Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/mk2Q9tnWw3UAIx-x9xntE7-7U90.roa
File: mk2Q9tnWw3UAIx-x9xntE7-7U90.roa (raw, json)
Hash identifier: MvqwiSqGy+XWj27WKnS1zRsHkBnklDc3odvJxS02TfM=
Subject key identifier: 9A:4D:90:F6:D9:D6:C3:75:00:23:1F:B1:F7:19:ED:13:BF:BB:53:DD
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019422FBBC1E6FA503A1C7FA5B4BD0335D22
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/mk2Q9tnWw3UAIx-x9xntE7-7U90.roa
Signing time: Wed 01 Jan 2025 17:48:30 +0000
ROA not before: Wed 01 Jan 2025 17:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205463
IP address blocks: 2.56.108.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
85.209.120.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:bc:1e:6f:a5:03:a1:c7:fa:5b:4b:d0:33:5d:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 1 17:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a4d90f6d9d6c37500231fb1f719ed13bfbb53dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9b:14:77:c1:e5:53:e7:74:31:45:12:7d:73:
87:3e:fd:7a:30:1d:70:d0:df:d9:06:ba:d9:b3:04:
37:3c:61:2f:cf:1d:0e:58:71:4b:d0:97:8c:fd:8b:
a1:e6:f8:36:56:cc:73:b3:4a:16:3f:97:ac:6b:4a:
25:d4:16:99:56:fc:db:18:0b:3d:87:76:0a:f8:52:
28:80:ed:fa:88:6d:24:10:48:f6:d3:f1:88:c1:f4:
70:b5:4f:7d:49:ee:e4:33:7a:6f:23:92:4d:6a:4a:
ac:bc:40:95:25:71:42:ae:2c:65:68:1b:86:d0:b5:
d2:85:f0:f3:5f:a2:a8:b9:28:7f:25:a8:c4:02:34:
c6:21:01:0b:ff:9a:9c:47:2e:12:d1:7e:be:a4:a2:
07:bd:aa:31:77:bb:9c:24:1f:31:78:4e:44:ac:6b:
0f:ac:be:cd:43:dc:0e:c6:77:e1:16:ee:1e:1b:ae:
67:6e:b5:9b:c2:0f:f1:19:e0:44:ba:f4:a0:bd:56:
b7:95:22:ab:47:6e:6a:6f:00:2d:13:56:00:48:4b:
9e:5f:04:80:0e:73:3e:84:f8:db:0f:9c:b5:89:3d:
25:3c:a1:48:ea:81:34:8a:05:a0:0c:91:16:ce:70:
ef:de:51:65:ca:c4:c4:6b:81:bb:bd:9c:ee:c8:5c:
91:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:4D:90:F6:D9:D6:C3:75:00:23:1F:B1:F7:19:ED:13:BF:BB:53:DD
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/mk2Q9tnWw3UAIx-x9xntE7-7U90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/23
45.81.113.0/24
45.81.115.0/24
45.88.139.0/24
45.94.170.0/24
45.132.181.0/24
45.151.3.0/24
85.209.120.0/24
193.57.41.0/24
194.15.52.0/24
Signature Algorithm: sha256WithRSAEncryption
59:d9:5c:74:0e:a3:b7:87:3c:de:9d:9f:f4:6e:2d:a4:89:2c:
e9:fe:97:82:18:6f:df:fe:8d:44:20:2b:94:02:c9:02:ca:df:
88:cf:24:39:81:8a:67:9d:b1:2e:b1:e2:63:5c:55:cc:e7:c0:
c4:ff:dd:36:5a:f1:a6:11:c7:0d:a8:44:f1:19:c3:4f:5d:30:
ce:ec:12:70:e0:c9:7c:30:68:66:f5:9a:5a:51:a6:55:49:c7:
77:5f:17:c2:bf:29:95:81:c5:7f:b7:2c:53:09:5f:4c:fa:65:
04:b2:f6:4b:46:ff:cf:88:84:ee:b0:d1:df:07:b1:1f:41:53:
69:7a:37:49:a2:40:3e:fd:80:f2:55:b6:e1:49:23:aa:97:78:
78:45:43:6b:12:16:12:81:e5:3a:b5:fc:51:af:36:43:93:a5:
55:c6:18:8f:1a:66:92:51:31:37:83:58:c1:9f:b4:f4:f2:3c:
91:37:8f:f5:c5:f4:85:17:59:f9:b4:d1:84:9b:55:2f:87:16:
41:ff:88:60:59:75:94:bb:be:aa:81:53:85:f4:4e:ca:21:bc:
80:d5:a2:6f:07:9d:0e:be:92:1a:f0:68:2d:4f:9c:0b:ae:25:
33:f3:77:ba:36:c0:c2:19:3c:a3:32:77:76:1b:1a:9d:cb:f8:
a8:1a:36:52
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQi+7web6UDocf6W0vQM10iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwMTAxMTc0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTRkOTBmNmQ5ZDZjMzc1MDAyMzFmYjFmNzE5ZWQxM2JmYmI1M2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpsUd8HlU+d0MUUSfXOHPv16MB1w
0N/ZBrrZswQ3PGEvzx0OWHFL0JeM/Yuh5vg2Vsxzs0oWP5esa0ol1BaZVvzbGAs9
h3YK+FIogO36iG0kEEj20/GIwfRwtU99Se7kM3pvI5JNakqsvECVJXFCrixlaBuG
0LXShfDzX6KouSh/JajEAjTGIQEL/5qcRy4S0X6+pKIHvaoxd7ucJB8xeE5ErGsP
rL7NQ9wOxnfhFu4eG65nbrWbwg/xGeBEuvSgvVa3lSKrR25qbwAtE1YASEueXwSA
DnM+hPjbD5y1iT0lPKFI6oE0igWgDJEWznDv3lFlysTEa4G7vZzuyFyRdQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJpNkPbZ1sN1ACMfsfcZ7RO/u1PdMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvbWsyUTl0bld3M1VBSXgteDl4bnRFNy03VTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBAjhsAwQA
LVFxAwQALVFzAwQALViLAwQALV6qAwQALYS1AwQALZcDAwQAVdF4AwQAwTkpAwQA
wg80MA0GCSqGSIb3DQEBCwUAA4IBAQBZ2Vx0DqO3hzzenZ/0bi2kiSzp/peCGG/f
/o1EICuUAskCyt+IzyQ5gYpnnbEuseJjXFXM58DE/902WvGmEccNqETxGcNPXTDO
7BJw4Ml8MGhm9ZpaUaZVScd3XxfCvymVgcV/tyxTCV9M+mUEsvZLRv/PiITusNHf
B7EfQVNpejdJokA+/YDyVbbhSSOql3h4RUNrEhYSgeU6tfxRrzZDk6VVxhiPGmaS
UTE3g1jBn7T08jyRN4/1xfSFF1n5tNGEm1UvhxZB/4hgWXWUu76qgVOF9E7KIbyA
1aJvB50OvpIa8GgtT5wLriUz83e6NsDCGTyjMnd2Gxqdy/ioGjZS
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:48:48 2025 by rpki-client