Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/cLHJ9pzG4jNGxgoAoRMirT2Ejso.roa
File: cLHJ9pzG4jNGxgoAoRMirT2Ejso.roa (raw, json)
Hash identifier: Jzxa7wOrH3SZg3F+/QPuNnZeQarhGQ5yhFav2kPWjJ0=
Subject key identifier: 70:B1:C9:F6:9C:C6:E2:33:46:C6:0A:00:A1:13:22:AD:3D:84:8E:CA
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 0194221F87C33E3E448612BFFE834ACB15B0
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/cLHJ9pzG4jNGxgoAoRMirT2Ejso.roa
Signing time: Wed 01 Jan 2025 13:47:59 +0000
ROA not before: Wed 01 Jan 2025 13:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34376
IP address blocks: 82.119.93.0/24 maxlen: 24
85.14.31.0/24 maxlen: 24
85.14.32.0/22 maxlen: 22
85.14.32.0/24 maxlen: 24
85.14.33.0/24 maxlen: 24
85.14.34.0/24 maxlen: 24
85.14.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.mft
rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 01:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:87:c3:3e:3e:44:86:12:bf:fe:83:4a:cb:15:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 1 13:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70b1c9f69cc6e23346c60a00a11322ad3d848eca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c2:31:29:0b:d0:f4:f9:85:19:b0:43:ee:7b:
5a:f3:e4:27:17:c4:48:9b:bb:91:b4:36:5b:e9:da:
55:49:a9:9a:99:49:0c:aa:fc:f9:da:6e:99:fa:75:
fa:89:3f:c3:a7:32:b4:28:cc:ab:84:6d:e8:24:76:
a4:12:74:4e:8c:3b:20:04:ff:19:4f:c2:12:e6:4c:
c1:bc:bb:73:62:d4:04:dc:c8:55:2a:b7:68:41:69:
55:bd:b9:ea:a4:c2:7d:39:50:9e:c4:95:1e:bd:09:
56:28:20:cf:87:13:17:ca:01:0f:ad:79:85:d1:a0:
fd:ea:25:23:cf:e7:0d:5c:ad:32:19:4c:44:f4:8c:
14:b0:ce:62:ce:6c:32:9e:c4:80:1f:40:4d:90:97:
af:9a:5f:e7:f8:05:61:4f:47:b5:5f:43:51:2b:16:
be:ee:9e:29:cf:8c:1d:09:fb:21:88:90:2c:cb:fd:
3d:94:b7:0f:98:d3:01:8f:90:cf:3e:7c:a0:13:3b:
4e:e6:36:c3:c4:c4:25:d3:6b:a7:a4:c6:05:a2:9c:
b1:7b:8d:f5:c7:ba:84:4c:d5:2c:b1:70:23:12:a3:
e6:02:18:a6:b0:a7:d9:3b:58:d4:ec:50:c9:67:33:
3d:43:59:a2:cf:83:f6:aa:b2:88:c1:30:6c:ad:91:
aa:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B1:C9:F6:9C:C6:E2:33:46:C6:0A:00:A1:13:22:AD:3D:84:8E:CA
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/cLHJ9pzG4jNGxgoAoRMirT2Ejso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.119.93.0/24
85.14.31.0-85.14.35.255
Signature Algorithm: sha256WithRSAEncryption
a6:24:db:e2:ff:50:4b:f5:dc:b8:62:ab:38:99:0c:a0:1d:a9:
b0:4e:3a:5b:f3:9a:b6:9e:86:0a:5b:c5:e4:c4:73:64:ff:64:
af:08:19:06:05:0a:17:8a:b0:ee:b9:e3:76:56:40:9b:81:fb:
d8:c5:83:12:42:3c:95:72:d8:82:6a:a1:20:9c:d9:53:0c:fa:
cb:7c:c3:40:1d:55:87:17:97:45:91:e4:90:e7:59:f3:c5:4e:
c7:c4:ea:c9:10:d1:dc:bd:b0:2d:a6:41:58:47:7e:99:ab:85:
dc:37:43:f5:df:1e:1f:55:ca:4d:1f:01:ab:dc:72:e6:d0:78:
fb:88:3e:fd:68:47:ca:84:eb:c7:63:3c:b3:6b:0f:fd:52:90:
43:92:be:79:70:08:d9:3d:d4:f8:b5:a6:59:80:e1:d9:d7:d3:
05:f1:d3:52:12:29:fe:30:c8:44:59:56:fa:e8:f9:b1:18:a4:
3e:d2:75:0c:b5:9a:38:58:02:44:ae:31:cd:f9:84:ba:84:b9:
1c:74:df:dd:61:c0:f3:e5:d5:d3:f9:20:87:c8:1c:e7:48:8f:
71:d2:ad:e9:c9:4d:24:dd:04:23:b1:bd:bf:8f:01:aa:29:56:
2a:77:8b:b8:a4:af:8e:ec:02:72:a9:d0:27:4c:52:52:8a:13:
ad:2d:36:84
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQiH4fDPj5EhhK//oNKyxWwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjUwMTAxMTM0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGIxYzlmNjljYzZlMjMzNDZjNjBhMDBhMTEzMjJhZDNkODQ4ZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsIxKQvQ9PmFGbBD7nta8+QnF8RI
m7uRtDZb6dpVSamamUkMqvz52m6Z+nX6iT/DpzK0KMyrhG3oJHakEnROjDsgBP8Z
T8IS5kzBvLtzYtQE3MhVKrdoQWlVvbnqpMJ9OVCexJUevQlWKCDPhxMXygEPrXmF
0aD96iUjz+cNXK0yGUxE9IwUsM5izmwynsSAH0BNkJevml/n+AVhT0e1X0NRKxa+
7p4pz4wdCfshiJAsy/09lLcPmNMBj5DPPnygEztO5jbDxMQl02unpMYFopyxe431
x7qETNUssXAjEqPmAhimsKfZO1jU7FDJZzM9Q1miz4P2qrKIwTBsrZGqNwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHCxyfacxuIzRsYKAKETIq09hI7KMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvY0xISjlwekc0ak5HeGdvQW9STWlyVDJFanNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAUnddMAwD
BABVDh8DBAJVDiAwDQYJKoZIhvcNAQELBQADggEBAKYk2+L/UEv13LhiqziZDKAd
qbBOOlvzmraehgpbxeTEc2T/ZK8IGQYFCheKsO6543ZWQJuB+9jFgxJCPJVy2IJq
oSCc2VMM+st8w0AdVYcXl0WR5JDnWfPFTsfE6skQ0dy9sC2mQVhHfpmrhdw3Q/Xf
Hh9Vyk0fAavccubQePuIPv1oR8qE68djPLNrD/1SkEOSvnlwCNk91Pi1plmA4dnX
0wXx01ISKf4wyERZVvro+bEYpD7SdQy1mjhYAkSuMc35hLqEuRx0391hwPPl1dP5
IIfIHOdIj3HSrenJTSTdBCOxvb+PAaopVip3i7ikr47sAnKp0CdMUlKKE60tNoQ=
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:56:04 2025 by rpki-client