Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/e90f51-89aa-49eb-9ea6-fbe8bc5a29fa/1/TuA6dq5RUfQK0g-nhGPwelxAp8s.roa
File: TuA6dq5RUfQK0g-nhGPwelxAp8s.roa (raw, json)
Hash identifier: A068hT4+Hwiukpw4NAI0ekcWki3f2qgAy0smH/qbl44=
Subject key identifier: 4E:E0:3A:76:AE:51:51:F4:0A:D2:0F:A7:84:63:F0:7A:5C:40:A7:CB
Certificate issuer: /CN=89aed2cff8ce31b334f83a0b305feef01d71da75
Certificate serial: 0194252196740CCFC5796F00E4A4D4790637
Authority key identifier: 89:AE:D2:CF:F8:CE:31:B3:34:F8:3A:0B:30:5F:EE:F0:1D:71:DA:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/e90f51-89aa-49eb-9ea6-fbe8bc5a29fa/1/TuA6dq5RUfQK0g-nhGPwelxAp8s.roa
Signing time: Thu 02 Jan 2025 03:49:05 +0000
ROA not before: Thu 02 Jan 2025 03:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31655
IP address blocks: 79.74.0.0/16 maxlen: 24
92.207.0.0/16 maxlen: 24
151.2.128.0/17 maxlen: 24
2a04:4440::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/e90f51-89aa-49eb-9ea6-fbe8bc5a29fa/1/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/e90f51-89aa-49eb-9ea6-fbe8bc5a29fa/1/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 06:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:96:74:0c:cf:c5:79:6f:00:e4:a4:d4:79:06:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89aed2cff8ce31b334f83a0b305feef01d71da75
Validity
Not Before: Jan 2 03:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ee03a76ae5151f40ad20fa78463f07a5c40a7cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ff:36:b4:46:76:a4:15:fb:07:8c:38:a9:a1:
2a:f4:3d:9f:0e:a2:ef:73:21:6b:c6:08:2b:89:2c:
ff:fb:35:31:3a:4e:5c:36:a1:5e:2e:a7:ff:6e:ea:
6d:dd:b3:a0:7e:05:65:1f:5b:01:6f:a6:32:0e:c6:
0e:ad:9c:ce:16:f0:97:81:c0:b1:7d:b9:c8:d3:98:
14:7f:c8:1f:e9:f0:52:dd:57:41:88:4f:fc:37:31:
37:42:07:59:0e:3e:4a:42:1f:f2:a1:15:1c:93:de:
05:34:bd:a7:09:cf:b9:31:86:24:f7:f8:2e:da:2c:
1e:9d:1e:c8:ce:29:2a:a6:ee:43:6b:ad:2a:34:f1:
70:05:67:79:fa:98:4b:22:8d:e3:1c:89:ed:62:45:
74:23:34:8e:89:11:f6:78:75:ae:84:75:0f:87:32:
64:60:3e:34:95:06:42:33:11:c8:1b:82:b3:3d:d1:
b5:8e:03:b0:ba:ee:2a:5c:b4:b4:88:7c:e8:16:3d:
aa:02:f5:d0:5d:bc:e0:77:47:1e:22:6a:23:e9:8e:
bc:78:e4:e5:d9:19:9c:6e:59:e6:bf:17:41:fb:3d:
78:1b:78:4e:e2:a9:cb:62:31:5d:c3:58:a4:ee:43:
75:7b:eb:9c:1a:f2:23:0f:25:84:eb:35:a8:1d:dc:
90:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:E0:3A:76:AE:51:51:F4:0A:D2:0F:A7:84:63:F0:7A:5C:40:A7:CB
X509v3 Authority Key Identifier:
keyid:89:AE:D2:CF:F8:CE:31:B3:34:F8:3A:0B:30:5F:EE:F0:1D:71:DA:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e90f51-89aa-49eb-9ea6-fbe8bc5a29fa/1/TuA6dq5RUfQK0g-nhGPwelxAp8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e90f51-89aa-49eb-9ea6-fbe8bc5a29fa/1/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.74.0.0/16
92.207.0.0/16
151.2.128.0/17
IPv6:
2a04:4440::/29
Signature Algorithm: sha256WithRSAEncryption
a3:db:66:c0:fe:07:d0:f8:63:6f:d1:eb:61:72:42:54:65:a1:
ec:91:f0:92:d2:9c:bd:6c:ff:63:37:56:2d:82:2b:17:5f:d4:
21:fb:29:20:ea:66:91:08:44:1f:bd:fd:30:59:f2:42:67:1a:
1e:76:0d:bd:98:68:9c:64:1c:38:77:77:07:15:21:71:28:bf:
3c:06:02:e6:b2:34:53:59:91:cb:9a:16:9c:90:a5:ec:26:fc:
4b:76:6e:ee:63:d7:a1:ea:80:2d:f9:03:78:d6:fa:74:2c:a2:
8e:28:ef:6b:e3:a4:79:ac:4e:60:23:7f:de:7e:4f:df:47:a8:
94:33:47:02:e9:14:a1:7f:ed:c6:0f:4d:01:1e:32:39:f2:c0:
58:6f:a7:ac:3f:0d:1d:62:6f:9e:4a:80:10:9e:af:b0:b2:3d:
01:46:93:83:9d:a0:ec:45:01:ed:22:65:41:63:18:78:63:02:
34:cb:7c:99:9a:83:0e:52:2c:88:3d:dc:fa:4c:6e:b7:b2:90:
c8:5d:ec:b5:ec:d3:33:41:d1:d6:e8:ff:ee:72:70:3b:68:02:
52:89:c0:86:35:9b:61:a0:b6:6c:83:06:49:51:17:da:17:b2:
f9:bc:c5:67:03:66:68:db:6e:e0:65:34:c7:2e:2d:c5:ad:8c:
14:3a:5c:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQlIZZ0DM/FeW8A5KTUeQY3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWVkMmNmZjhjZTMxYjMzNGY4M2EwYjMwNWZlZWYwMWQ3
MWRhNzUwHhcNMjUwMTAyMDM0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWUwM2E3NmFlNTE1MWY0MGFkMjBmYTc4NDYzZjA3YTVjNDBhN2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/82tEZ2pBX7B4w4qaEq9D2fDqLv
cyFrxggriSz/+zUxOk5cNqFeLqf/bupt3bOgfgVlH1sBb6YyDsYOrZzOFvCXgcCx
fbnI05gUf8gf6fBS3VdBiE/8NzE3QgdZDj5KQh/yoRUck94FNL2nCc+5MYYk9/gu
2iwenR7Izikqpu5Da60qNPFwBWd5+phLIo3jHIntYkV0IzSOiRH2eHWuhHUPhzJk
YD40lQZCMxHIG4KzPdG1jgOwuu4qXLS0iHzoFj2qAvXQXbzgd0ceImoj6Y68eOTl
2RmcblnmvxdB+z14G3hO4qnLYjFdw1ik7kN1e+ucGvIjDyWE6zWoHdyQPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE7gOnauUVH0CtIPp4Rj8HpcQKfLMB8GA1UdIwQY
MBaAFImu0s/4zjGzNPg6CzBf7vAdcdp1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWE3U3pfak9NYk0wLURvTE1GX3U4QjF4Mm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lOTBmNTEtODlhYS00OWViLTllYTYt
ZmJlOGJjNWEyOWZhLzEvVHVBNmRxNVJVZlFLMGctbmhHUHdlbHhBcDhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lOTBmNTEtODlhYS00OWViLTllYTYtZmJlOGJjNWEyOWZh
LzEvaWE3U3pfak9NYk0wLURvTE1GX3U4QjF4Mm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAWBAIAATAQAwMAT0oDAwBc
zwMEB5cCgDANBAIAAjAHAwUDKgREQDANBgkqhkiG9w0BAQsFAAOCAQEAo9tmwP4H
0Phjb9HrYXJCVGWh7JHwktKcvWz/YzdWLYIrF1/UIfspIOpmkQhEH739MFnyQmca
HnYNvZhonGQcOHd3BxUhcSi/PAYC5rI0U1mRy5oWnJCl7Cb8S3Zu7mPXoeqALfkD
eNb6dCyijijva+OkeaxOYCN/3n5P30eolDNHAukUoX/txg9NAR4yOfLAWG+nrD8N
HWJvnkqAEJ6vsLI9AUaTg52g7EUB7SJlQWMYeGMCNMt8mZqDDlIsiD3c+kxut7KQ
yF3stezTM0HR1uj/7nJwO2gCUonAhjWbYaC2bIMGSVEX2hey+bzFZwNmaNtu4GU0
xy4txa2MFDpc9w==
-----END CERTIFICATE-----
Generated at Tue Apr 15 16:06:41 2025 by rpki-client