Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/7a8781-e363-46e4-97ed-e3e8151a8760/1/2p_ZO09LakS0A7u5Qz0wGibD5fU.roa
File: 2p_ZO09LakS0A7u5Qz0wGibD5fU.roa (raw, json)
Hash identifier: dieDhkHaU+F1D9ZZPlcY6giEpQMREkK77VG8/1P3jjc=
Subject key identifier: DA:9F:D9:3B:4F:4B:6A:44:B4:03:BB:B9:43:3D:30:1A:26:C3:E5:F5
Certificate issuer: /CN=48ba3701691d2928afad3a1b5735a26f4c99cff6
Certificate serial: 019426D9E43DC61272FC866BAE821D7F4DFE
Authority key identifier: 48:BA:37:01:69:1D:29:28:AF:AD:3A:1B:57:35:A2:6F:4C:99:CF:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SLo3AWkdKSivrTobVzWib0yZz_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/7a8781-e363-46e4-97ed-e3e8151a8760/1/2p_ZO09LakS0A7u5Qz0wGibD5fU.roa
Signing time: Thu 02 Jan 2025 11:50:01 +0000
ROA not before: Thu 02 Jan 2025 11:50:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8426
IP address blocks: 193.28.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/7a8781-e363-46e4-97ed-e3e8151a8760/1/SLo3AWkdKSivrTobVzWib0yZz_Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/7a8781-e363-46e4-97ed-e3e8151a8760/1/SLo3AWkdKSivrTobVzWib0yZz_Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/SLo3AWkdKSivrTobVzWib0yZz_Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 02:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:e4:3d:c6:12:72:fc:86:6b:ae:82:1d:7f:4d:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48ba3701691d2928afad3a1b5735a26f4c99cff6
Validity
Not Before: Jan 2 11:50:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da9fd93b4f4b6a44b403bbb9433d301a26c3e5f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:5f:13:a7:bf:10:01:c7:ab:12:cf:f4:a1:2b:
ab:0c:65:a0:d9:40:a3:94:f6:7b:aa:72:51:8a:96:
b6:eb:40:54:aa:e5:24:69:17:18:1a:cc:7a:f1:9e:
99:a5:ad:d8:4d:54:2d:80:04:bf:79:dd:c2:a5:d5:
10:93:b5:b0:8e:02:4d:d3:4d:af:75:e6:a4:5a:15:
9d:ba:4f:eb:a3:99:9c:49:19:da:ff:f1:ac:d1:ca:
f6:56:57:7f:28:7a:af:67:b6:42:3a:c3:81:dc:64:
dd:3a:64:df:c0:4b:d4:81:6f:9b:1c:ea:51:6d:d8:
50:e7:55:6b:a5:b1:b2:e4:72:00:43:16:8a:d6:03:
79:c4:38:a7:c8:68:ab:6c:79:f4:66:40:50:06:13:
c4:4c:62:bc:8b:aa:53:d2:c3:8f:80:2e:cf:54:97:
ea:05:11:5f:b2:51:e6:ff:7e:5e:11:fa:6c:e6:01:
4c:50:9c:b1:94:43:5b:ef:9f:02:e4:c0:3e:cb:00:
75:6c:13:aa:ed:d0:f3:dc:28:9d:d6:42:d9:90:65:
4d:8a:27:cf:e6:fd:88:91:84:11:ae:50:ce:d2:4d:
73:48:67:71:2c:5e:64:cb:4d:a2:e6:d1:3f:9e:41:
ee:be:44:65:cb:9b:be:af:ac:24:e4:67:e0:be:e0:
7d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:9F:D9:3B:4F:4B:6A:44:B4:03:BB:B9:43:3D:30:1A:26:C3:E5:F5
X509v3 Authority Key Identifier:
keyid:48:BA:37:01:69:1D:29:28:AF:AD:3A:1B:57:35:A2:6F:4C:99:CF:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SLo3AWkdKSivrTobVzWib0yZz_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/7a8781-e363-46e4-97ed-e3e8151a8760/1/2p_ZO09LakS0A7u5Qz0wGibD5fU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/7a8781-e363-46e4-97ed-e3e8151a8760/1/SLo3AWkdKSivrTobVzWib0yZz_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.85.0/24
Signature Algorithm: sha256WithRSAEncryption
81:5d:ee:27:f5:49:b0:fb:fb:4c:43:f0:d4:63:7e:db:06:43:
91:ca:1f:76:ee:4f:d5:ef:5d:4d:55:66:9e:ea:35:d9:1e:5e:
4f:bf:52:3a:39:66:ac:fa:df:29:01:a7:9f:23:d0:a8:95:c9:
6e:aa:a9:9d:5b:d7:5c:6a:6a:68:1c:ca:86:92:4d:a3:7a:f5:
61:60:cf:3b:06:07:ed:e9:20:c4:2a:b5:fb:98:48:df:28:f5:
44:99:85:d4:83:77:5a:ee:8f:5b:1b:d8:eb:d1:20:d0:9b:7e:
7b:42:d0:a8:86:c8:a5:93:0f:65:d3:06:87:f9:ae:8e:9f:65:
c7:19:32:b9:fb:68:68:2e:7a:3d:54:47:f3:ba:3c:28:44:3a:
bf:8f:8b:71:01:4f:4b:14:2e:e7:4e:ac:fb:e8:ce:fe:5f:30:
3d:28:32:fc:69:1b:7d:b2:4e:4a:1e:6c:d2:b7:8b:37:3a:e4:
8e:6e:05:ef:86:2d:cb:f4:58:5c:c1:22:bf:07:b2:43:d0:ae:
ab:f3:f0:69:19:6b:86:41:fd:21:c9:bd:c4:41:9f:a5:fc:cf:
c4:d7:f9:02:e0:e5:42:e6:b3:74:0f:f7:3e:a9:0b:fa:ed:8c:
d0:78:5e:47:03:c7:95:a9:25:9a:e2:b8:db:d3:75:a1:08:0f:
d6:da:76:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2eQ9xhJy/IZrroIdf03+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4YmEzNzAxNjkxZDI5MjhhZmFkM2ExYjU3MzVhMjZmNGM5
OWNmZjYwHhcNMjUwMTAyMTE1MDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTlmZDkzYjRmNGI2YTQ0YjQwM2JiYjk0MzNkMzAxYTI2YzNlNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmF8Tp78QAcerEs/0oSurDGWg2UCj
lPZ7qnJRipa260BUquUkaRcYGsx68Z6Zpa3YTVQtgAS/ed3CpdUQk7WwjgJN002v
deakWhWduk/ro5mcSRna//Gs0cr2Vld/KHqvZ7ZCOsOB3GTdOmTfwEvUgW+bHOpR
bdhQ51VrpbGy5HIAQxaK1gN5xDinyGirbHn0ZkBQBhPETGK8i6pT0sOPgC7PVJfq
BRFfslHm/35eEfps5gFMUJyxlENb758C5MA+ywB1bBOq7dDz3Cid1kLZkGVNiifP
5v2IkYQRrlDO0k1zSGdxLF5ky02i5tE/nkHuvkRly5u+r6wk5GfgvuB9kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNqf2TtPS2pEtAO7uUM9MBomw+X1MB8GA1UdIwQY
MBaAFEi6NwFpHSkor606G1c1om9Mmc/2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0xvM0FXa2RLU2l2clRvYlZ6V2liMHlael9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83YTg3ODEtZTM2My00NmU0LTk3ZWQt
ZTNlODE1MWE4NzYwLzEvMnBfWk8wOUxha1MwQTd1NVF6MHdHaWJENWZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83YTg3ODEtZTM2My00NmU0LTk3ZWQtZTNlODE1MWE4NzYw
LzEvU0xvM0FXa2RLU2l2clRvYlZ6V2liMHlael9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRxVMA0G
CSqGSIb3DQEBCwUAA4IBAQCBXe4n9Umw+/tMQ/DUY37bBkORyh927k/V711NVWae
6jXZHl5Pv1I6OWas+t8pAaefI9ColcluqqmdW9dcampoHMqGkk2jevVhYM87Bgft
6SDEKrX7mEjfKPVEmYXUg3da7o9bG9jr0SDQm357QtCohsilkw9l0waH+a6On2XH
GTK5+2hoLno9VEfzujwoRDq/j4txAU9LFC7nTqz76M7+XzA9KDL8aRt9sk5KHmzS
t4s3OuSObgXvhi3L9FhcwSK/B7JD0K6r8/BpGWuGQf0hyb3EQZ+l/M/E1/kC4OVC
5rN0D/c+qQv67YzQeF5HA8eVqSWa4rjb03WhCA/W2nZe
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:24:14 2025 by rpki-client