Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/yIaElboDEcTWK_3VfQrVd7rO3sU.roa
File: yIaElboDEcTWK_3VfQrVd7rO3sU.roa (raw, json)
Hash identifier: dRcI0G+6+49AKUKXqa7HKsOOK4Sxw6VtAfiMSWdhRnQ=
Subject key identifier: C8:86:84:95:BA:03:11:C4:D6:2B:FD:D5:7D:0A:D5:77:BA:CE:DE:C5
Certificate issuer: /CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Certificate serial: 019427472FF104D01893EBABBBE0A79EB6C2
Authority key identifier: 2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/yIaElboDEcTWK_3VfQrVd7rO3sU.roa
Signing time: Thu 02 Jan 2025 13:49:24 +0000
ROA not before: Thu 02 Jan 2025 13:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204444
IP address blocks: 80.94.27.0/24 maxlen: 24
80.94.28.0/23 maxlen: 24
212.14.60.0/24 maxlen: 24
213.155.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:2f:f1:04:d0:18:93:eb:ab:bb:e0:a7:9e:b6:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Validity
Not Before: Jan 2 13:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8868495ba0311c4d62bfdd57d0ad577bacedec5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6c:69:e9:c1:c0:38:b3:96:21:10:5a:ce:61:
d4:a4:41:e1:f8:e2:85:ed:cf:d6:90:1b:7e:37:5c:
91:53:79:53:85:d4:42:81:8f:87:56:f7:02:12:a9:
c2:a4:01:75:1c:e0:22:35:0a:7b:cd:df:72:e3:1a:
12:96:88:87:97:0b:0b:d2:6a:fe:1b:29:6f:e3:56:
b6:30:e5:93:0a:14:5d:77:6d:d4:e4:1b:80:e2:89:
23:cf:da:37:71:61:32:4c:ed:75:76:58:fa:3d:f0:
97:17:7e:21:40:81:25:24:99:ca:d7:23:45:ad:e7:
27:38:28:83:96:23:d4:ad:75:e8:02:50:25:7d:75:
e8:46:49:42:1d:fb:27:9b:9d:58:5b:75:a9:c4:8e:
51:bd:da:37:6b:eb:cf:0d:35:7f:a7:b1:fc:ae:5f:
7e:04:15:30:fc:24:08:5f:04:ed:4b:27:af:54:70:
91:40:d0:44:6f:87:a7:e6:e1:19:c9:b6:30:d7:81:
f1:c3:62:dc:a8:66:53:7f:4a:02:8c:47:fd:9c:47:
a3:cb:b2:3a:ef:fa:2a:62:fa:19:a3:e7:9b:28:e3:
da:32:62:6a:09:67:96:b7:97:48:a4:ba:04:1b:0a:
80:17:b2:af:2b:c3:21:78:e8:9d:02:2a:61:a0:d4:
02:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:86:84:95:BA:03:11:C4:D6:2B:FD:D5:7D:0A:D5:77:BA:CE:DE:C5
X509v3 Authority Key Identifier:
keyid:2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/yIaElboDEcTWK_3VfQrVd7rO3sU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.94.27.0-80.94.29.255
212.14.60.0/24
213.155.167.0/24
Signature Algorithm: sha256WithRSAEncryption
68:d9:d2:52:ee:19:a9:98:bf:24:7f:b2:cd:a4:b9:76:ab:fd:
8f:6e:87:63:ed:bd:3e:5f:dc:6b:0c:32:00:84:87:eb:39:0b:
97:ca:af:28:49:13:96:23:b9:22:7b:a6:f3:da:73:85:8c:27:
f0:ff:d3:b3:94:ca:06:9a:a7:9f:4c:06:44:52:59:27:0f:ab:
3b:f5:de:34:12:88:f9:31:6b:1c:ca:d0:0a:2e:8f:75:a1:00:
c7:cd:10:69:e3:a0:25:e2:e0:b2:2c:ad:fc:92:79:60:40:8a:
83:83:e2:6d:59:b2:36:09:0b:14:62:dc:46:e6:fc:7d:d3:c5:
29:c0:6f:8c:f2:08:85:73:35:d3:7e:85:b8:60:ab:46:06:3e:
0e:93:90:ad:f5:f6:45:43:a8:af:8f:6a:8e:bc:a4:af:a7:c4:
21:4f:86:b5:d7:29:50:31:b5:14:04:66:b9:d0:7b:47:a6:af:
e8:ee:c9:f7:52:f1:65:52:98:5f:00:60:03:77:ac:31:5a:5f:
6c:9d:cf:57:40:02:14:c4:9a:9b:1b:b9:24:92:e4:8c:7b:1a:
80:50:0c:47:a4:ba:3a:24:f4:98:c5:18:49:60:70:2d:1e:df:
0f:6f:9c:20:53:54:c1:64:3f:c1:cb:05:13:c2:e1:9f:2a:fc:
2e:20:a4:3e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQnRy/xBNAYk+uru+CnnrbCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzY0ZGMyMWNiNWZkNGQwYmNiMDJjYzJiNDNmZDc1MWZk
OTFlMWUwHhcNMjUwMTAyMTM0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODg2ODQ5NWJhMDMxMWM0ZDYyYmZkZDU3ZDBhZDU3N2JhY2VkZWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2xp6cHAOLOWIRBazmHUpEHh+OKF
7c/WkBt+N1yRU3lThdRCgY+HVvcCEqnCpAF1HOAiNQp7zd9y4xoSloiHlwsL0mr+
Gylv41a2MOWTChRdd23U5BuA4okjz9o3cWEyTO11dlj6PfCXF34hQIElJJnK1yNF
recnOCiDliPUrXXoAlAlfXXoRklCHfsnm51YW3WpxI5Rvdo3a+vPDTV/p7H8rl9+
BBUw/CQIXwTtSyevVHCRQNBEb4en5uEZybYw14Hxw2LcqGZTf0oCjEf9nEejy7I6
7/oqYvoZo+ebKOPaMmJqCWeWt5dIpLoEGwqAF7KvK8MheOidAiphoNQCkQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMiGhJW6AxHE1iv91X0K1Xe6zt7FMB8GA1UdIwQY
MBaAFCrGTcIctf1NC8sCzCtD/XUf2R4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAt
MDk3YzNjMWMyNTQwLzEveUlhRWxib0RFY1RXS18zVmZRclZkN3JPM3NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAtMDk3YzNjMWMyNTQw
LzEvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABQXhsD
BAFQXhwDBADUDjwDBADVm6cwDQYJKoZIhvcNAQELBQADggEBAGjZ0lLuGamYvyR/
ss2kuXar/Y9uh2PtvT5f3GsMMgCEh+s5C5fKryhJE5YjuSJ7pvPac4WMJ/D/07OU
ygaap59MBkRSWScPqzv13jQSiPkxaxzK0Aouj3WhAMfNEGnjoCXi4LIsrfySeWBA
ioOD4m1ZsjYJCxRi3Ebm/H3TxSnAb4zyCIVzNdN+hbhgq0YGPg6TkK319kVDqK+P
ao68pK+nxCFPhrXXKVAxtRQEZrnQe0emr+juyfdS8WVSmF8AYAN3rDFaX2ydz1dA
AhTEmpsbuSSS5Ix7GoBQDEekujok9JjFGElgcC0e3w9vnCBTVMFkP8HLBRPC4Z8q
/C4gpD4=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:48 2025 by rpki-client