Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/tCxsttlDEYs9pRw5Gm9iTgZyCBc.roa
File: tCxsttlDEYs9pRw5Gm9iTgZyCBc.roa (raw, json)
Hash identifier: 0ZbwaGE5XpT8151KuGcEKOSEkVLV60MXa5tXdHShvII=
Subject key identifier: B4:2C:6C:B6:D9:43:11:8B:3D:A5:1C:39:1A:6F:62:4E:06:72:08:17
Certificate issuer: /CN=b60d6ca95e2770f55340d909ec7c97eeca3fe20e
Certificate serial: 0194228D18AE724F1254ABEAF51885BE044F
Authority key identifier: B6:0D:6C:A9:5E:27:70:F5:53:40:D9:09:EC:7C:97:EE:CA:3F:E2:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tg1sqV4ncPVTQNkJ7HyX7so_4g4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/tCxsttlDEYs9pRw5Gm9iTgZyCBc.roa
Signing time: Wed 01 Jan 2025 15:47:39 +0000
ROA not before: Wed 01 Jan 2025 15:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31531
IP address blocks: 185.248.128.0/23 maxlen: 24
194.31.168.0/24 maxlen: 24
194.31.169.0/24 maxlen: 24
194.31.170.0/24 maxlen: 24
2a0d:e580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/tg1sqV4ncPVTQNkJ7HyX7so_4g4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/tg1sqV4ncPVTQNkJ7HyX7so_4g4.mft
rsync://rpki.ripe.net/repository/DEFAULT/tg1sqV4ncPVTQNkJ7HyX7so_4g4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:18:ae:72:4f:12:54:ab:ea:f5:18:85:be:04:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b60d6ca95e2770f55340d909ec7c97eeca3fe20e
Validity
Not Before: Jan 1 15:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b42c6cb6d943118b3da51c391a6f624e06720817
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:65:50:04:d4:73:70:f2:20:c1:bf:18:25:0c:
40:55:35:75:d4:d7:e7:eb:3d:a7:d7:da:5c:25:15:
63:80:26:47:3e:67:b9:36:45:04:0e:1c:87:21:b2:
33:e0:cb:7e:89:c1:ea:a7:38:84:fb:9d:16:f3:f4:
11:dd:41:f0:36:fc:f3:dd:42:7c:ac:a7:67:91:f1:
0c:89:aa:3b:e5:48:b7:31:e5:71:46:3d:d0:a1:10:
05:d7:46:0d:a8:46:17:ce:1a:69:e7:2b:ff:b8:92:
32:3b:0d:04:0b:2f:38:df:be:04:6b:08:d5:30:3f:
30:e6:66:8e:5f:84:ab:78:38:a3:e2:c3:21:36:b2:
82:0f:34:ee:80:ca:4b:ab:a5:4e:1b:67:8b:51:34:
26:e2:9d:ac:0f:b1:ec:39:0a:02:bb:c3:97:41:08:
5d:fa:b8:84:d1:3e:74:e8:e6:6d:51:58:ad:d2:cc:
c4:e5:7e:95:f6:03:d1:7a:b2:17:84:d6:cf:03:be:
4c:4b:d1:59:d3:17:77:ed:81:fe:7e:45:b1:5a:de:
a7:29:68:e0:1b:e8:df:22:48:08:79:83:1b:15:25:
c0:a5:23:6e:05:77:74:3f:5d:7c:92:a2:70:63:a8:
9d:23:6e:6a:7a:7e:2e:f4:95:29:12:87:ad:4a:f7:
a8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:2C:6C:B6:D9:43:11:8B:3D:A5:1C:39:1A:6F:62:4E:06:72:08:17
X509v3 Authority Key Identifier:
keyid:B6:0D:6C:A9:5E:27:70:F5:53:40:D9:09:EC:7C:97:EE:CA:3F:E2:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tg1sqV4ncPVTQNkJ7HyX7so_4g4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/tCxsttlDEYs9pRw5Gm9iTgZyCBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/tg1sqV4ncPVTQNkJ7HyX7so_4g4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.128.0/23
194.31.168.0-194.31.170.255
IPv6:
2a0d:e580::/29
Signature Algorithm: sha256WithRSAEncryption
95:b6:f3:6e:20:77:26:8c:55:26:e3:b7:86:f5:e5:f8:96:f6:
d8:d6:53:5c:a9:57:e0:4e:17:6b:6c:98:ab:89:fd:49:5e:51:
6f:75:3b:54:2a:60:10:35:08:0e:40:27:54:e2:fd:51:26:cf:
64:a4:2d:9b:20:bf:5a:a5:60:c5:41:df:f1:91:5b:2d:12:2f:
73:72:d7:0c:8e:00:89:04:1b:8a:22:db:4b:f7:9d:fe:31:48:
e3:60:91:f0:bc:83:80:eb:29:cb:c1:c5:b3:0e:50:50:8f:15:
5a:f6:35:41:52:c4:ba:8a:35:fd:e3:0a:10:31:b1:40:1f:71:
96:72:b0:31:85:a9:d7:08:ac:8c:94:52:a1:af:9e:ff:4d:2d:
c3:88:9f:6c:7f:9d:3a:aa:7d:21:f5:39:d7:fa:f6:75:c1:75:
42:ac:3f:29:69:5d:5e:dd:a9:d4:92:b9:e5:e6:1e:87:38:69:
b7:79:63:98:b0:4d:90:a1:4b:2e:aa:0f:1c:61:81:ec:de:40:
fa:ef:a9:bc:c4:e7:c2:71:db:39:fa:9a:f7:a1:ce:d5:0a:e1:
ac:91:90:2a:7e:4d:04:f6:d1:94:a7:c7:c3:6a:d3:c7:77:c1:
22:cc:9d:d1:fe:3b:21:8b:50:74:93:f4:5c:ce:e8:34:08:77:
d0:76:cc:2e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQijRiuck8SVKvq9RiFvgRPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MGQ2Y2E5NWUyNzcwZjU1MzQwZDkwOWVjN2M5N2VlY2Ez
ZmUyMGUwHhcNMjUwMTAxMTU0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDJjNmNiNmQ5NDMxMThiM2RhNTFjMzkxYTZmNjI0ZTA2NzIwODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4GVQBNRzcPIgwb8YJQxAVTV11Nfn
6z2n19pcJRVjgCZHPme5NkUEDhyHIbIz4Mt+icHqpziE+50W8/QR3UHwNvzz3UJ8
rKdnkfEMiao75Ui3MeVxRj3QoRAF10YNqEYXzhpp5yv/uJIyOw0ECy84374EawjV
MD8w5maOX4SreDij4sMhNrKCDzTugMpLq6VOG2eLUTQm4p2sD7HsOQoCu8OXQQhd
+riE0T506OZtUVit0szE5X6V9gPRerIXhNbPA75MS9FZ0xd37YH+fkWxWt6nKWjg
G+jfIkgIeYMbFSXApSNuBXd0P118kqJwY6idI25qen4u9JUpEoetSveoFwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLQsbLbZQxGLPaUcORpvYk4GcggXMB8GA1UdIwQY
MBaAFLYNbKleJ3D1U0DZCex8l+7KP+IOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGcxc3FWNG5jUFZUUU5rSjdIeVg3c29fNGc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8wMzNlOGItYmRlMS00ZjkwLWJhZjUt
MjM4NDdhNDBkOWU0LzEvdEN4c3R0bERFWXM5cFJ3NUdtOWlUZ1p5Q0JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8wMzNlOGItYmRlMS00ZjkwLWJhZjUtMjM4NDdhNDBkOWU0
LzEvdGcxc3FWNG5jUFZUUU5rSjdIeVg3c29fNGc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQBufiAMAwD
BAPCH6gDBADCH6owDQQCAAIwBwMFAyoN5YAwDQYJKoZIhvcNAQELBQADggEBAJW2
824gdyaMVSbjt4b15fiW9tjWU1ypV+BOF2tsmKuJ/UleUW91O1QqYBA1CA5AJ1Ti
/VEmz2SkLZsgv1qlYMVB3/GRWy0SL3Ny1wyOAIkEG4oi20v3nf4xSONgkfC8g4Dr
KcvBxbMOUFCPFVr2NUFSxLqKNf3jChAxsUAfcZZysDGFqdcIrIyUUqGvnv9NLcOI
n2x/nTqqfSH1Odf69nXBdUKsPylpXV7dqdSSueXmHoc4abd5Y5iwTZChSy6qDxxh
gezeQPrvqbzE58Jx2zn6mvehztUK4ayRkCp+TQT20ZSnx8Nq08d3wSLMndH+OyGL
UHST9FzO6DQId9B2zC4=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:07 2025 by rpki-client