Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/Tw6J6xFZkxM0QP0Qzg-OKIzEOoY.roa
File: Tw6J6xFZkxM0QP0Qzg-OKIzEOoY.roa (raw, json)
Hash identifier: zmmFBkM7u8Fjk9lCr0Uc1UNAyKHXpXvpxcyyXqYqK14=
Subject key identifier: 4F:0E:89:EB:11:59:93:13:34:40:FD:10:CE:0F:8E:28:8C:C4:3A:86
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 019421B26D2B45FCEEF3A34FE926F00496DE
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/Tw6J6xFZkxM0QP0Qzg-OKIzEOoY.roa
Signing time: Wed 01 Jan 2025 11:48:48 +0000
ROA not before: Wed 01 Jan 2025 11:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210276
IP address blocks: 85.143.238.0/24 maxlen: 24
86.110.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 09:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:6d:2b:45:fc:ee:f3:a3:4f:e9:26:f0:04:96:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 11:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f0e89eb115993133440fd10ce0f8e288cc43a86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e0:02:60:83:17:6b:5b:29:5e:11:82:6c:95:
60:bf:7c:0f:ec:97:79:da:37:d7:38:3e:01:ef:c6:
63:a7:21:41:7f:4d:b1:ba:b6:1f:79:3f:71:19:56:
9f:84:d1:40:9e:6c:b8:fc:98:93:3d:54:ef:8d:b9:
e9:74:03:43:18:3d:9e:6c:e7:e6:50:95:90:c1:26:
95:53:98:6d:53:c4:94:83:87:50:9d:4c:0d:72:78:
31:f1:49:7b:9e:f3:e6:e6:58:66:f7:30:c8:cf:0e:
58:50:5f:4d:59:1b:e5:85:c3:4c:ea:e6:15:85:bb:
bc:d8:b5:e3:99:28:ae:e0:08:a2:bf:dd:0c:1d:93:
bd:04:77:c0:f5:6a:76:bc:95:21:e5:4d:0a:bf:65:
f5:32:b8:6a:b9:ff:e6:59:ee:07:9f:10:22:69:b4:
8d:9c:eb:8f:1e:3e:cd:f7:5c:f3:87:c1:dc:b7:c7:
fa:1d:bc:b5:f6:14:98:70:eb:4e:1b:06:e9:c3:60:
af:d0:36:93:22:a8:40:b4:c3:5c:35:60:52:45:fa:
56:ed:c0:22:70:37:cc:73:2f:65:72:7e:da:ed:93:
6b:c0:0a:4f:97:8d:3e:4d:cf:74:78:b7:13:7a:2b:
3f:d5:10:7a:74:eb:89:a3:4c:b4:ac:b8:41:45:89:
43:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:0E:89:EB:11:59:93:13:34:40:FD:10:CE:0F:8E:28:8C:C4:3A:86
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/Tw6J6xFZkxM0QP0Qzg-OKIzEOoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.143.238.0/24
86.110.100.0/24
Signature Algorithm: sha256WithRSAEncryption
31:c5:90:8b:41:d2:c0:0c:6e:98:18:cd:8f:82:ae:47:0c:47:
1f:a8:3f:90:69:41:7b:2f:48:3c:7b:74:a2:42:bd:94:20:29:
83:4c:1f:37:08:87:a3:9f:70:99:e9:1a:93:0e:e1:de:f7:ce:
4c:a1:72:6e:79:fd:58:93:5d:a5:b6:7b:88:45:d5:29:38:19:
c9:f9:fd:0d:07:b2:c3:1c:e9:d5:ba:4e:c5:fa:a0:9a:35:7f:
a3:22:34:5e:d8:1c:ca:5d:61:12:0e:27:4c:04:8c:b8:8d:55:
2b:10:4c:8c:19:2f:49:0c:7c:c7:8b:c2:86:2a:c9:11:c1:33:
af:b9:b2:97:53:7e:7e:b7:10:4e:e5:34:a9:5e:ed:03:91:e1:
5b:bc:34:5e:1c:59:0d:7b:7a:b9:fd:c0:c1:30:0d:7c:c3:c3:
3f:5b:7f:b0:ae:0f:4a:4b:49:82:e5:a3:54:d1:40:80:4d:c9:
7f:6b:c3:20:b7:6a:cc:24:b4:78:e4:8d:87:b5:0f:db:e8:0f:
b4:44:43:11:af:af:0d:37:e0:84:b4:b5:b2:55:f6:a5:f3:ac:
96:dc:5f:7c:b3:04:69:ae:d9:e5:1e:cf:35:be:d8:b9:15:f1:
41:ff:cd:45:3a:8e:e9:7f:29:04:74:0e:ad:b3:da:d9:70:bb:
62:c7:21:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhsm0rRfzu86NP6SbwBJbeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjUwMTAxMTE0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjBlODllYjExNTk5MzEzMzQ0MGZkMTBjZTBmOGUyODhjYzQzYTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseACYIMXa1spXhGCbJVgv3wP7Jd5
2jfXOD4B78ZjpyFBf02xurYfeT9xGVafhNFAnmy4/JiTPVTvjbnpdANDGD2ebOfm
UJWQwSaVU5htU8SUg4dQnUwNcngx8Ul7nvPm5lhm9zDIzw5YUF9NWRvlhcNM6uYV
hbu82LXjmSiu4Aiiv90MHZO9BHfA9Wp2vJUh5U0Kv2X1Mrhquf/mWe4HnxAiabSN
nOuPHj7N91zzh8Hct8f6Hby19hSYcOtOGwbpw2Cv0DaTIqhAtMNcNWBSRfpW7cAi
cDfMcy9lcn7a7ZNrwApPl40+Tc90eLcTeis/1RB6dOuJo0y0rLhBRYlD3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE8OiesRWZMTNED9EM4PjiiMxDqGMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvVHc2SjZ4RlpreE0wUVAwUXpnLU9LSXpFT29ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVY/uAwQA
Vm5kMA0GCSqGSIb3DQEBCwUAA4IBAQAxxZCLQdLADG6YGM2Pgq5HDEcfqD+QaUF7
L0g8e3SiQr2UICmDTB83CIejn3CZ6RqTDuHe985MoXJuef1Yk12ltnuIRdUpOBnJ
+f0NB7LDHOnVuk7F+qCaNX+jIjRe2BzKXWESDidMBIy4jVUrEEyMGS9JDHzHi8KG
KskRwTOvubKXU35+txBO5TSpXu0DkeFbvDReHFkNe3q5/cDBMA18w8M/W3+wrg9K
S0mC5aNU0UCATcl/a8Mgt2rMJLR45I2HtQ/b6A+0REMRr68NN+CEtLWyVfal86yW
3F98swRprtnlHs81vti5FfFB/81FOo7pfykEdA6ts9rZcLtixyFt
-----END CERTIFICATE-----
Generated at Tue Apr 15 18:56:10 2025 by rpki-client