Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/n2XhVDe2ggLEf7MqKLu4m2oiDCI.roa
File: n2XhVDe2ggLEf7MqKLu4m2oiDCI.roa (raw, json)
Hash identifier: s/3Lc9LGACFlvJc5xu/AbuESJL8OCx+FeCaTIr0OPuE=
Subject key identifier: 9F:65:E1:54:37:B6:82:02:C4:7F:B3:2A:28:BB:B8:9B:6A:22:0C:22
Certificate issuer: /CN=9faf0bf93fc4381fff7e7aa86b4076c033242ffa
Certificate serial: 0194266BE0C3410D470A5152905C91521C94
Authority key identifier: 9F:AF:0B:F9:3F:C4:38:1F:FF:7E:7A:A8:6B:40:76:C0:33:24:2F:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n68L-T_EOB__fnqoa0B2wDMkL_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/n2XhVDe2ggLEf7MqKLu4m2oiDCI.roa
Signing time: Thu 02 Jan 2025 09:49:51 +0000
ROA not before: Thu 02 Jan 2025 09:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22168
IP address blocks: 185.91.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/n68L-T_EOB__fnqoa0B2wDMkL_o.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/n68L-T_EOB__fnqoa0B2wDMkL_o.mft
rsync://rpki.ripe.net/repository/DEFAULT/n68L-T_EOB__fnqoa0B2wDMkL_o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 03:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:e0:c3:41:0d:47:0a:51:52:90:5c:91:52:1c:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9faf0bf93fc4381fff7e7aa86b4076c033242ffa
Validity
Not Before: Jan 2 09:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f65e15437b68202c47fb32a28bbb89b6a220c22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6a:98:9a:7d:19:ad:e0:5c:58:30:ad:ef:56:
7a:c1:ea:73:99:0e:f4:b8:55:93:92:7c:43:b0:a9:
8d:15:31:65:c2:07:32:e7:73:46:ae:9f:61:42:f3:
cd:c2:4f:32:25:bb:46:c7:8a:3a:35:0d:12:80:27:
f6:7c:66:7e:af:90:60:08:c2:f2:b2:c6:ab:04:26:
16:6f:cd:97:f2:91:0a:2d:57:01:a6:07:06:02:eb:
93:04:e3:90:b2:7c:be:65:50:0b:55:3f:46:97:06:
8d:d2:d0:8e:d8:a8:10:b6:79:27:51:9f:1b:35:04:
21:9c:a4:40:e0:8d:d6:2f:e0:0a:5f:5c:13:58:7e:
6c:f8:79:e6:38:91:3e:4c:de:8a:3e:45:90:59:27:
be:93:68:d7:f2:b9:7e:87:f7:43:0b:75:66:14:dd:
ab:c6:bf:c4:01:45:9c:5f:f1:51:ea:12:01:04:0a:
38:4b:ae:2e:cf:57:bd:32:1c:b2:e5:83:2f:a7:7e:
74:90:fa:29:2e:b8:56:e6:42:a2:03:21:31:18:ad:
47:11:3e:88:99:f2:79:b2:96:b2:52:f4:35:63:08:
f4:c4:2b:7c:38:f8:5d:9f:c7:d8:93:e9:68:5c:ac:
2e:4b:9e:42:cb:a4:cd:bf:21:29:b6:41:cf:04:f1:
92:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:65:E1:54:37:B6:82:02:C4:7F:B3:2A:28:BB:B8:9B:6A:22:0C:22
X509v3 Authority Key Identifier:
keyid:9F:AF:0B:F9:3F:C4:38:1F:FF:7E:7A:A8:6B:40:76:C0:33:24:2F:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n68L-T_EOB__fnqoa0B2wDMkL_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/n2XhVDe2ggLEf7MqKLu4m2oiDCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/n68L-T_EOB__fnqoa0B2wDMkL_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.204.0/24
Signature Algorithm: sha256WithRSAEncryption
49:06:06:c8:52:db:09:a0:75:80:6c:45:8f:0a:fa:23:80:17:
1e:df:06:52:fe:7f:66:78:58:80:ec:d7:d5:2c:24:44:d2:50:
56:ce:28:aa:75:c7:9a:6b:06:07:e8:11:79:0d:61:0b:f4:bf:
f5:f0:22:8c:6a:66:5c:47:a4:7c:52:63:be:b9:b3:cc:f0:99:
27:a7:1f:23:a9:28:a7:4f:95:ae:5d:f6:61:68:e5:23:62:99:
76:f9:72:e3:30:58:f0:3f:7c:b2:a3:1f:53:2e:1c:f8:79:5b:
b5:3b:75:56:c1:07:8d:7f:78:e8:43:1e:c1:97:06:b3:73:95:
a7:ab:0a:0a:43:39:8f:5a:de:bc:70:5b:75:2e:77:fd:06:62:
6e:bf:43:d0:5e:93:e6:d6:d9:80:1b:d8:c5:87:5f:ed:20:08:
32:87:9b:8b:56:1f:c2:53:39:58:58:b5:be:b5:2d:9f:8e:87:
8a:26:63:ba:64:c5:cf:ea:8b:4c:34:a7:ef:9c:e0:06:a5:90:
8f:bf:8b:06:8e:90:4c:51:37:25:fc:c4:f5:5a:ba:2f:30:fe:
44:20:b9:03:c3:e6:fa:a9:34:9b:af:59:df:7d:2e:97:41:ab:
e0:e6:ff:20:d6:0b:09:91:46:14:37:68:95:46:e7:01:da:18:
0d:be:be:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma+DDQQ1HClFSkFyRUhyUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmYWYwYmY5M2ZjNDM4MWZmZjdlN2FhODZiNDA3NmMwMzMy
NDJmZmEwHhcNMjUwMTAyMDk0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjY1ZTE1NDM3YjY4MjAyYzQ3ZmIzMmEyOGJiYjg5YjZhMjIwYzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2qYmn0ZreBcWDCt71Z6wepzmQ70
uFWTknxDsKmNFTFlwgcy53NGrp9hQvPNwk8yJbtGx4o6NQ0SgCf2fGZ+r5BgCMLy
ssarBCYWb82X8pEKLVcBpgcGAuuTBOOQsny+ZVALVT9GlwaN0tCO2KgQtnknUZ8b
NQQhnKRA4I3WL+AKX1wTWH5s+HnmOJE+TN6KPkWQWSe+k2jX8rl+h/dDC3VmFN2r
xr/EAUWcX/FR6hIBBAo4S64uz1e9Mhyy5YMvp350kPopLrhW5kKiAyExGK1HET6I
mfJ5spayUvQ1Ywj0xCt8OPhdn8fYk+loXKwuS55Cy6TNvyEptkHPBPGShwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ9l4VQ3toICxH+zKii7uJtqIgwiMB8GA1UdIwQY
MBaAFJ+vC/k/xDgf/356qGtAdsAzJC/6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjY4TC1UX0VPQl9fZm5xb2EwQjJ3RE1rTF9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9hNGZmMzMtYjI5MC00MzA3LWFmYzgt
ZjUyMGE3ZDcxZWY1LzEvbjJYaFZEZTJnZ0xFZjdNcUtMdTRtMm9pRENJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9hNGZmMzMtYjI5MC00MzA3LWFmYzgtZjUyMGE3ZDcxZWY1
LzEvbjY4TC1UX0VPQl9fZm5xb2EwQjJ3RE1rTF9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVvMMA0G
CSqGSIb3DQEBCwUAA4IBAQBJBgbIUtsJoHWAbEWPCvojgBce3wZS/n9meFiA7NfV
LCRE0lBWziiqdceaawYH6BF5DWEL9L/18CKMamZcR6R8UmO+ubPM8Jknpx8jqSin
T5WuXfZhaOUjYpl2+XLjMFjwP3yyox9TLhz4eVu1O3VWwQeNf3joQx7Blwazc5Wn
qwoKQzmPWt68cFt1Lnf9BmJuv0PQXpPm1tmAG9jFh1/tIAgyh5uLVh/CUzlYWLW+
tS2fjoeKJmO6ZMXP6otMNKfvnOAGpZCPv4sGjpBMUTcl/MT1WrovMP5EILkDw+b6
qTSbr1nffS6XQavg5v8g1gsJkUYUN2iVRucB2hgNvr7q
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:38:26 2025 by rpki-client