Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/381125-0248-4ebc-a74d-b8dad6e5c3bf/1/2M9xuwu5AndhxSfR2ZXlPgIY5_M.roa
File: 2M9xuwu5AndhxSfR2ZXlPgIY5_M.roa (raw, json)
Hash identifier: 0EPkYtcWzG6eUp2dhcekU5xNDT1dEtWLrLrA3RfkTu0=
Subject key identifier: D8:CF:71:BB:0B:B9:02:77:61:C5:27:D1:D9:95:E5:3E:02:18:E7:F3
Certificate issuer: /CN=374c2617a372e466e98d42532dd0bd8e5cdd993d
Certificate serial: 019422FC42950FCAD65F92C170EF9BEB2A0E
Authority key identifier: 37:4C:26:17:A3:72:E4:66:E9:8D:42:53:2D:D0:BD:8E:5C:DD:99:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N0wmF6Ny5GbpjUJTLdC9jlzdmT0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/381125-0248-4ebc-a74d-b8dad6e5c3bf/1/2M9xuwu5AndhxSfR2ZXlPgIY5_M.roa
Signing time: Wed 01 Jan 2025 17:49:04 +0000
ROA not before: Wed 01 Jan 2025 17:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201510
IP address blocks: 185.73.92.0/24 maxlen: 24
185.73.93.0/24 maxlen: 24
185.73.94.0/24 maxlen: 24
2a03:41e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/381125-0248-4ebc-a74d-b8dad6e5c3bf/1/N0wmF6Ny5GbpjUJTLdC9jlzdmT0.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/381125-0248-4ebc-a74d-b8dad6e5c3bf/1/N0wmF6Ny5GbpjUJTLdC9jlzdmT0.mft
rsync://rpki.ripe.net/repository/DEFAULT/N0wmF6Ny5GbpjUJTLdC9jlzdmT0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:42:95:0f:ca:d6:5f:92:c1:70:ef:9b:eb:2a:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374c2617a372e466e98d42532dd0bd8e5cdd993d
Validity
Not Before: Jan 1 17:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8cf71bb0bb9027761c527d1d995e53e0218e7f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:bf:a4:4c:77:65:7a:85:b3:49:79:98:19:b2:
45:38:55:c6:ca:48:3c:11:bb:a8:ff:73:dc:d7:45:
90:da:f0:e8:97:ea:10:51:87:00:ec:82:58:cd:4a:
9f:90:e2:c9:99:ba:88:9e:fd:bb:90:8e:bf:92:77:
dd:a5:fa:05:f9:3d:6f:2a:b7:5b:1c:6d:ea:3b:f4:
56:a8:90:00:c0:c2:ce:6b:5c:19:2e:ba:cf:7c:cc:
f5:ba:6d:fd:a4:0e:09:56:2d:c7:f7:14:3d:48:d9:
47:04:eb:16:df:f8:f2:b6:d9:6b:2a:81:37:21:2c:
2d:e5:75:e3:70:f5:f1:77:49:25:df:ba:78:a0:87:
90:93:f4:89:30:3f:c3:3f:50:60:b1:f0:7d:f0:5a:
9a:19:c2:f7:42:44:d6:17:e1:86:f2:c0:20:68:5e:
90:46:e1:32:f7:7b:69:a2:04:a8:3b:1f:bb:85:e9:
ec:13:66:b1:ea:b6:09:a3:35:07:72:eb:df:13:c5:
a2:ba:eb:4b:68:5e:25:8e:df:72:92:cb:fe:05:7f:
82:bf:39:f5:de:3c:77:e1:67:0b:56:d3:7b:84:f2:
7e:9a:a7:12:63:b0:52:b1:6f:8e:af:6c:d1:3a:ec:
d0:61:f0:ea:dd:0b:ff:44:69:c4:94:ff:1b:85:f5:
21:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:CF:71:BB:0B:B9:02:77:61:C5:27:D1:D9:95:E5:3E:02:18:E7:F3
X509v3 Authority Key Identifier:
keyid:37:4C:26:17:A3:72:E4:66:E9:8D:42:53:2D:D0:BD:8E:5C:DD:99:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N0wmF6Ny5GbpjUJTLdC9jlzdmT0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/381125-0248-4ebc-a74d-b8dad6e5c3bf/1/2M9xuwu5AndhxSfR2ZXlPgIY5_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/381125-0248-4ebc-a74d-b8dad6e5c3bf/1/N0wmF6Ny5GbpjUJTLdC9jlzdmT0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.92.0-185.73.94.255
IPv6:
2a03:41e0::/32
Signature Algorithm: sha256WithRSAEncryption
0c:e4:07:19:ff:06:cc:31:72:fb:82:00:ee:20:23:45:f5:de:
7c:12:40:94:b3:71:de:b8:fb:24:38:7e:d8:30:f6:8a:62:6b:
17:c9:69:e9:24:b7:2e:46:e5:15:a3:49:b4:93:e1:f4:38:43:
b6:8d:54:e2:d9:7c:00:58:1b:50:ad:19:ce:30:34:8b:9b:71:
76:5a:59:7b:e3:6b:e7:9d:41:45:9e:70:b2:95:62:f0:3f:c9:
c3:d3:bd:52:01:c6:5f:a8:58:86:d2:ee:49:15:01:5c:42:d0:
67:57:28:e4:99:cb:da:5f:de:86:65:ac:cb:54:15:9b:c5:66:
89:e3:a9:7c:fa:58:97:32:c8:cc:7b:ed:87:37:1e:ae:9f:cd:
f9:46:b0:d6:be:9c:68:36:a7:48:ff:d6:dc:a7:a8:0b:ad:2b:
2e:43:1e:9e:6c:c0:65:47:17:ff:bd:8f:1a:13:d1:b8:a8:51:
2b:89:c1:5b:df:e4:4a:79:97:61:b4:52:2f:dd:de:8c:00:75:
cf:a9:b9:ab:7f:d5:77:bd:98:28:d5:ec:8c:51:0d:29:f6:ae:
51:92:c4:88:04:09:f8:65:70:a6:8d:55:aa:a4:87:19:88:d5:
ce:0f:bf:98:75:a4:d0:f3:ce:fe:17:bc:73:6d:48:c6:4f:dc:
58:22:3a:15
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQi/EKVD8rWX5LBcO+b6yoOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGMyNjE3YTM3MmU0NjZlOThkNDI1MzJkZDBiZDhlNWNk
ZDk5M2QwHhcNMjUwMTAxMTc0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGNmNzFiYjBiYjkwMjc3NjFjNTI3ZDFkOTk1ZTUzZTAyMThlN2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiL+kTHdleoWzSXmYGbJFOFXGykg8
Ebuo/3Pc10WQ2vDol+oQUYcA7IJYzUqfkOLJmbqInv27kI6/knfdpfoF+T1vKrdb
HG3qO/RWqJAAwMLOa1wZLrrPfMz1um39pA4JVi3H9xQ9SNlHBOsW3/jyttlrKoE3
ISwt5XXjcPXxd0kl37p4oIeQk/SJMD/DP1BgsfB98FqaGcL3QkTWF+GG8sAgaF6Q
RuEy93tpogSoOx+7hensE2ax6rYJozUHcuvfE8WiuutLaF4ljt9yksv+BX+Cvzn1
3jx34WcLVtN7hPJ+mqcSY7BSsW+Or2zROuzQYfDq3Qv/RGnElP8bhfUhkwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNjPcbsLuQJ3YcUn0dmV5T4CGOfzMB8GA1UdIwQY
MBaAFDdMJhejcuRm6Y1CUy3QvY5c3Zk9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjB3bUY2Tnk1R2JwalVKVExkQzlqbHpkbVQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zODExMjUtMDI0OC00ZWJjLWE3NGQt
YjhkYWQ2ZTVjM2JmLzEvMk05eHV3dTVBbmRoeFNmUjJaWGxQZ0lZNV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8zODExMjUtMDI0OC00ZWJjLWE3NGQtYjhkYWQ2ZTVjM2Jm
LzEvTjB3bUY2Tnk1R2JwalVKVExkQzlqbHpkbVQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK5SVwD
BAC5SV4wDQQCAAIwBwMFACoDQeAwDQYJKoZIhvcNAQELBQADggEBAAzkBxn/Bswx
cvuCAO4gI0X13nwSQJSzcd64+yQ4ftgw9opiaxfJaekkty5G5RWjSbST4fQ4Q7aN
VOLZfABYG1CtGc4wNIubcXZaWXvja+edQUWecLKVYvA/ycPTvVIBxl+oWIbS7kkV
AVxC0GdXKOSZy9pf3oZlrMtUFZvFZonjqXz6WJcyyMx77Yc3Hq6fzflGsNa+nGg2
p0j/1tynqAutKy5DHp5swGVHF/+9jxoT0bioUSuJwVvf5Ep5l2G0Ui/d3owAdc+p
uat/1Xe9mCjV7IxRDSn2rlGSxIgECfhlcKaNVaqkhxmI1c4Pv5h1pNDzzv4XvHNt
SMZP3FgiOhU=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:58 2025 by rpki-client