Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5279ef-a1c9-4da2-a1c5-1d8d933d6c00/1/cvFGyGJRsZnEcRCD9JCy58T9gVo.roa
File: cvFGyGJRsZnEcRCD9JCy58T9gVo.roa (raw, json)
Hash identifier: Yp1oBHirBIDihtEHMnqKxr3/5zdpx0QZszheovk5A64=
Subject key identifier: 72:F1:46:C8:62:51:B1:99:C4:71:10:83:F4:90:B2:E7:C4:FD:81:5A
Certificate issuer: /CN=b2ec1ba6854bbf5bc3ed554ff7fef3ba5fe4cb51
Certificate serial: 019423698DC26B37DEF599052B7C6E0B97CD
Authority key identifier: B2:EC:1B:A6:85:4B:BF:5B:C3:ED:55:4F:F7:FE:F3:BA:5F:E4:CB:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/suwbpoVLv1vD7VVP9_7zul_ky1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/5279ef-a1c9-4da2-a1c5-1d8d933d6c00/1/cvFGyGJRsZnEcRCD9JCy58T9gVo.roa
Signing time: Wed 01 Jan 2025 19:48:27 +0000
ROA not before: Wed 01 Jan 2025 19:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35205
IP address blocks: 80.84.192.0/19 maxlen: 19
80.84.192.0/20 maxlen: 20
80.84.192.0/22 maxlen: 22
80.84.208.0/20 maxlen: 20
80.84.208.0/21 maxlen: 21
185.48.208.0/22 maxlen: 22
2a04:a080::/29 maxlen: 29
2a04:a080::/30 maxlen: 30
2a04:a084::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/5279ef-a1c9-4da2-a1c5-1d8d933d6c00/1/suwbpoVLv1vD7VVP9_7zul_ky1E.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/5279ef-a1c9-4da2-a1c5-1d8d933d6c00/1/suwbpoVLv1vD7VVP9_7zul_ky1E.mft
rsync://rpki.ripe.net/repository/DEFAULT/suwbpoVLv1vD7VVP9_7zul_ky1E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 19:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:8d:c2:6b:37:de:f5:99:05:2b:7c:6e:0b:97:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2ec1ba6854bbf5bc3ed554ff7fef3ba5fe4cb51
Validity
Not Before: Jan 1 19:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72f146c86251b199c4711083f490b2e7c4fd815a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:73:6c:da:a0:73:6d:ac:4a:62:fc:69:f8:3e:
c5:26:8e:cf:eb:ba:ac:da:ec:33:83:5a:ae:ac:b7:
ae:f6:9d:0d:ad:39:8d:67:52:ac:e8:34:25:e6:b0:
0b:08:4d:cc:83:96:c7:23:31:d1:8f:57:23:08:58:
a1:b4:22:37:70:6c:b3:e2:6f:24:9e:fc:76:92:31:
2e:79:20:11:96:25:2e:4b:c9:35:ce:1d:68:dc:f1:
aa:d6:19:cc:a7:10:51:10:c4:6a:de:b9:19:9c:31:
4f:bb:94:04:1f:fa:60:b2:a9:fe:37:30:aa:d9:96:
0d:98:eb:ca:5f:94:ac:b5:e7:40:99:8a:83:53:7f:
1a:bb:50:6b:33:93:cf:83:36:ae:31:1b:92:26:9b:
77:69:63:89:af:86:e6:6e:82:7f:10:c3:e0:86:6b:
66:df:33:ac:c2:6b:3a:7e:d9:14:a5:b0:62:79:8a:
cb:fb:d4:d8:2a:49:4f:80:5c:66:37:96:45:98:c7:
64:d9:e1:d6:c5:ce:31:cb:f2:02:b6:ee:37:01:cc:
ad:d6:6c:60:a9:ff:98:bf:17:62:3d:98:24:c5:54:
cd:86:b7:b7:77:b2:bf:ba:3a:c8:db:af:56:c3:ee:
84:c4:0c:87:8c:96:52:c6:93:01:d7:f8:fc:25:3c:
13:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F1:46:C8:62:51:B1:99:C4:71:10:83:F4:90:B2:E7:C4:FD:81:5A
X509v3 Authority Key Identifier:
keyid:B2:EC:1B:A6:85:4B:BF:5B:C3:ED:55:4F:F7:FE:F3:BA:5F:E4:CB:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/suwbpoVLv1vD7VVP9_7zul_ky1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5279ef-a1c9-4da2-a1c5-1d8d933d6c00/1/cvFGyGJRsZnEcRCD9JCy58T9gVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5279ef-a1c9-4da2-a1c5-1d8d933d6c00/1/suwbpoVLv1vD7VVP9_7zul_ky1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.84.192.0/19
185.48.208.0/22
IPv6:
2a04:a080::/29
Signature Algorithm: sha256WithRSAEncryption
1c:c3:ab:b9:89:c7:5e:59:61:d9:85:2a:e6:65:35:56:12:61:
a1:9a:ee:ff:50:9a:6a:7b:12:b5:13:17:c3:66:f3:d1:a6:11:
d7:a0:2a:9e:a4:96:08:fc:1a:37:dc:d2:6a:bb:e3:74:97:82:
e7:78:07:d7:1e:01:64:65:8c:a8:4c:07:bb:f9:30:83:93:5d:
29:94:fe:0e:1e:fa:70:21:f3:d5:ad:15:d3:b8:fb:e6:eb:b0:
f9:95:68:c7:29:4c:bb:86:52:9a:52:76:a6:d9:cb:c3:10:b6:
b4:8b:a6:69:07:53:a0:77:31:01:8b:51:64:72:8f:83:d9:a0:
8b:37:21:90:fa:08:a7:76:6e:4e:be:61:34:81:4b:97:fa:50:
cf:a8:5e:76:4f:9c:66:2b:a3:30:94:0b:29:95:9e:e3:15:b0:
e1:9c:11:bd:e2:64:db:a1:6f:06:ed:8f:ab:df:f2:63:74:3c:
7a:f7:cb:c6:f6:9f:0a:69:41:35:45:77:ea:1f:b5:06:cb:b0:
88:be:77:54:a6:14:1e:07:2e:88:ad:18:13:c3:82:26:e7:54:
96:07:06:03:55:50:4a:9e:8d:bf:fe:18:33:9d:73:0b:1a:90:
cc:a5:53:c7:ca:a6:a7:1c:9d:4d:e0:d5:9f:78:19:bb:52:35:
61:dc:22:42
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQjaY3Cazfe9ZkFK3xuC5fNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZWMxYmE2ODU0YmJmNWJjM2VkNTU0ZmY3ZmVmM2JhNWZl
NGNiNTEwHhcNMjUwMTAxMTk0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmYxNDZjODYyNTFiMTk5YzQ3MTEwODNmNDkwYjJlN2M0ZmQ4MTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3Ns2qBzbaxKYvxp+D7FJo7P67qs
2uwzg1qurLeu9p0NrTmNZ1Ks6DQl5rALCE3Mg5bHIzHRj1cjCFihtCI3cGyz4m8k
nvx2kjEueSARliUuS8k1zh1o3PGq1hnMpxBREMRq3rkZnDFPu5QEH/pgsqn+NzCq
2ZYNmOvKX5SstedAmYqDU38au1BrM5PPgzauMRuSJpt3aWOJr4bmboJ/EMPghmtm
3zOswms6ftkUpbBieYrL+9TYKklPgFxmN5ZFmMdk2eHWxc4xy/ICtu43Acyt1mxg
qf+YvxdiPZgkxVTNhre3d7K/ujrI269Ww+6ExAyHjJZSxpMB1/j8JTwTfQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHLxRshiUbGZxHEQg/SQsufE/YFaMB8GA1UdIwQY
MBaAFLLsG6aFS79bw+1VT/f+87pf5MtRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3V3YnBvVkx2MXZEN1ZWUDlfN3p1bF9reTFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81Mjc5ZWYtYTFjOS00ZGEyLWExYzUt
MWQ4ZDkzM2Q2YzAwLzEvY3ZGR3lHSlJzWm5FY1JDRDlKQ3k1OFQ5Z1ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81Mjc5ZWYtYTFjOS00ZGEyLWExYzUtMWQ4ZDkzM2Q2YzAw
LzEvc3V3YnBvVkx2MXZEN1ZWUDlfN3p1bF9reTFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFUFTAAwQC
uTDQMA0EAgACMAcDBQMqBKCAMA0GCSqGSIb3DQEBCwUAA4IBAQAcw6u5icdeWWHZ
hSrmZTVWEmGhmu7/UJpqexK1ExfDZvPRphHXoCqepJYI/Bo33NJqu+N0l4LneAfX
HgFkZYyoTAe7+TCDk10plP4OHvpwIfPVrRXTuPvm67D5lWjHKUy7hlKaUnam2cvD
ELa0i6ZpB1OgdzEBi1Fkco+D2aCLNyGQ+gindm5OvmE0gUuX+lDPqF52T5xmK6Mw
lAsplZ7jFbDhnBG94mTboW8G7Y+r3/JjdDx698vG9p8KaUE1RXfqH7UGy7CIvndU
phQeBy6IrRgTw4Im51SWBwYDVVBKno2//hgznXMLGpDMpVPHyqanHJ1N4NWfeBm7
UjVh3CJC
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:01:38 2025 by rpki-client