Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/L23yOvQBQTNJuC8C5LbdX4U8nTU.roa
File: L23yOvQBQTNJuC8C5LbdX4U8nTU.roa (raw, json)
Hash identifier: V48krTQbfq0nGm2c2GCL2J+4qLsUwnRFY04sZY6t3/8=
Subject key identifier: 2F:6D:F2:3A:F4:01:41:33:49:B8:2F:02:E4:B6:DD:5F:85:3C:9D:35
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01954CB6249B23E6D4CB52BE6CAC28076851
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/L23yOvQBQTNJuC8C5LbdX4U8nTU.roa
Signing time: Fri 28 Feb 2025 13:19:19 +0000
ROA not before: Fri 28 Feb 2025 13:19:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 84.51.232.0/24 maxlen: 24
92.51.234.0/24 maxlen: 24
92.51.235.0/24 maxlen: 24
92.51.255.0/24 maxlen: 24
103.210.196.0/24 maxlen: 24
107.150.166.0/24 maxlen: 24
155.2.180.0/24 maxlen: 24
155.2.181.0/24 maxlen: 24
185.161.111.0/24 maxlen: 24
192.140.220.0/24 maxlen: 24
192.140.221.0/24 maxlen: 24
203.188.165.0/24 maxlen: 24
203.188.181.0/24 maxlen: 24
213.254.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Apr 2025 13:43:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4c:b6:24:9b:23:e6:d4:cb:52:be:6c:ac:28:07:68:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Feb 28 13:19:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f6df23af401413349b82f02e4b6dd5f853c9d35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:aa:a1:8b:f0:9b:24:60:20:88:4a:48:70:38:
f0:ba:8b:bd:bc:a2:66:f4:93:4c:bd:47:77:9f:79:
fc:2f:7c:b8:cb:58:e7:8d:3c:c7:f9:22:f5:87:6f:
9d:ef:25:c1:cf:dc:81:9f:fd:0f:b4:6c:c6:4f:f5:
8b:0b:8c:f1:ae:50:71:16:07:32:4c:c7:a9:c8:24:
19:45:2c:e0:c4:a0:77:b0:2a:2f:25:13:0d:71:19:
7d:6a:7a:a5:48:8d:36:9b:88:f0:05:0c:8f:3b:a7:
db:91:6d:c1:d5:f6:63:68:43:8a:60:f3:c2:95:c5:
fe:15:ec:28:2f:06:74:84:77:f9:18:5e:1a:33:40:
4c:00:5b:b8:f6:92:ef:48:62:9c:5c:65:e0:25:1b:
51:f9:c8:18:67:80:7a:46:1a:b2:fe:05:2e:0c:ad:
7d:7b:f9:25:76:63:1b:0e:e9:96:fa:8c:18:3d:82:
5d:22:00:47:30:82:67:b3:d6:13:c0:b8:dd:7f:07:
2c:e6:8b:24:d8:1f:e8:7a:f0:ca:ea:54:1d:d2:a7:
5d:c3:11:e1:5c:02:02:d7:ed:fc:fa:4c:26:23:61:
cd:02:7f:bc:db:1e:6f:2f:9c:c7:df:c1:e5:30:49:
d7:12:6c:4e:8b:1b:15:9f:f3:f9:fe:ee:76:c0:7f:
e8:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:6D:F2:3A:F4:01:41:33:49:B8:2F:02:E4:B6:DD:5F:85:3C:9D:35
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/L23yOvQBQTNJuC8C5LbdX4U8nTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.51.232.0/24
92.51.234.0/23
92.51.255.0/24
103.210.196.0/24
107.150.166.0/24
155.2.180.0/23
185.161.111.0/24
192.140.220.0/23
203.188.165.0/24
203.188.181.0/24
213.254.160.0/24
Signature Algorithm: sha256WithRSAEncryption
83:12:e3:eb:58:d3:00:5e:01:77:83:65:be:1d:6b:5c:97:08:
fd:bf:0f:83:d6:0d:84:c2:3d:56:6e:fe:b0:9f:fe:7e:75:6d:
42:76:07:76:83:af:74:f3:c6:bb:8a:10:95:28:e9:43:cb:05:
d5:be:fe:bd:32:e9:51:dc:ff:4d:4d:dd:73:9b:a2:cb:08:f5:
8c:14:68:9a:67:d3:4e:73:d0:10:ac:7b:40:3e:ec:f8:1a:70:
1f:9d:81:6e:ff:66:02:9e:04:f3:4e:d4:e5:4c:df:69:f4:15:
04:93:c5:76:a5:85:01:2b:6f:b4:1d:3b:0a:e8:ce:01:6d:fe:
fa:f8:d3:8e:42:21:27:0c:85:d5:4d:cf:10:d3:db:05:8c:09:
47:40:2f:17:1b:6d:45:e8:2d:0b:63:c3:5f:fc:e9:3c:26:16:
00:a7:dc:7f:ac:d3:55:21:6a:3f:b3:0e:28:81:ea:45:b5:2b:
89:c5:d2:b3:1c:04:2f:a2:ef:85:ec:3d:f7:ea:1c:8d:8f:ff:
a3:8d:89:74:2c:84:8a:0c:92:8a:7a:95:be:e5:b5:db:69:1e:
f9:a7:c6:60:63:2c:ec:89:1c:a5:45:74:77:1a:72:ad:d7:20:
86:f7:85:a7:08:c5:d7:78:e8:47:9b:ac:af:5f:12:3a:42:f5:
d5:f0:d2:f9
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZVMtiSbI+bUy1K+bKwoB2hRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMjI4MTMxOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjZkZjIzYWY0MDE0MTMzNDliODJmMDJlNGI2ZGQ1Zjg1M2M5ZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qqhi/CbJGAgiEpIcDjwuou9vKJm
9JNMvUd3n3n8L3y4y1jnjTzH+SL1h2+d7yXBz9yBn/0PtGzGT/WLC4zxrlBxFgcy
TMepyCQZRSzgxKB3sCovJRMNcRl9anqlSI02m4jwBQyPO6fbkW3B1fZjaEOKYPPC
lcX+FewoLwZ0hHf5GF4aM0BMAFu49pLvSGKcXGXgJRtR+cgYZ4B6Rhqy/gUuDK19
e/kldmMbDumW+owYPYJdIgBHMIJns9YTwLjdfwcs5osk2B/oevDK6lQd0qddwxHh
XAIC1+38+kwmI2HNAn+82x5vL5zH38HlMEnXEmxOixsVn/P5/u52wH/oqQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFC9t8jr0AUEzSbgvAuS23V+FPJ01MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvTDIzeU92UUJRVE5KdUM4QzVMYmRYNFU4blRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAVDPoAwQB
XDPqAwQAXDP/AwQAZ9LEAwQAa5amAwQBmwK0AwQAuaFvAwQBwIzcAwQAy7ylAwQA
y7y1AwQA1f6gMA0GCSqGSIb3DQEBCwUAA4IBAQCDEuPrWNMAXgF3g2W+HWtclwj9
vw+D1g2Ewj1Wbv6wn/5+dW1Cdgd2g69088a7ihCVKOlDywXVvv69MulR3P9NTd1z
m6LLCPWMFGiaZ9NOc9AQrHtAPuz4GnAfnYFu/2YCngTzTtTlTN9p9BUEk8V2pYUB
K2+0HTsK6M4Bbf76+NOOQiEnDIXVTc8Q09sFjAlHQC8XG21F6C0LY8Nf/Ok8JhYA
p9x/rNNVIWo/sw4ogepFtSuJxdKzHAQvou+F7D336hyNj/+jjYl0LISKDJKKepW+
5bXbaR75p8ZgYyzsiRylRXR3GnKt1yCG94WnCMXXeOhHm6yvXxI6QvXV8NL5
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:26:13 2025 by rpki-client