Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b5cb19-a27a-44a7-a33e-80b2d25bf9c8/1/TvLjh2HZ_d_rU4Q7CUAOZ93ZHYk.roa
File: TvLjh2HZ_d_rU4Q7CUAOZ93ZHYk.roa (raw, json)
Hash identifier: UVHQPQPEMrt8FraIptsGKJQLRzbjMltNPf+IrL/aqn4=
Subject key identifier: 4E:F2:E3:87:61:D9:FD:DF:EB:53:84:3B:09:40:0E:67:DD:D9:1D:89
Certificate issuer: /CN=cddb6f10030e276f8316276f40b3d4a4184d94dd
Certificate serial: 019427B3E0DB6563AFD1DDC7A26C42D10D02
Authority key identifier: CD:DB:6F:10:03:0E:27:6F:83:16:27:6F:40:B3:D4:A4:18:4D:94:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdtvEAMOJ2-DFidvQLPUpBhNlN0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b5cb19-a27a-44a7-a33e-80b2d25bf9c8/1/TvLjh2HZ_d_rU4Q7CUAOZ93ZHYk.roa
Signing time: Thu 02 Jan 2025 15:48:07 +0000
ROA not before: Thu 02 Jan 2025 15:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60432
IP address blocks: 185.26.198.0/23 maxlen: 23
185.26.198.0/24 maxlen: 24
185.26.199.0/24 maxlen: 24
2a00:8c60:2::/48 maxlen: 48
2a00:8c60:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b5cb19-a27a-44a7-a33e-80b2d25bf9c8/1/zdtvEAMOJ2-DFidvQLPUpBhNlN0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b5cb19-a27a-44a7-a33e-80b2d25bf9c8/1/zdtvEAMOJ2-DFidvQLPUpBhNlN0.mft
rsync://rpki.ripe.net/repository/DEFAULT/zdtvEAMOJ2-DFidvQLPUpBhNlN0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 15:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:e0:db:65:63:af:d1:dd:c7:a2:6c:42:d1:0d:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddb6f10030e276f8316276f40b3d4a4184d94dd
Validity
Not Before: Jan 2 15:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ef2e38761d9fddfeb53843b09400e67ddd91d89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4d:eb:85:3f:06:46:57:17:86:0c:06:56:cf:
ff:d7:2c:f0:d5:36:b2:28:d7:71:94:0a:b7:81:5e:
b4:4c:6e:52:d0:97:90:fd:b8:a1:b8:a1:72:a4:91:
35:fe:8b:27:62:49:65:1e:c1:e7:be:23:e0:e4:c1:
7d:49:10:41:39:58:b9:be:db:f2:60:6f:e5:a2:ef:
9d:72:c1:da:3d:8c:a4:9a:2e:bb:45:70:b4:bd:90:
80:39:1c:62:56:fa:16:c9:3b:26:6a:45:99:f9:68:
7f:76:24:ee:53:30:b8:74:f5:14:ca:f2:72:fe:f0:
8c:87:36:07:85:5c:d2:d6:90:7a:b9:19:e7:41:8e:
b3:10:6f:cf:0b:5d:0c:8d:c8:60:91:eb:4f:27:27:
47:61:2a:50:9d:e7:dc:b1:40:d1:79:8d:15:04:ab:
b9:ef:b3:0b:98:7b:7a:3e:4e:3d:62:d3:13:62:62:
6c:bb:d1:0e:6c:92:0e:9b:36:8f:86:36:aa:4d:39:
b2:1f:8f:ff:d2:39:a2:24:75:76:14:15:1b:fe:5b:
ad:a8:83:69:51:5e:c1:fa:c8:9d:a5:a2:25:79:ee:
36:c8:bf:db:68:00:76:13:26:d2:e2:19:95:bf:fe:
69:82:32:a3:1e:8b:fd:37:ba:7f:3c:47:0e:ab:06:
6a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:F2:E3:87:61:D9:FD:DF:EB:53:84:3B:09:40:0E:67:DD:D9:1D:89
X509v3 Authority Key Identifier:
keyid:CD:DB:6F:10:03:0E:27:6F:83:16:27:6F:40:B3:D4:A4:18:4D:94:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdtvEAMOJ2-DFidvQLPUpBhNlN0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b5cb19-a27a-44a7-a33e-80b2d25bf9c8/1/TvLjh2HZ_d_rU4Q7CUAOZ93ZHYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b5cb19-a27a-44a7-a33e-80b2d25bf9c8/1/zdtvEAMOJ2-DFidvQLPUpBhNlN0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.198.0/23
IPv6:
2a00:8c60:2::/47
Signature Algorithm: sha256WithRSAEncryption
64:06:ec:fc:f6:9d:1e:43:77:c7:48:4f:26:88:78:b2:c0:64:
dd:b2:81:49:ba:b4:b0:f1:85:85:d2:22:a0:d2:7b:19:ad:f0:
ed:8d:66:ce:65:2f:e6:b0:68:1d:e3:b3:f1:12:c5:ce:7c:e6:
6d:eb:58:da:03:7e:af:d8:d0:b1:9c:ac:6d:ef:20:1e:cd:a6:
35:dc:db:3b:1d:f6:f7:63:35:9b:ec:41:23:e7:44:41:af:a2:
94:4c:bc:9f:22:0b:d7:e9:f4:98:e0:68:a9:14:e7:3c:7e:8c:
3f:14:d8:d5:8d:80:3b:43:0f:f1:10:5c:29:7e:2d:d3:a8:ba:
f7:b6:fe:7a:0b:00:53:c1:67:6d:8b:97:c9:92:81:8c:58:23:
87:95:d5:f5:d5:70:76:8b:72:ca:ba:94:c5:94:23:c0:73:18:
bc:0c:29:82:3c:0d:13:8a:4d:af:e7:a5:76:7e:65:8e:5e:32:
62:77:52:41:7e:22:a7:f5:7c:ef:62:de:43:37:5c:49:5e:8e:
26:c1:70:47:59:1d:88:02:c1:05:26:36:bb:60:1c:f0:4b:6e:
61:30:01:a2:e2:19:fe:33:f4:25:b5:55:f9:79:26:28:1d:20:
d1:32:04:a1:5e:c9:ec:67:78:19:f1:7e:38:19:3f:09:81:c1:
27:6c:61:05
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQns+DbZWOv0d3HomxC0Q0CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGI2ZjEwMDMwZTI3NmY4MzE2Mjc2ZjQwYjNkNGE0MTg0
ZDk0ZGQwHhcNMjUwMTAyMTU0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWYyZTM4NzYxZDlmZGRmZWI1Mzg0M2IwOTQwMGU2N2RkZDkxZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl03rhT8GRlcXhgwGVs//1yzw1Tay
KNdxlAq3gV60TG5S0JeQ/bihuKFypJE1/osnYkllHsHnviPg5MF9SRBBOVi5vtvy
YG/lou+dcsHaPYykmi67RXC0vZCAORxiVvoWyTsmakWZ+Wh/diTuUzC4dPUUyvJy
/vCMhzYHhVzS1pB6uRnnQY6zEG/PC10MjchgketPJydHYSpQnefcsUDReY0VBKu5
77MLmHt6Pk49YtMTYmJsu9EObJIOmzaPhjaqTTmyH4//0jmiJHV2FBUb/lutqINp
UV7B+sidpaIlee42yL/baAB2EybS4hmVv/5pgjKjHov9N7p/PEcOqwZqHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE7y44dh2f3f61OEOwlADmfd2R2JMB8GA1UdIwQY
MBaAFM3bbxADDidvgxYnb0Cz1KQYTZTdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemR0dkVBTU9KMi1ERmlkdlFMUFVwQmhObE4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iNWNiMTktYTI3YS00NGE3LWEzM2Ut
ODBiMmQyNWJmOWM4LzEvVHZMamgySFpfZF9yVTRRN0NVQU9aOTNaSFlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iNWNiMTktYTI3YS00NGE3LWEzM2UtODBiMmQyNWJmOWM4
LzEvemR0dkVBTU9KMi1ERmlkdlFMUFVwQmhObE4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuRrGMA8E
AgACMAkDBwEqAIxgAAIwDQYJKoZIhvcNAQELBQADggEBAGQG7Pz2nR5Dd8dITyaI
eLLAZN2ygUm6tLDxhYXSIqDSexmt8O2NZs5lL+awaB3js/ESxc585m3rWNoDfq/Y
0LGcrG3vIB7NpjXc2zsd9vdjNZvsQSPnREGvopRMvJ8iC9fp9JjgaKkU5zx+jD8U
2NWNgDtDD/EQXCl+LdOouve2/noLAFPBZ22Ll8mSgYxYI4eV1fXVcHaLcsq6lMWU
I8BzGLwMKYI8DROKTa/npXZ+ZY5eMmJ3UkF+Iqf1fO9i3kM3XElejibBcEdZHYgC
wQUmNrtgHPBLbmEwAaLiGf4z9CW1Vfl5JigdINEyBKFeyexneBnxfjgZPwmBwSds
YQU=
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:48:00 2025 by rpki-client