Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/2bIgdmSEVd0-ShSSxiQKUdhHspA.roa
File: 2bIgdmSEVd0-ShSSxiQKUdhHspA.roa (raw, json)
Hash identifier: eExzqHYCkwK53NvVDg/zdlBrg8r6eHj0tGjR8mOM8MM=
Subject key identifier: D9:B2:20:76:64:84:55:DD:3E:4A:14:92:C6:24:0A:51:D8:47:B2:90
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 019421B216E6FF95117CBDF7661DAA48A3FB
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/2bIgdmSEVd0-ShSSxiQKUdhHspA.roa
Signing time: Wed 01 Jan 2025 11:48:26 +0000
ROA not before: Wed 01 Jan 2025 11:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39599
IP address blocks: 88.220.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.mft
rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:16:e6:ff:95:11:7c:bd:f7:66:1d:aa:48:a3:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 11:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9b22076648455dd3e4a1492c6240a51d847b290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0e:ef:88:aa:d9:fe:08:6b:a9:9b:d9:cf:2f:
e0:9d:72:74:a7:4e:82:53:ea:5f:d4:b0:e6:ec:0c:
8a:cc:b0:5f:99:33:a9:1c:17:f1:e1:78:39:1c:fc:
0a:b7:c4:e7:ab:a2:82:c5:7b:ff:b2:17:35:64:04:
92:5a:38:c7:e7:b3:a4:9a:4b:e5:06:24:ac:44:3c:
b2:96:f7:92:d3:ce:3d:1c:37:d1:41:12:75:26:5b:
b6:0f:76:3a:ba:ba:f0:6d:3d:67:a6:d2:1c:8a:6a:
e2:aa:29:2a:91:15:c8:07:b1:88:ee:45:f4:d1:11:
55:b9:5d:eb:3a:55:b4:63:d1:1b:4d:95:e3:81:8f:
0d:94:f0:8f:6f:5e:ac:b2:62:85:7e:de:7f:81:e3:
3c:22:b7:37:42:f2:22:b4:6a:b8:c8:ad:9d:2b:94:
b7:7f:8f:ff:a9:4a:f7:4f:55:90:de:df:f4:b7:6f:
03:67:52:21:cf:20:cf:dd:fe:e4:58:ce:ca:1b:b1:
dd:37:35:f6:29:91:67:30:50:40:af:e6:27:9f:9e:
50:8a:b9:7d:f3:59:e6:f8:2f:d0:8f:b8:ad:eb:37:
5f:66:3c:ca:2a:6d:78:94:0b:c0:22:ee:ff:8b:ef:
42:41:5b:99:60:fc:00:1c:1d:96:e6:8a:70:cc:9f:
cc:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B2:20:76:64:84:55:DD:3E:4A:14:92:C6:24:0A:51:D8:47:B2:90
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/2bIgdmSEVd0-ShSSxiQKUdhHspA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.220.116.0/24
Signature Algorithm: sha256WithRSAEncryption
54:12:d1:c4:0b:27:b4:05:98:e6:14:e9:36:2a:41:d6:e5:6e:
88:cc:d9:bc:69:dd:68:bc:ad:af:31:5e:13:b5:72:c7:c9:e5:
29:a2:9a:9c:13:98:7b:db:15:97:fa:18:9a:18:08:a2:23:7c:
89:10:7b:51:09:96:e1:dd:e8:34:99:24:15:3b:b3:45:e4:ac:
64:b6:2f:37:4f:15:03:d0:82:0f:4c:91:32:e7:8b:1f:ee:e7:
4e:e6:7e:05:98:6f:b7:e9:dd:78:1a:0f:01:34:87:72:f1:17:
7c:4d:a1:e2:a7:96:ea:5d:fe:7b:6a:21:aa:a5:28:ca:dc:61:
cb:0d:a7:bf:c1:63:68:7f:3a:39:27:df:19:9b:ae:d0:8c:cd:
df:97:b5:de:9a:52:39:40:c0:59:4c:72:0b:e7:24:4d:ab:c3:
cf:5d:d3:0e:3a:03:be:db:63:00:e7:a3:aa:e7:43:36:70:2d:
2e:5d:16:ed:2d:8a:9d:7f:2b:5e:ee:aa:cf:89:9a:5b:99:15:
5f:52:41:99:a6:50:69:e3:f9:ad:ed:ed:9d:fd:bd:f7:da:42:
70:46:c8:cd:6b:53:39:f8:02:8d:b6:94:3b:fb:c3:da:e3:bf:
09:45:f8:af:74:f1:dd:23:52:fa:07:49:87:36:13:9e:a4:14:
92:e6:7f:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhshbm/5URfL33Zh2qSKP7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjUwMTAxMTE0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWIyMjA3NjY0ODQ1NWRkM2U0YTE0OTJjNjI0MGE1MWQ4NDdiMjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxA7viKrZ/ghrqZvZzy/gnXJ0p06C
U+pf1LDm7AyKzLBfmTOpHBfx4Xg5HPwKt8Tnq6KCxXv/shc1ZASSWjjH57Okmkvl
BiSsRDyylveS0849HDfRQRJ1Jlu2D3Y6urrwbT1nptIcimriqikqkRXIB7GI7kX0
0RFVuV3rOlW0Y9EbTZXjgY8NlPCPb16ssmKFft5/geM8Irc3QvIitGq4yK2dK5S3
f4//qUr3T1WQ3t/0t28DZ1IhzyDP3f7kWM7KG7HdNzX2KZFnMFBAr+Ynn55Qirl9
81nm+C/Qj7it6zdfZjzKKm14lAvAIu7/i+9CQVuZYPwAHB2W5opwzJ/MywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNmyIHZkhFXdPkoUksYkClHYR7KQMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvMmJJZ2RtU0VWZDAtU2hTU3hpUUtVZGhIc3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNx0MA0G
CSqGSIb3DQEBCwUAA4IBAQBUEtHECye0BZjmFOk2KkHW5W6IzNm8ad1ovK2vMV4T
tXLHyeUpopqcE5h72xWX+hiaGAiiI3yJEHtRCZbh3eg0mSQVO7NF5Kxkti83TxUD
0IIPTJEy54sf7udO5n4FmG+36d14Gg8BNIdy8Rd8TaHip5bqXf57aiGqpSjK3GHL
Dae/wWNofzo5J98Zm67QjM3fl7XemlI5QMBZTHIL5yRNq8PPXdMOOgO+22MA56Oq
50M2cC0uXRbtLYqdfyte7qrPiZpbmRVfUkGZplBp4/mt7e2d/b332kJwRsjNa1M5
+AKNtpQ7+8Pa478JRfivdPHdI1L6B0mHNhOepBSS5n8G
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:59 2025 by rpki-client