Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/2catgB5VK787sqGbIW3dngQFHEE.roa
File: 2catgB5VK787sqGbIW3dngQFHEE.roa (raw, json)
Hash identifier: B+SFn1cOjP49uHmdVYtQOuuR22NDQQ5ZSYkwXBcG4Xw=
Subject key identifier: D9:C6:AD:80:1E:55:2B:BF:3B:B2:A1:9B:21:6D:DD:9E:04:05:1C:41
Certificate issuer: /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial: 0194228DE350971895ABDA39E0C2587F2F45
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/2catgB5VK787sqGbIW3dngQFHEE.roa
Signing time: Wed 01 Jan 2025 15:48:31 +0000
ROA not before: Wed 01 Jan 2025 15:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34465
IP address blocks: 185.188.28.0/24 maxlen: 24
2a12:8fc6::/32 maxlen: 32
2a12:8fc6:5ee::/48 maxlen: 48
2a12:8fc6:a051::/48 maxlen: 48
2a12:8fc6:a1c3::/48 maxlen: 48
2a12:8fc6:a517::/48 maxlen: 48
2a12:8fc6:aa00::/48 maxlen: 48
2a12:8fc6:ace1::/48 maxlen: 48
2a12:8fc6:ace2::/48 maxlen: 48
2a12:8fc6:ace3::/48 maxlen: 48
2a12:8fc6:ae00::/48 maxlen: 48
2a12:8fc6:ae44::/48 maxlen: 48
2a12:8fc6:bab0::/48 maxlen: 48
2a12:8fc6:bdee::/48 maxlen: 48
2a12:8fc6:be01::/48 maxlen: 48
2a12:8fc6:c31a::/48 maxlen: 48
2a12:8fc6:c31e::/48 maxlen: 48
2a12:8fc6:c341::/48 maxlen: 48
2a12:8fc6:ca00::/48 maxlen: 48
2a12:8fc6:ca1c::/48 maxlen: 48
2a12:8fc6:caa0::/48 maxlen: 48
2a12:8fc6:cae1::/48 maxlen: 48
2a12:8fc6:cc00::/48 maxlen: 48
2a12:8fc6:cc21::/48 maxlen: 48
2a12:8fc6:cd00::/48 maxlen: 48
2a12:8fc6:cd01::/48 maxlen: 48
2a12:8fc6:cd02::/48 maxlen: 48
2a12:8fc6:cd04::/48 maxlen: 48
2a12:8fc6:ce00::/48 maxlen: 48
2a12:8fc6:ce01::/48 maxlen: 48
2a12:8fc6:ceca::/48 maxlen: 48
2a12:8fc6:daa0::/48 maxlen: 48
2a12:8fc6:dae0::/48 maxlen: 48
2a12:8fc6:db00::/48 maxlen: 48
2a12:8fc6:dbaa::/48 maxlen: 48
2a12:8fc6:eaca::/48 maxlen: 48
2a12:8fc6:ee01::/48 maxlen: 48
2a12:8fc6:efdf::/48 maxlen: 48
2a12:8fc6:faa0::/48 maxlen: 48
2a12:8fc6:fae0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 09:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:e3:50:97:18:95:ab:da:39:e0:c2:58:7f:2f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Validity
Not Before: Jan 1 15:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9c6ad801e552bbf3bb2a19b216ddd9e04051c41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6b:8d:38:d7:c2:71:14:12:c8:d3:c4:89:2e:
ec:93:02:36:66:f0:8c:12:03:ce:56:00:dc:04:9c:
c4:20:9a:10:47:b1:89:8a:4b:4d:04:50:f2:ce:61:
cb:a0:58:27:c0:2f:25:73:80:18:67:18:c0:1b:9d:
79:c3:6a:01:f8:7c:b5:5c:09:c2:3b:1b:2c:66:74:
3b:fa:76:68:b6:b2:b3:9a:d2:16:1e:51:da:e7:2f:
c5:a7:19:66:2c:b3:5f:ca:bb:93:68:72:6c:e3:5f:
be:80:62:09:10:6d:d9:2a:a9:0a:73:74:19:bd:d8:
38:56:5f:59:82:50:11:8f:0d:49:96:29:12:15:eb:
18:c0:e9:54:3b:d6:9c:30:c2:95:81:a3:11:6c:ef:
f6:72:f8:b5:26:f7:46:00:e2:57:b6:44:34:f4:a0:
ce:18:bf:3f:04:13:83:0f:2d:14:91:b0:b6:6d:19:
3e:2f:0e:8d:12:f9:3e:60:ea:6d:7f:08:2a:7f:d0:
8e:d3:00:8d:f6:d9:5c:59:62:85:d1:c5:96:92:c0:
b2:87:6f:48:10:ac:78:96:d7:11:f7:e5:bb:b8:6e:
4c:0a:38:64:7c:3c:37:ce:22:b4:47:34:6e:bd:e2:
ff:f1:4b:ee:02:bb:65:74:49:12:93:91:55:f6:50:
3b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C6:AD:80:1E:55:2B:BF:3B:B2:A1:9B:21:6D:DD:9E:04:05:1C:41
X509v3 Authority Key Identifier:
keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/2catgB5VK787sqGbIW3dngQFHEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.28.0/24
IPv6:
2a12:8fc6::/32
Signature Algorithm: sha256WithRSAEncryption
13:59:84:22:78:89:8a:91:c1:79:63:c6:35:d1:81:71:c5:08:
dc:34:03:c8:79:18:3a:34:0d:f6:52:33:42:03:f8:1b:80:41:
cf:a7:cb:f8:d9:0d:8d:ec:3d:a3:b7:56:9b:11:f8:16:b6:45:
63:bf:b9:50:4d:77:fb:da:b3:44:d0:82:79:94:92:b4:33:8b:
be:28:a5:be:5b:d2:2a:1d:17:d3:e0:37:6c:38:16:1a:26:40:
6c:a9:b2:39:14:cb:74:08:fe:03:b4:bd:8a:98:6f:4c:98:f0:
51:11:80:ab:7b:e0:60:d2:06:5a:97:b3:0f:45:a6:41:48:4f:
3f:e9:06:0d:12:8d:77:65:7f:4f:5e:60:ad:d2:b9:75:e9:55:
3b:c8:05:51:7b:1b:e0:c1:18:0b:f9:66:ab:fe:c2:df:7b:74:
62:3a:2c:63:3f:76:23:a1:97:c2:a8:49:88:84:0c:ea:10:9f:
8c:2a:c2:cd:66:9a:d9:dc:46:fe:b4:39:73:8f:09:58:e9:a5:
c2:63:f5:09:e3:bb:08:e9:15:2e:ae:50:db:12:3a:92:13:10:
50:a9:f6:41:08:b9:d5:c3:af:c9:c4:b7:1d:27:37:cd:af:e6:
fa:87:8b:10:fe:0c:fb:35:5b:a6:e1:3f:b9:4f:cc:1f:d6:b2:
d2:05:f2:2c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQijeNQlxiVq9o54MJYfy9FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjUwMTAxMTU0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWM2YWQ4MDFlNTUyYmJmM2JiMmExOWIyMTZkZGQ5ZTA0MDUxYzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWuNONfCcRQSyNPEiS7skwI2ZvCM
EgPOVgDcBJzEIJoQR7GJiktNBFDyzmHLoFgnwC8lc4AYZxjAG515w2oB+Hy1XAnC
OxssZnQ7+nZotrKzmtIWHlHa5y/FpxlmLLNfyruTaHJs41++gGIJEG3ZKqkKc3QZ
vdg4Vl9ZglARjw1JlikSFesYwOlUO9acMMKVgaMRbO/2cvi1JvdGAOJXtkQ09KDO
GL8/BBODDy0UkbC2bRk+Lw6NEvk+YOptfwgqf9CO0wCN9tlcWWKF0cWWksCyh29I
EKx4ltcR9+W7uG5MCjhkfDw3ziK0RzRuveL/8UvuArtldEkSk5FV9lA77QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNnGrYAeVSu/O7KhmyFt3Z4EBRxBMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvMmNhdGdCNVZLNzg3c3FHYklXM2RuZ1FGSEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAubwcMA0E
AgACMAcDBQAqEo/GMA0GCSqGSIb3DQEBCwUAA4IBAQATWYQieImKkcF5Y8Y10YFx
xQjcNAPIeRg6NA32UjNCA/gbgEHPp8v42Q2N7D2jt1abEfgWtkVjv7lQTXf72rNE
0IJ5lJK0M4u+KKW+W9IqHRfT4DdsOBYaJkBsqbI5FMt0CP4DtL2KmG9MmPBREYCr
e+Bg0gZal7MPRaZBSE8/6QYNEo13ZX9PXmCt0rl16VU7yAVRexvgwRgL+War/sLf
e3RiOixjP3YjoZfCqEmIhAzqEJ+MKsLNZprZ3Eb+tDlzjwlY6aXCY/UJ47sI6RUu
rlDbEjqSExBQqfZBCLnVw6/JxLcdJzfNr+b6h4sQ/gz7NVum4T+5T8wf1rLSBfIs
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:41 2025 by rpki-client