Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/PT2usVUEKXyY3Pyrt6bhLZq6Hk0.roa
File: PT2usVUEKXyY3Pyrt6bhLZq6Hk0.roa (raw, json)
Hash identifier: KueB/N6Tv5XPwuQenNpNyFxyBekEQxh3qYZTCa9pVBg=
Subject key identifier: 3D:3D:AE:B1:55:04:29:7C:98:DC:FC:AB:B7:A6:E1:2D:9A:BA:1E:4D
Certificate issuer: /CN=58d2d2715f43f747bea762dce166bca4b8e965eb
Certificate serial: 01941FFA7ECFD931E1D05FC5E80F2CD7CC0A
Authority key identifier: 58:D2:D2:71:5F:43:F7:47:BE:A7:62:DC:E1:66:BC:A4:B8:E9:65:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/PT2usVUEKXyY3Pyrt6bhLZq6Hk0.roa
Signing time: Wed 01 Jan 2025 03:48:17 +0000
ROA not before: Wed 01 Jan 2025 03:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6724
IP address blocks: 81.169.128.0/17 maxlen: 24
85.214.0.0/15 maxlen: 24
192.67.198.0/24 maxlen: 24
193.141.3.0/24 maxlen: 24
194.45.97.0/24 maxlen: 24
2a01:238::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/WNLScV9D90e-p2Lc4Wa8pLjpZes.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/WNLScV9D90e-p2Lc4Wa8pLjpZes.mft
rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 08:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:7e:cf:d9:31:e1:d0:5f:c5:e8:0f:2c:d7:cc:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58d2d2715f43f747bea762dce166bca4b8e965eb
Validity
Not Before: Jan 1 03:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d3daeb15504297c98dcfcabb7a6e12d9aba1e4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fc:b9:f2:9d:74:5b:ef:e3:b5:8f:0c:d3:23:
7f:e1:b9:a9:99:b8:b2:4d:63:61:c9:94:7d:6b:89:
8d:12:66:4b:01:68:08:89:3e:c9:9d:0c:03:65:79:
11:22:8a:46:0a:26:b7:6e:61:1b:dd:86:61:81:ae:
6c:c0:c8:58:48:37:52:c9:09:de:c2:46:01:9b:27:
5d:19:68:b0:c0:9a:b3:74:4a:15:ec:5f:82:d9:5a:
31:30:8a:44:e5:2c:c1:f4:fa:ae:dc:ec:8e:9f:61:
19:fc:85:1b:b3:c2:a9:73:ca:2c:39:38:e4:73:2f:
17:c0:4e:87:03:3c:32:48:78:89:da:a1:4b:2a:02:
8a:86:27:2d:7e:1f:61:5d:8a:db:7b:1b:af:30:6a:
ac:a9:f7:7c:32:d0:e4:1c:50:01:a5:6b:71:fa:be:
97:09:34:17:84:46:81:0f:75:5a:34:9b:e2:63:c8:
4d:96:0b:34:37:95:e5:2b:f7:56:e0:15:e0:f9:34:
a2:38:bc:35:8c:65:a6:9d:27:19:7c:07:bc:6f:c8:
94:66:21:79:1e:20:30:97:c5:2c:c1:ff:ff:8b:39:
e0:d2:29:13:15:ac:00:f0:ef:d4:8e:ea:97:cf:7e:
f1:e1:86:7c:a5:85:67:b9:a4:bc:69:2f:35:23:11:
64:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:3D:AE:B1:55:04:29:7C:98:DC:FC:AB:B7:A6:E1:2D:9A:BA:1E:4D
X509v3 Authority Key Identifier:
keyid:58:D2:D2:71:5F:43:F7:47:BE:A7:62:DC:E1:66:BC:A4:B8:E9:65:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/PT2usVUEKXyY3Pyrt6bhLZq6Hk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/WNLScV9D90e-p2Lc4Wa8pLjpZes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.169.128.0/17
85.214.0.0/15
192.67.198.0/24
193.141.3.0/24
194.45.97.0/24
IPv6:
2a01:238::/29
Signature Algorithm: sha256WithRSAEncryption
29:d7:a4:e2:d0:ba:89:5f:cd:86:2f:65:d2:82:55:85:d1:45:
64:89:32:a9:0a:4a:20:10:bc:b8:b0:8e:72:cb:6e:b1:a4:43:
11:ed:12:af:d4:f0:4e:dc:dc:f8:b1:3d:e7:03:a5:d2:f0:a8:
9a:3e:36:a1:0d:84:2f:15:e6:b5:7e:2c:d5:c4:67:cc:6a:cf:
66:73:2f:33:c7:51:67:8f:c7:9f:c2:c2:dc:3f:1d:ba:14:d3:
55:af:3e:12:42:a9:9d:58:83:b6:08:00:45:21:ca:a1:fb:71:
85:bd:03:9b:ea:6e:7e:c2:eb:2a:0f:b6:b2:c1:9c:c2:81:34:
77:3e:ba:ed:6d:8f:f2:a9:ee:98:8b:64:23:b7:c7:61:c1:ae:
bf:32:77:e0:77:be:7b:41:bb:cd:21:de:5a:ca:8b:b9:14:08:
30:bb:52:32:e2:83:90:3a:51:86:9d:18:c8:74:10:18:67:6d:
35:00:65:77:4d:9e:e8:ac:64:87:d8:93:bc:90:bc:66:2d:56:
cc:5d:5a:e6:1f:76:07:af:d8:fc:a4:61:9f:04:78:fb:0e:c5:
bf:87:7b:4b:87:0b:b0:44:3e:9a:94:9d:5a:51:4f:27:2c:59:
e9:5b:20:e5:35:e9:c7:c7:2f:2a:cf:9e:26:96:91:9f:5e:5e:
6b:93:1b:8b
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQf+n7P2THh0F/F6A8s18wKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZDJkMjcxNWY0M2Y3NDdiZWE3NjJkY2UxNjZiY2E0Yjhl
OTY1ZWIwHhcNMjUwMTAxMDM0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDNkYWViMTU1MDQyOTdjOThkY2ZjYWJiN2E2ZTEyZDlhYmExZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPy58p10W+/jtY8M0yN/4bmpmbiy
TWNhyZR9a4mNEmZLAWgIiT7JnQwDZXkRIopGCia3bmEb3YZhga5swMhYSDdSyQne
wkYBmyddGWiwwJqzdEoV7F+C2VoxMIpE5SzB9Pqu3OyOn2EZ/IUbs8Kpc8osOTjk
cy8XwE6HAzwySHiJ2qFLKgKKhictfh9hXYrbexuvMGqsqfd8MtDkHFABpWtx+r6X
CTQXhEaBD3VaNJviY8hNlgs0N5XlK/dW4BXg+TSiOLw1jGWmnScZfAe8b8iUZiF5
HiAwl8Uswf//izng0ikTFawA8O/UjuqXz37x4YZ8pYVnuaS8aS81IxFkxQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFD09rrFVBCl8mNz8q7em4S2auh5NMB8GA1UdIwQY
MBaAFFjS0nFfQ/dHvqdi3OFmvKS46WXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV05MU2NWOUQ5MGUtcDJMYzRXYThwTGpwWmVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kNjdiN2ItYzc5OC00OTAxLTgwZjkt
ZTM4MzQ1MTZmYzA4LzEvUFQydXNWVUVLWHlZM1B5cnQ2YmhMWnE2SGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kNjdiN2ItYzc5OC00OTAxLTgwZjktZTM4MzQ1MTZmYzA4
LzEvV05MU2NWOUQ5MGUtcDJMYzRXYThwTGpwWmVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwQHUamAAwMB
VdYDBADAQ8YDBADBjQMDBADCLWEwDQQCAAIwBwMFAyoBAjgwDQYJKoZIhvcNAQEL
BQADggEBACnXpOLQuolfzYYvZdKCVYXRRWSJMqkKSiAQvLiwjnLLbrGkQxHtEq/U
8E7c3PixPecDpdLwqJo+NqENhC8V5rV+LNXEZ8xqz2ZzLzPHUWePx5/Cwtw/HboU
01WvPhJCqZ1Yg7YIAEUhyqH7cYW9A5vqbn7C6yoPtrLBnMKBNHc+uu1tj/Kp7piL
ZCO3x2HBrr8yd+B3vntBu80h3lrKi7kUCDC7UjLig5A6UYadGMh0EBhnbTUAZXdN
nuisZIfYk7yQvGYtVsxdWuYfdgev2PykYZ8EePsOxb+He0uHC7BEPpqUnVpRTycs
WelbIOU16cfHLyrPniaWkZ9eXmuTG4s=
-----END CERTIFICATE-----
Generated at Wed Apr 9 16:53:00 2025 by rpki-client