLU/3oSt/+X93P/nEpVrw/c8jOJMl
L+BJxoDNbO0ugQ44QOmNsv9Ozo34BdFb4MhBtsg7pAJPuTs+D4ho5aRgV7mPreqL
iv3qo4XUFqj4x36ClTBM/asVH7ttMktQysQPE5dbXT3bQULuYIL/xZt/hQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNjE6XGJzNZO/3mcRuCTNb8g04MpMB8GA1UdIwQY
MBaAFAIypL+3eWQFpVa3WfHRk+TE03EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEt
M2JiNGQ2MjAwNTE4LzEvMk1UcGNZbk0xazdfZVp4RzRKTTF2eURUZ3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEtM2JiNGQ2MjAwNTE4
LzEvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPkMrAwQA
PowLAwQA1fSNAwQA1fSjMA0GCSqGSIb3DQEBCwUAA4IBAQCn98hfQZh0/EM140bS
rR6yxh8OhXwe0UM1hALOXlTO88bNy9C0mueEGX1I6TGT+4MXN0kseP6dzhLnK2tC
//U6G2tHLess25QkLVtowcIS05r2PgRQc4YdQw9DudvYHoB4cM+i9sPETxXHTvri
shj5pBTRb7A13aY1P51gB3h0Xk4BqY+wlN6Gqf2ZT3VXe9ZAYtp7ppTRcTaUkzlt
zbNjicrft+j5rateqWw7K4RDUBCzdN5Lz0DHlciegPA51ZAyLaY995ES5Kzp+b9P
v1Dmns6suFcIZXMS2M6mb3SbVaFjw7Qf2yAesUwLAclJ/7W9G3KHFxd1QMaup+Z2
1q8Y
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:42:17 2025 by rpki-client