Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/a135b2-791e-41da-afd7-da1c4175802b/1/aeScWSEVmNc0EYb-mhHt5BZ1Oe0.roa
File: aeScWSEVmNc0EYb-mhHt5BZ1Oe0.roa (raw, json)
Hash identifier: fc/BLsPdy7txjMA7q9xzQpymVU7f1xNFpkeDtKxEBLk=
Subject key identifier: 69:E4:9C:59:21:15:98:D7:34:11:86:FE:9A:11:ED:E4:16:75:39:ED
Certificate issuer: /CN=4f6148965f7affeb58609615e6ad4e3eea8cebca
Certificate serial: 019428269432FA0842B5FE30EC625B795D7F
Authority key identifier: 4F:61:48:96:5F:7A:FF:EB:58:60:96:15:E6:AD:4E:3E:EA:8C:EB:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T2FIll96_-tYYJYV5q1OPuqM68o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/a135b2-791e-41da-afd7-da1c4175802b/1/aeScWSEVmNc0EYb-mhHt5BZ1Oe0.roa
Signing time: Thu 02 Jan 2025 17:53:24 +0000
ROA not before: Thu 02 Jan 2025 17:53:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215404
IP address blocks: 87.236.248.0/21 maxlen: 24
185.218.227.0/24 maxlen: 24
2a14:dc0:100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/a135b2-791e-41da-afd7-da1c4175802b/1/T2FIll96_-tYYJYV5q1OPuqM68o.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/a135b2-791e-41da-afd7-da1c4175802b/1/T2FIll96_-tYYJYV5q1OPuqM68o.mft
rsync://rpki.ripe.net/repository/DEFAULT/T2FIll96_-tYYJYV5q1OPuqM68o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 15:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:94:32:fa:08:42:b5:fe:30:ec:62:5b:79:5d:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f6148965f7affeb58609615e6ad4e3eea8cebca
Validity
Not Before: Jan 2 17:53:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69e49c59211598d7341186fe9a11ede4167539ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9f:0a:c4:97:b8:e4:6b:73:67:e6:8f:dc:24:
7a:3d:20:1f:3d:86:da:ad:bf:f9:f4:b3:8c:da:e3:
ca:2e:44:a7:ab:a1:39:b9:e1:0f:72:02:e2:0e:3d:
03:47:6c:88:fa:a1:58:0e:08:56:a8:0e:ed:a3:7b:
5e:3c:3a:4f:2a:d3:cc:87:c8:05:4a:eb:35:c2:72:
4d:9d:04:04:98:7e:e4:e3:66:46:b6:40:7c:7c:78:
c1:01:eb:2c:b2:89:b8:80:74:d1:1b:ab:10:cf:77:
35:cb:fb:67:7a:8d:68:f2:64:ff:02:96:97:d0:77:
31:4c:08:2a:79:24:4d:bd:58:a5:b0:b4:62:00:08:
3f:f5:48:3f:02:1c:c3:1d:5f:7e:c1:c7:5f:48:c4:
f6:4b:75:20:82:a4:85:8e:62:3e:ef:c0:ff:99:a5:
07:d5:66:90:e6:db:60:6e:90:74:10:2e:d0:42:3c:
2d:30:2a:97:29:96:aa:7f:91:06:15:00:2e:ef:cc:
24:c4:fd:37:fe:b8:3f:86:ce:71:da:d6:1d:0f:9f:
ec:c0:0b:90:bb:42:e9:c1:a2:66:2f:80:85:2d:b7:
32:4f:6d:2c:4d:18:b0:85:bb:eb:0b:d8:4a:1d:cd:
23:0c:f7:a6:99:48:6c:c5:8c:aa:89:12:22:60:7d:
54:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:E4:9C:59:21:15:98:D7:34:11:86:FE:9A:11:ED:E4:16:75:39:ED
X509v3 Authority Key Identifier:
keyid:4F:61:48:96:5F:7A:FF:EB:58:60:96:15:E6:AD:4E:3E:EA:8C:EB:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T2FIll96_-tYYJYV5q1OPuqM68o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/a135b2-791e-41da-afd7-da1c4175802b/1/aeScWSEVmNc0EYb-mhHt5BZ1Oe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/a135b2-791e-41da-afd7-da1c4175802b/1/T2FIll96_-tYYJYV5q1OPuqM68o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.248.0/21
185.218.227.0/24
IPv6:
2a14:dc0:100::/40
Signature Algorithm: sha256WithRSAEncryption
31:24:4a:4b:12:8c:bf:2d:46:af:b2:cb:67:bb:9f:93:a7:79:
a3:5b:15:aa:95:5e:e7:78:b8:d7:59:1e:93:96:e3:77:1f:99:
d4:39:9f:d3:c2:8a:1f:14:f7:87:90:6b:d7:23:51:02:87:d1:
0f:23:3b:cc:c6:e8:65:8e:19:2e:02:5e:0a:af:41:26:07:47:
00:cb:23:b5:04:d4:1b:f7:74:77:88:9d:c8:f1:31:56:0b:6c:
64:e2:50:98:45:e2:99:cc:47:97:a7:ad:c8:ff:d1:f7:4d:00:
ef:ae:d5:3e:01:76:dd:ca:e1:be:00:52:d2:18:03:f5:8e:d0:
47:7f:d0:77:47:c3:5b:ff:81:d5:ce:49:e3:29:f2:0c:26:13:
5f:cd:a3:ed:84:85:9d:bf:ed:a1:73:c0:bd:26:86:5e:f5:0d:
ac:29:17:0d:23:c1:65:4f:e7:f9:ec:f0:ea:6e:16:82:15:a9:
5b:f2:0c:1f:65:8e:c2:9b:51:9e:c9:fc:05:26:b8:98:ae:f1:
4c:bc:61:63:25:21:64:a3:14:b8:c7:67:39:73:62:cf:ca:52:
6d:56:1e:74:ae:65:28:4c:d5:50:64:e6:5f:84:98:fb:8e:6a:
9b:79:10:c1:56:1d:f8:9a:ba:05:38:a3:0a:ad:92:e8:2a:92:
b2:40:5e:00
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQoJpQy+ghCtf4w7GJbeV1/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmNjE0ODk2NWY3YWZmZWI1ODYwOTYxNWU2YWQ0ZTNlZWE4
Y2ViY2EwHhcNMjUwMTAyMTc1MzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWU0OWM1OTIxMTU5OGQ3MzQxMTg2ZmU5YTExZWRlNDE2NzUzOWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq58KxJe45GtzZ+aP3CR6PSAfPYba
rb/59LOM2uPKLkSnq6E5ueEPcgLiDj0DR2yI+qFYDghWqA7to3tePDpPKtPMh8gF
Sus1wnJNnQQEmH7k42ZGtkB8fHjBAesssom4gHTRG6sQz3c1y/tneo1o8mT/ApaX
0HcxTAgqeSRNvVilsLRiAAg/9Ug/AhzDHV9+wcdfSMT2S3UggqSFjmI+78D/maUH
1WaQ5ttgbpB0EC7QQjwtMCqXKZaqf5EGFQAu78wkxP03/rg/hs5x2tYdD5/swAuQ
u0LpwaJmL4CFLbcyT20sTRiwhbvrC9hKHc0jDPemmUhsxYyqiRIiYH1UmQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGnknFkhFZjXNBGG/poR7eQWdTntMB8GA1UdIwQY
MBaAFE9hSJZfev/rWGCWFeatTj7qjOvKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDJGSWxsOTZfLXRZWUpZVjVxMU9QdXFNNjhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9hMTM1YjItNzkxZS00MWRhLWFmZDct
ZGExYzQxNzU4MDJiLzEvYWVTY1dTRVZtTmMwRVliLW1oSHQ1QloxT2UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9hMTM1YjItNzkxZS00MWRhLWFmZDctZGExYzQxNzU4MDJi
LzEvVDJGSWxsOTZfLXRZWUpZVjVxMU9QdXFNNjhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQDV+z4AwQA
udrjMA4EAgACMAgDBgAqFA3AATANBgkqhkiG9w0BAQsFAAOCAQEAMSRKSxKMvy1G
r7LLZ7ufk6d5o1sVqpVe53i411kek5bjdx+Z1Dmf08KKHxT3h5Br1yNRAofRDyM7
zMboZY4ZLgJeCq9BJgdHAMsjtQTUG/d0d4idyPExVgtsZOJQmEXimcxHl6etyP/R
900A767VPgF23crhvgBS0hgD9Y7QR3/Qd0fDW/+B1c5J4ynyDCYTX82j7YSFnb/t
oXPAvSaGXvUNrCkXDSPBZU/n+ezw6m4WghWpW/IMH2WOwptRnsn8BSa4mK7xTLxh
YyUhZKMUuMdnOXNiz8pSbVYedK5lKEzVUGTmX4SY+45qm3kQwVYd+Jq6BTijCq2S
6CqSskBeAA==
-----END CERTIFICATE-----
Generated at Mon Mar 10 00:49:19 2025 by rpki-client