Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/tKwKl17jXwIeAtAZEyALLLwTexA.roa
File: tKwKl17jXwIeAtAZEyALLLwTexA.roa (raw, json)
Hash identifier: E9CmZ9NzF2HrbXjpDzFF0Gs0klh/PHaYx1PKsYvWrwA=
Subject key identifier: B4:AC:0A:97:5E:E3:5F:02:1E:02:D0:19:13:20:0B:2C:BC:13:7B:10
Certificate issuer: /CN=af2b0e217a35168392206bda73ce619535a02f35
Certificate serial: 0194E01A48B806190EC5D38EE3802CC84992
Authority key identifier: AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/tKwKl17jXwIeAtAZEyALLLwTexA.roa
Signing time: Fri 07 Feb 2025 11:10:06 +0000
ROA not before: Fri 07 Feb 2025 11:10:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209369
IP address blocks: 77.78.90.0/24 maxlen: 24
185.22.96.0/22 maxlen: 22
213.134.21.0/24 maxlen: 24
2a13:5280::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 14:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e0:1a:48:b8:06:19:0e:c5:d3:8e:e3:80:2c:c8:49:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2b0e217a35168392206bda73ce619535a02f35
Validity
Not Before: Feb 7 11:10:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4ac0a975ee35f021e02d01913200b2cbc137b10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:5d:44:1e:62:ea:b2:1d:b2:38:6b:e4:8f:24:
09:df:d0:2c:8d:d9:5c:45:d1:fd:f8:1f:17:08:0c:
1c:15:af:bc:11:9f:c9:8b:82:63:0b:05:f7:63:80:
0f:3a:45:59:8c:93:be:0d:fb:c9:97:8d:42:5e:c8:
60:c3:93:aa:65:da:e4:fc:3a:b0:d7:f3:dd:07:ee:
b8:24:35:dd:e6:0a:7a:6a:ae:99:cd:81:33:9b:6d:
39:78:9c:0e:83:d6:98:ee:7f:15:1c:66:f2:ae:4f:
4b:4b:bc:4c:87:ec:b8:10:7b:df:b9:42:c9:10:92:
27:7e:7b:a0:c9:d4:d7:36:b3:ab:bd:1d:5d:50:d3:
0f:97:be:4f:3c:54:c4:ca:b3:0d:9c:cc:1b:e7:25:
c1:64:4f:d6:36:f1:1a:fa:8d:2b:9e:1b:46:3d:33:
da:69:a8:70:59:88:e3:81:b1:69:47:64:64:28:c6:
00:ed:bd:8d:07:be:e8:1b:bd:4c:cd:9d:f1:82:52:
05:03:00:fd:ac:8c:e0:89:e7:86:c3:70:86:de:d6:
13:61:08:cc:83:0b:b2:22:58:f5:54:bb:35:c8:b6:
22:9a:b7:e9:5b:b2:bc:07:c0:2a:af:b9:1b:d4:94:
8f:ff:db:a3:38:72:bf:a6:ec:ce:20:0b:aa:30:b3:
fb:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:AC:0A:97:5E:E3:5F:02:1E:02:D0:19:13:20:0B:2C:BC:13:7B:10
X509v3 Authority Key Identifier:
keyid:AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/tKwKl17jXwIeAtAZEyALLLwTexA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.90.0/24
185.22.96.0/22
213.134.21.0/24
IPv6:
2a13:5280::/29
Signature Algorithm: sha256WithRSAEncryption
a8:29:82:5f:94:12:64:4e:be:71:cd:bf:5e:a6:30:44:3f:4e:
a5:30:b9:7b:e3:ab:a2:13:e7:9e:f4:48:9a:e7:bb:fe:b2:f6:
38:92:d0:a3:20:63:65:59:86:48:55:2f:36:57:e0:95:5d:fc:
ac:dd:f8:5e:6d:52:b1:5e:a4:a1:d9:b3:9f:84:93:8a:e9:8f:
4a:ad:c2:0d:fa:d8:7a:fd:e7:fb:4d:62:58:f7:74:19:f9:ca:
99:06:a9:72:8e:4c:bf:7c:44:22:0a:f5:1a:55:0d:d2:5d:ae:
da:b2:d1:93:3f:15:18:a1:a7:12:71:ee:40:b7:0d:54:4d:cb:
0b:d1:42:39:27:87:37:cb:8b:04:64:28:d9:d3:71:60:39:03:
78:3e:c9:da:37:20:ff:f9:d7:30:67:ee:bf:14:ec:37:f2:46:
6f:48:8e:1a:f3:b4:b8:f5:70:ff:30:98:1f:53:4a:43:2e:a8:
86:4c:2d:28:13:c4:e2:1c:53:03:30:9f:23:59:b8:49:0c:7f:
84:7e:44:75:f2:1f:23:dc:e6:da:b5:68:b1:a7:af:a7:63:56:
5d:9a:b7:6d:20:97:d3:6c:1a:4a:f2:31:61:13:4d:c8:1a:b2:
b6:b1:fb:a5:6e:fd:78:2e:94:69:7d:c9:58:cf:52:29:08:77:
5d:35:60:87
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZTgGki4BhkOxdOO44AsyEmSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmIwZTIxN2EzNTE2ODM5MjIwNmJkYTczY2U2MTk1MzVh
MDJmMzUwHhcNMjUwMjA3MTExMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGFjMGE5NzVlZTM1ZjAyMWUwMmQwMTkxMzIwMGIyY2JjMTM3YjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA311EHmLqsh2yOGvkjyQJ39Asjdlc
RdH9+B8XCAwcFa+8EZ/Ji4JjCwX3Y4APOkVZjJO+DfvJl41CXshgw5OqZdrk/Dqw
1/PdB+64JDXd5gp6aq6ZzYEzm205eJwOg9aY7n8VHGbyrk9LS7xMh+y4EHvfuULJ
EJInfnugydTXNrOrvR1dUNMPl75PPFTEyrMNnMwb5yXBZE/WNvEa+o0rnhtGPTPa
aahwWYjjgbFpR2RkKMYA7b2NB77oG71MzZ3xglIFAwD9rIzgieeGw3CG3tYTYQjM
gwuyIlj1VLs1yLYimrfpW7K8B8Aqr7kb1JSP/9ujOHK/puzOIAuqMLP7NQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLSsCpde418CHgLQGRMgCyy8E3sQMB8GA1UdIwQY
MBaAFK8rDiF6NRaDkiBr2nPOYZU1oC81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDct
ZjBkMTk4MDk4NzRhLzEvdEt3S2wxN2pYd0llQXRBWkV5QUxMTHdUZXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDctZjBkMTk4MDk4NzRh
LzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQATU5aAwQC
uRZgAwQA1YYVMA0EAgACMAcDBQMqE1KAMA0GCSqGSIb3DQEBCwUAA4IBAQCoKYJf
lBJkTr5xzb9epjBEP06lMLl746uiE+ee9Eia57v+svY4ktCjIGNlWYZIVS82V+CV
Xfys3fhebVKxXqSh2bOfhJOK6Y9KrcIN+th6/ef7TWJY93QZ+cqZBqlyjky/fEQi
CvUaVQ3SXa7astGTPxUYoacSce5Atw1UTcsL0UI5J4c3y4sEZCjZ03FgOQN4Psna
NyD/+dcwZ+6/FOw38kZvSI4a87S49XD/MJgfU0pDLqiGTC0oE8TiHFMDMJ8jWbhJ
DH+EfkR18h8j3ObatWixp6+nY1ZdmrdtIJfTbBpK8jFhE03IGrK2sfulbv14LpRp
fclYz1IpCHddNWCH
-----END CERTIFICATE-----
Generated at Sat Apr 12 20:10:39 2025 by rpki-client