Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/4rupNMtZnDN0QSWru1RNhLDuJIo.roa
File: 4rupNMtZnDN0QSWru1RNhLDuJIo.roa (raw, json)
Hash identifier: z4IbiN1+w7zdJy/d9hWZDYM0E9ZzQh9TzT+f2XEsa+o=
Subject key identifier: E2:BB:A9:34:CB:59:9C:33:74:41:25:AB:BB:54:4D:84:B0:EE:24:8A
Certificate issuer: /CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Certificate serial: 019427B5D680C8078FAE23AB3A472AE7741B
Authority key identifier: DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/4rupNMtZnDN0QSWru1RNhLDuJIo.roa
Signing time: Thu 02 Jan 2025 15:50:15 +0000
ROA not before: Thu 02 Jan 2025 15:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48943
IP address blocks: 213.235.196.0/24 maxlen: 24
213.235.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.mft
rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 12:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:d6:80:c8:07:8f:ae:23:ab:3a:47:2a:e7:74:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Validity
Not Before: Jan 2 15:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2bba934cb599c33744125abbb544d84b0ee248a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b0:a9:8d:20:b4:de:a6:6e:05:be:01:7f:17:
34:3c:43:f4:50:b2:f7:46:de:71:40:f0:4a:2f:18:
b8:cd:d0:35:95:57:6e:a1:85:d3:77:9b:bd:ab:e6:
ab:91:9b:38:aa:4d:f6:17:60:c1:4e:04:69:63:b5:
be:aa:ef:f2:a4:bb:2b:ec:6a:19:9d:5e:ff:1d:85:
b5:00:94:cf:35:3d:eb:12:65:82:11:e8:00:ac:53:
bd:4d:f2:cd:2b:2e:e4:fa:fd:a8:7d:3f:9d:8f:de:
66:e4:75:93:2f:7f:57:7a:f3:27:5f:d7:95:35:c0:
7a:29:f8:db:08:da:44:41:28:90:74:94:05:c1:6f:
f1:73:b6:0c:31:7d:6d:26:97:2c:80:53:2a:6f:94:
fc:a9:55:61:ab:84:14:97:f6:f5:14:d6:7a:b9:2b:
d2:ea:1b:64:01:65:05:b2:91:13:b8:90:8c:2c:56:
7d:82:9c:dd:c3:3b:c3:3f:45:7d:04:4a:95:6a:0a:
df:6b:19:bc:37:33:c0:5f:0a:42:4b:a8:8b:6c:d4:
d6:a2:6d:f6:76:a8:8f:46:73:dd:6e:81:16:a6:e2:
30:e0:e6:4e:ed:fc:67:f9:c7:57:73:3a:8c:86:84:
b2:28:04:25:18:a4:7c:3c:07:21:59:80:71:f8:a5:
ae:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:BB:A9:34:CB:59:9C:33:74:41:25:AB:BB:54:4D:84:B0:EE:24:8A
X509v3 Authority Key Identifier:
keyid:DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/4rupNMtZnDN0QSWru1RNhLDuJIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.235.196.0/24
213.235.234.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:ae:b9:a7:a7:a5:28:a3:b3:d6:b6:4c:33:c4:41:27:06:97:
ca:dc:62:04:25:5f:d2:21:ff:a3:ee:47:53:6c:61:6c:86:6b:
db:9f:3b:20:22:c8:53:5e:1c:5e:17:a9:40:a5:2b:4a:0f:8b:
45:d3:a4:7d:cf:6a:d5:5f:ef:c6:58:69:af:ad:77:eb:ea:db:
4a:84:df:18:0c:30:9f:11:30:9d:a0:07:69:64:5a:3c:86:18:
39:1a:a0:df:eb:d9:af:43:c2:28:0f:53:ce:ad:c0:e2:ee:1e:
81:f1:c1:b3:6c:c7:4b:42:9a:c5:2b:50:07:ef:c8:8d:d8:cd:
03:99:3c:8a:48:a9:bf:7a:b6:4e:26:33:37:43:96:02:6a:88:
10:07:1a:7b:58:25:77:91:34:72:bf:c3:3f:33:85:af:6d:12:
4d:1c:7f:1c:28:68:6e:59:8c:2f:81:0f:fb:e8:ad:35:f2:79:
ea:e3:f3:d0:9e:55:d8:80:c9:e9:ba:1b:bd:63:1c:fb:ec:2b:
95:9b:d6:fa:d3:fb:f3:3e:00:02:66:c0:ef:1f:f5:ef:dd:e9:
7e:d1:ec:92:77:5b:f0:43:bb:32:2c:24:30:5f:f5:a6:0d:62:
99:94:80:c5:c6:cc:24:5f:5e:31:e6:ba:b6:a4:dc:db:bd:50:
d2:e7:ca:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQntdaAyAePriOrOkcq53QbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWQxOTdmYmJlZTJhMWRjY2I0ZjU1NzIyYTgyMTBkMzEw
NWIwNDIwHhcNMjUwMTAyMTU1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmJiYTkzNGNiNTk5YzMzNzQ0MTI1YWJiYjU0NGQ4NGIwZWUyNDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbCpjSC03qZuBb4Bfxc0PEP0ULL3
Rt5xQPBKLxi4zdA1lVduoYXTd5u9q+arkZs4qk32F2DBTgRpY7W+qu/ypLsr7GoZ
nV7/HYW1AJTPNT3rEmWCEegArFO9TfLNKy7k+v2ofT+dj95m5HWTL39XevMnX9eV
NcB6KfjbCNpEQSiQdJQFwW/xc7YMMX1tJpcsgFMqb5T8qVVhq4QUl/b1FNZ6uSvS
6htkAWUFspETuJCMLFZ9gpzdwzvDP0V9BEqVagrfaxm8NzPAXwpCS6iLbNTWom32
dqiPRnPdboEWpuIw4OZO7fxn+cdXczqMhoSyKAQlGKR8PAchWYBx+KWuDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOK7qTTLWZwzdEElq7tUTYSw7iSKMB8GA1UdIwQY
MBaAFNudGX+77iodzLT1VyKoIQ0xBbBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMt
NGIyMzk1NmZiZDg2LzEvNHJ1cE5NdFpuRE4wUVNXcnUxUk5oTER1SklvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMtNGIyMzk1NmZiZDg2
LzEvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1evEAwQA
1evqMA0GCSqGSIb3DQEBCwUAA4IBAQCyrrmnp6Uoo7PWtkwzxEEnBpfK3GIEJV/S
If+j7kdTbGFshmvbnzsgIshTXhxeF6lApStKD4tF06R9z2rVX+/GWGmvrXfr6ttK
hN8YDDCfETCdoAdpZFo8hhg5GqDf69mvQ8IoD1POrcDi7h6B8cGzbMdLQprFK1AH
78iN2M0DmTyKSKm/erZOJjM3Q5YCaogQBxp7WCV3kTRyv8M/M4WvbRJNHH8cKGhu
WYwvgQ/76K018nnq4/PQnlXYgMnpuhu9Yxz77CuVm9b60/vzPgACZsDvH/Xv3el+
0eySd1vwQ7syLCQwX/WmDWKZlIDFxswkX14x5rq2pNzbvVDS58qj
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:02:11 2025 by rpki-client