Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2HvhQs1bmOTgGqXhsy9rFnH_om4.roa
File: 2HvhQs1bmOTgGqXhsy9rFnH_om4.roa (raw, json)
Hash identifier: LRKqjuCJ0r3Roo+Jgzli7tevLa2Q1qCN2er+frQRUYg=
Subject key identifier: D8:7B:E1:42:CD:5B:98:E4:E0:1A:A5:E1:B3:2F:6B:16:71:FF:A2:6E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01948D9913A6BBEE65921162A768EA6E32EB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2HvhQs1bmOTgGqXhsy9rFnH_om4.roa
Signing time: Wed 22 Jan 2025 10:40:06 +0000
ROA not before: Wed 22 Jan 2025 10:40:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213606
IP address blocks: 81.168.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 09:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8d:99:13:a6:bb:ee:65:92:11:62:a7:68:ea:6e:32:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 22 10:40:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d87be142cd5b98e4e01aa5e1b32f6b1671ffa26e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ba:28:ca:9c:8a:dc:3e:77:2d:23:e8:8b:5c:
4f:c9:21:ee:1e:5c:9e:fa:63:40:05:db:1e:4f:15:
63:44:df:53:dc:02:23:8a:e7:a7:7a:d3:55:c4:32:
73:22:b1:68:f4:bd:9a:c3:74:0b:f5:c0:05:cc:75:
08:02:8a:a4:9c:72:d5:e2:6e:18:74:6f:6b:d8:21:
44:8c:e5:d5:7c:d2:20:29:2d:f7:a4:d8:2c:53:85:
00:c8:1a:06:12:09:61:a5:6a:d2:e0:f2:09:83:2e:
f1:a4:1b:78:27:bb:32:69:d2:3e:2c:a2:e9:a9:ae:
51:47:e4:1e:08:37:43:42:6e:62:ba:53:2f:4b:57:
3d:b0:0c:63:cb:a9:31:ed:da:f3:28:f2:8b:74:7f:
e6:39:48:68:42:81:d4:95:1e:ac:cd:fa:40:88:bf:
2d:2f:d4:21:6f:f8:07:51:81:44:4e:4a:60:39:fd:
8e:45:b2:d5:9f:05:32:24:45:83:fc:85:57:f0:66:
27:95:8a:5c:98:ad:3f:f5:33:f3:22:6c:4b:f1:c6:
4a:ee:9c:35:87:c7:19:8d:88:d0:ef:ab:f9:27:09:
58:1f:ed:93:7a:30:b7:44:4e:70:05:27:58:22:6d:
b8:8d:36:f6:10:2a:52:cc:26:e1:16:4e:6b:a5:ac:
79:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:7B:E1:42:CD:5B:98:E4:E0:1A:A5:E1:B3:2F:6B:16:71:FF:A2:6E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2HvhQs1bmOTgGqXhsy9rFnH_om4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.122.0/24
Signature Algorithm: sha256WithRSAEncryption
49:bd:d0:3c:c7:10:09:2d:3f:dd:70:b0:f8:0c:1a:be:a5:8f:
42:24:1a:57:90:0c:ac:2a:a6:c0:c7:33:05:e0:c3:48:d6:ab:
eb:da:80:da:5c:78:44:e9:c1:33:a6:6b:6d:51:83:79:4b:ec:
13:8d:ac:6c:18:82:3a:86:da:16:b2:a3:66:d7:53:28:6b:ba:
32:65:0b:30:dd:da:3c:8f:32:c1:4f:59:01:47:53:e6:f0:53:
e6:7e:05:54:f9:d0:34:9e:61:cf:ed:10:b6:4c:76:c7:16:eb:
f7:ee:54:44:2d:b5:79:54:2d:27:99:db:79:58:c5:20:3d:3d:
58:31:24:c9:44:5c:9a:cb:70:53:45:b3:8e:87:e4:ec:bb:23:
1f:39:1d:12:6a:71:17:aa:22:ce:00:30:98:6f:c4:f4:cb:d5:
79:0f:d2:ec:06:ee:95:cc:18:7a:35:a9:1d:71:32:d2:30:3f:
e0:6e:23:01:19:68:da:3f:94:66:18:1d:eb:76:17:cc:59:9a:
21:65:8d:f1:0d:0a:51:bf:bd:7d:f7:15:5c:01:e3:2a:67:fa:
8b:f8:08:30:4f:09:49:65:56:3d:9c:91:fe:3e:e5:7b:fe:a6:
b8:b4:78:cc:a4:ad:8a:06:e3:ca:a7:60:b5:c4:63:07:6f:46:
fa:73:61:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSNmROmu+5lkhFip2jqbjLrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTIyMTA0MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODdiZTE0MmNkNWI5OGU0ZTAxYWE1ZTFiMzJmNmIxNjcxZmZhMjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbooypyK3D53LSPoi1xPySHuHlye
+mNABdseTxVjRN9T3AIjiuenetNVxDJzIrFo9L2aw3QL9cAFzHUIAoqknHLV4m4Y
dG9r2CFEjOXVfNIgKS33pNgsU4UAyBoGEglhpWrS4PIJgy7xpBt4J7syadI+LKLp
qa5RR+QeCDdDQm5iulMvS1c9sAxjy6kx7drzKPKLdH/mOUhoQoHUlR6szfpAiL8t
L9Qhb/gHUYFETkpgOf2ORbLVnwUyJEWD/IVX8GYnlYpcmK0/9TPzImxL8cZK7pw1
h8cZjYjQ76v5JwlYH+2TejC3RE5wBSdYIm24jTb2ECpSzCbhFk5rpax5vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNh74ULNW5jk4Bql4bMvaxZx/6JuMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMkh2aFFzMWJtT1RnR3FYaHN5OXJGbkhfb200LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUah6MA0G
CSqGSIb3DQEBCwUAA4IBAQBJvdA8xxAJLT/dcLD4DBq+pY9CJBpXkAysKqbAxzMF
4MNI1qvr2oDaXHhE6cEzpmttUYN5S+wTjaxsGII6htoWsqNm11Moa7oyZQsw3do8
jzLBT1kBR1Pm8FPmfgVU+dA0nmHP7RC2THbHFuv37lRELbV5VC0nmdt5WMUgPT1Y
MSTJRFyay3BTRbOOh+TsuyMfOR0SanEXqiLOADCYb8T0y9V5D9LsBu6VzBh6Nakd
cTLSMD/gbiMBGWjaP5RmGB3rdhfMWZohZY3xDQpRv7199xVcAeMqZ/qL+AgwTwlJ
ZVY9nJH+PuV7/qa4tHjMpK2KBuPKp2C1xGMHb0b6c2Hy
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:15:49 2025 by rpki-client