Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/2ATvNbnGawNlZZ5eknfDSbXFIzQ.roa
File: 2ATvNbnGawNlZZ5eknfDSbXFIzQ.roa (raw, json)
Hash identifier: tXSd9lU5fCgD64Z/fTQv/A1ZJJrB3ZcLdqsIZET5sKI=
Subject key identifier: D8:04:EF:35:B9:C6:6B:03:65:65:9E:5E:92:77:C3:49:B5:C5:23:34
Certificate issuer: /CN=638c83f9a3a3d2160a0178ca19ccb43a0d2f1890
Certificate serial: 0194266AC61940CE278E812756E03CDBDA61
Authority key identifier: 63:8C:83:F9:A3:A3:D2:16:0A:01:78:CA:19:CC:B4:3A:0D:2F:18:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/2ATvNbnGawNlZZ5eknfDSbXFIzQ.roa
Signing time: Thu 02 Jan 2025 09:48:39 +0000
ROA not before: Thu 02 Jan 2025 09:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39257
IP address blocks: 109.197.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:c6:19:40:ce:27:8e:81:27:56:e0:3c:db:da:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=638c83f9a3a3d2160a0178ca19ccb43a0d2f1890
Validity
Not Before: Jan 2 09:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d804ef35b9c66b0365659e5e9277c349b5c52334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ff:0e:1e:bf:28:42:61:6c:f7:53:2e:6b:28:
e8:a9:ec:28:81:59:24:b5:82:04:2d:05:9a:57:1e:
00:78:58:91:a1:65:6f:5d:d2:45:fb:95:a4:ff:08:
9a:08:91:84:cd:20:c1:f6:09:03:7d:ec:4f:52:13:
0e:da:5b:cc:7a:42:5a:2a:8b:6b:ca:90:0c:f2:e0:
86:aa:dd:fd:c8:a5:c4:0f:59:6f:de:fc:b4:ed:cb:
a1:30:26:36:c2:af:76:48:95:b6:2f:96:b3:e9:31:
18:33:d3:ff:54:ba:b4:78:a1:ef:d8:2c:9f:28:98:
28:88:30:22:66:6e:53:ad:3e:9e:ec:8a:05:6b:75:
f9:76:b4:3a:48:3a:6c:76:af:91:3d:c2:3b:00:32:
e6:f2:7a:95:82:60:58:1e:48:e5:3a:5f:ba:07:50:
02:0c:f8:49:9f:81:e2:bb:96:a0:52:d2:29:cf:cb:
c0:e2:cb:aa:4b:eb:81:29:e3:f3:c1:a8:f8:11:a8:
76:a2:94:d5:7a:43:be:8e:4f:bc:3b:d7:97:41:49:
ad:61:df:47:92:8d:cc:1a:82:6c:1c:af:eb:18:6f:
11:c7:89:a5:12:e4:ca:ee:3d:21:2e:05:a5:14:13:
1b:79:c9:58:18:e1:be:78:56:bd:de:10:85:d2:c7:
63:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:04:EF:35:B9:C6:6B:03:65:65:9E:5E:92:77:C3:49:B5:C5:23:34
X509v3 Authority Key Identifier:
keyid:63:8C:83:F9:A3:A3:D2:16:0A:01:78:CA:19:CC:B4:3A:0D:2F:18:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/2ATvNbnGawNlZZ5eknfDSbXFIzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.197.165.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:bf:3a:16:f5:bb:c3:2a:25:ae:08:7d:fd:64:99:55:be:10:
96:9e:e5:57:b0:9d:55:27:e0:fd:7b:eb:ae:eb:6e:c6:e6:4e:
3b:24:53:0c:4e:f2:6f:37:e2:ca:ba:38:df:67:47:4d:94:fb:
49:90:6c:79:d1:ce:28:5e:02:a1:e4:61:13:62:a9:0a:cd:c8:
d6:1d:16:7c:75:7f:bd:4a:6b:fa:99:a3:c4:d5:80:fa:36:95:
92:77:49:ad:2b:07:6a:27:94:d6:50:6e:99:9f:da:c7:e4:7b:
9c:50:cd:12:77:1f:39:08:14:8f:d6:e9:c3:b9:a5:1d:e3:22:
ac:66:04:c3:ac:4c:e5:07:22:bb:b0:14:5e:e7:2f:b5:4f:ac:
bb:7b:b2:d5:bf:ef:42:ae:af:5e:00:50:89:77:02:c4:b6:c2:
8a:8a:fb:d8:64:db:d3:c5:8f:db:7c:b4:12:ab:ce:33:92:af:
30:da:d3:8e:fd:15:f2:7b:36:a4:f3:1f:8e:4f:21:8b:46:2b:
00:da:ae:99:65:35:eb:50:27:2d:c5:2c:64:9b:cf:a2:ff:3e:
fc:60:61:23:09:a8:ec:ee:88:d1:28:f4:bb:08:d8:8b:e9:45:
ff:14:9f:ab:d5:6c:12:e2:b0:e2:1e:84:b7:f5:ff:be:26:ed:
d9:5b:f0:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmasYZQM4njoEnVuA829phMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzOGM4M2Y5YTNhM2QyMTYwYTAxNzhjYTE5Y2NiNDNhMGQy
ZjE4OTAwHhcNMjUwMTAyMDk0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODA0ZWYzNWI5YzY2YjAzNjU2NTllNWU5Mjc3YzM0OWI1YzUyMzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxf8OHr8oQmFs91MuayjoqewogVkk
tYIELQWaVx4AeFiRoWVvXdJF+5Wk/wiaCJGEzSDB9gkDfexPUhMO2lvMekJaKotr
ypAM8uCGqt39yKXED1lv3vy07cuhMCY2wq92SJW2L5az6TEYM9P/VLq0eKHv2Cyf
KJgoiDAiZm5TrT6e7IoFa3X5drQ6SDpsdq+RPcI7ADLm8nqVgmBYHkjlOl+6B1AC
DPhJn4Hiu5agUtIpz8vA4suqS+uBKePzwaj4Eah2opTVekO+jk+8O9eXQUmtYd9H
ko3MGoJsHK/rGG8Rx4mlEuTK7j0hLgWlFBMbeclYGOG+eFa93hCF0sdjmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNgE7zW5xmsDZWWeXpJ3w0m1xSM0MB8GA1UdIwQY
MBaAFGOMg/mjo9IWCgF4yhnMtDoNLxiQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTR5RC1hT2owaFlLQVhqS0djeTBPZzB2R0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jYzNjMjgtN2IxMy00MzQzLWFmMzct
MjU1NTBiYTI5MTI3LzEvMkFUdk5ibkdhd05sWlo1ZWtuZkRTYlhGSXpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jYzNjMjgtN2IxMy00MzQzLWFmMzctMjU1NTBiYTI5MTI3
LzEvWTR5RC1hT2owaFlLQVhqS0djeTBPZzB2R0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbcWlMA0G
CSqGSIb3DQEBCwUAA4IBAQAtvzoW9bvDKiWuCH39ZJlVvhCWnuVXsJ1VJ+D9e+uu
627G5k47JFMMTvJvN+LKujjfZ0dNlPtJkGx50c4oXgKh5GETYqkKzcjWHRZ8dX+9
Smv6maPE1YD6NpWSd0mtKwdqJ5TWUG6Zn9rH5HucUM0Sdx85CBSP1unDuaUd4yKs
ZgTDrEzlByK7sBRe5y+1T6y7e7LVv+9Crq9eAFCJdwLEtsKKivvYZNvTxY/bfLQS
q84zkq8w2tOO/RXyezak8x+OTyGLRisA2q6ZZTXrUCctxSxkm8+i/z78YGEjCajs
7ojRKPS7CNiL6UX/FJ+r1WwS4rDiHoS39f++Ju3ZW/B0
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:45:47 2025 by rpki-client