Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AuTcDuo1DCjFfBKFRSJNqbs72sM.roa
File: AuTcDuo1DCjFfBKFRSJNqbs72sM.roa (raw, json)
Hash identifier: PvOu4XYmq1y7X23KVN9ATta3HjIAVuSgXZQs5cJ4bh4=
Subject key identifier: 02:E4:DC:0E:EA:35:0C:28:C5:7C:12:85:45:22:4D:A9:BB:3B:DA:C3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019690ABF6A19F8956F7FDDB1BCE2FC542D2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AuTcDuo1DCjFfBKFRSJNqbs72sM.roa
Signing time: Fri 02 May 2025 11:05:10 +0000
ROA not before: Fri 02 May 2025 11:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201133
IP address blocks: 85.217.222.0/24 maxlen: 24
85.217.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 14:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:90:ab:f6:a1:9f:89:56:f7:fd:db:1b:ce:2f:c5:42:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 2 11:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02e4dc0eea350c28c57c128545224da9bb3bdac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:03:f6:f3:af:99:ff:9e:a5:9f:f7:e5:6b:a7:
34:0e:d6:af:00:b8:d8:a6:e2:d5:93:3c:1f:a7:cc:
2f:db:6c:46:dc:ee:3a:11:01:68:2e:28:07:42:7c:
e2:57:0f:64:54:9d:e5:0a:ca:e4:46:26:6a:ab:aa:
69:cc:ae:85:db:8c:e8:a5:b0:0c:44:3b:c8:3f:e0:
08:d2:4e:79:44:2b:25:27:d3:40:40:07:a2:6b:46:
e7:17:c7:56:35:a2:ff:46:35:0b:07:0c:bd:77:05:
98:6d:76:41:20:ed:e8:14:cb:3e:3c:18:bb:c6:5e:
df:1e:bb:35:df:79:52:3d:19:94:ca:b3:41:fd:72:
84:28:25:98:6d:d0:f2:f0:98:59:6f:02:09:e1:2d:
8d:4c:fc:d8:13:56:07:1b:0c:e3:5c:55:54:b8:73:
aa:8a:a7:80:2c:b5:ce:8e:f0:f5:1f:3f:65:c5:eb:
f0:23:cb:af:6c:1e:c7:84:00:e3:20:bc:e0:c5:64:
48:ff:bf:a6:73:92:c0:38:21:48:46:fe:73:cc:6d:
3f:d9:17:a9:ae:78:48:95:9b:d4:7d:3b:fa:55:ee:
f8:2b:14:fd:5a:a5:8b:b1:5b:06:ce:32:40:5f:21:
d6:d8:e9:5c:e9:bf:68:17:a4:ec:59:79:0f:05:16:
0e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:E4:DC:0E:EA:35:0C:28:C5:7C:12:85:45:22:4D:A9:BB:3B:DA:C3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AuTcDuo1DCjFfBKFRSJNqbs72sM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.222.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:f4:f0:c5:7c:2f:57:f4:98:f5:0b:5a:4e:7f:c8:42:5b:b3:
03:06:34:f2:64:5c:02:cd:1e:c5:32:74:49:53:83:e8:3c:7d:
ee:eb:4e:2a:68:be:f7:3a:49:53:53:87:e9:1b:e0:9b:af:27:
8b:6c:15:de:c2:85:44:3b:b7:1d:07:19:39:35:21:ea:e4:3d:
58:4c:1c:07:34:81:7e:f6:4f:1f:05:ac:de:b3:8d:48:85:0a:
ee:f1:54:84:14:a1:da:d0:59:09:bc:43:06:4a:15:ab:29:25:
a8:fd:fc:d7:e3:8e:2c:55:1e:41:17:a8:b7:b7:5f:fc:c8:28:
f0:f1:e2:f7:e0:32:9d:98:b6:f5:61:ad:46:83:a6:e6:03:ae:
ce:de:5c:a3:d6:ee:34:28:ac:ca:fe:c4:8a:ed:80:d6:21:e7:
e2:4e:87:23:3c:a5:ea:99:3e:e4:b8:9c:51:f2:c7:7e:52:ba:
69:20:e7:e5:0f:19:3c:52:c0:69:f7:7d:25:39:43:62:fc:c0:
63:8b:fa:2b:4b:90:79:f5:ca:84:bf:9a:97:b6:48:27:ab:9d:
8c:aa:fe:86:77:c8:50:9d:6a:f2:76:f8:d1:06:f5:60:24:04:
67:db:67:4b:4d:93:33:40:92:cf:25:f7:36:a1:97:a4:53:fb:
bd:b5:9c:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaQq/ahn4lW9/3bG84vxULSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNTAyMTEwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmU0ZGMwZWVhMzUwYzI4YzU3YzEyODU0NTIyNGRhOWJiM2JkYWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAP286+Z/56ln/fla6c0DtavALjY
puLVkzwfp8wv22xG3O46EQFoLigHQnziVw9kVJ3lCsrkRiZqq6ppzK6F24zopbAM
RDvIP+AI0k55RCslJ9NAQAeia0bnF8dWNaL/RjULBwy9dwWYbXZBIO3oFMs+PBi7
xl7fHrs133lSPRmUyrNB/XKEKCWYbdDy8JhZbwIJ4S2NTPzYE1YHGwzjXFVUuHOq
iqeALLXOjvD1Hz9lxevwI8uvbB7HhADjILzgxWRI/7+mc5LAOCFIRv5zzG0/2Rep
rnhIlZvUfTv6Ve74KxT9WqWLsVsGzjJAXyHW2Olc6b9oF6TsWXkPBRYOsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFALk3A7qNQwoxXwShUUiTam7O9rDMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQXVUY0R1bzFEQ2pGZkJLRlJTSk5xYnM3MnNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVdneMA0G
CSqGSIb3DQEBCwUAA4IBAQCL9PDFfC9X9Jj1C1pOf8hCW7MDBjTyZFwCzR7FMnRJ
U4PoPH3u604qaL73OklTU4fpG+CbryeLbBXewoVEO7cdBxk5NSHq5D1YTBwHNIF+
9k8fBazes41IhQru8VSEFKHa0FkJvEMGShWrKSWo/fzX444sVR5BF6i3t1/8yCjw
8eL34DKdmLb1Ya1Gg6bmA67O3lyj1u40KKzK/sSK7YDWIefiTocjPKXqmT7kuJxR
8sd+UrppIOflDxk8UsBp930lOUNi/MBji/orS5B59cqEv5qXtkgnq52Mqv6Gd8hQ
nWrydvjRBvVgJARn22dLTZMzQJLPJfc2oZekU/u9tZz6
-----END CERTIFICATE-----
Generated at Mon May 12 21:59:22 2025 by rpki-client