Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/a08748-8622-4e86-82ef-3bdaacb9d08d/1/Tdi0Hj6bQsB2NE33pvFHyR4UnH4.roa
File: Tdi0Hj6bQsB2NE33pvFHyR4UnH4.roa (raw, json)
Hash identifier: QY4nN2KRRzSRBGH5wO5xXZyBIH3qA69otudacqD4SWY=
Subject key identifier: 4D:D8:B4:1E:3E:9B:42:C0:76:34:4D:F7:A6:F1:47:C9:1E:14:9C:7E
Certificate issuer: /CN=d05581472b92a85a90caa1e47d7223d788ae0148
Certificate serial: 01966D89D0201A12BDA545A7356293F54CD2
Authority key identifier: D0:55:81:47:2B:92:A8:5A:90:CA:A1:E4:7D:72:23:D7:88:AE:01:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0FWBRyuSqFqQyqHkfXIj14iuAUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/a08748-8622-4e86-82ef-3bdaacb9d08d/1/Tdi0Hj6bQsB2NE33pvFHyR4UnH4.roa
Signing time: Fri 25 Apr 2025 15:21:10 +0000
ROA not before: Fri 25 Apr 2025 15:21:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13237
IP address blocks: 85.8.154.0/24 maxlen: 24
91.217.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/a08748-8622-4e86-82ef-3bdaacb9d08d/1/0FWBRyuSqFqQyqHkfXIj14iuAUg.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/a08748-8622-4e86-82ef-3bdaacb9d08d/1/0FWBRyuSqFqQyqHkfXIj14iuAUg.mft
rsync://rpki.ripe.net/repository/DEFAULT/0FWBRyuSqFqQyqHkfXIj14iuAUg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 12:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6d:89:d0:20:1a:12:bd:a5:45:a7:35:62:93:f5:4c:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d05581472b92a85a90caa1e47d7223d788ae0148
Validity
Not Before: Apr 25 15:21:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4dd8b41e3e9b42c076344df7a6f147c91e149c7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b1:50:c5:85:1b:cc:ed:0d:c4:2b:20:23:95:
56:e7:fe:73:18:cc:de:c1:06:08:df:02:b2:11:9b:
c2:67:d2:ba:67:fc:f5:a4:1b:a7:2e:9a:15:d4:fd:
45:96:99:60:45:ff:7f:ae:84:4e:05:f6:8c:a0:30:
25:0f:5e:bb:83:f4:f5:7f:c9:db:17:5d:93:27:72:
4c:bf:7d:46:96:fd:ed:db:80:f6:5c:28:0d:98:51:
4b:04:dd:62:12:f7:84:08:e8:f6:22:d0:31:4d:77:
6a:23:f3:d0:42:de:5a:e8:d6:57:51:b4:8c:87:0b:
e5:14:d2:55:a4:d1:54:ef:d4:49:b6:c1:77:6e:fc:
3b:ae:c1:e1:7b:23:2c:1f:c1:b5:1a:53:8a:23:d1:
15:57:13:1f:e0:05:6a:f1:38:25:75:37:80:a6:c7:
ef:51:e5:3c:dd:24:53:86:78:2c:bd:31:f0:c2:0b:
16:87:d2:99:df:78:7c:57:eb:fb:1e:fc:d6:c8:7a:
93:67:c1:a7:b7:ed:39:01:c7:92:c0:85:46:e6:81:
d9:ea:36:74:da:74:58:be:f7:cc:64:7b:4f:6e:59:
fb:ff:0d:84:60:85:ba:9b:32:d7:18:b8:8f:4a:38:
d4:3e:55:85:92:97:a3:71:fe:e5:38:7c:58:1b:8a:
4a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:D8:B4:1E:3E:9B:42:C0:76:34:4D:F7:A6:F1:47:C9:1E:14:9C:7E
X509v3 Authority Key Identifier:
keyid:D0:55:81:47:2B:92:A8:5A:90:CA:A1:E4:7D:72:23:D7:88:AE:01:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0FWBRyuSqFqQyqHkfXIj14iuAUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/a08748-8622-4e86-82ef-3bdaacb9d08d/1/Tdi0Hj6bQsB2NE33pvFHyR4UnH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/a08748-8622-4e86-82ef-3bdaacb9d08d/1/0FWBRyuSqFqQyqHkfXIj14iuAUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.154.0/24
91.217.134.0/24
Signature Algorithm: sha256WithRSAEncryption
61:53:61:f7:25:f8:e9:6f:44:c5:0d:fe:1b:02:ac:9a:3f:2b:
59:d3:ad:fd:4d:37:4e:21:95:fa:8b:10:d7:0e:54:68:a2:ac:
e2:be:d2:c6:55:c1:43:70:9a:eb:f7:ff:d1:44:15:27:fc:d0:
04:de:58:7d:2d:b9:b2:31:eb:15:c9:f6:84:9d:d4:69:00:51:
7c:f4:a2:13:19:1b:32:9c:60:47:0e:3f:95:e6:4d:6f:ac:f8:
df:8d:e6:fb:92:b4:1b:0d:e8:f4:2d:3b:4f:e6:84:60:15:2c:
b4:a9:a3:b4:77:23:fc:12:41:4e:02:c2:28:06:a3:2a:40:e0:
e1:57:23:e4:f9:22:d8:0d:c9:9a:00:b6:d3:66:66:44:f5:25:
d8:95:de:87:28:71:79:e0:7a:1a:f3:f9:2e:44:95:38:b2:3c:
eb:d5:ea:e6:6c:40:5a:87:9c:c5:cf:46:07:21:d7:6c:4c:ae:
c5:3c:3d:08:a9:ad:b1:dc:f8:02:78:70:c8:97:3e:ac:0e:41:
9b:c4:ed:1d:3d:2e:b3:07:6c:6a:f6:9d:b7:2c:a6:24:e3:38:
84:2b:0f:b6:dd:f6:fc:57:bb:20:d2:5d:b2:8a:42:4a:c0:4e:
88:d0:f5:cc:a5:7d:fa:53:07:1a:cb:71:99:41:32:5a:0d:2a:
a3:38:72:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZZtidAgGhK9pUWnNWKT9UzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNTU4MTQ3MmI5MmE4NWE5MGNhYTFlNDdkNzIyM2Q3ODhh
ZTAxNDgwHhcNMjUwNDI1MTUyMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGQ4YjQxZTNlOWI0MmMwNzYzNDRkZjdhNmYxNDdjOTFlMTQ5YzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7FQxYUbzO0NxCsgI5VW5/5zGMze
wQYI3wKyEZvCZ9K6Z/z1pBunLpoV1P1FlplgRf9/roROBfaMoDAlD167g/T1f8nb
F12TJ3JMv31Glv3t24D2XCgNmFFLBN1iEveECOj2ItAxTXdqI/PQQt5a6NZXUbSM
hwvlFNJVpNFU79RJtsF3bvw7rsHheyMsH8G1GlOKI9EVVxMf4AVq8TgldTeApsfv
UeU83SRThngsvTHwwgsWh9KZ33h8V+v7HvzWyHqTZ8Gnt+05AceSwIVG5oHZ6jZ0
2nRYvvfMZHtPbln7/w2EYIW6mzLXGLiPSjjUPlWFkpejcf7lOHxYG4pKXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE3YtB4+m0LAdjRN96bxR8keFJx+MB8GA1UdIwQY
MBaAFNBVgUcrkqhakMqh5H1yI9eIrgFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEZXQlJ5dVNxRnFReXFIa2ZYSWoxNGl1QVVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9hMDg3NDgtODYyMi00ZTg2LTgyZWYt
M2JkYWFjYjlkMDhkLzEvVGRpMEhqNmJRc0IyTkUzM3B2Rkh5UjRVbkg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9hMDg3NDgtODYyMi00ZTg2LTgyZWYtM2JkYWFjYjlkMDhk
LzEvMEZXQlJ5dVNxRnFReXFIa2ZYSWoxNGl1QVVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVQiaAwQA
W9mGMA0GCSqGSIb3DQEBCwUAA4IBAQBhU2H3Jfjpb0TFDf4bAqyaPytZ0639TTdO
IZX6ixDXDlRooqzivtLGVcFDcJrr9//RRBUn/NAE3lh9LbmyMesVyfaEndRpAFF8
9KITGRsynGBHDj+V5k1vrPjfjeb7krQbDej0LTtP5oRgFSy0qaO0dyP8EkFOAsIo
BqMqQODhVyPk+SLYDcmaALbTZmZE9SXYld6HKHF54Hoa8/kuRJU4sjzr1ermbEBa
h5zFz0YHIddsTK7FPD0Iqa2x3PgCeHDIlz6sDkGbxO0dPS6zB2xq9p23LKYk4ziE
Kw+23fb8V7sg0l2yikJKwE6I0PXMpX36Uwcay3GZQTJaDSqjOHJY
-----END CERTIFICATE-----
Generated at Tue May 6 21:11:13 2025 by rpki-client