Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/2Zybwhc3Z3EZr0OJWbNK-Ni55bE.roa
File: 2Zybwhc3Z3EZr0OJWbNK-Ni55bE.roa (raw, json)
Hash identifier: GDmIbwApD2xrL9eeuVZLhE7JtQXKOdo8ocZYFN8KNJ4=
Subject key identifier: D9:9C:9B:C2:17:37:67:71:19:AF:43:89:59:B3:4A:F8:D8:B9:E5:B1
Certificate issuer: /CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Certificate serial: 0196D26DC1D0E5043C713EEAB52527B167EB
Authority key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/2Zybwhc3Z3EZr0OJWbNK-Ni55bE.roa
Signing time: Thu 15 May 2025 05:32:10 +0000
ROA not before: Thu 15 May 2025 05:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18811
IP address blocks: 89.34.64.0/22 maxlen: 24
89.34.112.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d2:6d:c1:d0:e5:04:3c:71:3e:ea:b5:25:27:b1:67:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Validity
Not Before: May 15 05:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d99c9bc21737677119af438959b34af8d8b9e5b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6a:5d:9a:1b:e1:1a:a0:32:4b:20:a5:fc:61:
f8:13:a1:c9:00:33:cb:86:1b:79:b4:46:d9:78:35:
ce:6c:4a:59:81:75:df:1f:14:e0:3e:56:db:57:38:
9a:80:3d:19:24:39:3a:cb:23:4b:ad:7e:58:47:b2:
2b:af:58:cf:39:36:36:3a:2a:5f:c2:89:b2:06:04:
53:27:02:46:6d:c6:6c:bc:bf:a0:31:37:09:aa:0d:
f8:de:88:23:36:dc:dc:20:d4:3f:44:ed:f4:41:2c:
52:03:90:6a:0f:30:59:48:14:f5:7a:ad:fe:f4:34:
4c:05:dc:60:fc:91:7a:d8:3e:5d:53:56:17:b7:ff:
d6:8e:0d:5b:d5:54:c5:96:f7:21:21:ec:78:55:ff:
ba:fa:24:c5:49:f6:2d:85:0f:5b:26:7b:53:e9:f6:
4d:f6:c8:d1:eb:2d:fc:8f:2e:9c:44:02:19:c4:3d:
be:b4:59:51:30:07:67:10:0f:d4:c9:05:ec:8b:58:
7a:8a:0d:86:23:2c:e3:70:00:f9:32:55:58:9d:c8:
3b:13:89:cc:e7:58:e6:56:9f:d1:e5:c4:ad:63:11:
45:e3:04:f7:96:61:3f:f5:52:30:1b:d2:71:3e:9c:
b7:7e:f7:5e:63:23:73:d9:cd:cb:34:21:3f:8e:65:
bc:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:9C:9B:C2:17:37:67:71:19:AF:43:89:59:B3:4A:F8:D8:B9:E5:B1
X509v3 Authority Key Identifier:
keyid:A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/2Zybwhc3Z3EZr0OJWbNK-Ni55bE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.64.0/22
89.34.112.0/21
Signature Algorithm: sha256WithRSAEncryption
9d:a3:a1:b1:a2:72:a2:da:64:cd:99:15:39:ae:c7:8e:42:31:
9f:49:e9:da:f9:44:45:4c:cd:9e:2b:09:2d:e5:91:6b:20:7c:
de:09:91:03:b0:65:5d:c5:76:74:52:46:bd:88:4f:a4:f8:0b:
f4:f5:32:dc:e2:d0:6c:95:88:ac:20:6f:18:4e:3d:d1:14:14:
4a:68:2a:98:80:71:e7:f3:b1:4c:35:9e:f3:de:40:3e:b8:c0:
5d:58:24:6d:90:ac:69:16:07:23:f8:36:59:4c:23:ea:2d:08:
f4:2c:c4:50:26:31:7e:12:bf:22:98:3b:16:f4:bf:28:2e:42:
1e:d3:9d:bf:ee:e1:00:2c:8e:11:2b:bc:97:ec:f4:42:13:1d:
2e:da:a9:17:37:9b:d4:0c:50:53:83:f1:58:7e:6d:e7:29:1c:
e4:e7:b2:3c:fa:4d:1d:12:74:b6:22:15:c1:88:84:f3:93:38:
ee:b7:b7:21:92:ef:bf:8b:f5:1f:3b:78:cb:96:b7:5e:d1:29:
dd:a0:d3:3a:b5:a9:3b:04:58:7a:78:01:c4:81:c3:7d:b1:e0:
1e:da:14:67:47:e0:4c:69:bf:fe:59:6d:25:f0:4d:a4:2b:c6:
6d:2b:3f:d1:8e:85:01:eb:62:01:f5:50:fc:b9:48:a4:2a:dc:
0b:c9:dc:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZbSbcHQ5QQ8cT7qtSUnsWfrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDg4ZTA2ZDU1M2NmZjI5M2QyNzdmNGQ3NmMzYTcxMGJk
OGIyZjcwHhcNMjUwNTE1MDUzMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTljOWJjMjE3Mzc2NzcxMTlhZjQzODk1OWIzNGFmOGQ4YjllNWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmpdmhvhGqAySyCl/GH4E6HJADPL
hht5tEbZeDXObEpZgXXfHxTgPlbbVziagD0ZJDk6yyNLrX5YR7Irr1jPOTY2Oipf
womyBgRTJwJGbcZsvL+gMTcJqg343ogjNtzcINQ/RO30QSxSA5BqDzBZSBT1eq3+
9DRMBdxg/JF62D5dU1YXt//Wjg1b1VTFlvchIex4Vf+6+iTFSfYthQ9bJntT6fZN
9sjR6y38jy6cRAIZxD2+tFlRMAdnEA/UyQXsi1h6ig2GIyzjcAD5MlVYncg7E4nM
51jmVp/R5cStYxFF4wT3lmE/9VIwG9JxPpy3fvdeYyNz2c3LNCE/jmW8qwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNmcm8IXN2dxGa9DiVmzSvjYueWxMB8GA1UdIwQY
MBaAFKIIjgbVU8/yk9J39NdsOnEL2LL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTct
YmJlYTI5MThlMTAyLzEvMlp5YndoYzNaM0VacjBPSldiTkstTmk1NWJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTctYmJlYTI5MThlMTAy
LzEvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWSJAAwQD
WSJwMA0GCSqGSIb3DQEBCwUAA4IBAQCdo6GxonKi2mTNmRU5rseOQjGfSena+URF
TM2eKwkt5ZFrIHzeCZEDsGVdxXZ0Uka9iE+k+Av09TLc4tBslYisIG8YTj3RFBRK
aCqYgHHn87FMNZ7z3kA+uMBdWCRtkKxpFgcj+DZZTCPqLQj0LMRQJjF+Er8imDsW
9L8oLkIe052/7uEALI4RK7yX7PRCEx0u2qkXN5vUDFBTg/FYfm3nKRzk57I8+k0d
EnS2IhXBiITzkzjut7chku+/i/UfO3jLlrde0SndoNM6tak7BFh6eAHEgcN9seAe
2hRnR+BMab/+WW0l8E2kK8ZtKz/RjoUB62IB9VD8uUikKtwLydxi
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:04:46 2025 by rpki-client