Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/k2MwpYy3078S260mykYqGyjDM9M.roa
File: k2MwpYy3078S260mykYqGyjDM9M.roa (raw, json)
Hash identifier: B5YQnM96hhYb/liddrILOeInZbquc/XQMtKwLnspcOk=
Subject key identifier: 93:63:30:A5:8C:B7:D3:BF:12:DB:AD:26:CA:46:2A:1B:28:C3:33:D3
Certificate issuer: /CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Certificate serial: 0194266C1CE6D18DA1BDA734BEAF37B011D4
Authority key identifier: DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/k2MwpYy3078S260mykYqGyjDM9M.roa
Signing time: Thu 02 Jan 2025 09:50:07 +0000
ROA not before: Thu 02 Jan 2025 09:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35766
IP address blocks: 31.184.166.0/23 maxlen: 24
31.184.172.0/24 maxlen: 24
31.184.175.0/24 maxlen: 24
37.130.204.0/22 maxlen: 24
37.130.204.0/24 maxlen: 24
37.130.205.0/24 maxlen: 24
37.130.206.0/24 maxlen: 24
37.130.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/2vtkXxNPT9raRecLz82TuJfb1yU.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/2vtkXxNPT9raRecLz82TuJfb1yU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:1c:e6:d1:8d:a1:bd:a7:34:be:af:37:b0:11:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Validity
Not Before: Jan 2 09:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=936330a58cb7d3bf12dbad26ca462a1b28c333d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:cc:64:66:d1:52:22:57:3c:d9:4d:16:29:15:
9a:93:9a:34:b7:e5:5d:b4:79:65:e3:47:25:58:89:
8d:25:1c:b2:e8:4a:07:e3:a1:bc:6d:8d:43:03:c2:
8e:79:6c:94:04:92:91:fa:60:c5:59:e0:1c:20:be:
29:a9:94:6b:ab:2d:59:c4:85:61:47:9f:50:74:ae:
6c:65:40:ce:56:b3:ed:95:2f:14:52:de:1b:f1:ec:
50:b8:2a:ef:a7:cc:aa:9a:d7:fa:4d:3b:ed:90:c9:
26:3a:8a:e8:9f:5f:d1:fc:47:05:56:46:df:32:45:
08:ec:7c:19:e7:0c:31:6c:d5:25:ab:de:31:85:fc:
d9:3b:2c:06:0b:63:f9:cb:5c:92:3f:38:57:c2:c4:
bb:9d:ea:1a:43:09:9f:6e:41:d0:54:c9:c1:15:86:
f2:46:fd:c4:25:55:32:90:1f:25:80:c3:0d:80:11:
02:ce:d6:b0:ba:2e:ec:6d:56:15:d9:03:f7:50:4e:
f8:5c:a1:5b:12:13:de:d0:ea:d2:0e:0c:b8:eb:45:
77:9b:13:41:ec:b7:36:94:72:7d:c1:b9:5a:a3:7f:
17:86:01:47:44:1f:17:c9:41:0e:0f:48:d9:db:4c:
67:83:d9:01:9d:fa:57:98:22:d1:bc:0c:1c:7c:73:
73:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:63:30:A5:8C:B7:D3:BF:12:DB:AD:26:CA:46:2A:1B:28:C3:33:D3
X509v3 Authority Key Identifier:
keyid:DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/k2MwpYy3078S260mykYqGyjDM9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/2vtkXxNPT9raRecLz82TuJfb1yU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.184.166.0/23
31.184.172.0/24
31.184.175.0/24
37.130.204.0/22
Signature Algorithm: sha256WithRSAEncryption
07:46:9c:6d:21:b4:91:93:ef:a9:10:b9:bd:01:5d:a3:87:e1:
7c:a6:04:e9:e2:11:f0:96:1e:47:7c:f6:1a:e9:36:73:72:53:
ed:40:fc:6f:d9:6d:c4:0d:1f:b8:cb:2d:77:16:07:f9:4f:8a:
50:b8:4b:e0:1c:70:a9:97:26:de:79:ee:14:1a:0e:c3:01:fd:
30:e6:36:55:96:7c:01:77:ca:b7:0c:49:e9:7f:ec:02:e6:74:
4d:e2:97:fb:9d:04:b3:13:4b:8c:12:f3:7a:4e:69:28:82:2c:
4f:c9:f7:00:71:4e:dd:6f:fb:7f:4c:5d:e7:79:76:dd:1d:47:
cd:7b:d0:ab:04:74:b7:ff:1b:79:a7:9e:3f:69:5b:4b:64:0e:
1d:e2:60:38:fc:53:5d:df:3d:8e:80:e8:0a:83:12:57:73:e5:
4c:29:b6:7b:53:62:75:0d:45:8e:dc:18:ec:23:73:0e:49:58:
87:7a:2e:78:9c:82:4d:cf:e2:5e:1e:29:4e:b1:4e:53:8a:47:
3c:ac:05:56:81:b8:4f:37:49:2c:58:43:f6:c1:0d:30:68:c6:
4a:b5:5f:b4:ed:98:a0:2c:2a:01:24:f5:9e:d0:92:91:4d:27:
27:0d:54:fe:03:7a:c3:af:b8:ea:60:9a:10:14:01:6a:fb:e3:
fb:3b:e2:da
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQmbBzm0Y2hvac0vq83sBHUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZmI2NDVmMTM0ZjRmZGFkYTQ1ZTcwYmNmY2Q5M2I4OTdk
YmQ3MjUwHhcNMjUwMTAyMDk1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzYzMzBhNThjYjdkM2JmMTJkYmFkMjZjYTQ2MmExYjI4YzMzM2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcxkZtFSIlc82U0WKRWak5o0t+Vd
tHll40clWImNJRyy6EoH46G8bY1DA8KOeWyUBJKR+mDFWeAcIL4pqZRrqy1ZxIVh
R59QdK5sZUDOVrPtlS8UUt4b8exQuCrvp8yqmtf6TTvtkMkmOoron1/R/EcFVkbf
MkUI7HwZ5wwxbNUlq94xhfzZOywGC2P5y1ySPzhXwsS7neoaQwmfbkHQVMnBFYby
Rv3EJVUykB8lgMMNgBECztawui7sbVYV2QP3UE74XKFbEhPe0OrSDgy460V3mxNB
7Lc2lHJ9wblao38XhgFHRB8XyUEOD0jZ20xng9kBnfpXmCLRvAwcfHNzvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJNjMKWMt9O/EtutJspGKhsowzPTMB8GA1UdIwQY
MBaAFNr7ZF8TT0/a2kXnC8/Nk7iX29clMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnZ0a1h4TlBUOXJhUmVjTHo4MlR1SmZiMXlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi83YTQ4ZjUtYmQyNC00ZGM0LThjY2Et
NmJhMGEwY2UwMWVkLzEvazJNd3BZeTMwNzhTMjYwbXlrWXFHeWpETTlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi83YTQ4ZjUtYmQyNC00ZGM0LThjY2EtNmJhMGEwY2UwMWVk
LzEvMnZ0a1h4TlBUOXJhUmVjTHo4MlR1SmZiMXlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBH7imAwQA
H7isAwQAH7ivAwQCJYLMMA0GCSqGSIb3DQEBCwUAA4IBAQAHRpxtIbSRk++pELm9
AV2jh+F8pgTp4hHwlh5HfPYa6TZzclPtQPxv2W3EDR+4yy13Fgf5T4pQuEvgHHCp
lybeee4UGg7DAf0w5jZVlnwBd8q3DEnpf+wC5nRN4pf7nQSzE0uMEvN6TmkogixP
yfcAcU7db/t/TF3neXbdHUfNe9CrBHS3/xt5p54/aVtLZA4d4mA4/FNd3z2OgOgK
gxJXc+VMKbZ7U2J1DUWO3BjsI3MOSViHei54nIJNz+JeHilOsU5Tikc8rAVWgbhP
N0ksWEP2wQ0waMZKtV+07ZigLCoBJPWe0JKRTScnDVT+A3rDr7jqYJoQFAFq++P7
O+La
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:25 2025 by rpki-client