Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/aaic0TQ08KDxqNotu0QjynGFp8k.roa
File: aaic0TQ08KDxqNotu0QjynGFp8k.roa (raw, json)
Hash identifier: y+rn4gyMmixGkyVVHgb8Zj+xOMFFm7BJm3FAMYf/M4M=
Subject key identifier: 69:A8:9C:D1:34:34:F0:A0:F1:A8:DA:2D:BB:44:23:CA:71:85:A7:C9
Certificate issuer: /CN=85d0e763f935c171694f172056eb44209db2e2cd
Certificate serial: 019634CDF8C166082F17D005F052E348EE8A
Authority key identifier: 85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/aaic0TQ08KDxqNotu0QjynGFp8k.roa
Signing time: Mon 14 Apr 2025 14:57:15 +0000
ROA not before: Mon 14 Apr 2025 14:57:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47164
IP address blocks: 212.231.81.0/24 maxlen: 24
212.231.82.0/24 maxlen: 24
212.231.83.0/24 maxlen: 24
212.231.84.0/24 maxlen: 24
212.231.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 11:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:34:cd:f8:c1:66:08:2f:17:d0:05:f0:52:e3:48:ee:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85d0e763f935c171694f172056eb44209db2e2cd
Validity
Not Before: Apr 14 14:57:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a89cd13434f0a0f1a8da2dbb4423ca7185a7c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a0:4a:27:34:db:86:ad:1e:de:3b:78:e3:e2:
a6:ee:cd:f0:0e:ce:ef:ce:9c:f0:e5:07:fb:6b:22:
82:79:32:20:ee:11:b9:6f:fd:fb:f1:c0:f6:78:81:
80:7b:2b:ee:6a:4e:ef:10:f9:e8:ba:f9:23:39:b0:
c6:28:40:3b:eb:09:28:4c:68:15:2c:d4:75:da:66:
f9:c4:56:a0:75:b6:67:90:30:ad:67:69:ff:51:48:
fe:21:f1:d7:05:74:2a:f9:41:35:f3:d4:07:1c:fa:
00:94:83:12:b0:6e:46:de:2f:0c:d6:0f:aa:c0:db:
9d:46:e6:57:60:84:dd:cc:58:04:2c:38:68:41:06:
38:ee:3b:29:68:a8:51:bb:cc:49:a4:fe:45:1c:8e:
5b:bf:a2:1e:43:d5:03:a2:e0:15:d1:ff:75:5a:67:
5f:33:42:6e:35:1f:07:1c:e9:5a:47:57:c1:df:f8:
a4:5c:0f:e0:d7:d1:7f:e2:33:ad:ec:37:55:2b:03:
86:f3:0a:2c:6f:ce:04:45:20:76:62:7f:ff:9e:71:
bc:d4:e0:e9:fe:94:af:37:f5:80:cd:5c:41:d1:65:
85:e4:36:9b:a6:b5:5b:24:12:86:ae:25:22:73:0d:
f2:6e:7c:57:61:96:32:db:1b:fa:92:a6:d7:68:a4:
f7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A8:9C:D1:34:34:F0:A0:F1:A8:DA:2D:BB:44:23:CA:71:85:A7:C9
X509v3 Authority Key Identifier:
keyid:85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/aaic0TQ08KDxqNotu0QjynGFp8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.231.81.0-212.231.85.255
Signature Algorithm: sha256WithRSAEncryption
2a:06:9e:08:68:4d:d1:51:04:b6:4c:66:12:a7:89:8a:8d:24:
02:b0:e0:41:32:22:09:b3:2d:85:82:c1:fd:e7:34:98:47:4b:
70:51:40:f5:71:5e:1a:49:12:de:ae:68:73:63:f7:3d:5e:1a:
b6:5c:c2:4d:35:9a:84:e3:84:34:d4:b9:f1:f8:5d:9a:b4:39:
d2:5d:93:46:07:33:e9:de:d0:0d:c6:24:26:01:d0:96:83:63:
6d:5f:d4:44:83:42:89:76:99:9d:67:cf:89:2b:3f:83:fe:4d:
2d:79:6b:17:23:a2:38:e7:cf:6d:3b:e8:60:ec:1e:42:1f:f9:
98:34:3d:df:5a:0e:61:e1:97:d8:a2:cf:5b:85:be:77:b0:e6:
1d:06:25:43:59:4d:bd:55:c6:96:bc:ac:a8:d3:ed:a0:28:24:
84:4b:1d:95:90:95:04:62:7f:15:96:41:52:91:88:0d:f6:f3:
a7:de:43:26:ff:7f:ae:9c:d9:36:e2:4a:dc:a6:ec:3c:87:d9:
3c:e4:db:0d:38:03:0a:40:68:06:4c:75:28:6a:7f:c6:18:17:
00:35:e1:d8:fe:5a:1d:cf:81:7e:0d:0a:90:92:0e:76:a9:f9:
44:e6:f0:1d:f7:81:68:67:5c:5c:21:f1:7e:6e:d7:8f:06:61:
58:a1:3f:bc
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZY0zfjBZggvF9AF8FLjSO6KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZDBlNzYzZjkzNWMxNzE2OTRmMTcyMDU2ZWI0NDIwOWRi
MmUyY2QwHhcNMjUwNDE0MTQ1NzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWE4OWNkMTM0MzRmMGEwZjFhOGRhMmRiYjQ0MjNjYTcxODVhN2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaBKJzTbhq0e3jt44+Km7s3wDs7v
zpzw5Qf7ayKCeTIg7hG5b/378cD2eIGAeyvuak7vEPnouvkjObDGKEA76wkoTGgV
LNR12mb5xFagdbZnkDCtZ2n/UUj+IfHXBXQq+UE189QHHPoAlIMSsG5G3i8M1g+q
wNudRuZXYITdzFgELDhoQQY47jspaKhRu8xJpP5FHI5bv6IeQ9UDouAV0f91Wmdf
M0JuNR8HHOlaR1fB3/ikXA/g19F/4jOt7DdVKwOG8wosb84ERSB2Yn//nnG81ODp
/pSvN/WAzVxB0WWF5DabprVbJBKGriUicw3ybnxXYZYy2xv6kqbXaKT3EwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGmonNE0NPCg8ajaLbtEI8pxhafJMB8GA1UdIwQY
MBaAFIXQ52P5NcFxaU8XIFbrRCCdsuLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2Qt
ZjEyODM1ZjAyNDdiLzEvYWFpYzBUUTA4S0R4cU5vdHUwUWp5bkdGcDhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2QtZjEyODM1ZjAyNDdi
LzEvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADU51ED
BAHU51QwDQYJKoZIhvcNAQELBQADggEBACoGnghoTdFRBLZMZhKniYqNJAKw4EEy
IgmzLYWCwf3nNJhHS3BRQPVxXhpJEt6uaHNj9z1eGrZcwk01moTjhDTUufH4XZq0
OdJdk0YHM+ne0A3GJCYB0JaDY21f1ESDQol2mZ1nz4krP4P+TS15axcjojjnz207
6GDsHkIf+Zg0Pd9aDmHhl9iiz1uFvnew5h0GJUNZTb1Vxpa8rKjT7aAoJIRLHZWQ
lQRifxWWQVKRiA3286feQyb/f66c2TbiStym7DyH2Tzk2w04AwpAaAZMdShqf8YY
FwA14dj+Wh3PgX4NCpCSDnap+UTm8B33gWhnXFwh8X5u148GYVihP7w=
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:17:44 2025 by rpki-client