Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/OFoxo4tSb8S4WTnb9Arp2ooyRvw.roa
File: OFoxo4tSb8S4WTnb9Arp2ooyRvw.roa (raw, json)
Hash identifier: RZrf7jypWJt6TvS7MztBYdDEvw+Yp5dHCbAbuiSrNfs=
Subject key identifier: 38:5A:31:A3:8B:52:6F:C4:B8:59:39:DB:F4:0A:E9:DA:8A:32:46:FC
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 019421440C030C8EEDD860143262B6190C8E
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/OFoxo4tSb8S4WTnb9Arp2ooyRvw.roa
Signing time: Wed 01 Jan 2025 09:48:15 +0000
ROA not before: Wed 01 Jan 2025 09:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200746
IP address blocks: 185.109.220.0/24 maxlen: 24
2a0b:8f80:1::/48 maxlen: 48
2a0b:8f80:200::/48 maxlen: 48
2a0b:8f80:300::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:0c:03:0c:8e:ed:d8:60:14:32:62:b6:19:0c:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jan 1 09:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=385a31a38b526fc4b85939dbf40ae9da8a3246fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:7a:ca:88:dc:c1:1b:ff:1b:17:da:82:bb:34:
f5:ba:d3:99:90:36:8e:99:11:3d:eb:f8:e6:db:d9:
e8:32:0e:9d:51:8e:83:49:8b:44:dc:ad:69:90:5d:
7d:d9:6c:21:c9:69:9b:2c:ea:96:34:b4:a1:bb:17:
b2:00:4d:ae:97:b1:40:51:c3:e8:88:c8:c0:a4:4b:
03:65:40:89:90:a1:71:ef:61:61:b6:ac:b9:ad:44:
b7:24:9f:49:a1:69:35:5c:cc:de:c4:0e:d8:23:e5:
34:2d:b3:d9:a7:cc:b0:97:79:a4:b5:15:86:5c:e3:
02:0d:55:d1:b7:0b:61:71:18:08:9e:8e:af:4b:8c:
37:0e:7d:92:7e:f8:f5:7e:da:02:ea:ad:e8:ed:ed:
a0:f4:bb:11:9d:46:d9:aa:c9:44:78:4b:08:8f:8c:
05:ae:49:8d:7e:24:03:9e:52:6e:40:75:b5:a2:0d:
b6:cb:34:4e:a2:02:fd:a6:a3:2e:98:4e:34:06:3f:
29:0a:da:cd:83:b4:8a:f1:b1:b5:d7:8b:85:8b:9e:
06:56:72:19:18:6c:26:fc:69:7c:bc:09:07:f2:40:
f5:0e:6d:51:87:04:3c:ae:7f:15:e5:85:26:e4:97:
af:d4:72:40:c7:09:b8:18:89:c5:65:15:07:41:85:
43:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:5A:31:A3:8B:52:6F:C4:B8:59:39:DB:F4:0A:E9:DA:8A:32:46:FC
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/OFoxo4tSb8S4WTnb9Arp2ooyRvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.220.0/24
IPv6:
2a0b:8f80:1::/48
2a0b:8f80:200::/48
2a0b:8f80:300::/48
Signature Algorithm: sha256WithRSAEncryption
35:71:a6:70:05:88:c9:4f:83:d2:91:2d:22:be:75:ce:43:64:
11:12:2a:de:60:f1:ee:c7:af:18:86:c2:fa:41:3f:23:5f:8a:
7e:bd:8e:52:4b:6e:ec:39:97:03:c5:32:f4:be:1f:ad:4d:e1:
b7:d5:2b:76:bf:e8:aa:bc:5c:54:b7:1f:3b:42:f5:e5:9b:bf:
48:53:c5:e6:e9:3c:c2:c5:51:5b:1a:b0:fc:e9:a7:97:09:ed:
22:98:69:05:5a:02:4a:60:f5:58:8a:c1:8d:52:3e:41:71:74:
82:bd:5f:c9:2d:6a:53:e3:8d:e0:f2:98:73:eb:5a:1f:e9:0c:
88:68:00:99:8f:b2:4c:91:a6:f2:de:67:63:6c:b2:08:47:60:
55:8b:6a:36:88:ab:08:c3:7f:23:1a:a2:c2:6c:38:c5:19:27:
4d:6e:64:a3:76:30:2b:b0:02:12:c6:5a:34:75:ad:dd:27:c4:
55:64:18:6b:78:07:81:e6:c7:36:04:7c:c2:36:4f:64:26:10:
a4:33:56:96:66:59:7c:73:a3:d0:2e:30:5c:8c:19:f0:43:89:
14:35:49:1f:b9:d4:ec:a5:e2:79:97:2b:7a:27:96:30:b9:65:
05:6d:05:f0:a3:11:7f:4a:e5:27:d2:4c:4b:cc:d7:dd:bd:a0:
07:d9:69:24
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQhRAwDDI7t2GAUMmK2GQyOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjUwMTAxMDk0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODVhMzFhMzhiNTI2ZmM0Yjg1OTM5ZGJmNDBhZTlkYThhMzI0NmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HrKiNzBG/8bF9qCuzT1utOZkDaO
mRE96/jm29noMg6dUY6DSYtE3K1pkF192WwhyWmbLOqWNLShuxeyAE2ul7FAUcPo
iMjApEsDZUCJkKFx72Fhtqy5rUS3JJ9JoWk1XMzexA7YI+U0LbPZp8ywl3mktRWG
XOMCDVXRtwthcRgIno6vS4w3Dn2Sfvj1ftoC6q3o7e2g9LsRnUbZqslEeEsIj4wF
rkmNfiQDnlJuQHW1og22yzROogL9pqMumE40Bj8pCtrNg7SK8bG114uFi54GVnIZ
GGwm/Gl8vAkH8kD1Dm1RhwQ8rn8V5YUm5Jev1HJAxwm4GInFZRUHQYVD/QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFDhaMaOLUm/EuFk52/QK6dqKMkb8MB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvT0ZveG80dFNiOFM0V1RuYjlBcnAyb295UnZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQAuW3cMCEE
AgACMBsDBwAqC4+AAAEDBwAqC4+AAgADBwAqC4+AAwAwDQYJKoZIhvcNAQELBQAD
ggEBADVxpnAFiMlPg9KRLSK+dc5DZBESKt5g8e7HrxiGwvpBPyNfin69jlJLbuw5
lwPFMvS+H61N4bfVK3a/6Kq8XFS3HztC9eWbv0hTxebpPMLFUVsasPzpp5cJ7SKY
aQVaAkpg9ViKwY1SPkFxdIK9X8ktalPjjeDymHPrWh/pDIhoAJmPskyRpvLeZ2Ns
sghHYFWLajaIqwjDfyMaosJsOMUZJ01uZKN2MCuwAhLGWjR1rd0nxFVkGGt4B4Hm
xzYEfMI2T2QmEKQzVpZmWXxzo9AuMFyMGfBDiRQ1SR+51Oyl4nmXK3onljC5ZQVt
BfCjEX9K5SfSTEvM1929oAfZaSQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:49:06 2025 by rpki-client