Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/2Gso70Bxi4cBy_WodKxdmUIwtcI.roa
File: 2Gso70Bxi4cBy_WodKxdmUIwtcI.roa (raw, json)
Hash identifier: /C593JYHyt/Js1dmu1EsZBHQvb2UcIHLzg2ko4L4lPo=
Subject key identifier: D8:6B:28:EF:40:71:8B:87:01:CB:F5:A8:74:AC:5D:99:42:30:B5:C2
Certificate issuer: /CN=c3fb403a241883e58fced52d39d80eabd52bb36f
Certificate serial: 019425FDE18A8202C6E28C561BCA5FD7E721
Authority key identifier: C3:FB:40:3A:24:18:83:E5:8F:CE:D5:2D:39:D8:0E:AB:D5:2B:B3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w_tAOiQYg-WPztUtOdgOq9Urs28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/2Gso70Bxi4cBy_WodKxdmUIwtcI.roa
Signing time: Thu 02 Jan 2025 07:49:42 +0000
ROA not before: Thu 02 Jan 2025 07:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15461
IP address blocks: 194.44.38.0/23 maxlen: 32
194.44.179.0/24 maxlen: 32
213.174.29.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/w_tAOiQYg-WPztUtOdgOq9Urs28.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/w_tAOiQYg-WPztUtOdgOq9Urs28.mft
rsync://rpki.ripe.net/repository/DEFAULT/w_tAOiQYg-WPztUtOdgOq9Urs28.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 04:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:e1:8a:82:02:c6:e2:8c:56:1b:ca:5f:d7:e7:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3fb403a241883e58fced52d39d80eabd52bb36f
Validity
Not Before: Jan 2 07:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d86b28ef40718b8701cbf5a874ac5d994230b5c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0b:4b:97:ab:83:de:45:55:e1:45:b4:9b:d8:
de:4f:de:eb:d7:6d:6c:85:6b:9d:75:0a:c7:2d:e0:
c0:ae:64:32:bd:58:98:67:dc:8f:31:3d:d4:79:d0:
50:0c:77:6d:1d:da:1e:ad:57:3f:7d:f3:48:7a:a2:
49:14:f1:a0:68:4b:ba:4a:96:65:1e:b8:59:70:94:
86:04:86:0e:a1:3f:49:28:4d:36:5b:75:a4:9a:a0:
2f:f7:b0:3b:0f:6c:17:06:06:74:33:50:36:9a:35:
55:03:88:6d:b6:92:a7:9e:74:f3:d4:a6:13:e4:d8:
12:af:0e:9d:2b:ca:3a:0a:e6:32:2f:0d:0c:07:ff:
05:ef:15:f5:16:e8:36:26:26:22:e2:c6:46:f6:8d:
60:fc:de:e1:0d:5d:c3:4a:34:91:18:6b:91:b0:20:
d2:4c:24:d8:8d:bc:c3:3e:ef:01:af:95:6e:65:6a:
66:02:6e:d1:8a:d4:9d:17:47:ba:ee:29:01:0e:e6:
aa:e2:88:85:af:d9:0e:a3:3a:c1:8f:2d:7d:c4:0b:
87:0a:42:db:5f:04:91:09:e1:5c:fe:10:71:88:40:
c5:96:5a:c0:15:2e:7f:75:30:a4:b9:3b:8c:4d:3f:
17:94:58:1d:14:01:b7:e8:b7:87:8c:ec:79:8c:0c:
69:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:6B:28:EF:40:71:8B:87:01:CB:F5:A8:74:AC:5D:99:42:30:B5:C2
X509v3 Authority Key Identifier:
keyid:C3:FB:40:3A:24:18:83:E5:8F:CE:D5:2D:39:D8:0E:AB:D5:2B:B3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w_tAOiQYg-WPztUtOdgOq9Urs28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/2Gso70Bxi4cBy_WodKxdmUIwtcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/w_tAOiQYg-WPztUtOdgOq9Urs28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.44.38.0/23
194.44.179.0/24
213.174.29.0/24
Signature Algorithm: sha256WithRSAEncryption
16:4f:81:27:77:48:d5:2e:86:04:df:6f:67:30:62:4b:3c:46:
71:2a:27:f7:f4:3c:7d:9a:3b:c4:64:3e:03:39:52:12:8a:e9:
b2:5b:1a:fa:55:22:26:e6:42:25:a2:8e:0c:d3:ed:e3:77:b2:
1c:3f:fc:e3:c3:c2:24:8c:d8:de:ab:6f:14:54:cc:12:25:7a:
ba:0c:18:0b:cd:7a:72:76:44:c9:19:64:53:02:2a:63:50:ba:
4a:89:be:d4:a4:7e:ec:ab:5f:39:66:ab:a2:d0:49:46:19:52:
2f:32:2d:92:95:e3:c8:a3:9d:c0:13:bd:26:aa:fa:eb:7e:ae:
b1:0c:3c:08:40:f7:8c:f0:5d:c1:9a:9b:d7:fd:95:21:2d:b4:
e1:f0:31:ca:81:ce:57:9c:1b:10:c6:3b:0d:f5:d5:bb:b2:0f:
17:5d:ec:73:7f:71:c3:43:58:89:51:e7:7b:d4:f5:5c:3a:09:
ba:b9:3f:87:df:2f:df:ee:7e:81:0f:fa:f2:b9:b6:2f:2d:e3:
a3:33:df:9c:20:7a:c3:65:d2:b9:bf:40:d9:1e:c8:b5:e6:4f:
54:52:83:05:f8:66:30:5f:79:0d:74:3d:b7:f1:b6:6c:7d:f2:
86:a8:de:85:51:66:9c:73:90:80:c2:d9:ce:f1:a6:27:37:06:
b1:24:8e:56
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQl/eGKggLG4oxWG8pf1+chMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZmI0MDNhMjQxODgzZTU4ZmNlZDUyZDM5ZDgwZWFiZDUy
YmIzNmYwHhcNMjUwMTAyMDc0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODZiMjhlZjQwNzE4Yjg3MDFjYmY1YTg3NGFjNWQ5OTQyMzBiNWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQtLl6uD3kVV4UW0m9jeT97r121s
hWuddQrHLeDArmQyvViYZ9yPMT3UedBQDHdtHdoerVc/ffNIeqJJFPGgaEu6SpZl
HrhZcJSGBIYOoT9JKE02W3WkmqAv97A7D2wXBgZ0M1A2mjVVA4httpKnnnTz1KYT
5NgSrw6dK8o6CuYyLw0MB/8F7xX1Fug2JiYi4sZG9o1g/N7hDV3DSjSRGGuRsCDS
TCTYjbzDPu8Br5VuZWpmAm7RitSdF0e67ikBDuaq4oiFr9kOozrBjy19xAuHCkLb
XwSRCeFc/hBxiEDFllrAFS5/dTCkuTuMTT8XlFgdFAG36LeHjOx5jAxp3wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNhrKO9AcYuHAcv1qHSsXZlCMLXCMB8GA1UdIwQY
MBaAFMP7QDokGIPlj87VLTnYDqvVK7NvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd190QU9pUVlnLVdQenRVdE9kZ09xOVVyczI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC80ZGM2MjUtN2MxYy00ZGFjLTg5OWUt
YTlhNzc5MDI2ZjBhLzEvMkdzbzcwQnhpNGNCeV9Xb2RLeGRtVUl3dGNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC80ZGM2MjUtN2MxYy00ZGFjLTg5OWUtYTlhNzc5MDI2ZjBh
LzEvd190QU9pUVlnLVdQenRVdE9kZ09xOVVyczI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwiwmAwQA
wiyzAwQA1a4dMA0GCSqGSIb3DQEBCwUAA4IBAQAWT4End0jVLoYE329nMGJLPEZx
Kif39Dx9mjvEZD4DOVISiumyWxr6VSIm5kIloo4M0+3jd7IcP/zjw8IkjNjeq28U
VMwSJXq6DBgLzXpydkTJGWRTAipjULpKib7UpH7sq185Zqui0ElGGVIvMi2SlePI
o53AE70mqvrrfq6xDDwIQPeM8F3BmpvX/ZUhLbTh8DHKgc5XnBsQxjsN9dW7sg8X
Xexzf3HDQ1iJUed71PVcOgm6uT+H3y/f7n6BD/ryubYvLeOjM9+cIHrDZdK5v0DZ
Hsi15k9UUoMF+GYwX3kNdD238bZsffKGqN6FUWacc5CAwtnO8aYnNwaxJI5W
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:07:15 2025 by rpki-client