Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/9cXZNBVPbFK7YgwhAS48hqVN3Q8.roa
File: 9cXZNBVPbFK7YgwhAS48hqVN3Q8.roa (raw, json)
Hash identifier: P8nablk4XjPWocUs0+w/NDTZnQaNhHciAel+enfRgUQ=
Subject key identifier: F5:C5:D9:34:15:4F:6C:52:BB:62:0C:21:01:2E:3C:86:A5:4D:DD:0F
Certificate issuer: /CN=2e4bd4edca29d4e72be86ced0b7ad652c7d261c9
Certificate serial: 0194236A45FDA00CDF0F208DD3E8D2812FA9
Authority key identifier: 2E:4B:D4:ED:CA:29:D4:E7:2B:E8:6C:ED:0B:7A:D6:52:C7:D2:61:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/9cXZNBVPbFK7YgwhAS48hqVN3Q8.roa
Signing time: Wed 01 Jan 2025 19:49:14 +0000
ROA not before: Wed 01 Jan 2025 19:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30148
IP address blocks: 185.93.228.0/22 maxlen: 24
193.19.224.0/22 maxlen: 24
2a02:fe80:11::/48 maxlen: 48
2a02:fe80:12::/48 maxlen: 48
2a02:fe80:13::/48 maxlen: 48
2a02:fe80:14::/48 maxlen: 48
2a02:fe80:15::/48 maxlen: 48
2a02:fe80:16::/48 maxlen: 48
2a02:fe80:17::/48 maxlen: 48
2a02:fe80:18::/48 maxlen: 48
2a02:fe80:19::/48 maxlen: 48
2a02:fe80:20::/48 maxlen: 48
2a02:fe80:21::/48 maxlen: 48
2a02:fe80:22::/48 maxlen: 48
2a02:fe80:1010::/48 maxlen: 48
2a02:fe80:2010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/LkvU7cop1Ocr6GztC3rWUsfSYck.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/LkvU7cop1Ocr6GztC3rWUsfSYck.mft
rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:45:fd:a0:0c:df:0f:20:8d:d3:e8:d2:81:2f:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e4bd4edca29d4e72be86ced0b7ad652c7d261c9
Validity
Not Before: Jan 1 19:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5c5d934154f6c52bb620c21012e3c86a54ddd0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:5e:ba:5d:1a:e5:18:22:32:dc:ba:ca:ce:8c:
c9:ff:8a:6a:30:a4:e7:0c:53:af:d2:49:d7:dd:32:
d2:26:83:15:b9:2d:fa:3d:e4:2c:d1:c6:d3:47:00:
d2:18:55:e9:27:6a:ca:9f:6d:0e:8c:3c:af:71:a0:
95:39:6f:9e:b5:f1:66:8b:5b:74:13:89:0f:1e:c8:
da:38:0c:24:21:12:c5:d5:7e:a1:00:78:4d:53:d5:
4f:14:35:72:9e:a9:c1:42:8c:a5:a4:ae:de:73:bc:
2a:0b:62:89:de:21:55:31:ab:f0:98:4a:da:1f:a9:
18:ea:ec:83:4f:d7:d5:d5:46:32:93:3e:19:d7:d7:
c9:ad:f7:75:74:2c:db:c8:70:df:b0:ce:9b:0c:a2:
e6:c6:08:6f:4b:65:7e:3c:27:6f:19:6d:a0:fa:5f:
5a:da:fc:ca:19:8c:2c:6e:1a:00:8c:34:d3:27:55:
33:d1:d1:01:f0:d5:73:3e:fa:d2:4d:eb:d3:e7:c9:
d2:50:f7:bb:dc:2e:8e:ab:95:59:3e:93:32:89:1f:
cf:c9:b1:dc:67:e4:fb:66:46:59:b3:16:89:ab:ef:
e7:b7:ca:3f:42:39:b5:62:62:31:88:41:ca:54:71:
1d:84:0c:93:d9:4b:a0:4d:d3:35:f9:cb:49:ff:d2:
e9:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:C5:D9:34:15:4F:6C:52:BB:62:0C:21:01:2E:3C:86:A5:4D:DD:0F
X509v3 Authority Key Identifier:
keyid:2E:4B:D4:ED:CA:29:D4:E7:2B:E8:6C:ED:0B:7A:D6:52:C7:D2:61:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/9cXZNBVPbFK7YgwhAS48hqVN3Q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/LkvU7cop1Ocr6GztC3rWUsfSYck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.228.0/22
193.19.224.0/22
IPv6:
2a02:fe80:11::-2a02:fe80:19:ffff:ffff:ffff:ffff:ffff
2a02:fe80:20::-2a02:fe80:22:ffff:ffff:ffff:ffff:ffff
2a02:fe80:1010::/48
2a02:fe80:2010::/48
Signature Algorithm: sha256WithRSAEncryption
9c:5a:30:94:ce:a0:73:57:eb:d2:6c:d3:08:e0:b0:15:09:44:
b5:71:37:ba:13:b3:8c:8f:d0:95:91:4e:65:a1:bf:20:35:a4:
09:d7:de:9e:78:98:fd:93:2e:18:31:43:15:af:57:c6:c3:76:
69:e9:79:96:23:7e:f5:2c:83:db:64:f7:a9:d7:e5:a0:f5:5e:
44:1d:f2:fb:9b:78:0d:db:82:e1:00:c8:33:ba:06:c5:7b:d6:
69:20:a5:35:e8:65:11:c8:24:68:b7:e7:27:6e:2f:5a:9f:0a:
20:56:1c:c3:c5:66:e2:bc:df:58:03:ec:04:e7:5b:b4:91:e0:
f1:84:05:09:9f:79:f7:6c:0f:f1:4d:11:4e:ec:f0:e7:f7:e8:
d5:f2:27:bf:29:99:bd:5b:24:41:38:1c:e0:0a:6d:7b:40:bf:
c7:03:94:b3:09:06:c1:08:67:4d:b9:ee:8a:0a:b0:10:4f:93:
df:21:b4:8c:63:d7:5f:a8:fd:2d:e9:4d:19:45:61:a1:e6:2e:
6f:0d:e3:01:44:79:f4:68:97:fc:e1:72:0d:84:09:96:36:33:
98:e5:04:e9:8b:1a:6a:96:93:4c:0b:12:79:68:3b:3e:45:78:
e5:23:47:77:17:6b:9b:52:24:ce:6e:bb:26:c4:68:68:9b:66:
a2:9e:b1:1b
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZQjakX9oAzfDyCN0+jSgS+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNGJkNGVkY2EyOWQ0ZTcyYmU4NmNlZDBiN2FkNjUyYzdk
MjYxYzkwHhcNMjUwMTAxMTk0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWM1ZDkzNDE1NGY2YzUyYmI2MjBjMjEwMTJlM2M4NmE1NGRkZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0V66XRrlGCIy3LrKzozJ/4pqMKTn
DFOv0knX3TLSJoMVuS36PeQs0cbTRwDSGFXpJ2rKn20OjDyvcaCVOW+etfFmi1t0
E4kPHsjaOAwkIRLF1X6hAHhNU9VPFDVynqnBQoylpK7ec7wqC2KJ3iFVMavwmEra
H6kY6uyDT9fV1UYykz4Z19fJrfd1dCzbyHDfsM6bDKLmxghvS2V+PCdvGW2g+l9a
2vzKGYwsbhoAjDTTJ1Uz0dEB8NVzPvrSTevT58nSUPe73C6Oq5VZPpMyiR/PybHc
Z+T7ZkZZsxaJq+/nt8o/Qjm1YmIxiEHKVHEdhAyT2UugTdM1+ctJ/9Lp2wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFPXF2TQVT2xSu2IMIQEuPIalTd0PMB8GA1UdIwQY
MBaAFC5L1O3KKdTnK+hs7Qt61lLH0mHJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGt2VTdjb3AxT2NyNkd6dEMzcldVc2ZTWWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hNTNiYjYtNjZjMC00ODYxLWIyODgt
MmE2MzcyZTA1NGQyLzEvOWNYWk5CVlBiRks3WWd3aEFTNDhocVZOM1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hNTNiYjYtNjZjMC00ODYxLWIyODgtMmE2MzcyZTA1NGQy
LzEvTGt2VTdjb3AxT2NyNkd6dEMzcldVc2ZTWWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjASBAIAATAMAwQCuV3kAwQC
wRPgMEAEAgACMDowEgMHACoC/oAAEQMHASoC/oAAGDASAwcFKgL+gAAgAwcAKgL+
gAAiAwcAKgL+gBAQAwcAKgL+gCAQMA0GCSqGSIb3DQEBCwUAA4IBAQCcWjCUzqBz
V+vSbNMI4LAVCUS1cTe6E7OMj9CVkU5lob8gNaQJ196eeJj9ky4YMUMVr1fGw3Zp
6XmWI371LIPbZPep1+Wg9V5EHfL7m3gN24LhAMgzugbFe9ZpIKU16GURyCRot+cn
bi9anwogVhzDxWbivN9YA+wE51u0keDxhAUJn3n3bA/xTRFO7PDn9+jV8ie/KZm9
WyRBOBzgCm17QL/HA5SzCQbBCGdNue6KCrAQT5PfIbSMY9dfqP0t6U0ZRWGh5i5v
DeMBRHn0aJf84XINhAmWNjOY5QTpixpqlpNMCxJ5aDs+RXjlI0d3F2ubUiTObrsm
xGhom2ainrEb
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:14:44 2025 by rpki-client