Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LD20q2z81GrPkZ4VZiBh1GSNydg.roa
File: LD20q2z81GrPkZ4VZiBh1GSNydg.roa (raw, json)
Hash identifier: Mtq3IJWnd7TZFz46uHxlo5JxRHVmvO/gdloZQcGQvPo=
Subject key identifier: 2C:3D:B4:AB:6C:FC:D4:6A:CF:91:9E:15:66:20:61:D4:64:8D:C9:D8
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019421441D6BEC919826D38290C4E26054ED
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LD20q2z81GrPkZ4VZiBh1GSNydg.roa
Signing time: Wed 01 Jan 2025 09:48:19 +0000
ROA not before: Wed 01 Jan 2025 09:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214025
IP address blocks: 212.38.81.0/24 maxlen: 24
213.210.52.0/24 maxlen: 24
213.210.53.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:1d:6b:ec:91:98:26:d3:82:90:c4:e2:60:54:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c3db4ab6cfcd46acf919e15662061d4648dc9d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:57:d6:c2:f6:85:5b:77:cc:1b:0a:d2:cb:4b:
d8:23:f6:44:60:20:79:ad:7a:a1:da:23:e2:4c:30:
c5:93:69:0f:9d:ee:ea:1e:da:ae:dc:37:dd:f0:8c:
06:f7:dd:6b:c8:2a:75:a0:35:84:83:2f:b2:1c:4d:
50:21:8d:20:39:1c:da:46:37:ff:b4:85:44:a2:09:
ad:8a:45:13:f9:4a:3d:7a:52:2d:b9:23:7f:fd:a8:
aa:38:0b:69:c2:12:1d:6a:8a:e4:5a:f5:49:0d:be:
2d:c3:a9:e4:61:c8:65:25:29:6b:ea:0c:09:13:eb:
cf:b7:8f:82:a2:c4:db:66:30:91:aa:d9:84:ca:d3:
15:b5:7e:fc:6e:f7:d1:3b:2e:c0:66:25:b3:2b:49:
02:6b:9a:7b:9e:6f:bd:88:cb:b0:51:bd:b6:95:ca:
48:62:99:a6:1d:c1:20:7b:e1:e8:df:2e:c1:8f:45:
e0:aa:d7:7c:4b:36:48:9b:95:90:66:5e:9d:a4:3a:
a2:6e:19:9f:e2:2a:52:b3:cb:37:20:13:2f:cd:5c:
78:92:1a:00:d3:04:03:75:36:ba:80:70:bf:7f:0f:
92:8c:8a:32:df:05:ae:d5:7f:62:08:6a:95:ed:6a:
42:16:40:eb:38:d4:ea:b5:d7:f5:bc:9e:74:f2:b8:
c5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:3D:B4:AB:6C:FC:D4:6A:CF:91:9E:15:66:20:61:D4:64:8D:C9:D8
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LD20q2z81GrPkZ4VZiBh1GSNydg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.38.81.0/24
213.210.52.0/23
213.218.239.0/24
Signature Algorithm: sha256WithRSAEncryption
00:c6:11:60:63:09:a5:30:2c:6a:27:f5:94:72:1a:94:91:dd:
0f:02:bf:8a:1e:98:c5:09:a4:11:fc:0f:d8:ae:63:89:da:d4:
0b:0d:e9:c8:0b:7b:73:f5:78:55:55:eb:e4:50:99:82:24:40:
a4:80:70:7f:02:f7:4d:2b:98:82:b6:64:62:bb:93:d4:64:60:
a3:f6:28:b9:4d:db:dc:90:a7:42:d5:e7:78:ae:c1:9e:8f:77:
9d:31:2d:4c:4d:c3:72:97:80:16:72:20:97:58:b2:aa:02:90:
30:e5:bb:9b:83:1b:38:e9:b5:99:b9:4a:08:af:72:76:ff:54:
08:1b:17:26:58:44:2d:8f:ad:47:2b:76:c3:0d:d3:b2:9c:f8:
95:fe:af:48:e7:ea:7c:3e:0f:12:8d:a4:24:1a:36:ed:a9:39:
78:2c:27:be:8d:91:f9:b2:39:7f:b2:cd:d9:66:95:b6:54:49:
76:b9:51:28:45:b5:37:02:ed:28:7d:9b:9e:41:b6:cc:90:7c:
78:1c:be:83:06:b6:84:6e:9d:f8:40:5e:f3:af:13:97:50:cb:
27:21:7c:c3:4a:c2:58:02:5a:c0:fc:77:39:67:62:d7:52:76:
00:32:e4:30:94:f3:75:b1:aa:0f:e2:2c:3e:10:11:d7:34:fe:
45:c7:da:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhRB1r7JGYJtOCkMTiYFTtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzNkYjRhYjZjZmNkNDZhY2Y5MTllMTU2NjIwNjFkNDY0OGRjOWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFfWwvaFW3fMGwrSy0vYI/ZEYCB5
rXqh2iPiTDDFk2kPne7qHtqu3Dfd8IwG991ryCp1oDWEgy+yHE1QIY0gORzaRjf/
tIVEogmtikUT+Uo9elItuSN//aiqOAtpwhIdaorkWvVJDb4tw6nkYchlJSlr6gwJ
E+vPt4+CosTbZjCRqtmEytMVtX78bvfROy7AZiWzK0kCa5p7nm+9iMuwUb22lcpI
YpmmHcEge+Ho3y7Bj0Xgqtd8SzZIm5WQZl6dpDqibhmf4ipSs8s3IBMvzVx4khoA
0wQDdTa6gHC/fw+SjIoy3wWu1X9iCGqV7WpCFkDrONTqtdf1vJ508rjFkQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCw9tKts/NRqz5GeFWYgYdRkjcnYMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTEQyMHEyejgxR3JQa1o0VlppQmgxR1NOeWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1CZRAwQB
1dI0AwQA1drvMA0GCSqGSIb3DQEBCwUAA4IBAQAAxhFgYwmlMCxqJ/WUchqUkd0P
Ar+KHpjFCaQR/A/YrmOJ2tQLDenIC3tz9XhVVevkUJmCJECkgHB/AvdNK5iCtmRi
u5PUZGCj9ii5TdvckKdC1ed4rsGej3edMS1MTcNyl4AWciCXWLKqApAw5bubgxs4
6bWZuUoIr3J2/1QIGxcmWEQtj61HK3bDDdOynPiV/q9I5+p8Pg8SjaQkGjbtqTl4
LCe+jZH5sjl/ss3ZZpW2VEl2uVEoRbU3Au0ofZueQbbMkHx4HL6DBraEbp34QF7z
rxOXUMsnIXzDSsJYAlrA/Hc5Z2LXUnYAMuQwlPN1saoP4iw+EBHXNP5Fx9qz
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:48:34 2025 by rpki-client