Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/dkbWTo4bq_yPPRqYmeLtAion_fk.roa
File: dkbWTo4bq_yPPRqYmeLtAion_fk.roa (raw, json)
Hash identifier: DMCPEeMn/42xBYmE/TT+llc8dW4AkHYEj+Bu1a5chCg=
Subject key identifier: 76:46:D6:4E:8E:1B:AB:FC:8F:3D:1A:98:99:E2:ED:02:2A:27:FD:F9
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 01942747CB95792D61774A045F8956F229E0
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/dkbWTo4bq_yPPRqYmeLtAion_fk.roa
Signing time: Thu 02 Jan 2025 13:50:03 +0000
ROA not before: Thu 02 Jan 2025 13:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18530
IP address blocks: 2.56.20.0/23 maxlen: 23
2.56.22.0/23 maxlen: 23
84.39.200.0/23 maxlen: 23
84.39.202.0/23 maxlen: 23
92.246.68.0/23 maxlen: 23
92.246.70.0/23 maxlen: 23
193.31.32.0/23 maxlen: 23
193.31.34.0/23 maxlen: 23
194.93.52.0/23 maxlen: 23
194.93.54.0/23 maxlen: 23
195.38.0.0/23 maxlen: 23
195.38.2.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 10:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:cb:95:79:2d:61:77:4a:04:5f:89:56:f2:29:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Jan 2 13:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7646d64e8e1babfc8f3d1a9899e2ed022a27fdf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d1:2f:33:bb:3b:d8:62:e1:1a:0f:39:dc:50:
95:65:ff:7a:27:b5:a5:23:c9:f6:7c:ad:f5:9a:aa:
06:94:31:9e:26:26:10:c6:ce:e9:8a:61:a2:16:c5:
a4:54:be:3f:5d:5d:31:a0:fc:ad:2f:5f:47:16:81:
22:0c:23:0c:4b:df:e6:79:ee:f1:0d:fb:00:7f:d7:
f2:63:a7:e9:a6:69:e0:03:a8:f2:89:af:19:0e:08:
aa:7e:d1:ee:11:81:73:9f:f7:15:da:11:e7:92:74:
22:b2:ff:90:71:fd:2e:63:aa:eb:13:0a:03:5d:e0:
e8:2b:d8:31:50:44:b3:f5:67:5f:bc:e5:97:29:33:
6c:c6:53:09:7b:3e:a5:2a:67:00:48:3f:fc:de:66:
db:3d:c3:1a:23:29:14:ef:26:fb:6c:e0:38:83:fb:
3d:b3:74:4c:22:3a:f5:c1:68:9b:40:4a:6d:72:49:
9f:2d:8a:55:fc:b0:fe:9b:69:46:1b:72:8c:bb:d3:
af:6d:12:7e:9c:a3:ce:06:de:e8:9f:48:fd:f6:08:
ac:f6:b0:df:55:48:d0:8d:f6:51:5c:45:7c:f1:03:
7b:f4:cf:7e:70:71:f3:57:2f:98:b1:b4:23:ef:69:
bd:f2:87:9c:44:a1:ab:19:51:0c:55:44:09:d0:a4:
1a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:46:D6:4E:8E:1B:AB:FC:8F:3D:1A:98:99:E2:ED:02:2A:27:FD:F9
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/dkbWTo4bq_yPPRqYmeLtAion_fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.20.0/22
84.39.200.0/22
92.246.68.0/22
193.31.32.0/22
194.93.52.0/22
195.38.0.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:a7:95:79:0b:3a:57:c8:65:1e:47:91:94:73:de:29:f1:b4:
a1:8a:31:6a:20:91:c9:18:67:cf:00:f8:42:e6:fa:42:73:b3:
22:73:81:44:f3:9b:3a:12:ee:ab:1c:86:f4:cc:d9:20:fd:08:
5e:a6:c7:cb:4b:dd:02:bb:c2:a1:45:ac:ce:33:78:b8:79:c0:
97:e1:17:5d:46:37:3b:ed:94:5c:31:9a:c9:df:ff:3b:b1:25:
60:d7:1b:d7:5f:a2:5e:25:4a:ae:ad:a2:d1:6c:10:d8:3d:2d:
71:a9:b8:4a:37:a2:54:8f:c6:76:aa:17:29:79:78:08:2b:f2:
3e:87:55:43:f1:82:c7:63:e3:4d:d8:e2:a3:bb:26:b0:f5:a8:
ac:58:ab:dd:7e:a6:16:c5:ae:d6:59:2d:0e:62:04:c5:fe:5a:
9d:db:ea:fe:6c:95:14:24:4c:32:62:2f:93:cc:30:4e:91:fb:
7e:00:88:fb:09:b6:66:7a:10:25:ec:f2:a9:9d:ff:a4:39:3d:
4e:43:23:0f:7e:4b:49:5a:6f:ef:4f:97:58:4d:83:68:e3:84:
15:c2:f0:a0:02:38:c9:70:d2:9b:18:b4:0c:3a:5c:b2:6b:16:
c1:2a:04:63:c6:81:41:49:a7:a0:05:4a:9b:52:85:d6:b2:c0:
53:7d:7e:86
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQnR8uVeS1hd0oEX4lW8ingMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjUwMTAyMTM1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjQ2ZDY0ZThlMWJhYmZjOGYzZDFhOTg5OWUyZWQwMjJhMjdmZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9EvM7s72GLhGg853FCVZf96J7Wl
I8n2fK31mqoGlDGeJiYQxs7pimGiFsWkVL4/XV0xoPytL19HFoEiDCMMS9/mee7x
DfsAf9fyY6fppmngA6jyia8ZDgiqftHuEYFzn/cV2hHnknQisv+Qcf0uY6rrEwoD
XeDoK9gxUESz9WdfvOWXKTNsxlMJez6lKmcASD/83mbbPcMaIykU7yb7bOA4g/s9
s3RMIjr1wWibQEptckmfLYpV/LD+m2lGG3KMu9OvbRJ+nKPOBt7on0j99gis9rDf
VUjQjfZRXEV88QN79M9+cHHzVy+YsbQj72m98oecRKGrGVEMVUQJ0KQa5wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHZG1k6OG6v8jz0amJni7QIqJ/35MB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvZGtiV1RvNGJxX3lQUFJxWW1lTHRBaW9uX2ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCAjgUAwQC
VCfIAwQCXPZEAwQCwR8gAwQCwl00AwQCwyYAMA0GCSqGSIb3DQEBCwUAA4IBAQBN
p5V5CzpXyGUeR5GUc94p8bShijFqIJHJGGfPAPhC5vpCc7Mic4FE85s6Eu6rHIb0
zNkg/QhepsfLS90Cu8KhRazOM3i4ecCX4RddRjc77ZRcMZrJ3/87sSVg1xvXX6Je
JUquraLRbBDYPS1xqbhKN6JUj8Z2qhcpeXgIK/I+h1VD8YLHY+NN2OKjuyaw9ais
WKvdfqYWxa7WWS0OYgTF/lqd2+r+bJUUJEwyYi+TzDBOkft+AIj7CbZmehAl7PKp
nf+kOT1OQyMPfktJWm/vT5dYTYNo44QVwvCgAjjJcNKbGLQMOlyyaxbBKgRjxoFB
SaegBUqbUoXWssBTfX6G
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:45:16 2025 by rpki-client