Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/e2SQSmJ5Uij4VeGzNgyMcf8tHqM.roa
File: e2SQSmJ5Uij4VeGzNgyMcf8tHqM.roa (raw, json)
Hash identifier: /jn7jwBSYHJhjR+sZRgi9zex0zsrMd1Ejp9Gj9O6Ons=
Subject key identifier: 7B:64:90:4A:62:79:52:28:F8:55:E1:B3:36:0C:8C:71:FF:2D:1E:A3
Certificate issuer: /CN=86da356c2a8610d11d34cdb8a47d2b90519fbd35
Certificate serial: 019427B57BD902249CF85DCD08788E2A7CEA
Authority key identifier: 86:DA:35:6C:2A:86:10:D1:1D:34:CD:B8:A4:7D:2B:90:51:9F:BD:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hto1bCqGENEdNM24pH0rkFGfvTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/e2SQSmJ5Uij4VeGzNgyMcf8tHqM.roa
Signing time: Thu 02 Jan 2025 15:49:52 +0000
ROA not before: Thu 02 Jan 2025 15:49:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60680
IP address blocks: 185.27.88.0/24 maxlen: 24
185.27.89.0/24 maxlen: 24
2a00:9120:1::/48 maxlen: 48
2a00:9120:1:3::/64 maxlen: 64
2a00:9120:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/hto1bCqGENEdNM24pH0rkFGfvTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/hto1bCqGENEdNM24pH0rkFGfvTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hto1bCqGENEdNM24pH0rkFGfvTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:7b:d9:02:24:9c:f8:5d:cd:08:78:8e:2a:7c:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86da356c2a8610d11d34cdb8a47d2b90519fbd35
Validity
Not Before: Jan 2 15:49:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b64904a62795228f855e1b3360c8c71ff2d1ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:5f:a9:49:31:e1:67:ea:b9:2c:ca:ad:38:e2:
c6:c1:d6:5a:16:69:25:67:21:ae:8b:5e:50:cf:4d:
0f:77:a2:c0:50:4e:05:ee:dc:c0:a9:a0:bb:72:97:
bf:16:55:7e:0e:f3:40:b3:90:79:f9:b8:fe:a1:fe:
7c:b8:b7:d0:49:19:17:a0:93:e2:d8:92:bd:4c:e1:
86:aa:03:f6:79:67:2a:32:bb:cb:64:b0:f1:b4:b1:
80:45:35:99:fc:48:ff:2b:83:92:b5:8a:4b:3e:93:
06:5e:d5:4a:ed:f2:44:d4:82:b3:75:6b:d1:9c:74:
8c:0c:8b:d9:2f:49:93:52:47:aa:09:98:34:49:90:
e5:b2:c2:1c:1e:78:45:ab:88:5f:e6:37:d5:e1:b3:
ac:cd:d1:bd:5e:59:37:26:02:51:a3:86:f2:55:08:
dc:9d:ae:05:25:07:11:b3:54:dd:d0:01:2f:56:88:
f6:2d:d4:ba:4b:30:82:69:37:49:8e:8e:e4:74:34:
ba:ad:d4:cd:7c:93:1f:ea:1c:35:9b:23:77:4a:67:
2d:7e:f1:b4:56:d7:4d:84:00:78:67:a5:66:68:73:
47:3a:ab:a1:3b:9b:15:85:00:81:76:f9:7e:a7:26:
83:1f:72:7b:c6:b5:57:c2:19:7a:bc:ac:5f:c7:e4:
9c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:64:90:4A:62:79:52:28:F8:55:E1:B3:36:0C:8C:71:FF:2D:1E:A3
X509v3 Authority Key Identifier:
keyid:86:DA:35:6C:2A:86:10:D1:1D:34:CD:B8:A4:7D:2B:90:51:9F:BD:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hto1bCqGENEdNM24pH0rkFGfvTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/e2SQSmJ5Uij4VeGzNgyMcf8tHqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/hto1bCqGENEdNM24pH0rkFGfvTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.88.0/23
IPv6:
2a00:9120:1::-2a00:9120:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
80:d2:c4:c2:1f:c0:fe:76:86:1f:89:1b:da:5e:1c:5d:aa:b4:
30:b4:0d:00:5f:79:dc:ec:c3:b8:79:cc:1e:ad:6e:ab:29:40:
f8:1a:0f:2c:59:08:98:a3:95:f4:48:98:d1:15:89:4d:05:94:
e5:d4:6b:33:77:64:f5:13:19:e5:30:97:79:a6:53:fe:9d:e8:
55:1c:80:f9:e3:7c:36:37:1f:95:cb:fb:36:52:d4:94:b3:c0:
66:dd:9b:1d:61:b0:b5:1c:4e:09:ad:85:76:14:14:e7:12:62:
0d:e9:be:5c:6c:85:78:40:85:e6:77:14:05:52:64:91:c8:e8:
84:a2:96:0e:42:30:69:b0:8e:22:4d:63:ca:c5:48:e4:eb:b6:
42:0f:a9:7c:aa:4a:17:48:cd:c7:43:3b:17:30:62:72:e2:e4:
45:da:86:55:04:1b:ac:c3:69:61:88:67:1c:cf:43:b9:33:98:
d8:86:7d:59:18:98:62:91:ed:88:7d:16:c4:58:8c:0d:08:ed:
68:86:26:c9:96:18:a8:38:36:34:74:5a:61:37:73:e3:7e:b0:
c5:f8:a7:8c:c4:53:f6:d3:68:a7:2d:c9:3b:02:e8:ee:72:93:
32:4f:b4:71:b0:a7:87:45:2c:85:82:5a:11:c6:f9:35:e8:95:
3a:b1:db:d8
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQntXvZAiSc+F3NCHiOKnzqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZGEzNTZjMmE4NjEwZDExZDM0Y2RiOGE0N2QyYjkwNTE5
ZmJkMzUwHhcNMjUwMTAyMTU0OTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjY0OTA0YTYyNzk1MjI4Zjg1NWUxYjMzNjBjOGM3MWZmMmQxZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlV+pSTHhZ+q5LMqtOOLGwdZaFmkl
ZyGui15Qz00Pd6LAUE4F7tzAqaC7cpe/FlV+DvNAs5B5+bj+of58uLfQSRkXoJPi
2JK9TOGGqgP2eWcqMrvLZLDxtLGARTWZ/Ej/K4OStYpLPpMGXtVK7fJE1IKzdWvR
nHSMDIvZL0mTUkeqCZg0SZDlssIcHnhFq4hf5jfV4bOszdG9Xlk3JgJRo4byVQjc
na4FJQcRs1Td0AEvVoj2LdS6SzCCaTdJjo7kdDS6rdTNfJMf6hw1myN3SmctfvG0
VtdNhAB4Z6VmaHNHOquhO5sVhQCBdvl+pyaDH3J7xrVXwhl6vKxfx+ScDQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHtkkEpieVIo+FXhszYMjHH/LR6jMB8GA1UdIwQY
MBaAFIbaNWwqhhDRHTTNuKR9K5BRn701MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRvMWJDcUdFTkVkTk0yNHBIMHJrRkdmdlRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9jZmZkYjItZGU4Yy00Yzc4LTgxMzIt
OGE5NjYwNGM4MjZkLzEvZTJTUVNtSjVVaWo0VmVHek5neU1jZjh0SHFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9jZmZkYjItZGU4Yy00Yzc4LTgxMzItOGE5NjYwNGM4MjZk
LzEvaHRvMWJDcUdFTkVkTk0yNHBIMHJrRkdmdlRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQBuRtYMBoE
AgACMBQwEgMHACoAkSAAAQMHACoAkSAAAjANBgkqhkiG9w0BAQsFAAOCAQEAgNLE
wh/A/naGH4kb2l4cXaq0MLQNAF953OzDuHnMHq1uqylA+BoPLFkImKOV9EiY0RWJ
TQWU5dRrM3dk9RMZ5TCXeaZT/p3oVRyA+eN8Njcflcv7NlLUlLPAZt2bHWGwtRxO
Ca2FdhQU5xJiDem+XGyFeECF5ncUBVJkkcjohKKWDkIwabCOIk1jysVI5Ou2Qg+p
fKpKF0jNx0M7FzBicuLkRdqGVQQbrMNpYYhnHM9DuTOY2IZ9WRiYYpHtiH0WxFiM
DQjtaIYmyZYYqDg2NHRaYTdz436wxfinjMRT9tNopy3JOwLo7nKTMk+0cbCnh0Us
hYJaEcb5NeiVOrHb2A==
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:34:23 2025 by rpki-client