Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/2Cp_JC-1gSdENPjM_UWn9lNVG7o.roa
File: 2Cp_JC-1gSdENPjM_UWn9lNVG7o.roa (raw, json)
Hash identifier: +35xjqek9Nhlc/Z0+VDCYx/DAJw10REdvRuvu6t5M3s=
Subject key identifier: D8:2A:7F:24:2F:B5:81:27:44:34:F8:CC:FD:45:A7:F6:53:55:1B:BA
Certificate issuer: /CN=297364f502534e8771a0c6259794c26e26d4bca4
Certificate serial: 01942521CDC7FCF9C66FC91D0A36763B157B
Authority key identifier: 29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/2Cp_JC-1gSdENPjM_UWn9lNVG7o.roa
Signing time: Thu 02 Jan 2025 03:49:19 +0000
ROA not before: Thu 02 Jan 2025 03:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206283
IP address blocks: 185.26.26.0/23 maxlen: 23
2a02:f401::/32 maxlen: 32
2a02:f402::/32 maxlen: 32
2a02:f403::/32 maxlen: 32
2a02:f406:fe50::/48 maxlen: 48
2a02:f406:fe90::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 21:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:cd:c7:fc:f9:c6:6f:c9:1d:0a:36:76:3b:15:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297364f502534e8771a0c6259794c26e26d4bca4
Validity
Not Before: Jan 2 03:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d82a7f242fb581274434f8ccfd45a7f653551bba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3c:e8:d9:53:30:d8:18:78:93:dc:19:3f:b2:
20:14:6b:65:2b:50:76:b4:d3:31:a4:80:c0:4a:1b:
72:8a:28:6e:b9:cf:60:54:38:d1:00:cf:c2:2c:47:
33:f0:31:cc:ac:79:62:4c:91:91:30:c4:a7:24:1f:
1a:1e:59:90:8b:0e:12:50:44:1d:95:99:37:e6:67:
8f:39:a6:76:ab:b3:3f:92:ac:d4:7c:25:a6:49:0d:
87:7b:e3:09:8f:c0:d5:6f:df:d9:3e:12:7e:a7:dd:
23:d9:7a:23:5d:5b:59:6a:3a:a2:cc:b4:e4:72:30:
30:aa:ad:25:95:cd:b8:fe:c8:ac:0d:68:d3:ee:58:
95:c8:f3:3d:32:55:da:58:af:af:aa:c2:7a:2b:4c:
d3:6e:c3:9c:b7:a3:71:0d:49:24:a5:49:cd:64:95:
08:13:ea:25:62:19:cf:24:99:d2:44:b8:bd:07:e4:
bf:1a:86:c4:42:d3:43:f1:f2:05:dd:86:2d:f8:6e:
b5:5f:58:5d:48:08:be:bd:3f:28:3c:d5:a9:32:94:
f0:80:fe:94:8f:96:aa:aa:ad:51:2c:0d:30:cd:a8:
f4:c7:22:81:c7:79:de:da:04:b4:be:9c:62:ad:85:
88:7b:b0:4f:d6:7c:e6:52:be:84:fe:c7:4b:f6:d3:
a0:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:2A:7F:24:2F:B5:81:27:44:34:F8:CC:FD:45:A7:F6:53:55:1B:BA
X509v3 Authority Key Identifier:
keyid:29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/2Cp_JC-1gSdENPjM_UWn9lNVG7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.26.0/23
IPv6:
2a02:f401::-2a02:f403:ffff:ffff:ffff:ffff:ffff:ffff
2a02:f406:fe50::/48
2a02:f406:fe90::/48
Signature Algorithm: sha256WithRSAEncryption
6c:f2:89:c0:7b:48:f7:0b:72:ad:52:0d:4e:00:9d:e3:27:4d:
54:40:3c:26:01:b7:39:7d:0e:ce:fb:86:85:59:e9:72:40:ba:
8e:b1:80:95:7b:d9:51:35:f7:52:c8:0e:b7:61:25:b9:3c:fa:
47:dd:ea:8a:fd:a7:19:66:69:b5:10:6a:44:96:e8:dc:08:d8:
5f:1b:ef:34:d6:87:bc:b5:c9:c4:24:4c:21:af:93:fb:c8:1a:
ee:3e:81:71:09:a2:65:24:e8:ec:d1:8c:65:99:47:e4:27:fd:
f3:c5:5d:9d:0c:2b:62:e1:ae:07:1b:ec:84:79:0c:a7:78:9f:
43:cf:3a:52:b6:72:f6:fa:52:0f:e6:1f:b1:db:eb:8c:ba:8f:
3e:c4:9b:11:40:8b:63:b5:7b:fa:2b:97:80:6f:09:19:e7:01:
c2:3c:d8:cb:a7:c0:3f:cc:f9:b3:ea:6c:95:e4:a5:6f:ab:36:
d2:2a:8a:ee:c5:47:77:12:57:6b:64:5b:3a:a5:8e:66:93:f5:
c2:d3:bf:e3:1d:c2:d4:8a:98:3e:5c:c3:e7:f6:72:7b:d4:56:
60:51:2d:19:f6:b2:83:22:92:4c:ac:e9:04:90:24:77:a0:a6:
7d:55:54:df:ba:76:98:91:31:9c:19:0b:3c:f3:c5:a1:21:85:
47:64:46:6b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQlIc3H/PnGb8kdCjZ2OxV7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NzM2NGY1MDI1MzRlODc3MWEwYzYyNTk3OTRjMjZlMjZk
NGJjYTQwHhcNMjUwMTAyMDM0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODJhN2YyNDJmYjU4MTI3NDQzNGY4Y2NmZDQ1YTdmNjUzNTUxYmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzzo2VMw2Bh4k9wZP7IgFGtlK1B2
tNMxpIDAShtyiihuuc9gVDjRAM/CLEcz8DHMrHliTJGRMMSnJB8aHlmQiw4SUEQd
lZk35mePOaZ2q7M/kqzUfCWmSQ2He+MJj8DVb9/ZPhJ+p90j2XojXVtZajqizLTk
cjAwqq0llc24/sisDWjT7liVyPM9MlXaWK+vqsJ6K0zTbsOct6NxDUkkpUnNZJUI
E+olYhnPJJnSRLi9B+S/GobEQtND8fIF3YYt+G61X1hdSAi+vT8oPNWpMpTwgP6U
j5aqqq1RLA0wzaj0xyKBx3ne2gS0vpxirYWIe7BP1nzmUr6E/sdL9tOgcwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNgqfyQvtYEnRDT4zP1Fp/ZTVRu6MB8GA1UdIwQY
MBaAFClzZPUCU06HcaDGJZeUwm4m1LykMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUt
MGEwZjNlNzhhNDkzLzEvMkNwX0pDLTFnU2RFTlBqTV9VV245bE5WRzdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUtMGEwZjNlNzhhNDkz
LzEvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAMBAIAATAGAwQBuRoaMCgE
AgACMCIwDgMFACoC9AEDBQIqAvQAAwcAKgL0Bv5QAwcAKgL0Bv6QMA0GCSqGSIb3
DQEBCwUAA4IBAQBs8onAe0j3C3KtUg1OAJ3jJ01UQDwmAbc5fQ7O+4aFWelyQLqO
sYCVe9lRNfdSyA63YSW5PPpH3eqK/acZZmm1EGpElujcCNhfG+801oe8tcnEJEwh
r5P7yBruPoFxCaJlJOjs0YxlmUfkJ/3zxV2dDCti4a4HG+yEeQyneJ9DzzpStnL2
+lIP5h+x2+uMuo8+xJsRQItjtXv6K5eAbwkZ5wHCPNjLp8A/zPmz6myV5KVvqzbS
KoruxUd3EldrZFs6pY5mk/XC07/jHcLUipg+XMPn9nJ71FZgUS0Z9rKDIpJMrOkE
kCR3oKZ9VVTfunaYkTGcGQs888WhIYVHZEZr
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:21:49 2025 by rpki-client