Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/p1e1NIBgJyJGscaxWZAOce00Y_4.roa
File: p1e1NIBgJyJGscaxWZAOce00Y_4.roa (raw, json)
Hash identifier: SyfkPV1xLWwBcwJ/qroRrUuVUuUJ/lTCd9fX0Ytp5gQ=
Subject key identifier: A7:57:B5:34:80:60:27:22:46:B1:C6:B1:59:90:0E:71:ED:34:63:FE
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942144196191EE9F078131A7B904AE1CBF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/p1e1NIBgJyJGscaxWZAOce00Y_4.roa
Signing time: Wed 01 Jan 2025 09:48:18 +0000
ROA not before: Wed 01 Jan 2025 09:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212609
IP address blocks: 213.218.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:19:61:91:ee:9f:07:81:31:a7:b9:04:ae:1c:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a757b5348060272246b1c6b159900e71ed3463fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:02:6e:25:fa:ba:44:6d:f9:20:1d:3f:f7:96:
e7:ac:1b:15:17:9e:2d:01:ae:0f:71:24:b1:25:81:
ad:e4:27:77:34:c2:41:8b:c0:45:bc:54:90:6d:4e:
cf:9c:31:61:f1:cf:ce:6c:43:7b:1d:5a:d2:e0:2d:
8c:05:e1:e9:73:11:35:f2:4d:0b:c2:8b:2f:75:06:
1b:c9:cf:a9:4c:2b:b3:ae:5a:47:39:66:90:12:96:
0f:59:52:a1:4e:bd:a1:a5:dd:44:8e:5c:87:44:ae:
7c:a6:19:4b:5e:11:5f:1c:66:65:15:b6:8b:7b:dd:
dd:88:1e:d2:7f:08:77:e1:0e:fd:d8:72:6d:83:cc:
c9:7a:d5:4c:22:58:e3:0f:a9:cb:e6:ed:73:c8:f0:
fd:19:f5:47:fa:4c:fe:63:2e:60:49:85:56:1d:de:
ee:ea:1f:79:ce:ac:1d:05:ac:a1:20:da:5c:51:d6:
32:e7:f2:6b:f6:1d:0f:28:e0:db:53:9f:10:f2:62:
15:16:d8:98:93:b4:41:ef:6a:bd:ae:b1:1f:29:08:
e5:e3:30:6a:c2:b4:d2:49:fc:eb:7d:63:3c:ff:1a:
24:18:28:60:3e:a5:b6:16:d8:fc:72:af:59:1b:40:
2f:4f:4b:49:28:be:d9:24:52:44:97:30:2b:81:27:
4e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:57:B5:34:80:60:27:22:46:B1:C6:B1:59:90:0E:71:ED:34:63:FE
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/p1e1NIBgJyJGscaxWZAOce00Y_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.218.249.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:7f:5a:7f:38:6e:f8:4f:87:65:13:e2:41:c8:46:cb:15:b0:
b2:1e:a3:44:14:37:a6:8c:10:b5:d6:25:80:41:9c:0b:86:dd:
48:39:8e:3b:00:17:ed:74:f8:24:64:21:4d:64:d2:97:f4:dd:
35:00:90:09:4a:aa:e9:f5:72:1e:ab:31:a0:f5:1c:29:e3:1d:
92:0f:c5:ff:37:ea:8e:de:46:07:fc:be:55:f8:88:b4:56:49:
92:58:0c:24:aa:3e:2b:b0:ae:0d:3c:2c:cc:fb:ed:10:4c:09:
bc:5c:b4:07:3b:5e:32:d7:9b:d7:e5:be:6e:41:e2:5e:98:c6:
62:9e:68:3d:44:80:a0:78:af:9b:1e:de:47:3a:2a:41:e1:4c:
11:56:f3:bb:8d:7d:6f:c8:3b:27:47:ba:91:aa:b2:44:97:35:
34:d8:11:72:b4:a0:c6:56:d0:71:43:98:53:21:75:5a:b0:5e:
72:9a:4d:90:06:a8:09:df:b7:86:7d:90:7d:85:ab:87:20:18:
8e:2f:ba:4a:64:43:45:3a:84:4f:ef:67:2c:fd:a1:ff:7d:27:
f4:d9:a9:e8:55:a4:4b:1e:fc:91:9e:1a:ae:a1:0f:4c:b9:3f:
d9:d2:ef:9f:85:0d:70:bc:16:0c:cb:ab:e6:9d:f0:8e:74:2c:
66:1a:56:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRBlhke6fB4Exp7kErhy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzU3YjUzNDgwNjAyNzIyNDZiMWM2YjE1OTkwMGU3MWVkMzQ2M2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5gJuJfq6RG35IB0/95bnrBsVF54t
Aa4PcSSxJYGt5Cd3NMJBi8BFvFSQbU7PnDFh8c/ObEN7HVrS4C2MBeHpcxE18k0L
wosvdQYbyc+pTCuzrlpHOWaQEpYPWVKhTr2hpd1EjlyHRK58phlLXhFfHGZlFbaL
e93diB7Sfwh34Q792HJtg8zJetVMIljjD6nL5u1zyPD9GfVH+kz+Yy5gSYVWHd7u
6h95zqwdBayhINpcUdYy5/Jr9h0PKODbU58Q8mIVFtiYk7RB72q9rrEfKQjl4zBq
wrTSSfzrfWM8/xokGChgPqW2Ftj8cq9ZG0AvT0tJKL7ZJFJElzArgSdOQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKdXtTSAYCciRrHGsVmQDnHtNGP+MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcDFlMU5JQmdKeUpHc2NheFdaQU9jZTAwWV80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dr5MA0G
CSqGSIb3DQEBCwUAA4IBAQA9f1p/OG74T4dlE+JByEbLFbCyHqNEFDemjBC11iWA
QZwLht1IOY47ABftdPgkZCFNZNKX9N01AJAJSqrp9XIeqzGg9Rwp4x2SD8X/N+qO
3kYH/L5V+Ii0VkmSWAwkqj4rsK4NPCzM++0QTAm8XLQHO14y15vX5b5uQeJemMZi
nmg9RICgeK+bHt5HOipB4UwRVvO7jX1vyDsnR7qRqrJElzU02BFytKDGVtBxQ5hT
IXVasF5ymk2QBqgJ37eGfZB9hauHIBiOL7pKZENFOoRP72cs/aH/fSf02anoVaRL
HvyRnhquoQ9MuT/Z0u+fhQ1wvBYMy6vmnfCOdCxmGlZf
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:45:29 2025 by rpki-client