Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b0dc52-416e-4a02-8993-fbc5a1e382c5/1/2r5V-jLaZB51UHtAh-bFMsh9deI.roa
File: 2r5V-jLaZB51UHtAh-bFMsh9deI.roa (raw, json)
Hash identifier: MKCPJpuTtJZg9qISSN6i7GBsMIxb/Qe56YUG3zY4d1Q=
Subject key identifier: DA:BE:55:FA:32:DA:64:1E:75:50:7B:40:87:E6:C5:32:C8:7D:75:E2
Certificate issuer: /CN=aedc8f327a461964c0a87a9c7809401c57c86d41
Certificate serial: 019426D9BDB64D4F3C3D07E13A7E01F67429
Authority key identifier: AE:DC:8F:32:7A:46:19:64:C0:A8:7A:9C:78:09:40:1C:57:C8:6D:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtyPMnpGGWTAqHqceAlAHFfIbUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b0dc52-416e-4a02-8993-fbc5a1e382c5/1/2r5V-jLaZB51UHtAh-bFMsh9deI.roa
Signing time: Thu 02 Jan 2025 11:49:51 +0000
ROA not before: Thu 02 Jan 2025 11:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61189
IP address blocks: 85.194.200.0/22 maxlen: 22
85.194.200.0/23 maxlen: 23
85.194.201.0/24 maxlen: 24
85.194.202.0/23 maxlen: 23
185.7.252.0/22 maxlen: 22
185.7.252.0/23 maxlen: 23
185.7.254.0/23 maxlen: 23
2a03:29c0::/32 maxlen: 32
2a03:29c0:1000::/36 maxlen: 36
2a03:29c0:2000::/36 maxlen: 36
2a03:29c0:8000::/33 maxlen: 33
2a03:29c0:a000::/35 maxlen: 35
2a03:29c0:f1ff::/48 maxlen: 48
2a03:29c0:fffe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b0dc52-416e-4a02-8993-fbc5a1e382c5/1/rtyPMnpGGWTAqHqceAlAHFfIbUE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b0dc52-416e-4a02-8993-fbc5a1e382c5/1/rtyPMnpGGWTAqHqceAlAHFfIbUE.mft
rsync://rpki.ripe.net/repository/DEFAULT/rtyPMnpGGWTAqHqceAlAHFfIbUE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:bd:b6:4d:4f:3c:3d:07:e1:3a:7e:01:f6:74:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aedc8f327a461964c0a87a9c7809401c57c86d41
Validity
Not Before: Jan 2 11:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dabe55fa32da641e75507b4087e6c532c87d75e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:01:9b:b1:d2:99:4b:e7:68:ff:0d:5d:37:14:
fb:6f:8f:cf:37:c2:e7:20:d9:85:81:38:83:51:0b:
58:b5:ea:81:55:c2:f4:92:08:b9:94:ec:b7:a7:b3:
84:66:07:5d:d8:80:0a:88:62:6b:2c:ab:86:7e:2c:
16:97:02:08:cd:7d:ee:67:f3:07:89:03:40:b0:1f:
ae:ea:0b:e7:7f:13:39:77:16:1a:ec:ac:da:5a:de:
72:7b:70:1a:a5:6d:05:17:49:4a:42:80:50:23:c6:
0f:f9:9e:50:49:08:20:77:0b:12:8e:4c:24:2e:d3:
e0:75:b6:78:44:7e:41:f3:c1:1c:6f:7f:f3:8c:00:
24:0b:dc:70:c5:83:34:8d:b5:9a:36:f2:40:18:23:
10:23:6e:36:44:9d:23:41:da:fe:4a:16:ee:74:66:
e8:38:ab:de:81:13:95:38:c4:2b:a4:9d:55:a7:c9:
cb:70:bc:1c:d6:00:b0:ea:d2:4c:19:ff:36:2e:5b:
99:66:e7:99:22:57:f4:41:92:ed:ff:c3:99:ce:fa:
9a:06:c5:44:41:16:96:7a:83:0f:19:06:b1:80:e9:
75:d1:33:a9:b4:27:95:6a:f3:fb:18:63:25:b7:dd:
6f:28:0f:62:63:b8:df:39:4c:a6:36:29:66:11:14:
f5:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:BE:55:FA:32:DA:64:1E:75:50:7B:40:87:E6:C5:32:C8:7D:75:E2
X509v3 Authority Key Identifier:
keyid:AE:DC:8F:32:7A:46:19:64:C0:A8:7A:9C:78:09:40:1C:57:C8:6D:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtyPMnpGGWTAqHqceAlAHFfIbUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b0dc52-416e-4a02-8993-fbc5a1e382c5/1/2r5V-jLaZB51UHtAh-bFMsh9deI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b0dc52-416e-4a02-8993-fbc5a1e382c5/1/rtyPMnpGGWTAqHqceAlAHFfIbUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.194.200.0/22
185.7.252.0/22
IPv6:
2a03:29c0::/32
Signature Algorithm: sha256WithRSAEncryption
59:67:27:ff:ec:21:07:ee:5c:63:09:f4:55:7c:24:42:66:ca:
46:ef:2f:4e:cd:4c:3f:1f:83:e6:cc:2d:26:11:b8:7b:94:84:
c4:86:6d:72:93:e1:ea:3f:a9:7a:2f:4d:62:b6:c5:62:71:37:
a7:54:88:ca:90:aa:29:2d:55:c9:e2:a9:e6:8c:cd:8b:5f:d1:
76:a3:a5:3b:d1:d3:83:21:fd:3c:83:dd:d1:98:9d:b5:99:5c:
34:13:0b:e2:6b:ff:d2:f6:bb:38:d7:69:07:03:e8:cc:5f:e2:
de:00:12:db:f4:3d:ce:f0:c5:5c:0b:fe:df:69:a4:f7:c1:e4:
18:6d:06:f0:10:9e:c0:44:4f:7c:d3:02:08:4b:c9:c8:43:67:
8c:ef:db:36:2e:64:1c:cf:76:ee:b8:06:9f:c1:f3:6e:28:59:
15:b0:6d:ee:90:93:92:ad:d0:dc:76:b5:bb:4c:e6:04:a8:0e:
33:81:75:b6:64:8e:b1:ef:88:1c:4e:c0:77:8e:56:70:30:ea:
df:60:b6:c1:75:b8:11:60:1a:2e:02:ef:b2:09:2d:78:0f:b7:
d7:13:08:a8:47:af:b0:e4:04:57:80:00:7c:29:71:36:e6:66:
02:5a:1a:91:1a:d7:1c:34:c6:de:eb:cb:11:64:f7:28:6b:72:
35:26:3b:24
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQm2b22TU88PQfhOn4B9nQpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZGM4ZjMyN2E0NjE5NjRjMGE4N2E5Yzc4MDk0MDFjNTdj
ODZkNDEwHhcNMjUwMTAyMTE0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWJlNTVmYTMyZGE2NDFlNzU1MDdiNDA4N2U2YzUzMmM4N2Q3NWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QGbsdKZS+do/w1dNxT7b4/PN8Ln
INmFgTiDUQtYteqBVcL0kgi5lOy3p7OEZgdd2IAKiGJrLKuGfiwWlwIIzX3uZ/MH
iQNAsB+u6gvnfxM5dxYa7KzaWt5ye3AapW0FF0lKQoBQI8YP+Z5QSQggdwsSjkwk
LtPgdbZ4RH5B88Ecb3/zjAAkC9xwxYM0jbWaNvJAGCMQI242RJ0jQdr+ShbudGbo
OKvegROVOMQrpJ1Vp8nLcLwc1gCw6tJMGf82LluZZueZIlf0QZLt/8OZzvqaBsVE
QRaWeoMPGQaxgOl10TOptCeVavP7GGMlt91vKA9iY7jfOUymNilmERT1HQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNq+Vfoy2mQedVB7QIfmxTLIfXXiMB8GA1UdIwQY
MBaAFK7cjzJ6RhlkwKh6nHgJQBxXyG1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnR5UE1ucEdHV1RBcUhxY2VBbEFIRmZJYlVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iMGRjNTItNDE2ZS00YTAyLTg5OTMt
ZmJjNWExZTM4MmM1LzEvMnI1Vi1qTGFaQjUxVUh0QWgtYkZNc2g5ZGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iMGRjNTItNDE2ZS00YTAyLTg5OTMtZmJjNWExZTM4MmM1
LzEvcnR5UE1ucEdHV1RBcUhxY2VBbEFIRmZJYlVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCVcLIAwQC
uQf8MA0EAgACMAcDBQAqAynAMA0GCSqGSIb3DQEBCwUAA4IBAQBZZyf/7CEH7lxj
CfRVfCRCZspG7y9OzUw/H4PmzC0mEbh7lITEhm1yk+HqP6l6L01itsVicTenVIjK
kKopLVXJ4qnmjM2LX9F2o6U70dODIf08g93RmJ21mVw0Ewvia//S9rs412kHA+jM
X+LeABLb9D3O8MVcC/7faaT3weQYbQbwEJ7ARE980wIIS8nIQ2eM79s2LmQcz3bu
uAafwfNuKFkVsG3ukJOSrdDcdrW7TOYEqA4zgXW2ZI6x74gcTsB3jlZwMOrfYLbB
dbgRYBouAu+yCS14D7fXEwioR6+w5ARXgAB8KXE25mYCWhqRGtccNMbe68sRZPco
a3I1Jjsk
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:58:47 2025 by rpki-client