Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/oz0n0tabkek6EQn3CdzDJzmgoJk.roa
File: oz0n0tabkek6EQn3CdzDJzmgoJk.roa (raw, json)
Hash identifier: maw7MpGVIBi0J7h758XZFXH4TFz3ipbqHwUmOtfJnQ0=
Subject key identifier: A3:3D:27:D2:D6:9B:91:E9:3A:11:09:F7:09:DC:C3:27:39:A0:A0:99
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019422FC1B743382234138AB464F90548F38
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/oz0n0tabkek6EQn3CdzDJzmgoJk.roa
Signing time: Wed 01 Jan 2025 17:48:54 +0000
ROA not before: Wed 01 Jan 2025 17:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206068
IP address blocks: 86.104.19.0/24 maxlen: 24
86.104.192.0/24 maxlen: 24
86.104.195.0/24 maxlen: 24
89.32.126.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:1b:74:33:82:23:41:38:ab:46:4f:90:54:8f:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 17:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a33d27d2d69b91e93a1109f709dcc32739a0a099
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f9:1d:e8:b6:36:a7:57:18:8f:ac:72:fc:67:
68:e8:71:79:b7:c5:b8:88:ac:d0:62:ed:0d:86:e9:
98:15:0f:9a:b0:5f:3f:98:14:1c:69:7b:a1:65:3f:
31:20:eb:ce:bf:81:24:ef:c8:0f:73:4e:3c:07:b2:
56:0c:d2:82:2a:bb:e4:e1:e2:50:16:a4:c1:28:1e:
ee:e8:bf:93:4e:54:4d:db:44:b8:0f:90:8e:8c:6f:
56:c2:b9:ad:7d:3f:60:2e:48:36:8c:77:fa:b6:7b:
0c:6d:ac:b2:b0:69:6f:99:43:fc:36:4b:11:d0:d6:
a9:7b:ce:a6:20:db:c9:02:6e:9a:32:f4:b1:67:d0:
2e:9d:25:2a:21:f4:fb:05:04:c4:aa:33:2d:5b:bc:
93:50:a1:43:d0:7e:b8:a1:cd:4c:85:19:df:1c:56:
df:77:64:4c:2e:42:4f:15:8d:73:53:4d:62:25:5d:
4a:f5:e1:bd:59:f4:0b:34:24:1d:49:f4:c6:a9:8e:
22:1c:73:5d:8c:f1:62:d7:08:af:d1:15:51:d1:1f:
9e:99:a6:4b:bb:4a:92:9d:08:99:1d:ab:9c:61:c3:
c2:63:97:f5:a8:e2:20:33:84:b4:2d:35:80:9c:88:
77:15:df:86:c3:7d:0d:f5:d9:d1:f5:52:8b:00:28:
e0:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:3D:27:D2:D6:9B:91:E9:3A:11:09:F7:09:DC:C3:27:39:A0:A0:99
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/oz0n0tabkek6EQn3CdzDJzmgoJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.19.0/24
86.104.192.0/24
86.104.195.0/24
89.32.126.0/24
94.231.198.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:89:f2:cd:41:95:1b:b9:7d:5f:59:41:b6:ee:78:18:31:3c:
a6:30:c3:1c:10:5d:ed:05:f7:a4:5a:a4:c5:22:65:a6:d2:f3:
bf:6a:90:91:68:aa:63:a2:76:f2:45:c5:d4:4f:d4:59:03:c3:
3a:2a:1a:c5:28:9f:09:cc:62:c9:8d:ea:57:49:53:a0:1a:e3:
c8:4f:64:4c:d3:7c:fe:27:37:a6:e8:93:dd:1f:0b:2c:ed:a6:
c3:6f:5e:f0:84:db:6b:4f:13:08:57:c8:43:6b:32:0e:a1:f4:
66:9f:41:ed:3b:fc:4e:5e:48:05:72:66:c2:da:5b:66:3c:7f:
df:91:2e:82:0f:da:00:f0:a8:42:2d:69:23:df:ab:f6:89:31:
20:2f:fe:4d:a3:b5:c1:53:2b:ef:fa:22:67:c5:4c:e9:e6:cd:
81:6e:8a:4b:cf:1f:54:91:58:b5:fb:5a:15:12:dc:6e:1f:2a:
e8:4a:ed:4d:67:eb:10:1c:90:bc:b5:c6:d8:88:c0:2b:de:87:
59:df:18:ac:3e:48:e6:c8:f4:2e:7c:4b:80:4c:4f:60:2c:11:
a9:8b:a6:8e:7d:c8:dd:cf:ef:1f:94:cf:79:c0:52:cb:84:87:
29:1c:de:62:b0:67:69:75:ef:98:83:dd:69:88:84:f1:49:3e:
11:20:11:df
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQi/Bt0M4IjQTirRk+QVI84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwMTAxMTc0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzNkMjdkMmQ2OWI5MWU5M2ExMTA5ZjcwOWRjYzMyNzM5YTBhMDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/kd6LY2p1cYj6xy/Gdo6HF5t8W4
iKzQYu0NhumYFQ+asF8/mBQcaXuhZT8xIOvOv4Ek78gPc048B7JWDNKCKrvk4eJQ
FqTBKB7u6L+TTlRN20S4D5COjG9WwrmtfT9gLkg2jHf6tnsMbayysGlvmUP8NksR
0Nape86mINvJAm6aMvSxZ9AunSUqIfT7BQTEqjMtW7yTUKFD0H64oc1MhRnfHFbf
d2RMLkJPFY1zU01iJV1K9eG9WfQLNCQdSfTGqY4iHHNdjPFi1wiv0RVR0R+emaZL
u0qSnQiZHaucYcPCY5f1qOIgM4S0LTWAnIh3Fd+Gw30N9dnR9VKLACjgfwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKM9J9LWm5HpOhEJ9wncwyc5oKCZMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvb3owbjB0YWJrZWs2RVFuM0NkekRKem1nb0prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVmgTAwQA
VmjAAwQAVmjDAwQAWSB+AwQAXufGMA0GCSqGSIb3DQEBCwUAA4IBAQCyifLNQZUb
uX1fWUG27ngYMTymMMMcEF3tBfekWqTFImWm0vO/apCRaKpjonbyRcXUT9RZA8M6
KhrFKJ8JzGLJjepXSVOgGuPIT2RM03z+Jzem6JPdHwss7abDb17whNtrTxMIV8hD
azIOofRmn0HtO/xOXkgFcmbC2ltmPH/fkS6CD9oA8KhCLWkj36v2iTEgL/5No7XB
Uyvv+iJnxUzp5s2BbopLzx9UkVi1+1oVEtxuHyroSu1NZ+sQHJC8tcbYiMAr3odZ
3xisPkjmyPQufEuATE9gLBGpi6aOfcjdz+8flM95wFLLhIcpHN5isGdpde+Yg91p
iITxST4RIBHf
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:32:43 2025 by rpki-client