Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/eY2HUAll7fDnreBQhRAKJKSb0kY.roa
File: eY2HUAll7fDnreBQhRAKJKSb0kY.roa (raw, json)
Hash identifier: EWy2Lu75sciEu8/fmP+MiOxG/sgdglQMCzvxx2HZI0Y=
Subject key identifier: 79:8D:87:50:09:65:ED:F0:E7:AD:E0:50:85:10:0A:24:A4:9B:D2:46
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 01942827F406D5AA577B26088C0CBA0F9E3B
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/eY2HUAll7fDnreBQhRAKJKSb0kY.roa
Signing time: Thu 02 Jan 2025 17:54:54 +0000
ROA not before: Thu 02 Jan 2025 17:54:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212609
IP address blocks: 2.58.235.0/24 maxlen: 24
45.9.152.0/22 maxlen: 24
185.238.142.0/24 maxlen: 24
193.189.137.0/24 maxlen: 24
213.109.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:f4:06:d5:aa:57:7b:26:08:8c:0c:ba:0f:9e:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Jan 2 17:54:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=798d87500965edf0e7ade05085100a24a49bd246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:26:26:cd:47:a7:1e:ef:59:c7:3e:32:fb:1e:
df:ef:d6:28:5b:8b:8e:39:d1:e1:16:3b:1e:b8:eb:
02:e2:b6:5c:e0:07:dd:9d:1a:cb:56:e1:ca:21:56:
75:70:18:a8:f8:b3:27:d5:5c:fc:a9:0a:cb:1b:b9:
c6:62:33:69:59:b8:49:45:a6:5a:98:30:08:71:5c:
e6:6e:5b:74:67:6c:27:4c:aa:58:81:97:7e:b8:3c:
f3:84:93:f3:0e:b0:32:53:18:6f:db:86:e7:c9:f6:
56:4e:93:21:aa:52:f4:19:7a:11:7b:85:25:44:2d:
11:62:b5:76:5a:24:6e:da:d9:4d:12:ca:ec:f7:64:
e3:5d:6b:4d:b5:40:e9:83:71:7f:09:e3:4c:17:7e:
1a:cd:ad:5e:83:bb:c4:7c:4d:a6:66:63:69:81:cb:
00:89:e6:64:c1:65:22:81:55:16:22:40:43:aa:28:
b2:2c:33:7b:2d:22:d6:09:9c:f3:bc:b8:89:00:a5:
b2:0c:65:12:25:3c:d7:4c:eb:e2:4b:58:12:39:ea:
90:fc:21:61:d7:9d:a9:c9:02:3e:7e:af:21:ba:fa:
cc:c2:37:e4:8f:e8:05:1f:cf:ac:d5:0f:4f:f8:4f:
c0:3f:14:f8:c6:46:5b:b0:31:3d:f6:c6:84:82:02:
7a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:8D:87:50:09:65:ED:F0:E7:AD:E0:50:85:10:0A:24:A4:9B:D2:46
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/eY2HUAll7fDnreBQhRAKJKSb0kY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.235.0/24
45.9.152.0/22
185.238.142.0/24
193.189.137.0/24
213.109.155.0/24
Signature Algorithm: sha256WithRSAEncryption
39:1f:df:83:ce:b6:e2:65:9d:e3:f1:20:0b:8d:f2:0b:17:af:
c3:48:b7:af:e3:83:06:7d:3c:87:9e:82:24:7c:53:6b:08:37:
54:d7:5b:13:28:fa:d6:2f:28:33:54:b4:fd:1b:c7:5e:a4:09:
7a:90:00:93:99:7b:d4:37:e3:4b:1d:b0:06:ea:73:fd:22:a1:
d3:6a:68:4d:6e:c2:db:38:95:30:33:33:2b:cf:93:fa:52:49:
2a:8e:5d:e9:c8:2d:65:45:bf:ac:ae:44:d6:91:d4:44:2a:ec:
9c:fc:e1:72:e7:16:4e:d4:5e:bf:ee:55:6f:18:15:ba:7b:2c:
01:e3:57:9c:dc:1c:5e:f6:20:a6:ac:44:2f:80:dd:ee:c3:c9:
d9:de:ba:85:68:d2:ed:87:b3:95:89:6d:f6:32:e0:ad:75:41:
fb:06:af:08:de:ab:9a:50:0a:42:83:65:51:43:d4:3e:22:81:
06:18:cc:f8:8c:2a:30:50:ac:a8:2f:2e:80:70:ea:c7:ee:28:
ee:9b:2f:3b:a9:70:88:9a:c5:34:59:ad:bd:11:06:76:b4:bd:
38:1b:97:29:44:d7:f4:5d:cd:a7:6c:ab:58:e2:aa:25:7a:3c:
cb:80:a8:a0:c1:47:7b:e8:2a:78:7f:1b:0a:77:d0:52:8e:a3:
75:48:f7:97
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQoJ/QG1apXeyYIjAy6D547MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwMTAyMTc1NDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OThkODc1MDA5NjVlZGYwZTdhZGUwNTA4NTEwMGEyNGE0OWJkMjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyYmzUenHu9Zxz4y+x7f79YoW4uO
OdHhFjseuOsC4rZc4AfdnRrLVuHKIVZ1cBio+LMn1Vz8qQrLG7nGYjNpWbhJRaZa
mDAIcVzmblt0Z2wnTKpYgZd+uDzzhJPzDrAyUxhv24bnyfZWTpMhqlL0GXoRe4Ul
RC0RYrV2WiRu2tlNEsrs92TjXWtNtUDpg3F/CeNMF34aza1eg7vEfE2mZmNpgcsA
ieZkwWUigVUWIkBDqiiyLDN7LSLWCZzzvLiJAKWyDGUSJTzXTOviS1gSOeqQ/CFh
152pyQI+fq8huvrMwjfkj+gFH8+s1Q9P+E/APxT4xkZbsDE99saEggJ69wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHmNh1AJZe3w563gUIUQCiSkm9JGMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvZVkySFVBbGw3ZkRucmVCUWhSQUtKS1NiMGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjrrAwQC
LQmYAwQAue6OAwQAwb2JAwQA1W2bMA0GCSqGSIb3DQEBCwUAA4IBAQA5H9+Dzrbi
ZZ3j8SALjfILF6/DSLev44MGfTyHnoIkfFNrCDdU11sTKPrWLygzVLT9G8depAl6
kACTmXvUN+NLHbAG6nP9IqHTamhNbsLbOJUwMzMrz5P6Ukkqjl3pyC1lRb+srkTW
kdREKuyc/OFy5xZO1F6/7lVvGBW6eywB41ec3Bxe9iCmrEQvgN3uw8nZ3rqFaNLt
h7OViW32MuCtdUH7Bq8I3quaUApCg2VRQ9Q+IoEGGMz4jCowUKyoLy6AcOrH7iju
my87qXCImsU0Wa29EQZ2tL04G5cpRNf0Xc2nbKtY4qolejzLgKigwUd76Cp4fxsK
d9BSjqN1SPeX
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:07:41 2025 by rpki-client