Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/01a421-bdbf-43e0-8aeb-2c48cb298646/1/2Kbuhnz-qjWj_6C7taO8b5i9WUc.roa
File: 2Kbuhnz-qjWj_6C7taO8b5i9WUc.roa (raw, json)
Hash identifier: xkYUP8LGb2IQtLXiN3kttUneWx7+9bzhnl1hbIWGO78=
Subject key identifier: D8:A6:EE:86:7C:FE:AA:35:A3:FF:A0:BB:B5:A3:BC:6F:98:BD:59:47
Certificate issuer: /CN=fcb6b17bd2e5f14bd375a0c0e69dfc77d9702f4a
Certificate serial: 019425FD93EF6B57B1EA1100A0D3A5FE58B7
Authority key identifier: FC:B6:B1:7B:D2:E5:F1:4B:D3:75:A0:C0:E6:9D:FC:77:D9:70:2F:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Laxe9Ll8UvTdaDA5p38d9lwL0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/01a421-bdbf-43e0-8aeb-2c48cb298646/1/2Kbuhnz-qjWj_6C7taO8b5i9WUc.roa
Signing time: Thu 02 Jan 2025 07:49:22 +0000
ROA not before: Thu 02 Jan 2025 07:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203244
IP address blocks: 45.80.85.0/24 maxlen: 24
45.80.86.0/24 maxlen: 24
45.80.87.0/24 maxlen: 24
177.8.68.0/24 maxlen: 24
185.246.196.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/01a421-bdbf-43e0-8aeb-2c48cb298646/1/_Laxe9Ll8UvTdaDA5p38d9lwL0o.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/01a421-bdbf-43e0-8aeb-2c48cb298646/1/_Laxe9Ll8UvTdaDA5p38d9lwL0o.mft
rsync://rpki.ripe.net/repository/DEFAULT/_Laxe9Ll8UvTdaDA5p38d9lwL0o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 20:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:93:ef:6b:57:b1:ea:11:00:a0:d3:a5:fe:58:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcb6b17bd2e5f14bd375a0c0e69dfc77d9702f4a
Validity
Not Before: Jan 2 07:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8a6ee867cfeaa35a3ffa0bbb5a3bc6f98bd5947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7f:6b:37:92:b4:3f:68:24:a7:59:36:1f:3c:
62:00:3c:ef:60:bc:ef:0d:5b:87:89:3f:e3:72:6f:
c9:d3:67:0a:1a:b6:86:84:5b:0e:4c:ac:33:7a:c9:
01:b5:a3:47:c6:27:28:a1:49:8f:ae:91:29:cc:d6:
4d:7d:3a:79:ae:11:d7:ea:ca:0b:23:56:89:ff:16:
12:52:4b:ed:f2:bd:56:ef:25:8c:e6:c6:4a:52:70:
0c:6a:ef:bc:6f:e6:e5:38:16:97:eb:f6:2a:61:d8:
c7:b9:86:d2:cb:ca:29:8b:c8:2c:e0:8a:1a:68:48:
ea:51:13:bf:fb:c7:04:9d:43:7a:bb:aa:56:b0:ce:
66:6c:79:05:c6:c4:81:e9:a4:6f:8c:c5:65:f0:c2:
d9:f0:3d:f2:dd:d2:3e:16:f8:ed:42:a4:6b:7e:4e:
2d:a5:e3:9b:35:2d:0f:28:96:06:28:ad:03:0d:6f:
b1:e2:e8:ab:a6:da:03:59:8d:60:ff:ce:00:9c:23:
b1:97:32:2b:1b:f0:c5:2d:ba:9d:cb:a4:1c:55:1b:
e4:10:00:78:aa:12:61:ae:f2:5a:4f:af:0e:a0:7d:
b6:e6:56:f6:12:ea:ee:cd:9b:7e:1f:2e:29:99:a0:
39:a7:7f:2b:6d:0e:11:37:ce:ec:cd:dc:81:c5:a8:
2a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A6:EE:86:7C:FE:AA:35:A3:FF:A0:BB:B5:A3:BC:6F:98:BD:59:47
X509v3 Authority Key Identifier:
keyid:FC:B6:B1:7B:D2:E5:F1:4B:D3:75:A0:C0:E6:9D:FC:77:D9:70:2F:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Laxe9Ll8UvTdaDA5p38d9lwL0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/01a421-bdbf-43e0-8aeb-2c48cb298646/1/2Kbuhnz-qjWj_6C7taO8b5i9WUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/01a421-bdbf-43e0-8aeb-2c48cb298646/1/_Laxe9Ll8UvTdaDA5p38d9lwL0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.85.0-45.80.87.255
177.8.68.0/24
185.246.196.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:45:cb:72:fa:4b:c0:10:1f:e9:f6:c4:e6:13:e1:c7:a4:6b:
74:52:76:43:19:2d:a6:2c:f8:45:43:c6:34:5c:72:03:2d:54:
7f:37:58:41:e8:e4:50:aa:e8:be:b2:e3:bf:bf:43:7e:f3:82:
2c:6a:c2:1d:23:14:e4:3f:45:80:5b:44:68:46:bf:4c:64:9d:
7b:f6:6f:65:e2:5f:4f:fe:1f:16:79:40:3e:0d:3e:74:e2:2a:
88:27:7a:2b:c0:42:e8:24:56:70:3d:27:aa:29:9a:0e:04:73:
01:8a:45:0b:35:03:ca:e5:59:7d:6f:5e:62:aa:fe:50:42:a2:
b9:99:b6:13:e1:66:7a:6f:18:12:f7:60:fd:7c:52:c0:c1:a2:
99:e8:ad:d0:67:cf:98:de:d0:d1:05:ff:16:11:ec:36:eb:9b:
39:7c:66:6c:9c:8f:9c:0b:06:cd:3c:71:2e:3c:68:80:9d:1c:
e0:3b:d5:a3:45:9b:32:0e:ed:04:0a:dc:54:67:68:60:d6:8c:
be:27:72:14:78:ec:61:09:a8:12:99:fe:ae:4c:aa:fb:79:42:
86:ee:a5:8b:8b:3c:77:d3:21:4e:c4:33:4b:dd:86:c0:fd:b3:
5a:6a:8d:ef:91:08:37:48:b8:51:78:cf:51:45:b0:8f:7a:63:
06:60:24:45
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQl/ZPva1ex6hEAoNOl/li3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYjZiMTdiZDJlNWYxNGJkMzc1YTBjMGU2OWRmYzc3ZDk3
MDJmNGEwHhcNMjUwMTAyMDc0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGE2ZWU4NjdjZmVhYTM1YTNmZmEwYmJiNWEzYmM2Zjk4YmQ1OTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApX9rN5K0P2gkp1k2HzxiADzvYLzv
DVuHiT/jcm/J02cKGraGhFsOTKwzeskBtaNHxicooUmPrpEpzNZNfTp5rhHX6soL
I1aJ/xYSUkvt8r1W7yWM5sZKUnAMau+8b+blOBaX6/YqYdjHuYbSy8opi8gs4Ioa
aEjqURO/+8cEnUN6u6pWsM5mbHkFxsSB6aRvjMVl8MLZ8D3y3dI+FvjtQqRrfk4t
peObNS0PKJYGKK0DDW+x4uirptoDWY1g/84AnCOxlzIrG/DFLbqdy6QcVRvkEAB4
qhJhrvJaT68OoH225lb2EuruzZt+Hy4pmaA5p38rbQ4RN87szdyBxagqGQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNim7oZ8/qo1o/+gu7WjvG+YvVlHMB8GA1UdIwQY
MBaAFPy2sXvS5fFL03WgwOad/HfZcC9KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0xheGU5TGw4VXZUZGFEQTVwMzhkOWx3TDBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wMWE0MjEtYmRiZi00M2UwLThhZWIt
MmM0OGNiMjk4NjQ2LzEvMktidWhuei1xaldqXzZDN3RhTzhiNWk5V1VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wMWE0MjEtYmRiZi00M2UwLThhZWItMmM0OGNiMjk4NjQ2
LzEvX0xheGU5TGw4VXZUZGFEQTVwMzhkOWx3TDBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtUFUD
BAMtUFADBACxCEQDBAK59sQwDQYJKoZIhvcNAQELBQADggEBAJxFy3L6S8AQH+n2
xOYT4ceka3RSdkMZLaYs+EVDxjRccgMtVH83WEHo5FCq6L6y47+/Q37zgixqwh0j
FOQ/RYBbRGhGv0xknXv2b2XiX0/+HxZ5QD4NPnTiKogneivAQugkVnA9J6opmg4E
cwGKRQs1A8rlWX1vXmKq/lBCormZthPhZnpvGBL3YP18UsDBopnordBnz5je0NEF
/xYR7Dbrmzl8Zmycj5wLBs08cS48aICdHOA71aNFmzIO7QQK3FRnaGDWjL4nchR4
7GEJqBKZ/q5Mqvt5QobupYuLPHfTIU7EM0vdhsD9s1pqje+RCDdIuFF4z1FFsI96
YwZgJEU=
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:41:12 2025 by rpki-client