Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/153d53-6e69-4301-abd3-f311bac2a37f/1/0tyV27ZaRKIuc5h8kTDsBiv4BZI.roa
File: 0tyV27ZaRKIuc5h8kTDsBiv4BZI.roa (raw, json)
Hash identifier: 1dyOdZnQpGVWWsvnKswgEprRwbXy0vsePve+ulQremU=
Subject key identifier: D2:DC:95:DB:B6:5A:44:A2:2E:73:98:7C:91:30:EC:06:2B:F8:05:92
Certificate issuer: /CN=c1bf34b190a51ce5300257911af30404f4951fb6
Certificate serial: 019423695CCCA266B88BF9098A8FECD6FECA
Authority key identifier: C1:BF:34:B1:90:A5:1C:E5:30:02:57:91:1A:F3:04:04:F4:95:1F:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wb80sZClHOUwAleRGvMEBPSVH7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/153d53-6e69-4301-abd3-f311bac2a37f/1/0tyV27ZaRKIuc5h8kTDsBiv4BZI.roa
Signing time: Wed 01 Jan 2025 19:48:15 +0000
ROA not before: Wed 01 Jan 2025 19:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42433
IP address blocks: 81.23.242.0/23 maxlen: 23
81.23.242.0/24 maxlen: 24
81.23.243.0/24 maxlen: 24
92.118.110.0/24 maxlen: 24
2a0f:ec40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/153d53-6e69-4301-abd3-f311bac2a37f/1/wb80sZClHOUwAleRGvMEBPSVH7Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/153d53-6e69-4301-abd3-f311bac2a37f/1/wb80sZClHOUwAleRGvMEBPSVH7Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/wb80sZClHOUwAleRGvMEBPSVH7Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:5c:cc:a2:66:b8:8b:f9:09:8a:8f:ec:d6:fe:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1bf34b190a51ce5300257911af30404f4951fb6
Validity
Not Before: Jan 1 19:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2dc95dbb65a44a22e73987c9130ec062bf80592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9f:6e:03:67:89:63:c4:2c:1a:6a:d4:27:51:
83:a0:c7:0c:67:51:58:4b:ca:46:ad:e9:eb:21:ce:
36:35:21:66:6b:cb:8d:46:79:ab:cd:2f:ea:5b:42:
43:e9:90:8b:58:8c:28:65:ee:79:e9:fc:91:f3:81:
d5:23:35:75:25:3b:09:96:39:f9:97:2f:b3:75:f0:
3d:7c:bd:f4:76:38:04:13:e3:38:3b:5a:25:47:43:
17:94:40:36:6f:d1:f0:b7:70:a4:e5:3c:79:ab:1c:
d4:05:45:94:30:f8:ac:df:fc:9a:27:65:61:58:87:
a1:6b:e0:92:09:f7:49:13:c8:61:b3:d6:cc:f6:7d:
fe:6b:5a:2d:49:42:f6:ca:ba:e6:c0:b5:ca:2b:87:
da:18:f2:51:3a:99:ab:39:fe:d1:d8:79:c5:b4:44:
0a:fb:6d:cf:0e:9c:1c:c8:6f:af:45:73:be:e5:39:
93:30:8a:e9:17:3c:1a:16:6a:ce:4d:48:64:04:02:
2c:d5:6f:e2:47:6b:47:1d:86:32:b3:d9:09:59:6e:
c1:cc:c0:ea:e9:84:64:a1:d2:2d:e3:e6:8c:fc:15:
fc:30:91:72:80:09:9d:54:14:7a:ae:6f:34:c4:ea:
df:32:5a:57:4c:e1:aa:3b:10:31:70:ea:69:05:a2:
c9:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:DC:95:DB:B6:5A:44:A2:2E:73:98:7C:91:30:EC:06:2B:F8:05:92
X509v3 Authority Key Identifier:
keyid:C1:BF:34:B1:90:A5:1C:E5:30:02:57:91:1A:F3:04:04:F4:95:1F:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wb80sZClHOUwAleRGvMEBPSVH7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/153d53-6e69-4301-abd3-f311bac2a37f/1/0tyV27ZaRKIuc5h8kTDsBiv4BZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/153d53-6e69-4301-abd3-f311bac2a37f/1/wb80sZClHOUwAleRGvMEBPSVH7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.23.242.0/23
92.118.110.0/24
IPv6:
2a0f:ec40::/32
Signature Algorithm: sha256WithRSAEncryption
30:0b:9f:f5:b3:2b:b5:87:e3:e4:be:0a:5f:15:a7:7b:22:b4:
c7:2e:be:5e:90:01:71:eb:9c:4f:b6:2c:02:73:d4:a5:a4:fb:
c3:57:ee:f9:53:02:21:f8:7d:e0:50:e4:cf:b4:09:d0:14:40:
73:41:d3:5b:dc:73:3e:a5:3b:ac:17:0d:6b:45:04:7b:7c:39:
b3:f8:83:af:16:26:86:38:8d:d3:e1:38:5a:55:c8:31:1b:1e:
b3:4d:e2:2a:60:0f:5d:cb:48:0e:b7:0e:fd:dd:9c:56:5a:f1:
9a:1a:69:34:c7:60:57:65:79:e7:60:78:c1:98:64:e4:a7:33:
f8:ff:93:05:e7:e2:5c:21:4f:73:cb:60:29:b3:21:71:ee:9b:
8a:8b:e0:7f:df:4c:ea:ee:1d:0b:02:fd:95:e8:41:d9:eb:49:
65:ed:ed:57:e9:7f:d2:2e:7c:bd:4a:04:6e:6e:09:af:18:ce:
7b:85:e2:62:57:b8:85:da:ac:54:83:af:32:95:49:78:ae:09:
af:b0:9d:06:39:7e:37:da:56:9e:5d:da:e2:2a:fd:5a:0e:94:
07:cb:4c:23:d3:17:29:96:1b:cc:06:8d:a2:ba:fa:13:f5:e6:
be:db:a9:12:91:06:b9:8b:1a:11:95:42:2c:4f:42:7d:15:09:
cb:8a:70:b8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQjaVzMoma4i/kJio/s1v7KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYmYzNGIxOTBhNTFjZTUzMDAyNTc5MTFhZjMwNDA0ZjQ5
NTFmYjYwHhcNMjUwMTAxMTk0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmRjOTVkYmI2NWE0NGEyMmU3Mzk4N2M5MTMwZWMwNjJiZjgwNTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhp9uA2eJY8QsGmrUJ1GDoMcMZ1FY
S8pGrenrIc42NSFma8uNRnmrzS/qW0JD6ZCLWIwoZe556fyR84HVIzV1JTsJljn5
ly+zdfA9fL30djgEE+M4O1olR0MXlEA2b9Hwt3Ck5Tx5qxzUBUWUMPis3/yaJ2Vh
WIeha+CSCfdJE8hhs9bM9n3+a1otSUL2yrrmwLXKK4faGPJROpmrOf7R2HnFtEQK
+23PDpwcyG+vRXO+5TmTMIrpFzwaFmrOTUhkBAIs1W/iR2tHHYYys9kJWW7BzMDq
6YRkodIt4+aM/BX8MJFygAmdVBR6rm80xOrfMlpXTOGqOxAxcOppBaLJ8QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNLcldu2WkSiLnOYfJEw7AYr+AWSMB8GA1UdIwQY
MBaAFMG/NLGQpRzlMAJXkRrzBAT0lR+2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2I4MHNaQ2xIT1V3QWxlUkd2TUVCUFNWSDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8xNTNkNTMtNmU2OS00MzAxLWFiZDMt
ZjMxMWJhYzJhMzdmLzEvMHR5VjI3WmFSS0l1YzVoOGtURHNCaXY0QlpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8xNTNkNTMtNmU2OS00MzAxLWFiZDMtZjMxMWJhYzJhMzdm
LzEvd2I4MHNaQ2xIT1V3QWxlUkd2TUVCUFNWSDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBURfyAwQA
XHZuMA0EAgACMAcDBQAqD+xAMA0GCSqGSIb3DQEBCwUAA4IBAQAwC5/1syu1h+Pk
vgpfFad7IrTHLr5ekAFx65xPtiwCc9SlpPvDV+75UwIh+H3gUOTPtAnQFEBzQdNb
3HM+pTusFw1rRQR7fDmz+IOvFiaGOI3T4ThaVcgxGx6zTeIqYA9dy0gOtw793ZxW
WvGaGmk0x2BXZXnnYHjBmGTkpzP4/5MF5+JcIU9zy2ApsyFx7puKi+B/30zq7h0L
Av2V6EHZ60ll7e1X6X/SLny9SgRubgmvGM57heJiV7iF2qxUg68ylUl4rgmvsJ0G
OX432laeXdriKv1aDpQHy0wj0xcplhvMBo2iuvoT9ea+26kSkQa5ixoRlUIsT0J9
FQnLinC4
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:58 2025 by rpki-client