Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/ad8994-51f1-4b65-aca0-e15a8b70e8d2/1/spA2D5bFhwjtsAUrsUVWAYuQYCw.roa
File: spA2D5bFhwjtsAUrsUVWAYuQYCw.roa (raw, json)
Hash identifier: G0F7ImWqWoF9HSrIReZ5ZDnra1S9Yg59kPLrgfQKBWo=
Subject key identifier: B2:90:36:0F:96:C5:87:08:ED:B0:05:2B:B1:45:56:01:8B:90:60:2C
Certificate issuer: /CN=37ceaa626cbd89052f3545335dfdb31a13383004
Certificate serial: 019425FD91BD0DAEDBDBDB026DAA7CEF4DB5
Authority key identifier: 37:CE:AA:62:6C:BD:89:05:2F:35:45:33:5D:FD:B3:1A:13:38:30:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N86qYmy9iQUvNUUzXf2zGhM4MAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/ad8994-51f1-4b65-aca0-e15a8b70e8d2/1/spA2D5bFhwjtsAUrsUVWAYuQYCw.roa
Signing time: Thu 02 Jan 2025 07:49:22 +0000
ROA not before: Thu 02 Jan 2025 07:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204444
IP address blocks: 194.76.41.0/24 maxlen: 24
194.76.44.0/24 maxlen: 24
194.76.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/ad8994-51f1-4b65-aca0-e15a8b70e8d2/1/N86qYmy9iQUvNUUzXf2zGhM4MAQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/ad8994-51f1-4b65-aca0-e15a8b70e8d2/1/N86qYmy9iQUvNUUzXf2zGhM4MAQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/N86qYmy9iQUvNUUzXf2zGhM4MAQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:91:bd:0d:ae:db:db:db:02:6d:aa:7c:ef:4d:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37ceaa626cbd89052f3545335dfdb31a13383004
Validity
Not Before: Jan 2 07:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b290360f96c58708edb0052bb14556018b90602c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:75:b2:a6:82:64:a0:5e:fc:86:14:ba:8a:a4:
24:b5:02:8b:27:ad:ad:93:2e:bb:67:da:ca:34:4b:
23:3c:a1:6f:44:90:6e:70:23:7c:e9:92:36:81:83:
c8:3d:87:91:ec:d8:24:0f:a0:6a:10:02:aa:9b:65:
e7:da:90:e2:15:2f:9e:57:97:77:6c:46:af:c1:df:
32:79:af:b0:9d:c6:15:3a:a7:6f:b4:fb:73:6d:5f:
67:16:77:0d:14:a3:a4:d2:ac:e2:a1:6c:38:b8:a1:
79:ad:8b:25:ee:6a:1c:c6:33:aa:e7:8f:9b:c5:ba:
d7:0d:a0:8a:7e:a6:ef:57:fd:15:3d:40:9f:03:af:
f6:a9:a2:13:3f:41:18:66:5f:78:20:20:d2:c8:8c:
73:de:9d:eb:3d:15:30:44:41:7b:f1:9b:b0:cd:59:
40:95:73:a0:b5:f6:08:8d:e2:a1:8a:07:1f:48:19:
20:d7:c2:03:b3:22:f7:f6:2c:9c:a6:a2:d3:27:c3:
3a:90:ee:5b:a0:ab:c0:a1:4d:5b:d8:e8:4f:8b:cd:
33:3e:e8:f6:c2:fe:6f:58:02:5b:9b:b5:77:74:eb:
1f:bd:3d:13:ce:7b:85:61:92:dd:07:df:31:20:65:
94:e8:0b:a7:62:6e:4f:54:aa:3a:17:67:2e:e7:60:
cc:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:90:36:0F:96:C5:87:08:ED:B0:05:2B:B1:45:56:01:8B:90:60:2C
X509v3 Authority Key Identifier:
keyid:37:CE:AA:62:6C:BD:89:05:2F:35:45:33:5D:FD:B3:1A:13:38:30:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N86qYmy9iQUvNUUzXf2zGhM4MAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/ad8994-51f1-4b65-aca0-e15a8b70e8d2/1/spA2D5bFhwjtsAUrsUVWAYuQYCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/ad8994-51f1-4b65-aca0-e15a8b70e8d2/1/N86qYmy9iQUvNUUzXf2zGhM4MAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.41.0/24
194.76.44.0/24
194.76.53.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:7f:df:3a:70:e4:69:54:ad:82:b9:15:c0:23:01:e1:39:cb:
5c:63:ad:12:d1:65:42:47:8b:88:11:0e:a7:6e:4f:eb:19:65:
6e:57:14:a1:a6:af:d6:79:d5:a9:4c:c5:82:ce:7e:e0:9a:52:
de:7c:f8:ce:70:54:1b:5b:3f:b6:ef:a8:1b:86:0a:d9:07:9a:
8c:38:43:d2:5e:1e:99:d0:c6:7c:d0:d4:16:14:68:c8:d6:a1:
c7:4f:13:35:39:1b:25:e1:2c:2a:2c:8d:6d:75:dc:66:68:7b:
5a:96:f6:a3:0c:12:fc:18:7f:c8:a4:ca:d4:cf:2e:3d:23:94:
f8:ee:d3:60:7d:6b:57:9b:38:29:a6:b2:3f:f8:0e:4d:23:71:
82:d1:25:14:18:c5:3d:ae:82:17:5c:78:83:95:14:23:28:1a:
36:2a:e5:45:ee:18:90:7b:f8:a4:1a:2f:0f:3a:17:23:71:d8:
48:7c:e8:46:5a:11:ec:fb:30:a1:0b:68:13:72:c0:e8:79:3b:
41:cf:43:f2:a4:91:cc:c7:ee:91:cd:90:47:ff:11:1a:a5:fc:
cf:81:60:01:96:88:f2:9c:b4:38:62:af:1e:68:66:d6:ff:36:
48:ca:4f:4a:d6:fe:16:bd:69:91:0d:2e:e1:f5:9a:16:dd:09:
57:d5:48:a3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQl/ZG9Da7b29sCbap87021MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3Y2VhYTYyNmNiZDg5MDUyZjM1NDUzMzVkZmRiMzFhMTMz
ODMwMDQwHhcNMjUwMTAyMDc0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjkwMzYwZjk2YzU4NzA4ZWRiMDA1MmJiMTQ1NTYwMThiOTA2MDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXWypoJkoF78hhS6iqQktQKLJ62t
ky67Z9rKNEsjPKFvRJBucCN86ZI2gYPIPYeR7NgkD6BqEAKqm2Xn2pDiFS+eV5d3
bEavwd8yea+wncYVOqdvtPtzbV9nFncNFKOk0qzioWw4uKF5rYsl7mocxjOq54+b
xbrXDaCKfqbvV/0VPUCfA6/2qaITP0EYZl94ICDSyIxz3p3rPRUwREF78ZuwzVlA
lXOgtfYIjeKhigcfSBkg18IDsyL39iycpqLTJ8M6kO5boKvAoU1b2OhPi80zPuj2
wv5vWAJbm7V3dOsfvT0TznuFYZLdB98xIGWU6AunYm5PVKo6F2cu52DM6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLKQNg+WxYcI7bAFK7FFVgGLkGAsMB8GA1UdIwQY
MBaAFDfOqmJsvYkFLzVFM139sxoTODAEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjg2cVlteTlpUVV2TlVVelhmMnpHaE00TUFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9hZDg5OTQtNTFmMS00YjY1LWFjYTAt
ZTE1YThiNzBlOGQyLzEvc3BBMkQ1YkZod2p0c0FVcnNVVldBWXVRWUN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9hZDg5OTQtNTFmMS00YjY1LWFjYTAtZTE1YThiNzBlOGQy
LzEvTjg2cVlteTlpUVV2TlVVelhmMnpHaE00TUFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwkwpAwQA
wkwsAwQAwkw1MA0GCSqGSIb3DQEBCwUAA4IBAQB/f986cORpVK2CuRXAIwHhOctc
Y60S0WVCR4uIEQ6nbk/rGWVuVxShpq/WedWpTMWCzn7gmlLefPjOcFQbWz+276gb
hgrZB5qMOEPSXh6Z0MZ80NQWFGjI1qHHTxM1ORsl4SwqLI1tddxmaHtalvajDBL8
GH/IpMrUzy49I5T47tNgfWtXmzgpprI/+A5NI3GC0SUUGMU9roIXXHiDlRQjKBo2
KuVF7hiQe/ikGi8POhcjcdhIfOhGWhHs+zChC2gTcsDoeTtBz0PypJHMx+6RzZBH
/xEapfzPgWABlojynLQ4Yq8eaGbW/zZIyk9K1v4WvWmRDS7h9ZoW3QlX1Uij
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:24 2025 by rpki-client