Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/rELDabhnIWczGPpdcFPbIHRUmiM.roa
File: rELDabhnIWczGPpdcFPbIHRUmiM.roa (raw, json)
Hash identifier: C3tLRE4vf2kTivHGIZ50gcjmBmCNhZmWayfOhcglSbg=
Subject key identifier: AC:42:C3:69:B8:67:21:67:33:18:FA:5D:70:53:DB:20:74:54:9A:23
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 01953C2B8FD7C9EE26B1AE856B0032A904DE
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/rELDabhnIWczGPpdcFPbIHRUmiM.roa
Signing time: Tue 25 Feb 2025 08:14:02 +0000
ROA not before: Tue 25 Feb 2025 08:14:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57844
IP address blocks: 85.153.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.mft
rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 21:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:2b:8f:d7:c9:ee:26:b1:ae:85:6b:00:32:a9:04:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Feb 25 08:14:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac42c369b86721673318fa5d7053db2074549a23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:21:b5:cd:7c:5e:ac:28:e9:1c:3d:cd:9d:32:
ed:e6:94:68:e7:ab:fc:85:55:d8:5b:19:fc:32:a0:
90:d4:10:fd:d9:45:31:e2:7b:5c:21:a9:c1:21:f4:
d4:ba:68:62:fc:77:ec:e1:b8:06:38:03:31:77:0f:
b8:00:ca:47:c5:a0:ce:4d:1a:89:fa:24:eb:c6:36:
70:bb:26:29:b7:74:0d:80:3e:20:c3:7e:c6:cf:22:
8e:8f:29:df:ad:8b:40:59:47:cf:db:b8:a3:d7:4e:
96:98:34:f0:24:e5:c5:34:67:4b:0f:4a:23:c3:10:
16:86:2d:ba:2a:c7:7d:88:02:20:bd:2f:65:69:c3:
aa:81:71:5a:eb:74:c0:41:4a:fe:4f:70:29:03:a4:
8f:0f:d5:d2:2e:e0:4f:09:78:b3:76:ff:de:57:fc:
fc:68:9d:de:5a:2e:c5:db:c8:ad:f7:3c:2b:95:53:
4d:a8:1e:74:17:f1:d8:3f:00:36:fd:b1:10:86:36:
7f:a9:63:47:df:fa:41:69:94:41:87:03:89:09:ba:
1a:87:e7:97:70:00:c3:59:8b:39:d3:9f:56:ed:c1:
5c:6e:e7:38:9e:6d:60:83:ec:3d:15:ec:66:7a:5b:
0f:d4:42:3d:15:6d:7a:73:7b:dc:20:41:e5:f2:7f:
d4:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:42:C3:69:B8:67:21:67:33:18:FA:5D:70:53:DB:20:74:54:9A:23
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/rELDabhnIWczGPpdcFPbIHRUmiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.9.0/24
Signature Algorithm: sha256WithRSAEncryption
82:84:65:15:68:20:1e:94:ca:17:0f:6b:77:0e:03:9b:07:09:
f7:ff:de:07:23:4d:0b:9c:d8:68:91:7b:92:a5:20:74:b8:4f:
b6:62:b4:10:3d:7a:52:aa:1e:a4:57:23:af:b1:f1:c6:c5:d2:
ce:c1:77:f9:82:19:9c:8e:17:70:14:33:9e:31:cd:22:db:59:
ce:8d:ae:79:ea:f4:62:c7:e4:04:05:f4:7b:e9:0d:4f:68:69:
37:e1:7b:2e:00:b9:dd:14:96:ee:b2:68:8b:15:2f:17:61:9f:
a6:3d:b2:e8:fd:5a:8c:f3:a0:16:93:46:01:54:60:83:4f:c1:
e8:1a:4a:23:1d:17:ed:0c:09:fe:f0:20:80:3f:83:e5:ff:69:
27:e6:74:f1:d0:0d:b2:7c:b2:6a:b5:b3:85:9a:d6:b4:95:9b:
a8:d1:84:e9:90:26:dd:20:c7:b6:d8:df:b1:49:1e:0d:ac:77:
59:dd:5a:32:6a:6d:60:26:06:f2:e0:44:4a:e6:46:83:26:4a:
80:72:db:32:3d:44:1a:d5:ad:07:e2:53:51:63:18:32:3d:ed:
3c:2a:fd:36:71:75:37:db:d8:9d:67:79:3d:04:11:1a:fb:52:
4c:b3:34:6b:d6:aa:f7:6d:d8:c6:63:e8:e8:5f:2c:d0:89:a6:
ae:ee:c0:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZU8K4/Xye4msa6FawAyqQTeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjUwMjI1MDgxNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzQyYzM2OWI4NjcyMTY3MzMxOGZhNWQ3MDUzZGIyMDc0NTQ5YTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiG1zXxerCjpHD3NnTLt5pRo56v8
hVXYWxn8MqCQ1BD92UUx4ntcIanBIfTUumhi/Hfs4bgGOAMxdw+4AMpHxaDOTRqJ
+iTrxjZwuyYpt3QNgD4gw37GzyKOjynfrYtAWUfP27ij106WmDTwJOXFNGdLD0oj
wxAWhi26Ksd9iAIgvS9lacOqgXFa63TAQUr+T3ApA6SPD9XSLuBPCXizdv/eV/z8
aJ3eWi7F28it9zwrlVNNqB50F/HYPwA2/bEQhjZ/qWNH3/pBaZRBhwOJCboah+eX
cADDWYs5059W7cFcbuc4nm1gg+w9FexmelsP1EI9FW16c3vcIEHl8n/UCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKxCw2m4ZyFnMxj6XXBT2yB0VJojMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvckVMRGFiaG5JV2N6R1BwZGNGUGJJSFJVbWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVZkJMA0G
CSqGSIb3DQEBCwUAA4IBAQCChGUVaCAelMoXD2t3DgObBwn3/94HI00LnNhokXuS
pSB0uE+2YrQQPXpSqh6kVyOvsfHGxdLOwXf5ghmcjhdwFDOeMc0i21nOja556vRi
x+QEBfR76Q1PaGk34XsuALndFJbusmiLFS8XYZ+mPbLo/VqM86AWk0YBVGCDT8Ho
GkojHRftDAn+8CCAP4Pl/2kn5nTx0A2yfLJqtbOFmta0lZuo0YTpkCbdIMe22N+x
SR4NrHdZ3Voyam1gJgby4ERK5kaDJkqActsyPUQa1a0H4lNRYxgyPe08Kv02cXU3
29idZ3k9BBEa+1JMszRr1qr3bdjGY+joXyzQiaau7sB1
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:10:35 2025 by rpki-client