Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/Ev171PKLiWyg9kWmqIzwQq3r8Lw.roa
File: Ev171PKLiWyg9kWmqIzwQq3r8Lw.roa (raw, json)
Hash identifier: 9HZVrssgfd6EYDzaTv+YXjEtSu5iA8YmquhpuH+g1ns=
Subject key identifier: 12:FD:7B:D4:F2:8B:89:6C:A0:F6:45:A6:A8:8C:F0:42:AD:EB:F0:BC
Certificate issuer: /CN=a13042d137fbb03beba6421f33a8525b52a88f7a
Certificate serial: 0194228E36E2CBF8383EC2E679791C361596
Authority key identifier: A1:30:42:D1:37:FB:B0:3B:EB:A6:42:1F:33:A8:52:5B:52:A8:8F:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/Ev171PKLiWyg9kWmqIzwQq3r8Lw.roa
Signing time: Wed 01 Jan 2025 15:48:53 +0000
ROA not before: Wed 01 Jan 2025 15:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198249
IP address blocks: 91.199.98.0/24 maxlen: 24
91.234.160.0/24 maxlen: 24
185.17.68.0/22 maxlen: 24
185.169.84.0/22 maxlen: 24
2a04:500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.mft
rsync://rpki.ripe.net/repository/DEFAULT/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:36:e2:cb:f8:38:3e:c2:e6:79:79:1c:36:15:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a13042d137fbb03beba6421f33a8525b52a88f7a
Validity
Not Before: Jan 1 15:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12fd7bd4f28b896ca0f645a6a88cf042adebf0bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a5:08:5c:fa:2f:1d:ca:df:9f:0f:50:f8:3c:
ff:d7:6e:10:5b:3d:cb:41:a9:7e:79:f3:0e:18:c5:
fe:e1:07:9b:81:d2:47:28:0b:b5:ef:6a:9f:a3:2a:
0f:bf:de:b1:97:ae:99:80:24:86:ed:2d:af:dc:5c:
4d:b3:db:90:23:a9:45:2f:d9:41:9f:d8:c5:25:aa:
6b:60:2f:bf:35:eb:3f:62:02:13:26:03:2c:64:a8:
8a:74:f2:cd:3b:57:8c:6d:69:52:1e:a3:c1:99:f4:
1f:6d:3c:8a:c9:07:47:b1:ec:19:5c:b2:76:64:0e:
c4:75:73:1e:3a:2c:67:b4:00:60:56:8c:85:48:67:
30:69:b9:6e:6e:ac:21:76:ce:45:1f:f9:61:c7:78:
e4:45:67:c5:cd:18:72:d1:89:94:c3:2d:52:d8:03:
46:db:07:df:f1:32:7b:62:11:13:cc:da:30:40:43:
8d:a1:1b:6c:80:c4:4a:04:b9:12:ae:ee:29:f1:35:
35:93:1e:b7:08:c5:10:f3:35:5c:dd:83:53:2e:a0:
6b:93:69:35:f7:d5:00:c7:d6:b0:31:c9:98:7e:d8:
37:d2:93:1a:96:db:0d:f9:bf:42:3f:e0:89:41:c7:
66:b5:52:06:f0:b9:f3:d5:0e:bf:66:fd:07:93:56:
e3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:FD:7B:D4:F2:8B:89:6C:A0:F6:45:A6:A8:8C:F0:42:AD:EB:F0:BC
X509v3 Authority Key Identifier:
keyid:A1:30:42:D1:37:FB:B0:3B:EB:A6:42:1F:33:A8:52:5B:52:A8:8F:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/Ev171PKLiWyg9kWmqIzwQq3r8Lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.98.0/24
91.234.160.0/24
185.17.68.0/22
185.169.84.0/22
IPv6:
2a04:500::/29
Signature Algorithm: sha256WithRSAEncryption
04:67:76:a0:3c:ad:21:5b:86:7e:11:56:4d:1e:91:a9:6a:4a:
b7:ab:da:87:8b:0e:66:0b:84:15:6c:a8:92:10:cd:b6:07:b6:
7c:54:cf:3e:b5:3c:19:11:01:5f:04:23:a0:17:07:83:6c:18:
f9:6e:5d:b9:ac:00:c3:18:82:e2:3e:fa:f5:1a:ac:20:e2:35:
71:83:2a:53:49:8c:b6:e7:7d:52:86:0f:62:1f:5f:e7:d3:46:
b9:10:8e:98:88:15:1f:25:83:df:98:12:85:f0:e8:07:1e:12:
61:b8:0d:b5:ea:88:3b:a6:d9:7d:09:b9:48:71:d3:90:2f:89:
68:4a:0d:36:13:bf:bc:fa:bc:ac:33:59:0b:53:9c:a1:c6:fc:
8c:ed:0f:a0:cc:6a:ca:75:52:53:57:92:bf:ab:c3:47:38:88:
f7:e2:59:fb:b3:10:f9:fe:34:4f:4f:7c:4c:40:24:07:0c:de:
71:8e:80:af:ed:24:09:3c:a8:93:b8:90:07:68:4f:17:25:44:
b3:d5:fa:36:a6:56:de:5e:f0:b9:a8:99:70:a4:23:29:ef:9b:
3b:15:49:b9:0e:c8:57:b9:56:cb:49:fa:aa:59:9f:61:ae:ac:
e4:14:8a:7b:bf:cd:29:cf:93:b3:87:ad:08:e0:05:85:d0:ad:
f2:43:53:fe
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQijjbiy/g4PsLmeXkcNhWWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMzA0MmQxMzdmYmIwM2JlYmE2NDIxZjMzYTg1MjViNTJh
ODhmN2EwHhcNMjUwMTAxMTU0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmZkN2JkNGYyOGI4OTZjYTBmNjQ1YTZhODhjZjA0MmFkZWJmMGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6UIXPovHcrfnw9Q+Dz/124QWz3L
Qal+efMOGMX+4QebgdJHKAu172qfoyoPv96xl66ZgCSG7S2v3FxNs9uQI6lFL9lB
n9jFJaprYC+/Nes/YgITJgMsZKiKdPLNO1eMbWlSHqPBmfQfbTyKyQdHsewZXLJ2
ZA7EdXMeOixntABgVoyFSGcwablubqwhds5FH/lhx3jkRWfFzRhy0YmUwy1S2ANG
2wff8TJ7YhETzNowQEONoRtsgMRKBLkSru4p8TU1kx63CMUQ8zVc3YNTLqBrk2k1
99UAx9awMcmYftg30pMaltsN+b9CP+CJQcdmtVIG8Lnz1Q6/Zv0Hk1bj+QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBL9e9Tyi4lsoPZFpqiM8EKt6/C8MB8GA1UdIwQY
MBaAFKEwQtE3+7A766ZCHzOoUltSqI96MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1RCQzBUZjdzRHZycGtJZk02aFNXMUtvajNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9hZjQ0MDctZjk4ZS00OTk0LTlmOWUt
ZjZiNmMwNDkxNmExLzEvRXYxNzFQS0xpV3lnOWtXbXFJendRcTNyOEx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9hZjQ0MDctZjk4ZS00OTk0LTlmOWUtZjZiNmMwNDkxNmEx
LzEvb1RCQzBUZjdzRHZycGtJZk02aFNXMUtvajNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW8diAwQA
W+qgAwQCuRFEAwQCualUMA0EAgACMAcDBQMqBAUAMA0GCSqGSIb3DQEBCwUAA4IB
AQAEZ3agPK0hW4Z+EVZNHpGpakq3q9qHiw5mC4QVbKiSEM22B7Z8VM8+tTwZEQFf
BCOgFweDbBj5bl25rADDGILiPvr1Gqwg4jVxgypTSYy2531Shg9iH1/n00a5EI6Y
iBUfJYPfmBKF8OgHHhJhuA216og7ptl9CblIcdOQL4loSg02E7+8+rysM1kLU5yh
xvyM7Q+gzGrKdVJTV5K/q8NHOIj34ln7sxD5/jRPT3xMQCQHDN5xjoCv7SQJPKiT
uJAHaE8XJUSz1fo2plbeXvC5qJlwpCMp75s7FUm5DshXuVbLSfqqWZ9hrqzkFIp7
v80pz5Ozh60I4AWF0K3yQ1P+
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:55 2025 by rpki-client