Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/2SMgTvrgi0QtK86QVDF0HeNX37g.roa
File: 2SMgTvrgi0QtK86QVDF0HeNX37g.roa (raw, json)
Hash identifier: bXncWfdYuf1oB9hHOXL5B9gbBLNuO9YCT7mJOYaH4PA=
Subject key identifier: D9:23:20:4E:FA:E0:8B:44:2D:2B:CE:90:54:31:74:1D:E3:57:DF:B8
Certificate issuer: /CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Certificate serial: 0194266B20778559405C7684C11AC7094422
Authority key identifier: ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/2SMgTvrgi0QtK86QVDF0HeNX37g.roa
Signing time: Thu 02 Jan 2025 09:49:02 +0000
ROA not before: Thu 02 Jan 2025 09:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210089
IP address blocks: 79.110.169.0/24 maxlen: 24
2a06:1e83:caff::/48 maxlen: 48
2a06:1e86:babe::/48 maxlen: 48
2a0d:1a45::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.mft
rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:20:77:85:59:40:5c:76:84:c1:1a:c7:09:44:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Validity
Not Before: Jan 2 09:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d923204efae08b442d2bce905431741de357dfb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:52:82:8f:7a:4f:ad:7b:1b:70:dc:57:1e:0e:
b7:d1:61:48:82:ad:b2:00:74:3f:ff:67:00:c8:12:
e7:e7:ac:9b:d1:26:a3:3d:ba:46:4e:a6:c9:3d:0b:
8b:d2:8c:d0:81:e9:d5:5c:af:59:66:15:68:11:d2:
81:ac:7a:41:cd:66:70:71:84:db:29:1c:fd:14:f5:
ce:00:71:9f:6a:37:3d:af:5e:5d:01:7f:46:b2:23:
ec:85:e1:9b:f7:b4:9c:29:c6:c7:91:12:15:90:49:
0b:ed:e6:73:ce:49:eb:d1:33:80:3f:83:69:df:c4:
08:d9:fd:34:57:09:cb:97:2e:62:1b:3a:04:47:e3:
bb:40:07:45:83:0b:a8:b1:ec:9e:b4:fc:6f:86:d0:
e1:c6:7f:7b:ff:67:3b:e7:f9:3d:65:96:3e:77:93:
fb:84:c8:d0:8b:7d:f3:15:28:cf:b2:8d:59:4e:cd:
60:4d:8b:38:64:c8:7d:11:00:cf:bf:72:43:55:42:
53:72:c2:89:3c:5d:20:19:7b:4f:ca:76:fd:f9:9c:
0c:7f:17:9b:2d:10:70:49:9c:43:0d:cd:f9:9a:42:
f5:bf:bd:89:4d:6b:a4:6a:db:0e:8b:d0:47:4f:2a:
f8:79:dc:d9:e7:69:eb:c1:30:85:e1:89:a5:f2:c3:
07:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:23:20:4E:FA:E0:8B:44:2D:2B:CE:90:54:31:74:1D:E3:57:DF:B8
X509v3 Authority Key Identifier:
keyid:ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/2SMgTvrgi0QtK86QVDF0HeNX37g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.169.0/24
IPv6:
2a06:1e83:caff::/48
2a06:1e86:babe::/48
2a0d:1a45::/32
Signature Algorithm: sha256WithRSAEncryption
4c:5c:45:40:df:32:5c:31:28:a2:db:fe:8c:d9:8a:61:d6:ef:
94:7b:b2:2a:44:bb:83:ca:66:e3:79:89:a9:2b:42:c3:9f:38:
a6:c4:8d:98:7f:fb:19:0c:a8:f2:ab:de:94:c2:b9:3a:df:aa:
61:d5:b0:ba:0c:73:c5:de:7a:e3:38:ff:9c:15:10:53:7f:14:
5f:b7:13:2a:48:b9:ea:39:c4:09:28:75:c8:20:72:81:6b:da:
7b:1e:46:1f:79:6c:3d:fe:35:fd:4f:b3:6d:e5:c2:bd:d4:ca:
f2:32:db:65:56:fd:15:b3:4e:b1:51:f5:7a:c5:79:04:cc:c9:
b5:b7:07:96:4f:72:c7:dd:7b:ba:95:12:2c:ea:67:2a:84:aa:
06:cb:0a:00:db:41:a8:3e:ab:9f:45:04:29:7b:3f:a1:d0:a9:
b4:17:61:11:d0:0a:07:d1:90:23:ac:d7:99:18:25:89:75:5b:
39:e6:4a:e7:9a:fe:e7:3e:60:bf:cd:79:c3:45:5a:50:f3:ed:
37:1c:77:a1:5e:82:56:47:94:32:b4:0f:58:a7:3c:2f:06:1a:
b3:1c:7d:a9:ca:02:d1:dd:c2:41:ed:69:49:2c:85:f5:65:74:
4f:6f:fc:5b:69:73:8b:12:b0:cf:3a:eb:7a:f0:e8:06:b3:ea:
08:c5:79:82
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQmayB3hVlAXHaEwRrHCUQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNzdlNmI5MjViM2I3YTdhYmI5Mjg4NWQ1NWQ3MzNkYzVm
YTYyZDIwHhcNMjUwMTAyMDk0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTIzMjA0ZWZhZTA4YjQ0MmQyYmNlOTA1NDMxNzQxZGUzNTdkZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVKCj3pPrXsbcNxXHg630WFIgq2y
AHQ//2cAyBLn56yb0SajPbpGTqbJPQuL0ozQgenVXK9ZZhVoEdKBrHpBzWZwcYTb
KRz9FPXOAHGfajc9r15dAX9GsiPsheGb97ScKcbHkRIVkEkL7eZzzknr0TOAP4Np
38QI2f00VwnLly5iGzoER+O7QAdFgwuoseyetPxvhtDhxn97/2c75/k9ZZY+d5P7
hMjQi33zFSjPso1ZTs1gTYs4ZMh9EQDPv3JDVUJTcsKJPF0gGXtPynb9+ZwMfxeb
LRBwSZxDDc35mkL1v72JTWukatsOi9BHTyr4edzZ52nrwTCF4Yml8sMHFQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNkjIE764ItELSvOkFQxdB3jV9+4MB8GA1UdIwQY
MBaAFO135rkls7enq7kohdVdcz3F+mLSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMt
OTI4MTlkZThhMDM2LzEvMlNNZ1R2cmdpMFF0Szg2UVZERjBIZU5YMzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMtOTI4MTlkZThhMDM2
LzEvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAMBAIAATAGAwQAT26pMB8E
AgACMBkDBwAqBh6Dyv8DBwAqBh6Gur4DBQAqDRpFMA0GCSqGSIb3DQEBCwUAA4IB
AQBMXEVA3zJcMSii2/6M2Yph1u+Ue7IqRLuDymbjeYmpK0LDnzimxI2Yf/sZDKjy
q96Uwrk636ph1bC6DHPF3nrjOP+cFRBTfxRftxMqSLnqOcQJKHXIIHKBa9p7HkYf
eWw9/jX9T7Nt5cK91MryMttlVv0Vs06xUfV6xXkEzMm1tweWT3LH3Xu6lRIs6mcq
hKoGywoA20GoPqufRQQpez+h0Km0F2ER0AoH0ZAjrNeZGCWJdVs55krnmv7nPmC/
zXnDRVpQ8+03HHehXoJWR5QytA9YpzwvBhqzHH2pygLR3cJB7WlJLIX1ZXRPb/xb
aXOLErDPOut68OgGs+oIxXmC
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:35:26 2025 by rpki-client