Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/2dx8DL40Mg5k3bN-LuUbgmFcuWQ.roa
File: 2dx8DL40Mg5k3bN-LuUbgmFcuWQ.roa (raw, json)
Hash identifier: 4YShjbmkyQp2+OR1aaEcb8XQsTpNNFTW1A97+Onix8k=
Subject key identifier: D9:DC:7C:0C:BE:34:32:0E:64:DD:B3:7E:2E:E5:1B:82:61:5C:B9:64
Certificate issuer: /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial: 019427462B28AF90B8D0994A2B22A393D450
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/2dx8DL40Mg5k3bN-LuUbgmFcuWQ.roa
Signing time: Thu 02 Jan 2025 13:48:17 +0000
ROA not before: Thu 02 Jan 2025 13:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56382
IP address blocks: 185.244.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.mft
rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 03:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:2b:28:af:90:b8:d0:99:4a:2b:22:a3:93:d4:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
Validity
Not Before: Jan 2 13:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9dc7c0cbe34320e64ddb37e2ee51b82615cb964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:39:d4:d8:17:9b:4d:53:7a:20:58:d2:86:f4:
fb:93:56:ee:06:95:bc:db:3e:1b:a1:a5:ae:5a:85:
ad:98:cf:70:27:0f:4b:f3:ff:b9:8c:4a:04:e6:d0:
c8:7b:27:76:c4:8c:3c:1d:2c:27:31:7b:83:a3:4d:
78:7e:bd:1c:d7:61:c4:51:ac:8c:43:f7:22:e3:c8:
31:bd:ab:fd:87:63:39:39:da:13:80:13:a9:7e:29:
a2:49:51:21:1a:e4:67:8d:ba:a3:e9:9b:71:88:92:
c2:01:f0:b0:55:67:ac:07:6c:e1:55:8a:dc:7a:4a:
90:fe:0f:cc:11:ee:77:45:0d:28:58:57:0c:23:a7:
3f:32:28:fe:01:d0:e2:76:d4:fe:c7:fc:83:16:1b:
86:cd:8a:04:c6:d7:e0:6e:82:dc:55:71:6a:bf:b9:
ac:bf:62:04:f9:e5:6c:c7:67:5b:4c:ba:77:ad:d5:
b5:f0:71:47:96:e2:b5:21:a4:e8:73:88:56:27:da:
da:90:94:50:4b:0f:05:14:59:4f:a2:8a:d9:29:89:
ec:30:dc:41:a3:12:bb:07:76:6f:69:f5:91:80:c6:
fe:9e:2c:ac:f1:3d:ed:3d:c6:fe:ad:08:26:03:f9:
03:9d:b7:19:27:72:2e:63:20:46:f1:61:58:c7:ec:
d6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:DC:7C:0C:BE:34:32:0E:64:DD:B3:7E:2E:E5:1B:82:61:5C:B9:64
X509v3 Authority Key Identifier:
keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/2dx8DL40Mg5k3bN-LuUbgmFcuWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.27.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:7b:24:ee:df:03:c7:34:d4:5f:1d:78:66:78:b7:b2:eb:0e:
e0:64:d5:fa:a9:5a:bd:4a:12:de:ee:6c:b0:66:ee:8e:78:76:
49:2a:70:22:c7:31:a2:6b:00:90:d1:49:2d:c8:77:26:0d:67:
e1:88:0c:01:67:49:8c:17:a3:df:59:94:ba:ec:0d:e8:70:35:
4e:45:24:1b:4d:f2:f4:ef:6f:07:99:0a:0c:74:e4:4e:b2:df:
7f:75:e2:13:3c:80:54:c2:60:5a:f9:92:e1:c6:b2:8c:cc:99:
98:c1:8a:74:88:9d:a0:f2:a8:f3:39:57:50:d6:48:47:da:9f:
17:26:38:33:54:00:73:4b:58:88:ae:46:db:8e:1d:e4:58:95:
3d:bd:0e:0a:68:ff:30:0f:63:91:47:f4:46:98:72:65:a9:34:
89:af:03:ef:30:48:ea:87:2b:3f:73:b1:57:5b:5d:48:b0:17:
cc:5f:81:65:22:c2:8f:c5:8a:2c:1d:0d:4c:4a:85:e5:0d:49:
8e:90:54:cc:21:25:67:77:59:89:c2:a4:10:ec:29:e5:fe:21:
02:f7:7e:85:12:9a:70:72:38:e5:71:13:44:1b:06:a6:7f:4b:
e7:a7:02:e7:f6:bb:b1:c3:fe:fd:4b:67:65:60:1b:e4:44:6d:
5d:fd:7b:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRisor5C40JlKKyKjk9RQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjUwMTAyMTM0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWRjN2MwY2JlMzQzMjBlNjRkZGIzN2UyZWU1MWI4MjYxNWNiOTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjnU2BebTVN6IFjShvT7k1buBpW8
2z4boaWuWoWtmM9wJw9L8/+5jEoE5tDIeyd2xIw8HSwnMXuDo014fr0c12HEUayM
Q/ci48gxvav9h2M5OdoTgBOpfimiSVEhGuRnjbqj6ZtxiJLCAfCwVWesB2zhVYrc
ekqQ/g/MEe53RQ0oWFcMI6c/Mij+AdDidtT+x/yDFhuGzYoExtfgboLcVXFqv7ms
v2IE+eVsx2dbTLp3rdW18HFHluK1IaToc4hWJ9rakJRQSw8FFFlPoorZKYnsMNxB
oxK7B3ZvafWRgMb+niys8T3tPcb+rQgmA/kDnbcZJ3IuYyBG8WFYx+zWFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNncfAy+NDIOZN2zfi7lG4JhXLlkMB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvMmR4OERMNDBNZzVrM2JOLUx1VWJnbUZjdVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufQbMA0G
CSqGSIb3DQEBCwUAA4IBAQBreyTu3wPHNNRfHXhmeLey6w7gZNX6qVq9ShLe7myw
Zu6OeHZJKnAixzGiawCQ0UktyHcmDWfhiAwBZ0mMF6PfWZS67A3ocDVORSQbTfL0
728HmQoMdOROst9/deITPIBUwmBa+ZLhxrKMzJmYwYp0iJ2g8qjzOVdQ1khH2p8X
JjgzVABzS1iIrkbbjh3kWJU9vQ4KaP8wD2ORR/RGmHJlqTSJrwPvMEjqhys/c7FX
W11IsBfMX4FlIsKPxYosHQ1MSoXlDUmOkFTMISVnd1mJwqQQ7Cnl/iEC936FEppw
cjjlcRNEGwamf0vnpwLn9ruxw/79S2dlYBvkRG1d/Xsi
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:04:03 2025 by rpki-client