Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ca0c3b-a969-4847-bd02-66643e0663df/1/2rjfYwu41EDGb0WtR0lRAzBBGyA.roa
File: 2rjfYwu41EDGb0WtR0lRAzBBGyA.roa (raw, json)
Hash identifier: 30Qgx7xaxGQYFQO1NrnbCAkFDKPGGACEBi1o6yALtbk=
Subject key identifier: DA:B8:DF:63:0B:B8:D4:40:C6:6F:45:AD:47:49:51:03:30:41:1B:20
Certificate issuer: /CN=67415cba22e331ada91ff4dc6688e5fa0af45769
Certificate serial: 0194266C34CC8EB811C047D6B7880557F0AD
Authority key identifier: 67:41:5C:BA:22:E3:31:AD:A9:1F:F4:DC:66:88:E5:FA:0A:F4:57:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0FcuiLjMa2pH_TcZojl-gr0V2k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0c3b-a969-4847-bd02-66643e0663df/1/2rjfYwu41EDGb0WtR0lRAzBBGyA.roa
Signing time: Thu 02 Jan 2025 09:50:13 +0000
ROA not before: Thu 02 Jan 2025 09:50:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41090
IP address blocks: 194.62.174.0/24 maxlen: 24
194.62.188.0/24 maxlen: 24
194.62.233.0/24 maxlen: 24
194.69.206.0/24 maxlen: 24
2a0f:ad40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0c3b-a969-4847-bd02-66643e0663df/1/Z0FcuiLjMa2pH_TcZojl-gr0V2k.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0c3b-a969-4847-bd02-66643e0663df/1/Z0FcuiLjMa2pH_TcZojl-gr0V2k.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z0FcuiLjMa2pH_TcZojl-gr0V2k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:34:cc:8e:b8:11:c0:47:d6:b7:88:05:57:f0:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67415cba22e331ada91ff4dc6688e5fa0af45769
Validity
Not Before: Jan 2 09:50:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dab8df630bb8d440c66f45ad4749510330411b20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:41:ce:a7:20:f8:58:6e:da:58:b5:72:c6:fe:
37:29:da:7f:7c:07:41:66:d9:fa:4b:aa:b7:96:54:
57:cb:e2:1c:b0:36:b7:9b:ee:fe:61:ca:7e:a8:14:
60:0e:c6:b2:46:38:2b:27:02:8b:ab:65:61:59:a2:
52:fb:aa:3f:90:d1:85:fc:1c:91:f3:ca:cd:5b:f1:
e8:c5:8f:19:1d:20:8e:d9:22:f6:89:98:41:79:84:
ad:4a:fe:64:cf:82:4d:db:a4:3a:c2:d3:58:14:aa:
55:a3:35:60:9d:cd:33:f4:2f:a7:2c:81:55:ae:a5:
29:1c:e1:d2:28:9c:42:20:9b:00:98:e9:42:d8:5f:
6b:12:59:13:01:46:33:ad:4d:0c:85:ec:0c:5d:99:
b7:e0:e1:84:7b:88:bc:59:6b:63:7b:35:fe:b1:06:
0f:d4:62:2a:2e:4c:04:bf:7a:cb:80:ef:bb:06:98:
99:26:26:26:50:a7:40:d3:e5:af:10:0a:02:bf:be:
09:a6:46:1c:5b:29:e3:e7:ed:1d:a8:2a:66:49:84:
9f:d1:b4:eb:de:31:95:8c:a4:12:83:f6:c3:2a:b8:
f7:06:1f:14:d6:ad:94:96:bf:f1:7b:f7:57:5a:98:
78:0c:4d:74:b0:9c:95:0e:e8:99:a2:9d:fb:86:f1:
d1:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B8:DF:63:0B:B8:D4:40:C6:6F:45:AD:47:49:51:03:30:41:1B:20
X509v3 Authority Key Identifier:
keyid:67:41:5C:BA:22:E3:31:AD:A9:1F:F4:DC:66:88:E5:FA:0A:F4:57:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0FcuiLjMa2pH_TcZojl-gr0V2k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0c3b-a969-4847-bd02-66643e0663df/1/2rjfYwu41EDGb0WtR0lRAzBBGyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0c3b-a969-4847-bd02-66643e0663df/1/Z0FcuiLjMa2pH_TcZojl-gr0V2k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.62.174.0/24
194.62.188.0/24
194.62.233.0/24
194.69.206.0/24
IPv6:
2a0f:ad40::/32
Signature Algorithm: sha256WithRSAEncryption
5a:de:08:2a:6b:56:24:30:b9:b3:0d:33:73:e8:f0:b1:2c:e0:
71:f7:77:f0:1d:27:c3:ba:25:1d:dd:06:24:e1:b7:87:c1:54:
8d:df:ae:fd:21:3a:ab:d7:02:bd:c4:a5:9e:2f:af:9a:8b:d3:
d9:af:2e:53:26:a0:b9:11:ed:f2:de:33:32:a6:2e:ea:06:89:
88:41:f5:72:dd:74:00:af:c4:4d:2c:a4:d2:e4:2c:88:02:35:
ee:4f:9b:7a:1f:df:a2:86:48:d7:1a:98:17:b2:75:3d:d3:12:
0e:5e:ec:49:c0:39:04:17:ca:b1:e6:de:bb:49:4e:b8:a2:50:
46:f5:f0:20:4c:e6:f0:6a:6d:3f:ee:1e:d6:16:49:6b:41:60:
16:35:ff:9c:67:57:e8:c0:d9:21:18:e8:2b:2a:30:46:2b:a2:
b9:8b:ba:a0:26:ec:0d:45:53:66:4a:7b:73:c0:db:81:96:6a:
e6:d5:a7:0f:60:c3:7e:4b:35:53:9b:73:bb:3a:a1:a5:de:60:
41:ad:3f:3c:c6:43:e8:ab:e3:da:49:4f:6f:f4:ef:73:58:4b:
91:39:b2:37:c1:ab:c2:1e:8f:56:0a:00:a1:e6:a4:a2:53:35:
26:7a:13:07:b3:21:0b:6e:3b:86:51:00:d6:9d:c8:10:d3:d8:
92:9a:98:54
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQmbDTMjrgRwEfWt4gFV/CtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDE1Y2JhMjJlMzMxYWRhOTFmZjRkYzY2ODhlNWZhMGFm
NDU3NjkwHhcNMjUwMTAyMDk1MDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWI4ZGY2MzBiYjhkNDQwYzY2ZjQ1YWQ0NzQ5NTEwMzMwNDExYjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0HOpyD4WG7aWLVyxv43Kdp/fAdB
Ztn6S6q3llRXy+IcsDa3m+7+Ycp+qBRgDsayRjgrJwKLq2VhWaJS+6o/kNGF/ByR
88rNW/HoxY8ZHSCO2SL2iZhBeYStSv5kz4JN26Q6wtNYFKpVozVgnc0z9C+nLIFV
rqUpHOHSKJxCIJsAmOlC2F9rElkTAUYzrU0MhewMXZm34OGEe4i8WWtjezX+sQYP
1GIqLkwEv3rLgO+7BpiZJiYmUKdA0+WvEAoCv74JpkYcWynj5+0dqCpmSYSf0bTr
3jGVjKQSg/bDKrj3Bh8U1q2Ulr/xe/dXWph4DE10sJyVDuiZop37hvHRxwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNq432MLuNRAxm9FrUdJUQMwQRsgMB8GA1UdIwQY
MBaAFGdBXLoi4zGtqR/03GaI5foK9FdpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBGY3VpTGpNYTJwSF9UY1pvamwtZ3IwVjJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jYTBjM2ItYTk2OS00ODQ3LWJkMDIt
NjY2NDNlMDY2M2RmLzEvMnJqZll3dTQxRURHYjBXdFIwbFJBekJCR3lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jYTBjM2ItYTk2OS00ODQ3LWJkMDItNjY2NDNlMDY2M2Rm
LzEvWjBGY3VpTGpNYTJwSF9UY1pvamwtZ3IwVjJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwj6uAwQA
wj68AwQAwj7pAwQAwkXOMA0EAgACMAcDBQAqD61AMA0GCSqGSIb3DQEBCwUAA4IB
AQBa3ggqa1YkMLmzDTNz6PCxLOBx93fwHSfDuiUd3QYk4beHwVSN3679ITqr1wK9
xKWeL6+ai9PZry5TJqC5Ee3y3jMypi7qBomIQfVy3XQAr8RNLKTS5CyIAjXuT5t6
H9+ihkjXGpgXsnU90xIOXuxJwDkEF8qx5t67SU64olBG9fAgTObwam0/7h7WFklr
QWAWNf+cZ1fowNkhGOgrKjBGK6K5i7qgJuwNRVNmSntzwNuBlmrm1acPYMN+SzVT
m3O7OqGl3mBBrT88xkPoq+PaSU9v9O9zWEuRObI3wavCHo9WCgCh5qSiUzUmehMH
syELbjuGUQDWncgQ09iSmphU
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:31 2025 by rpki-client