Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/6de7ff-321e-4b47-b3c5-6db086c00f6a/1/2a4uGqXqRLFwxkrNzW_s6-qnGXE.roa
File: 2a4uGqXqRLFwxkrNzW_s6-qnGXE.roa (raw, json)
Hash identifier: goHZck25hCom6tNMtTpOVgal0/zlXu42ccbA4cfzVE0=
Subject key identifier: D9:AE:2E:1A:A5:EA:44:B1:70:C6:4A:CD:CD:6F:EC:EB:EA:A7:19:71
Certificate issuer: /CN=8d34fab9aa33eb55d9854237bd0d2252792132e6
Certificate serial: 019465C5D56DD7323223CE77E49219EC3E47
Authority key identifier: 8D:34:FA:B9:AA:33:EB:55:D9:85:42:37:BD:0D:22:52:79:21:32:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jTT6uaoz61XZhUI3vQ0iUnkhMuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/6de7ff-321e-4b47-b3c5-6db086c00f6a/1/2a4uGqXqRLFwxkrNzW_s6-qnGXE.roa
Signing time: Tue 14 Jan 2025 17:04:11 +0000
ROA not before: Tue 14 Jan 2025 17:04:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59597
IP address blocks: 193.176.4.0/24 maxlen: 24
193.176.44.0/24 maxlen: 24
193.176.62.0/24 maxlen: 24
193.176.147.0/24 maxlen: 24
2a0f:90c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/6de7ff-321e-4b47-b3c5-6db086c00f6a/1/jTT6uaoz61XZhUI3vQ0iUnkhMuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/6de7ff-321e-4b47-b3c5-6db086c00f6a/1/jTT6uaoz61XZhUI3vQ0iUnkhMuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/jTT6uaoz61XZhUI3vQ0iUnkhMuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:65:c5:d5:6d:d7:32:32:23:ce:77:e4:92:19:ec:3e:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d34fab9aa33eb55d9854237bd0d2252792132e6
Validity
Not Before: Jan 14 17:04:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9ae2e1aa5ea44b170c64acdcd6fecebeaa71971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:62:67:5e:c4:47:17:ee:33:1f:3d:00:89:7a:
ad:18:44:f0:58:8c:95:ab:a2:2f:2c:aa:64:6f:68:
74:62:93:45:2e:0d:c8:39:f9:0a:65:42:ac:c2:25:
38:b5:1b:9f:af:3b:96:d2:82:2f:64:80:ee:df:35:
21:3e:2e:34:f1:2e:b5:9b:ac:3d:e9:f4:7e:bb:ef:
98:02:0e:df:7c:3d:fd:e4:04:88:bd:d0:08:27:d0:
58:bc:a1:01:1a:fd:04:24:aa:d8:bc:1d:d9:c4:7b:
93:8a:90:6e:d9:76:5c:3a:c8:2f:39:ea:15:f8:6c:
c7:ba:cd:cf:41:70:6a:99:44:6a:77:2a:94:c9:a3:
07:b0:64:92:16:ed:72:f9:c3:af:61:5b:57:66:cb:
bc:03:68:b5:f6:e6:9e:d7:89:a4:01:5d:93:ea:e9:
56:26:36:84:4c:b4:25:1a:0b:a6:f4:6f:7f:f8:5b:
02:35:a6:8d:dc:c5:4f:45:13:46:6d:25:49:5b:e5:
49:ff:de:27:e9:d7:d0:fa:3b:87:34:96:67:98:fd:
93:63:d6:a4:ce:cc:81:44:e4:eb:f6:36:1b:c5:79:
39:11:fc:dc:da:78:ef:72:5e:d0:e7:da:8b:10:22:
95:df:9f:49:a3:d4:0b:be:24:64:fa:1a:5b:f5:06:
66:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:AE:2E:1A:A5:EA:44:B1:70:C6:4A:CD:CD:6F:EC:EB:EA:A7:19:71
X509v3 Authority Key Identifier:
keyid:8D:34:FA:B9:AA:33:EB:55:D9:85:42:37:BD:0D:22:52:79:21:32:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jTT6uaoz61XZhUI3vQ0iUnkhMuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/6de7ff-321e-4b47-b3c5-6db086c00f6a/1/2a4uGqXqRLFwxkrNzW_s6-qnGXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/6de7ff-321e-4b47-b3c5-6db086c00f6a/1/jTT6uaoz61XZhUI3vQ0iUnkhMuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.4.0/24
193.176.44.0/24
193.176.62.0/24
193.176.147.0/24
IPv6:
2a0f:90c0::/29
Signature Algorithm: sha256WithRSAEncryption
68:76:ff:43:c9:fb:67:56:59:45:0e:2c:2c:6d:b4:e5:b4:5e:
c2:7a:f1:da:45:a0:64:ad:2c:4f:f9:f2:a2:65:b9:c1:ee:aa:
b1:60:36:f8:01:9f:ef:6d:86:ce:a7:8b:d2:92:da:f6:cc:39:
06:a8:dd:51:4c:ea:cf:95:dd:ad:db:58:4e:ff:be:85:fd:6f:
db:eb:c2:68:a1:1a:c5:8f:a2:36:b7:3b:74:7a:b5:71:78:80:
00:ca:82:7b:c3:e6:32:3e:25:4b:eb:30:2d:b0:48:4f:f1:3d:
d7:89:a5:ab:85:f5:bd:62:33:9a:c3:7d:ac:f7:29:4e:bc:b8:
27:52:69:46:ad:46:bf:90:48:b0:b1:33:08:9c:be:18:06:c5:
36:80:e0:bd:51:f5:30:5a:db:a6:43:d8:ee:a2:d9:cf:17:d3:
17:e3:44:6e:a9:41:dc:d1:4b:78:d6:f8:16:0e:62:10:b8:f0:
a2:21:fa:4a:1c:3d:d6:1a:44:c4:8c:a7:06:b3:ad:44:dc:13:
cb:19:0d:1c:c4:85:79:75:dd:6e:cf:d7:98:f7:e1:61:60:51:
37:85:7d:86:b9:17:14:1f:8e:a2:bf:1d:8f:d7:a1:c3:87:06:
80:3d:fc:35:23:59:b2:d7:80:16:b3:30:c6:83:55:07:25:8d:
c7:82:c1:5b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZRlxdVt1zIyI8535JIZ7D5HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMzRmYWI5YWEzM2ViNTVkOTg1NDIzN2JkMGQyMjUyNzky
MTMyZTYwHhcNMjUwMTE0MTcwNDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWFlMmUxYWE1ZWE0NGIxNzBjNjRhY2RjZDZmZWNlYmVhYTcxOTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGJnXsRHF+4zHz0AiXqtGETwWIyV
q6IvLKpkb2h0YpNFLg3IOfkKZUKswiU4tRufrzuW0oIvZIDu3zUhPi408S61m6w9
6fR+u++YAg7ffD395ASIvdAIJ9BYvKEBGv0EJKrYvB3ZxHuTipBu2XZcOsgvOeoV
+GzHus3PQXBqmURqdyqUyaMHsGSSFu1y+cOvYVtXZsu8A2i19uae14mkAV2T6ulW
JjaETLQlGgum9G9/+FsCNaaN3MVPRRNGbSVJW+VJ/94n6dfQ+juHNJZnmP2TY9ak
zsyBROTr9jYbxXk5Efzc2njvcl7Q59qLECKV359Jo9QLviRk+hpb9QZmNwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNmuLhql6kSxcMZKzc1v7OvqpxlxMB8GA1UdIwQY
MBaAFI00+rmqM+tV2YVCN70NIlJ5ITLmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalRUNnVhb3o2MVhaaFVJM3ZRMGlVbmtoTXVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC82ZGU3ZmYtMzIxZS00YjQ3LWIzYzUt
NmRiMDg2YzAwZjZhLzEvMmE0dUdxWHFSTEZ3eGtyTnpXX3M2LXFuR1hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC82ZGU3ZmYtMzIxZS00YjQ3LWIzYzUtNmRiMDg2YzAwZjZh
LzEvalRUNnVhb3o2MVhaaFVJM3ZRMGlVbmtoTXVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwbAEAwQA
wbAsAwQAwbA+AwQAwbCTMA0EAgACMAcDBQMqD5DAMA0GCSqGSIb3DQEBCwUAA4IB
AQBodv9DyftnVllFDiwsbbTltF7CevHaRaBkrSxP+fKiZbnB7qqxYDb4AZ/vbYbO
p4vSktr2zDkGqN1RTOrPld2t21hO/76F/W/b68JooRrFj6I2tzt0erVxeIAAyoJ7
w+YyPiVL6zAtsEhP8T3XiaWrhfW9YjOaw32s9ylOvLgnUmlGrUa/kEiwsTMInL4Y
BsU2gOC9UfUwWtumQ9juotnPF9MX40RuqUHc0Ut41vgWDmIQuPCiIfpKHD3WGkTE
jKcGs61E3BPLGQ0cxIV5dd1uz9eY9+FhYFE3hX2GuRcUH46ivx2P16HDhwaAPfw1
I1my14AWszDGg1UHJY3HgsFb
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:34:33 2025 by rpki-client