Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/_2Z2DCyP8AoFTrwYYnrTE8duSKk.roa
File: _2Z2DCyP8AoFTrwYYnrTE8duSKk.roa (raw, json)
Hash identifier: 9BjH2YLT3BThs3wwk+jwBx3zqx+MMwKVuJzuVbVoQIE=
Subject key identifier: FF:66:76:0C:2C:8F:F0:0A:05:4E:BC:18:62:7A:D3:13:C7:6E:48:A9
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 0194228E0DD3BDE2AC002FA8ABBB2A822519
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/_2Z2DCyP8AoFTrwYYnrTE8duSKk.roa
Signing time: Wed 01 Jan 2025 15:48:42 +0000
ROA not before: Wed 01 Jan 2025 15:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 91.232.182.0/24 maxlen: 24
91.232.184.0/24 maxlen: 24
109.166.36.0/22 maxlen: 24
151.248.68.0/23 maxlen: 24
176.118.80.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.mft
rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 21:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:0d:d3:bd:e2:ac:00:2f:a8:ab:bb:2a:82:25:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Jan 1 15:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff66760c2c8ff00a054ebc18627ad313c76e48a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b9:f0:9c:3f:a3:a8:e6:94:47:9a:85:bd:14:
a8:24:b0:9a:53:f1:8f:aa:d4:62:d4:eb:17:7d:d2:
56:1d:c6:79:b6:87:66:7c:e3:49:a0:b6:3c:71:08:
ea:b2:eb:82:2c:13:d7:e6:c7:6e:96:d6:60:dd:82:
e1:3e:ee:82:3f:bb:9d:d8:64:a2:00:75:13:55:3e:
5d:64:b8:14:79:0d:8f:d2:8c:17:ff:ec:a7:f5:70:
53:cb:b8:60:8b:32:d5:54:e1:1c:9a:54:65:07:52:
4a:31:49:73:f2:13:01:4b:87:5b:b2:cc:7a:34:a5:
9b:5e:b0:d2:54:82:4a:7d:94:f4:e0:5b:d7:81:9e:
b4:92:83:97:a3:ed:a4:76:18:b9:fa:e6:2d:82:99:
7c:c7:31:9e:cb:4c:4e:fd:16:93:f0:7a:29:9c:0c:
24:bf:40:13:5b:f7:88:c0:18:a5:e6:7f:61:cc:12:
40:5d:1d:23:ae:b7:94:4d:03:5d:88:b7:5c:a5:b7:
70:f4:94:69:88:73:c4:ed:02:be:3b:e8:dc:a9:58:
75:47:ec:d4:48:40:a6:7e:07:6f:a2:61:3b:a4:f5:
58:a3:7a:b1:75:d8:95:ac:b7:71:fb:7e:bf:f7:83:
c0:cf:c4:ac:a1:6f:fe:f2:14:6d:e3:7c:ab:87:0a:
dd:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:66:76:0C:2C:8F:F0:0A:05:4E:BC:18:62:7A:D3:13:C7:6E:48:A9
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/_2Z2DCyP8AoFTrwYYnrTE8duSKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.182.0/24
91.232.184.0/24
109.166.36.0/22
151.248.68.0/23
176.118.80.0/21
Signature Algorithm: sha256WithRSAEncryption
66:ea:52:ed:63:b7:0a:cc:ed:00:10:f3:04:a4:a6:33:9b:de:
ab:09:93:4f:58:6f:32:a0:e4:ab:04:5b:bc:fd:d1:b9:b4:a4:
63:a4:cc:4d:aa:ea:59:69:95:5f:9f:16:f3:77:b1:d6:07:41:
1b:4b:11:30:91:cb:f5:82:fa:b2:14:5e:a3:97:47:5c:0c:ed:
eb:95:74:7e:de:de:59:a7:98:85:ca:97:50:59:90:98:4d:68:
e5:28:eb:50:27:ae:2a:ef:f0:9b:3a:96:5b:af:f0:18:8f:c5:
f8:22:bd:55:7b:ce:6c:2f:13:ad:02:15:47:5e:37:67:d4:ce:
a7:6a:e2:4a:5d:42:9d:29:a0:e7:c1:13:7b:35:48:85:d5:50:
83:9e:bd:18:c1:eb:33:6f:73:38:67:c7:52:a2:06:74:eb:ed:
ee:5d:3d:4a:f5:6a:e4:e3:be:63:94:7d:e5:ff:9d:51:1e:17:
d6:26:ae:7f:7f:8a:27:c1:01:7b:4e:5b:31:b3:39:c2:ec:a3:
36:32:b2:22:7f:8e:2a:f4:a7:5b:af:57:ca:71:42:75:49:91:
91:3e:23:8b:b0:75:7d:b9:e2:fe:c4:ef:9a:5c:30:37:4d:6f:
a2:99:a1:8f:f7:3d:ec:59:e1:2f:5b:f4:32:a9:dc:9f:d0:50:
6c:fa:73:91
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQijg3TveKsAC+oq7sqgiUZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjUwMTAxMTU0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjY2NzYwYzJjOGZmMDBhMDU0ZWJjMTg2MjdhZDMxM2M3NmU0OGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirnwnD+jqOaUR5qFvRSoJLCaU/GP
qtRi1OsXfdJWHcZ5todmfONJoLY8cQjqsuuCLBPX5sdultZg3YLhPu6CP7ud2GSi
AHUTVT5dZLgUeQ2P0owX/+yn9XBTy7hgizLVVOEcmlRlB1JKMUlz8hMBS4dbssx6
NKWbXrDSVIJKfZT04FvXgZ60koOXo+2kdhi5+uYtgpl8xzGey0xO/RaT8HopnAwk
v0ATW/eIwBil5n9hzBJAXR0jrreUTQNdiLdcpbdw9JRpiHPE7QK+O+jcqVh1R+zU
SECmfgdvomE7pPVYo3qxddiVrLdx+36/94PAz8SsoW/+8hRt43yrhwrd+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFP9mdgwsj/AKBU68GGJ60xPHbkipMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvXzJaMkRDeVA4QW9GVHJ3WVluclRFOGR1U0trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW+i2AwQA
W+i4AwQCbaYkAwQBl/hEAwQDsHZQMA0GCSqGSIb3DQEBCwUAA4IBAQBm6lLtY7cK
zO0AEPMEpKYzm96rCZNPWG8yoOSrBFu8/dG5tKRjpMxNqupZaZVfnxbzd7HWB0Eb
SxEwkcv1gvqyFF6jl0dcDO3rlXR+3t5Zp5iFypdQWZCYTWjlKOtQJ64q7/CbOpZb
r/AYj8X4Ir1Ve85sLxOtAhVHXjdn1M6nauJKXUKdKaDnwRN7NUiF1VCDnr0Ywesz
b3M4Z8dSogZ06+3uXT1K9Wrk475jlH3l/51RHhfWJq5/f4onwQF7TlsxsznC7KM2
MrIif44q9Kdbr1fKcUJ1SZGRPiOLsHV9ueL+xO+aXDA3TW+imaGP9z3sWeEvW/Qy
qdyf0FBs+nOR
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:58:42 2025 by rpki-client