Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/266e62-9498-46e0-a14c-5755b2f10418/1/2ea_Ght-OBVvtgKuaEhUjFGnCIo.roa
File: 2ea_Ght-OBVvtgKuaEhUjFGnCIo.roa (raw, json)
Hash identifier: dArjpyisxrgvkT5h9NbQ4Zg16ShXRNvAx7t0mMervEs=
Subject key identifier: D9:E6:BF:1A:1B:7E:38:15:6F:B6:02:AE:68:48:54:8C:51:A7:08:8A
Certificate issuer: /CN=bf0dc1449316b6567c3e1e374b82ed892b5d0f63
Certificate serial: 0194266C1F400C67759048BCE9B048EF6B97
Authority key identifier: BF:0D:C1:44:93:16:B6:56:7C:3E:1E:37:4B:82:ED:89:2B:5D:0F:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vw3BRJMWtlZ8Ph43S4LtiStdD2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/266e62-9498-46e0-a14c-5755b2f10418/1/2ea_Ght-OBVvtgKuaEhUjFGnCIo.roa
Signing time: Thu 02 Jan 2025 09:50:07 +0000
ROA not before: Thu 02 Jan 2025 09:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213065
IP address blocks: 145.84.0.0/24 maxlen: 24
145.84.1.0/24 maxlen: 24
145.84.2.0/24 maxlen: 24
145.84.3.0/24 maxlen: 24
145.84.10.0/24 maxlen: 24
145.84.11.0/24 maxlen: 24
145.84.24.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/266e62-9498-46e0-a14c-5755b2f10418/1/vw3BRJMWtlZ8Ph43S4LtiStdD2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/266e62-9498-46e0-a14c-5755b2f10418/1/vw3BRJMWtlZ8Ph43S4LtiStdD2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/vw3BRJMWtlZ8Ph43S4LtiStdD2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 06:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:1f:40:0c:67:75:90:48:bc:e9:b0:48:ef:6b:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf0dc1449316b6567c3e1e374b82ed892b5d0f63
Validity
Not Before: Jan 2 09:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9e6bf1a1b7e38156fb602ae6848548c51a7088a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:09:d6:80:fd:d4:05:15:bd:1e:b6:97:da:69:
e7:aa:74:f9:ec:df:59:83:87:70:62:dd:59:09:99:
37:88:af:88:49:f4:4f:0f:85:96:b7:5a:04:25:3d:
c0:79:ee:72:78:6d:69:65:fc:9d:a2:f2:f2:d8:09:
50:dc:f9:9b:ed:9e:a2:cc:43:b9:e3:be:d2:cb:96:
e6:c5:45:8c:27:8c:75:10:df:b7:85:89:49:f8:ff:
2e:71:05:be:bb:b5:8d:10:13:dc:e0:58:aa:78:1b:
5b:52:57:64:4e:91:de:ae:da:bb:97:0a:68:f1:83:
88:82:12:f9:c0:e3:5c:79:a5:22:6d:00:2d:ef:4d:
da:cb:3b:85:05:86:48:c6:67:69:aa:1d:a4:60:15:
a9:0b:a7:c4:9d:b3:71:e9:20:f4:5a:c6:60:7d:90:
94:ce:17:75:2d:28:51:09:aa:d3:6a:17:0a:7a:2e:
d4:dc:ea:04:a4:8f:96:58:2d:90:21:52:9e:1c:ab:
a3:89:ac:de:e1:10:e5:6c:c9:96:d5:01:56:08:25:
82:b9:a6:f7:d5:0d:59:61:06:d6:ab:5b:24:ca:3e:
65:1b:18:8e:85:8c:d7:43:26:89:d2:b2:22:de:1e:
15:ad:a3:1a:b1:2f:26:d9:fc:da:27:32:f3:9a:35:
82:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E6:BF:1A:1B:7E:38:15:6F:B6:02:AE:68:48:54:8C:51:A7:08:8A
X509v3 Authority Key Identifier:
keyid:BF:0D:C1:44:93:16:B6:56:7C:3E:1E:37:4B:82:ED:89:2B:5D:0F:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vw3BRJMWtlZ8Ph43S4LtiStdD2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/266e62-9498-46e0-a14c-5755b2f10418/1/2ea_Ght-OBVvtgKuaEhUjFGnCIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/266e62-9498-46e0-a14c-5755b2f10418/1/vw3BRJMWtlZ8Ph43S4LtiStdD2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.84.0.0/22
145.84.10.0/23
145.84.24.0/23
Signature Algorithm: sha256WithRSAEncryption
ca:ac:df:09:2d:37:e5:0e:30:1b:27:f5:73:67:5c:7b:0a:98:
79:89:3c:c7:19:4a:7f:10:a4:a0:10:a6:7f:85:58:99:44:6c:
f1:07:69:54:38:fd:9c:65:79:90:eb:87:a5:57:c5:0a:44:95:
b2:9f:54:a0:78:aa:f3:c0:51:5e:af:15:a5:6e:71:48:21:53:
ba:15:91:2d:8f:cb:96:bc:33:94:14:c8:2d:c7:91:08:c4:17:
db:fd:29:8f:53:58:38:4b:b4:d6:00:bd:be:a9:e5:b5:9d:3f:
a0:57:9f:a9:81:42:ec:5b:e7:eb:3c:53:60:9e:2d:a6:40:49:
50:fa:70:94:6b:ad:a6:3d:f3:c5:1d:cd:40:80:d5:6e:e3:8e:
49:af:92:cd:47:3b:fa:10:c8:ac:7e:bf:cc:1a:f3:71:8f:aa:
4e:54:6f:06:80:46:82:56:fa:06:04:eb:d7:6d:e5:a6:11:a8:
97:13:d2:fe:3e:e8:01:a9:b2:6c:ca:05:5d:af:48:7d:de:64:
59:0e:c9:e0:a1:67:b8:5c:e4:83:4e:04:88:72:bc:46:1b:e2:
bc:55:59:39:9b:77:73:b9:d9:23:5e:6b:31:08:a4:b1:10:ed:
4a:ac:d8:6f:1b:e2:7f:70:ee:67:8c:8e:7f:39:b9:e1:99:b1:
29:bb:10:6c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQmbB9ADGd1kEi86bBI72uXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMGRjMTQ0OTMxNmI2NTY3YzNlMWUzNzRiODJlZDg5MmI1
ZDBmNjMwHhcNMjUwMTAyMDk1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWU2YmYxYTFiN2UzODE1NmZiNjAyYWU2ODQ4NTQ4YzUxYTcwODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QnWgP3UBRW9HraX2mnnqnT57N9Z
g4dwYt1ZCZk3iK+ISfRPD4WWt1oEJT3Aee5yeG1pZfydovLy2AlQ3Pmb7Z6izEO5
477Sy5bmxUWMJ4x1EN+3hYlJ+P8ucQW+u7WNEBPc4FiqeBtbUldkTpHertq7lwpo
8YOIghL5wONceaUibQAt703ayzuFBYZIxmdpqh2kYBWpC6fEnbNx6SD0WsZgfZCU
zhd1LShRCarTahcKei7U3OoEpI+WWC2QIVKeHKujiaze4RDlbMmW1QFWCCWCuab3
1Q1ZYQbWq1skyj5lGxiOhYzXQyaJ0rIi3h4VraMasS8m2fzaJzLzmjWC1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNnmvxobfjgVb7YCrmhIVIxRpwiKMB8GA1UdIwQY
MBaAFL8NwUSTFrZWfD4eN0uC7YkrXQ9jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnczQlJKTVd0bFo4UGg0M1M0THRpU3RkRDJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8yNjZlNjItOTQ5OC00NmUwLWExNGMt
NTc1NWIyZjEwNDE4LzEvMmVhX0dodC1PQlZ2dGdLdWFFaFVqRkduQ0lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8yNjZlNjItOTQ5OC00NmUwLWExNGMtNTc1NWIyZjEwNDE4
LzEvdnczQlJKTVd0bFo4UGg0M1M0THRpU3RkRDJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCkVQAAwQB
kVQKAwQBkVQYMA0GCSqGSIb3DQEBCwUAA4IBAQDKrN8JLTflDjAbJ/VzZ1x7Cph5
iTzHGUp/EKSgEKZ/hViZRGzxB2lUOP2cZXmQ64elV8UKRJWyn1SgeKrzwFFerxWl
bnFIIVO6FZEtj8uWvDOUFMgtx5EIxBfb/SmPU1g4S7TWAL2+qeW1nT+gV5+pgULs
W+frPFNgni2mQElQ+nCUa62mPfPFHc1AgNVu445Jr5LNRzv6EMisfr/MGvNxj6pO
VG8GgEaCVvoGBOvXbeWmEaiXE9L+PugBqbJsygVdr0h93mRZDsngoWe4XOSDTgSI
crxGG+K8VVk5m3dzudkjXmsxCKSxEO1KrNhvG+J/cO5njI5/ObnhmbEpuxBs
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:24:37 2025 by rpki-client