Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/x2Xaez7Ra9vjvF4FG3Er4hO4ovk.roa
File: x2Xaez7Ra9vjvF4FG3Er4hO4ovk.roa (raw, json)
Hash identifier: T67Ch/iuLueDDibfJIFSKnLQW9UiEIt+71JVmL/jUzg=
Subject key identifier: C7:65:DA:7B:3E:D1:6B:DB:E3:BC:5E:05:1B:71:2B:E2:13:B8:A2:F9
Certificate issuer: /CN=34832317d2544434b659e5692071d8e4c4938b06
Certificate serial: 0195A80C3F762F569F910A34BCE44AC016FE
Authority key identifier: 34:83:23:17:D2:54:44:34:B6:59:E5:69:20:71:D8:E4:C4:93:8B:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NIMjF9JURDS2WeVpIHHY5MSTiwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/x2Xaez7Ra9vjvF4FG3Er4hO4ovk.roa
Signing time: Tue 18 Mar 2025 06:58:49 +0000
ROA not before: Tue 18 Mar 2025 06:58:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197893
IP address blocks: 176.28.72.0/24 maxlen: 24
176.28.73.0/24 maxlen: 24
176.28.74.0/24 maxlen: 24
176.28.75.0/24 maxlen: 24
176.28.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/NIMjF9JURDS2WeVpIHHY5MSTiwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/NIMjF9JURDS2WeVpIHHY5MSTiwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/NIMjF9JURDS2WeVpIHHY5MSTiwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 18:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a8:0c:3f:76:2f:56:9f:91:0a:34:bc:e4:4a:c0:16:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34832317d2544434b659e5692071d8e4c4938b06
Validity
Not Before: Mar 18 06:58:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c765da7b3ed16bdbe3bc5e051b712be213b8a2f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d6:a7:26:4a:df:15:61:b5:a5:6f:cc:4e:b0:
70:3f:90:9b:64:5f:f4:ec:4b:8f:12:17:ad:b5:cd:
5b:04:16:3e:3e:a7:57:d9:36:a8:34:60:de:d5:85:
d5:19:e6:cc:f3:ad:95:03:24:1b:44:62:2f:44:c8:
67:a9:e3:24:d3:2a:51:40:40:ba:73:85:6e:b9:a8:
85:8b:0c:75:13:77:20:e8:26:33:06:ca:71:01:1d:
3a:11:07:43:00:25:51:64:b8:38:db:b3:68:c0:92:
22:6c:cb:a3:c6:4a:fc:03:75:63:a9:62:35:66:e8:
1e:f7:68:d3:8b:e0:73:14:24:53:d1:16:20:32:f3:
1e:c2:f0:97:66:40:cc:b4:63:b4:d3:55:eb:c7:34:
3d:66:7a:0c:db:22:bc:61:99:86:92:9a:b4:d9:cb:
90:53:d3:7b:3b:f0:14:e8:fe:7d:f4:0b:45:ca:ea:
b5:f8:2d:c8:d3:ae:59:88:bb:88:d6:a4:7f:22:4c:
99:39:ef:92:ee:03:a3:8e:38:b3:64:24:72:36:04:
c7:3a:85:ae:b3:f5:b2:f4:1d:61:58:89:2c:0c:b2:
8d:4f:27:5a:61:f9:9c:97:7d:d4:06:13:03:b2:ce:
a8:df:c8:42:58:31:b7:d3:90:5a:e0:5a:d6:87:c5:
bd:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:65:DA:7B:3E:D1:6B:DB:E3:BC:5E:05:1B:71:2B:E2:13:B8:A2:F9
X509v3 Authority Key Identifier:
keyid:34:83:23:17:D2:54:44:34:B6:59:E5:69:20:71:D8:E4:C4:93:8B:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NIMjF9JURDS2WeVpIHHY5MSTiwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/x2Xaez7Ra9vjvF4FG3Er4hO4ovk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/NIMjF9JURDS2WeVpIHHY5MSTiwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.28.72.0/22
176.28.79.0/24
Signature Algorithm: sha256WithRSAEncryption
28:05:d1:c0:a7:42:cd:5d:8e:59:95:28:92:48:43:23:80:ff:
cd:c0:2e:74:60:9f:89:e1:cc:f0:52:e7:88:2e:4e:74:86:4a:
5f:b3:e5:b5:dd:54:9a:15:4b:81:c7:77:54:7f:ef:eb:e1:8d:
4d:19:15:b5:a3:70:dd:58:07:00:7c:15:86:19:b8:86:56:60:
1f:be:9e:28:08:62:18:f0:02:21:91:64:8e:cb:6d:cc:92:be:
b8:6d:9b:3b:2d:80:0d:98:38:c5:3c:05:47:ff:5d:f1:44:db:
52:9e:cc:f3:13:3e:37:66:42:30:54:69:fb:fb:91:f1:a0:cd:
d9:c1:98:d1:ae:2b:da:15:4b:14:cb:a7:4c:ee:23:a6:ee:f0:
db:96:31:f3:04:ea:f6:af:38:38:33:f9:28:43:e7:97:ec:27:
9d:67:b9:9c:2f:1d:39:d0:d1:bb:3f:3b:76:52:a8:66:71:21:
b5:03:dc:51:3e:bd:25:db:db:7f:be:fb:96:44:13:d9:4f:17:
33:e6:72:5d:42:77:23:0e:3d:0e:69:8c:b9:79:9a:df:a8:f1:
ac:62:4b:b7:8d:d8:77:13:19:56:3c:a4:45:60:06:23:78:16:
5e:64:78:53:e9:1c:2e:62:8f:d5:e0:82:25:f0:fd:d5:7c:2b:
54:ba:d5:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWoDD92L1afkQo0vORKwBb+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ODMyMzE3ZDI1NDQ0MzRiNjU5ZTU2OTIwNzFkOGU0YzQ5
MzhiMDYwHhcNMjUwMzE4MDY1ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzY1ZGE3YjNlZDE2YmRiZTNiYzVlMDUxYjcxMmJlMjEzYjhhMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdanJkrfFWG1pW/MTrBwP5CbZF/0
7EuPEhettc1bBBY+PqdX2TaoNGDe1YXVGebM862VAyQbRGIvRMhnqeMk0ypRQEC6
c4VuuaiFiwx1E3cg6CYzBspxAR06EQdDACVRZLg427NowJIibMujxkr8A3VjqWI1
Zuge92jTi+BzFCRT0RYgMvMewvCXZkDMtGO001XrxzQ9ZnoM2yK8YZmGkpq02cuQ
U9N7O/AU6P599AtFyuq1+C3I065ZiLuI1qR/IkyZOe+S7gOjjjizZCRyNgTHOoWu
s/Wy9B1hWIksDLKNTydaYfmcl33UBhMDss6o38hCWDG305Ba4FrWh8W9YwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMdl2ns+0Wvb47xeBRtxK+ITuKL5MB8GA1UdIwQY
MBaAFDSDIxfSVEQ0tlnlaSBx2OTEk4sGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTklNakY5SlVSRFMyV2VWcElISFk1TVNUaXdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81YTJlZDktOGY4ZS00YzFkLWFhZjMt
MzBjNjVhZDgzMjkxLzEveDJYYWV6N1JhOXZqdkY0RkczRXI0aE80b3ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81YTJlZDktOGY4ZS00YzFkLWFhZjMtMzBjNjVhZDgzMjkx
LzEvTklNakY5SlVSRFMyV2VWcElISFk1TVNUaXdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsBxIAwQA
sBxPMA0GCSqGSIb3DQEBCwUAA4IBAQAoBdHAp0LNXY5ZlSiSSEMjgP/NwC50YJ+J
4czwUueILk50hkpfs+W13VSaFUuBx3dUf+/r4Y1NGRW1o3DdWAcAfBWGGbiGVmAf
vp4oCGIY8AIhkWSOy23Mkr64bZs7LYANmDjFPAVH/13xRNtSnszzEz43ZkIwVGn7
+5HxoM3ZwZjRrivaFUsUy6dM7iOm7vDbljHzBOr2rzg4M/koQ+eX7CedZ7mcLx05
0NG7Pzt2UqhmcSG1A9xRPr0l29t/vvuWRBPZTxcz5nJdQncjDj0OaYy5eZrfqPGs
Yku3jdh3ExlWPKRFYAYjeBZeZHhT6RwuYo/V4IIl8P3VfCtUutWh
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:46:58 2025 by rpki-client