Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/2bwoacVhn9Ey8-WA6HPqgOWaS3w.roa
File: 2bwoacVhn9Ey8-WA6HPqgOWaS3w.roa (raw, json)
Hash identifier: +4RKvBlDgq1ptS9Kf/qX9i6nHjxZCbfdf3DtkVyJdE4=
Subject key identifier: D9:BC:28:69:C5:61:9F:D1:32:F3:E5:80:E8:73:EA:80:E5:9A:4B:7C
Certificate issuer: /CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Certificate serial: 0194221F5C90333D43F6F75F83D265D47A2F
Authority key identifier: A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/2bwoacVhn9Ey8-WA6HPqgOWaS3w.roa
Signing time: Wed 01 Jan 2025 13:47:48 +0000
ROA not before: Wed 01 Jan 2025 13:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212012
IP address blocks: 91.240.72.0/24 maxlen: 24
185.42.232.0/24 maxlen: 24
185.42.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/pi8tPCadk1InaQsot_vdlT4entw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/pi8tPCadk1InaQsot_vdlT4entw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:5c:90:33:3d:43:f6:f7:5f:83:d2:65:d4:7a:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Validity
Not Before: Jan 1 13:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9bc2869c5619fd132f3e580e873ea80e59a4b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:bd:ba:48:f2:ee:33:36:84:05:0f:25:e7:d2:
79:46:8a:94:58:1f:75:62:b9:17:05:3c:7e:27:d8:
ff:e8:fc:cb:a9:91:92:c1:51:2c:9b:02:27:1b:90:
c2:5e:b5:a7:d7:e0:ac:d5:fb:2d:41:b6:e0:0d:1a:
4b:5f:d3:c1:c8:e4:41:ec:99:45:1b:f1:f0:ff:9a:
4d:3a:05:a2:fe:44:7f:4a:d1:d4:fb:3f:8f:72:ce:
e8:5f:07:32:4d:0f:97:fc:76:22:5e:7a:d9:c5:04:
b1:be:0b:81:7e:62:ba:fc:91:58:5b:f1:6c:89:1c:
49:34:34:cc:78:f0:9e:2f:af:80:6f:80:19:cf:18:
37:e5:70:a6:7a:18:60:50:01:dc:2c:a4:05:e4:09:
84:15:9d:89:35:40:ff:85:48:9a:bc:fd:88:50:59:
2a:7b:81:c8:39:38:93:98:46:cc:3c:08:b2:1f:7b:
f7:4a:de:47:c9:d5:66:35:ed:0d:2b:92:21:8c:aa:
67:6f:33:0c:32:88:bd:c3:66:3c:62:02:03:e1:ac:
52:de:2f:41:89:f8:13:3e:0c:ca:2e:3d:f7:01:bf:
e8:6c:0c:c5:5e:b3:27:d6:00:2c:50:ea:cf:c4:17:
e4:39:bc:30:76:9a:bf:44:78:20:9f:50:7b:e2:72:
b0:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:BC:28:69:C5:61:9F:D1:32:F3:E5:80:E8:73:EA:80:E5:9A:4B:7C
X509v3 Authority Key Identifier:
keyid:A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/2bwoacVhn9Ey8-WA6HPqgOWaS3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/pi8tPCadk1InaQsot_vdlT4entw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.72.0/24
185.42.232.0/23
Signature Algorithm: sha256WithRSAEncryption
66:e3:3a:6b:46:79:97:8d:93:ff:98:57:34:99:08:5a:84:c9:
0c:b4:0e:64:da:38:5e:ae:02:a5:83:99:4f:0b:ce:c6:cf:e6:
34:a3:5e:2a:5b:75:c1:01:16:15:71:b5:8e:5f:f4:0b:d9:5c:
48:67:5a:da:16:99:c9:72:4c:69:1f:60:41:16:fb:46:f2:78:
37:94:c6:e8:d3:13:7f:45:2b:01:9c:f9:89:24:15:77:3d:ec:
9b:c6:09:6a:c1:9b:c8:98:1b:ab:c1:c3:be:bb:0a:31:80:7e:
4f:ed:e3:fd:d1:18:29:d9:9c:18:91:b1:62:23:11:5a:9e:a1:
61:d6:ca:cd:dc:1c:82:e7:ab:37:e7:b9:3c:bd:ed:62:c6:ae:
34:f6:7d:62:6d:c2:21:b0:64:34:de:a0:a6:5b:a2:5a:a6:23:
4f:b6:89:ea:57:29:9c:5d:c7:08:05:3f:e5:35:9f:21:41:63:
fe:8c:45:b4:35:3b:a8:79:b9:d3:54:cd:86:68:94:b5:54:a5:
d3:ba:28:2e:bd:58:20:7e:d4:3a:65:3d:4c:8e:65:17:17:ac:
49:2b:03:a6:49:bc:b9:fd:8b:e6:8b:5a:6c:9e:f8:ef:72:2c:
ee:66:e7:b4:23:a6:68:73:d9:dd:92:a5:3f:64:34:f8:75:a1:
37:79:38:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH1yQMz1D9vdfg9Jl1HovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MmYyZDNjMjY5ZDkzNTIyNzY5MGIyOGI3ZmJkZDk1M2Ux
ZTllZGMwHhcNMjUwMTAxMTM0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWJjMjg2OWM1NjE5ZmQxMzJmM2U1ODBlODczZWE4MGU1OWE0YjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyr26SPLuMzaEBQ8l59J5RoqUWB91
YrkXBTx+J9j/6PzLqZGSwVEsmwInG5DCXrWn1+Cs1fstQbbgDRpLX9PByORB7JlF
G/Hw/5pNOgWi/kR/StHU+z+Pcs7oXwcyTQ+X/HYiXnrZxQSxvguBfmK6/JFYW/Fs
iRxJNDTMePCeL6+Ab4AZzxg35XCmehhgUAHcLKQF5AmEFZ2JNUD/hUiavP2IUFkq
e4HIOTiTmEbMPAiyH3v3St5HydVmNe0NK5IhjKpnbzMMMoi9w2Y8YgID4axS3i9B
ifgTPgzKLj33Ab/obAzFXrMn1gAsUOrPxBfkObwwdpq/RHggn1B74nKwIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNm8KGnFYZ/RMvPlgOhz6oDlmkt8MB8GA1UdIwQY
MBaAFKYvLTwmnZNSJ2kLKLf73ZU+Hp7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMt
MTAwZWVkODEyYzQwLzEvMmJ3b2FjVmhuOUV5OC1XQTZIUHFnT1dhUzN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMtMTAwZWVkODEyYzQw
LzEvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW/BIAwQB
uSroMA0GCSqGSIb3DQEBCwUAA4IBAQBm4zprRnmXjZP/mFc0mQhahMkMtA5k2jhe
rgKlg5lPC87Gz+Y0o14qW3XBARYVcbWOX/QL2VxIZ1raFpnJckxpH2BBFvtG8ng3
lMbo0xN/RSsBnPmJJBV3PeybxglqwZvImBurwcO+uwoxgH5P7eP90Rgp2ZwYkbFi
IxFanqFh1srN3ByC56s357k8ve1ixq409n1ibcIhsGQ03qCmW6JapiNPtonqVymc
XccIBT/lNZ8hQWP+jEW0NTuoebnTVM2GaJS1VKXTuiguvVggftQ6ZT1MjmUXF6xJ
KwOmSby5/Yvmi1psnvjvcizuZue0I6Zoc9ndkqU/ZDT4daE3eTiV
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:59 2025 by rpki-client