Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/2Bhbw3leMOOThPESRkMOR1dkKo8.roa
File: 2Bhbw3leMOOThPESRkMOR1dkKo8.roa (raw, json)
Hash identifier: 8BdnwPJfHaRJdOgffZDaE9NFXhulzq329A7S3hKg76Q=
Subject key identifier: D8:18:5B:C3:79:5E:30:E3:93:84:F1:12:46:43:0E:47:57:64:2A:8F
Certificate issuer: /CN=b98d1f6e336a7c81351941bc0b9dea39d7d764db
Certificate serial: 0194258F56B705A7EAF8AFFF6079765B33B0
Authority key identifier: B9:8D:1F:6E:33:6A:7C:81:35:19:41:BC:0B:9D:EA:39:D7:D7:64:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uY0fbjNqfIE1GUG8C53qOdfXZNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/2Bhbw3leMOOThPESRkMOR1dkKo8.roa
Signing time: Thu 02 Jan 2025 05:48:58 +0000
ROA not before: Thu 02 Jan 2025 05:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39775
IP address blocks: 62.192.32.0/19 maxlen: 24
81.90.208.0/20 maxlen: 24
91.204.16.0/22 maxlen: 24
185.149.124.0/22 maxlen: 24
185.190.0.0/22 maxlen: 24
2a02:1378::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/uY0fbjNqfIE1GUG8C53qOdfXZNs.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/uY0fbjNqfIE1GUG8C53qOdfXZNs.mft
rsync://rpki.ripe.net/repository/DEFAULT/uY0fbjNqfIE1GUG8C53qOdfXZNs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:56:b7:05:a7:ea:f8:af:ff:60:79:76:5b:33:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b98d1f6e336a7c81351941bc0b9dea39d7d764db
Validity
Not Before: Jan 2 05:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8185bc3795e30e39384f11246430e4757642a8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:31:76:48:92:2d:5e:32:7b:51:e9:87:25:90:
23:ae:9f:86:ac:c4:26:da:77:ea:7c:11:4e:fa:48:
48:59:6f:25:ab:e0:87:02:34:52:c5:9c:f8:f9:52:
85:47:5c:ce:ff:40:1c:16:f2:1a:97:cd:73:2b:26:
73:81:87:2e:17:9a:b3:cb:8f:80:a1:c6:94:d2:22:
cb:61:9d:1f:fc:df:e1:4b:4a:14:8e:bd:d6:d5:da:
c1:5c:a7:94:c7:2f:4d:3c:dc:2a:3f:4a:3d:bc:08:
82:f8:e7:ff:35:ab:5f:ba:2b:2c:ab:c6:b7:2f:35:
a4:6a:9c:ca:63:e4:c9:9d:3b:f1:08:61:fc:aa:1e:
44:2a:00:7e:34:a9:b5:26:01:51:d3:94:e4:4c:57:
fd:39:15:a1:4b:2c:4c:ce:02:14:20:86:a0:af:13:
63:cd:a5:af:2d:5a:b4:27:60:1d:c0:05:5d:0f:6d:
fd:a6:81:29:8f:24:be:3f:6b:32:88:e8:fa:b5:40:
0b:dc:d0:94:46:d9:a6:36:38:b4:81:58:30:a1:c1:
2d:89:a8:60:b5:dc:55:84:ff:43:60:28:6d:76:ea:
d4:dd:31:d3:48:6e:03:c2:af:78:2d:7f:61:ab:87:
5e:b6:d3:7e:5f:74:d7:bd:69:57:97:cf:7f:cd:3a:
4c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:18:5B:C3:79:5E:30:E3:93:84:F1:12:46:43:0E:47:57:64:2A:8F
X509v3 Authority Key Identifier:
keyid:B9:8D:1F:6E:33:6A:7C:81:35:19:41:BC:0B:9D:EA:39:D7:D7:64:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uY0fbjNqfIE1GUG8C53qOdfXZNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/2Bhbw3leMOOThPESRkMOR1dkKo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/uY0fbjNqfIE1GUG8C53qOdfXZNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.32.0/19
81.90.208.0/20
91.204.16.0/22
185.149.124.0/22
185.190.0.0/22
IPv6:
2a02:1378::/32
Signature Algorithm: sha256WithRSAEncryption
1c:09:bc:b7:11:8a:53:ce:e8:8c:e1:03:d4:e6:16:4a:3f:2c:
7d:35:4e:b7:10:9f:c9:17:57:2a:bd:f2:ee:7e:65:ff:24:4f:
ca:37:b8:56:e6:1c:dc:12:b8:19:d5:97:57:ac:a3:c5:0b:84:
ce:68:63:2f:f4:ba:b5:d1:f9:9b:0d:5c:11:ab:71:e7:81:ec:
a0:00:14:1f:80:f7:73:60:bd:b6:6a:ca:17:6b:d8:24:1e:88:
bb:59:ad:59:ce:f2:85:5a:94:19:c3:93:71:6a:57:30:fa:5a:
46:59:15:b7:04:53:25:e8:b0:fc:88:6b:bf:4f:d8:54:a9:08:
c8:59:f4:1a:e3:de:82:1b:a7:02:77:92:ab:69:1e:55:b6:7e:
1b:68:a5:97:5d:8e:e1:7d:41:13:f6:dc:3f:45:0f:92:71:3f:
db:7b:dd:0f:54:88:52:b9:99:2e:0b:8c:5e:fd:49:5b:69:5f:
d4:79:e7:2b:17:ad:b9:de:d8:c6:78:b0:f8:42:1d:4e:bf:2f:
ca:0c:20:67:85:07:63:32:fb:63:1a:ef:c0:34:b5:e4:d2:1e:
81:47:0f:d1:19:6d:e5:f4:76:41:35:f5:1c:8b:10:b9:c9:ca:
dc:17:c5:6c:b6:dc:e4:10:24:ed:9f:99:5e:52:15:2f:80:84:
9e:aa:f9:f8
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQlj1a3Bafq+K//YHl2WzOwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OGQxZjZlMzM2YTdjODEzNTE5NDFiYzBiOWRlYTM5ZDdk
NzY0ZGIwHhcNMjUwMTAyMDU0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODE4NWJjMzc5NWUzMGUzOTM4NGYxMTI0NjQzMGU0NzU3NjQyYThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDF2SJItXjJ7UemHJZAjrp+GrMQm
2nfqfBFO+khIWW8lq+CHAjRSxZz4+VKFR1zO/0AcFvIal81zKyZzgYcuF5qzy4+A
ocaU0iLLYZ0f/N/hS0oUjr3W1drBXKeUxy9NPNwqP0o9vAiC+Of/Natfuissq8a3
LzWkapzKY+TJnTvxCGH8qh5EKgB+NKm1JgFR05TkTFf9ORWhSyxMzgIUIIagrxNj
zaWvLVq0J2AdwAVdD239poEpjyS+P2syiOj6tUAL3NCURtmmNji0gVgwocEtiahg
tdxVhP9DYChtdurU3THTSG4Dwq94LX9hq4dettN+X3TXvWlXl89/zTpM3wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNgYW8N5XjDjk4TxEkZDDkdXZCqPMB8GA1UdIwQY
MBaAFLmNH24zanyBNRlBvAud6jnX12TbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVkwZmJqTnFmSUUxR1VHOEM1M3FPZGZYWk5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi85ZGFjMmYtMzAxZS00MDZkLWI4ZDAt
MDM4NTdlZjViMzg3LzEvMkJoYnczbGVNT09UaFBFU1JrTU9SMWRrS284LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi85ZGFjMmYtMzAxZS00MDZkLWI4ZDAtMDM4NTdlZjViMzg3
LzEvdVkwZmJqTnFmSUUxR1VHOEM1M3FPZGZYWk5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFPsAgAwQE
UVrQAwQCW8wQAwQCuZV8AwQCub4AMA0EAgACMAcDBQAqAhN4MA0GCSqGSIb3DQEB
CwUAA4IBAQAcCby3EYpTzuiM4QPU5hZKPyx9NU63EJ/JF1cqvfLufmX/JE/KN7hW
5hzcErgZ1ZdXrKPFC4TOaGMv9Lq10fmbDVwRq3HngeygABQfgPdzYL22asoXa9gk
Hoi7Wa1ZzvKFWpQZw5Nxalcw+lpGWRW3BFMl6LD8iGu/T9hUqQjIWfQa496CG6cC
d5KraR5Vtn4baKWXXY7hfUET9tw/RQ+ScT/be90PVIhSuZkuC4xe/UlbaV/Ueecr
F6253tjGeLD4Qh1Ovy/KDCBnhQdjMvtjGu/ANLXk0h6BRw/RGW3l9HZBNfUcixC5
ycrcF8VsttzkECTtn5leUhUvgISeqvn4
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:16 2025 by rpki-client