Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/2oRdoUK9GK8mawBu6_rEnXW2PpU.roa
File: 2oRdoUK9GK8mawBu6_rEnXW2PpU.roa (raw, json)
Hash identifier: 8KF1r3nJb84n4UjY6JtL5gphBhQBLKVTdmdNqZHiv9U=
Subject key identifier: DA:84:5D:A1:42:BD:18:AF:26:6B:00:6E:EB:FA:C4:9D:75:B6:3E:95
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 01941F8C8684C2B034B699224A5A38939FFB
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/2oRdoUK9GK8mawBu6_rEnXW2PpU.roa
Signing time: Wed 01 Jan 2025 01:48:10 +0000
ROA not before: Wed 01 Jan 2025 01:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49556
IP address blocks: 5.159.49.0/24 maxlen: 24
5.159.54.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
185.239.0.0/24 maxlen: 24
185.239.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 12:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:86:84:c2:b0:34:b6:99:22:4a:5a:38:93:9f:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jan 1 01:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da845da142bd18af266b006eebfac49d75b63e95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:de:57:49:7d:6e:ae:cb:4c:1c:58:83:c1:3f:
4b:4f:28:78:a9:18:0a:c5:ef:05:3c:6a:46:ab:18:
89:00:72:86:57:0c:cc:53:7a:44:1d:1b:1e:3d:37:
9a:fe:ce:28:dd:12:78:ad:f5:b5:86:61:c6:57:00:
80:2b:e8:34:77:04:6d:6a:12:28:46:89:21:24:21:
f7:60:80:49:0e:94:52:bd:e2:fd:c0:23:be:6a:35:
65:ee:ed:12:9e:79:79:c8:3b:3c:79:86:6e:a7:13:
d0:f4:a3:a8:95:f5:07:46:f3:9b:a0:b3:2a:e7:64:
d4:14:c4:5b:c8:b3:33:72:eb:43:b9:71:35:c2:28:
69:18:d9:3e:d4:fb:ba:65:af:cc:68:5d:ce:28:29:
6c:7c:7c:25:aa:7b:9e:53:1b:ae:d8:48:03:ee:a1:
cf:3c:d2:7a:d9:34:8f:93:69:e0:b1:35:2f:e3:4b:
30:60:6e:93:e2:f4:2e:9e:83:d0:ff:b3:c6:5b:a9:
54:7b:c8:4a:ea:37:bf:e0:11:5c:32:4d:46:97:17:
a1:ca:3c:9d:c9:5a:ae:aa:1e:17:82:5b:08:2f:d7:
9e:9c:7a:cd:98:f9:5d:84:3a:c6:80:ff:7e:27:1b:
1c:16:2e:6b:d5:f8:e2:5d:5f:c5:ef:8e:07:87:d2:
d5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:84:5D:A1:42:BD:18:AF:26:6B:00:6E:EB:FA:C4:9D:75:B6:3E:95
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/2oRdoUK9GK8mawBu6_rEnXW2PpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.49.0/24
5.159.54.0/24
45.94.213.0/24
185.239.0.0/24
185.239.2.0/24
Signature Algorithm: sha256WithRSAEncryption
82:72:18:29:ff:d4:22:c9:14:3a:1b:f0:bf:42:7b:74:04:98:
70:1a:82:79:6c:fc:4f:0f:69:42:48:ec:bd:c5:1a:5c:71:b3:
36:3f:0e:8d:8f:88:45:56:b8:29:38:64:b7:1e:58:5d:17:96:
24:d1:2d:7d:71:f2:30:f6:49:3e:fa:b8:6c:5b:23:40:62:be:
40:48:21:64:cb:4f:d0:be:99:af:2b:aa:c3:93:16:04:95:78:
4d:a6:fa:2b:58:87:ed:ce:e2:fd:9a:d7:cd:b8:d0:ec:f2:48:
05:81:32:1c:72:ef:fb:74:92:2c:81:4f:16:a7:39:f5:21:2a:
16:f2:34:46:84:34:46:9d:dc:00:b2:d8:ea:2c:6c:90:19:fc:
c6:70:0e:ff:a2:ec:53:b0:11:69:ee:f2:99:c1:bf:46:86:df:
5b:40:45:06:b4:22:a1:77:23:ba:b5:3b:eb:d6:91:29:03:1b:
9e:90:6b:1d:49:5f:cb:34:00:e3:19:91:42:bf:ee:0c:b6:97:
e6:99:68:01:80:5a:22:34:6b:02:95:fd:76:bf:aa:b4:6d:1c:
3f:13:ff:d0:19:b3:5d:cd:be:54:53:08:a6:b3:b5:66:ad:13:
2d:ee:f9:c5:83:eb:89:f6:5a:05:d5:bb:c4:d4:bf:c7:67:d7:
d9:1e:6c:65
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQfjIaEwrA0tpkiSlo4k5/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjUwMTAxMDE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTg0NWRhMTQyYmQxOGFmMjY2YjAwNmVlYmZhYzQ5ZDc1YjYzZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7t5XSX1urstMHFiDwT9LTyh4qRgK
xe8FPGpGqxiJAHKGVwzMU3pEHRsePTea/s4o3RJ4rfW1hmHGVwCAK+g0dwRtahIo
RokhJCH3YIBJDpRSveL9wCO+ajVl7u0Snnl5yDs8eYZupxPQ9KOolfUHRvOboLMq
52TUFMRbyLMzcutDuXE1wihpGNk+1Pu6Za/MaF3OKClsfHwlqnueUxuu2EgD7qHP
PNJ62TSPk2ngsTUv40swYG6T4vQunoPQ/7PGW6lUe8hK6je/4BFcMk1Glxehyjyd
yVquqh4XglsIL9eenHrNmPldhDrGgP9+JxscFi5r1fjiXV/F744Hh9LV0QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNqEXaFCvRivJmsAbuv6xJ11tj6VMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvMm9SZG9VSzlHSzhtYXdCdTZfckVuWFcyUHBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABZ8xAwQA
BZ82AwQALV7VAwQAue8AAwQAue8CMA0GCSqGSIb3DQEBCwUAA4IBAQCCchgp/9Qi
yRQ6G/C/Qnt0BJhwGoJ5bPxPD2lCSOy9xRpccbM2Pw6Nj4hFVrgpOGS3HlhdF5Yk
0S19cfIw9kk++rhsWyNAYr5ASCFky0/QvpmvK6rDkxYElXhNpvorWIftzuL9mtfN
uNDs8kgFgTIccu/7dJIsgU8Wpzn1ISoW8jRGhDRGndwAstjqLGyQGfzGcA7/ouxT
sBFp7vKZwb9Ght9bQEUGtCKhdyO6tTvr1pEpAxuekGsdSV/LNADjGZFCv+4Mtpfm
mWgBgFoiNGsClf12v6q0bRw/E//QGbNdzb5UUwims7VmrRMt7vnFg+uJ9loF1bvE
1L/HZ9fZHmxl
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:02:17 2025 by rpki-client