Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/2TU9zRlg4BupLvfFfZ7nbqZ_3fY.roa
File: 2TU9zRlg4BupLvfFfZ7nbqZ_3fY.roa (raw, json)
Hash identifier: Q+LzT1EBZiXr+my5xIMRRPF6wrKo64s9mQmOfTnOJXc=
Subject key identifier: D9:35:3D:CD:19:60:E0:1B:A9:2E:F7:C5:7D:9E:E7:6E:A6:7F:DD:F6
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 01941FFA648208FA62833C08487F9246644E
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/2TU9zRlg4BupLvfFfZ7nbqZ_3fY.roa
Signing time: Wed 01 Jan 2025 03:48:10 +0000
ROA not before: Wed 01 Jan 2025 03:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21267
IP address blocks: 45.85.244.0/23 maxlen: 24
45.85.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 14:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:64:82:08:fa:62:83:3c:08:48:7f:92:46:64:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 03:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9353dcd1960e01ba92ef7c57d9ee76ea67fddf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d6:4b:1b:9a:20:6e:71:a1:cd:86:1b:7a:35:
cf:f8:b7:71:7d:40:1a:4e:ac:0a:8e:73:42:a2:cc:
6e:51:49:09:35:69:b9:b4:49:12:5f:34:a7:fd:ba:
ce:ec:26:34:ca:c4:73:c3:56:98:19:93:1e:0a:ee:
1c:d9:21:ed:4a:a8:22:11:8e:30:88:0b:f3:a5:43:
e2:21:63:26:ca:39:be:d3:99:4c:e3:6c:bf:29:cf:
de:2c:ba:fe:21:27:14:ba:4e:2d:0d:1e:53:85:b5:
4e:ba:83:65:aa:48:0e:59:52:ed:90:ee:f7:c5:26:
c9:c4:4c:5d:de:01:76:b4:2a:95:0e:f1:6e:9d:b8:
be:8c:6f:4a:bc:a6:30:6c:d4:8a:81:58:23:51:64:
a6:4d:4f:fa:e6:5c:03:4f:93:00:b9:40:2f:7e:7b:
2e:df:0c:89:8e:07:85:b7:17:ec:1a:22:9a:4e:a2:
f0:15:bd:bf:47:c8:d4:ca:d3:ac:b0:80:15:49:d6:
c9:d2:78:28:03:a2:d6:5d:be:c2:50:28:6b:e4:69:
2f:52:34:08:79:45:53:36:45:e9:a5:85:d3:27:16:
f4:04:b4:49:78:92:dc:4d:82:17:53:bc:65:63:b9:
30:51:9c:3a:dc:3b:3c:3c:c8:2f:f9:74:38:9f:15:
da:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:35:3D:CD:19:60:E0:1B:A9:2E:F7:C5:7D:9E:E7:6E:A6:7F:DD:F6
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/2TU9zRlg4BupLvfFfZ7nbqZ_3fY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.244.0-45.85.246.255
Signature Algorithm: sha256WithRSAEncryption
4c:c6:4e:00:3b:a6:1c:f7:0d:af:a4:12:32:44:55:a1:91:7b:
86:cb:53:0a:99:9c:97:2e:03:bf:37:b8:d3:71:52:d0:45:b8:
33:fc:f0:1a:d9:0c:85:09:29:5b:0a:53:d1:ec:fe:4f:5a:f9:
09:43:db:f0:82:0d:dd:53:58:3e:1f:54:eb:1b:34:0c:76:cc:
d8:de:06:37:43:e3:0b:2d:45:19:1b:bd:ff:aa:f3:82:fc:d6:
20:03:ee:57:d9:56:e2:98:0c:28:da:5a:ac:2c:45:72:52:b1:
bb:d6:f0:47:5a:19:15:18:6a:16:61:e9:dc:d8:f3:5b:26:73:
44:a1:b0:63:9b:f3:d5:91:45:3d:e0:81:77:09:f4:b3:ae:ec:
4f:a0:c1:e0:54:18:d4:9e:41:34:2c:17:56:cc:2c:42:cb:7c:
6e:b1:d9:15:cc:ca:31:d1:9f:4f:74:05:d7:a4:20:92:b4:f3:
01:e9:93:aa:24:51:cc:ab:87:e1:3f:d3:c3:c3:57:66:10:f5:
4e:1c:66:6b:04:10:9e:4c:b9:f5:eb:29:92:2b:e3:d8:d2:69:
4b:22:69:41:50:90:76:18:62:23:d1:67:6c:8d:2a:3f:12:77:
42:eb:fc:0e:98:9c:68:7e:7d:12:0f:e0:f4:37:fb:51:de:1e:
d4:7a:5d:33
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQf+mSCCPpigzwISH+SRmROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjUwMTAxMDM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTM1M2RjZDE5NjBlMDFiYTkyZWY3YzU3ZDllZTc2ZWE2N2ZkZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NZLG5ogbnGhzYYbejXP+LdxfUAa
TqwKjnNCosxuUUkJNWm5tEkSXzSn/brO7CY0ysRzw1aYGZMeCu4c2SHtSqgiEY4w
iAvzpUPiIWMmyjm+05lM42y/Kc/eLLr+IScUuk4tDR5ThbVOuoNlqkgOWVLtkO73
xSbJxExd3gF2tCqVDvFunbi+jG9KvKYwbNSKgVgjUWSmTU/65lwDT5MAuUAvfnsu
3wyJjgeFtxfsGiKaTqLwFb2/R8jUytOssIAVSdbJ0ngoA6LWXb7CUChr5GkvUjQI
eUVTNkXppYXTJxb0BLRJeJLcTYIXU7xlY7kwUZw63Ds8PMgv+XQ4nxXaEQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNk1Pc0ZYOAbqS73xX2e526mf932MB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvMlRVOXpSbGc0QnVwTHZmRmZaN25icVpfM2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAItVfQD
BAAtVfYwDQYJKoZIhvcNAQELBQADggEBAEzGTgA7phz3Da+kEjJEVaGRe4bLUwqZ
nJcuA783uNNxUtBFuDP88BrZDIUJKVsKU9Hs/k9a+QlD2/CCDd1TWD4fVOsbNAx2
zNjeBjdD4wstRRkbvf+q84L81iAD7lfZVuKYDCjaWqwsRXJSsbvW8EdaGRUYahZh
6dzY81smc0ShsGOb89WRRT3ggXcJ9LOu7E+gweBUGNSeQTQsF1bMLELLfG6x2RXM
yjHRn090BdekIJK08wHpk6okUcyrh+E/08PDV2YQ9U4cZmsEEJ5MufXrKZIr49jS
aUsiaUFQkHYYYiPRZ2yNKj8Sd0Lr/A6YnGh+fRIP4PQ3+1HeHtR6XTM=
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:35:24 2025 by rpki-client