Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/2-psKgjkSNUOWnZFMoAD6l3epRU.roa
File: 2-psKgjkSNUOWnZFMoAD6l3epRU.roa (raw, json)
Hash identifier: gFGUN3be0G1hR2YAWLqKrs2cwQ3z+R+vgxUYB8SwE90=
Subject key identifier: DB:EA:6C:2A:08:E4:48:D5:0E:5A:76:45:32:80:03:EA:5D:DE:A5:15
Certificate issuer: /CN=2bbc002a2b359b1aa8879e1c4d70455b3192efac
Certificate serial: 01942445580F93A6C7F48DE3E175C63034BD
Authority key identifier: 2B:BC:00:2A:2B:35:9B:1A:A8:87:9E:1C:4D:70:45:5B:31:92:EF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K7wAKis1mxqoh54cTXBFWzGS76w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/2-psKgjkSNUOWnZFMoAD6l3epRU.roa
Signing time: Wed 01 Jan 2025 23:48:31 +0000
ROA not before: Wed 01 Jan 2025 23:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31331
IP address blocks: 83.150.128.0/19 maxlen: 19
83.150.160.0/20 maxlen: 20
83.150.184.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/K7wAKis1mxqoh54cTXBFWzGS76w.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/K7wAKis1mxqoh54cTXBFWzGS76w.mft
rsync://rpki.ripe.net/repository/DEFAULT/K7wAKis1mxqoh54cTXBFWzGS76w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:58:0f:93:a6:c7:f4:8d:e3:e1:75:c6:30:34:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bbc002a2b359b1aa8879e1c4d70455b3192efac
Validity
Not Before: Jan 1 23:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dbea6c2a08e448d50e5a7645328003ea5ddea515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:32:6a:8a:f1:31:01:64:b6:d5:33:8a:1a:f1:
d1:b8:14:9f:c2:4f:82:f2:25:a4:67:c2:1e:63:81:
7b:35:95:78:b1:cf:e6:da:f4:e5:f9:b7:ee:ae:42:
3c:19:bf:ec:64:ec:55:33:1f:70:df:dc:3f:cc:18:
d0:b8:62:12:b9:ee:5d:a4:2c:2f:61:89:ef:2e:b9:
12:2c:2b:b2:98:92:8e:e0:04:62:47:38:f5:4b:35:
dd:29:76:db:98:7d:cf:9e:03:8b:4c:e9:04:d1:d2:
59:b7:fe:24:e8:f0:16:ed:74:c5:48:6c:ae:e7:ea:
7a:d6:b9:12:ca:4b:79:8e:14:55:ff:1e:28:f4:e7:
66:68:1a:d7:89:e3:67:e4:90:58:99:24:79:ab:b4:
5b:42:95:9a:58:24:b8:47:80:df:ad:a5:b1:bc:fd:
0c:ba:33:a5:38:92:b0:dd:7b:3d:5a:49:23:03:5a:
72:38:e1:cc:8d:97:b4:74:09:e4:46:40:96:ab:4f:
35:b3:97:65:14:8d:3e:fc:72:78:1e:84:d2:25:0d:
f3:ca:39:0a:73:3b:92:c3:64:72:4f:bd:4b:3f:b9:
64:61:ee:cb:14:40:7d:0f:05:b8:15:a6:26:4f:7a:
6b:d9:0b:8d:1a:9a:b3:d0:d6:bb:81:42:5c:82:65:
36:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:EA:6C:2A:08:E4:48:D5:0E:5A:76:45:32:80:03:EA:5D:DE:A5:15
X509v3 Authority Key Identifier:
keyid:2B:BC:00:2A:2B:35:9B:1A:A8:87:9E:1C:4D:70:45:5B:31:92:EF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K7wAKis1mxqoh54cTXBFWzGS76w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/2-psKgjkSNUOWnZFMoAD6l3epRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/K7wAKis1mxqoh54cTXBFWzGS76w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.150.128.0-83.150.175.255
83.150.184.0/21
Signature Algorithm: sha256WithRSAEncryption
a8:41:48:a9:eb:36:34:b9:b0:85:b7:90:14:86:f9:c7:f1:e2:
b7:0f:34:05:c0:a8:54:32:37:45:6b:b5:c1:c0:1b:58:a6:5c:
e7:f5:e5:1a:05:01:90:73:48:7e:a2:d9:5a:e0:88:e1:98:b8:
71:38:f5:52:3c:20:9c:55:6b:7d:24:f3:64:e5:84:06:7b:0d:
bd:1e:d9:d9:b4:07:24:f5:95:b0:53:a3:39:30:ca:dc:aa:92:
78:26:65:23:b6:df:b7:dd:fa:4c:d2:2d:e2:33:89:13:6e:06:
10:eb:51:a4:0b:b2:aa:55:5b:68:05:54:83:5b:52:a7:de:63:
08:3d:22:ee:10:91:00:b3:9a:52:64:68:6e:ca:99:09:5f:24:
37:d2:c6:83:3e:f1:e5:5d:22:0a:b0:21:e2:fe:3b:77:a7:95:
98:d4:54:ac:8f:75:49:a6:99:38:4c:3c:34:70:ec:46:0a:c7:
0a:dc:95:09:04:46:1d:5b:54:24:df:e5:d8:2d:ca:e0:97:96:
69:06:65:ca:69:84:ec:2a:11:e9:e9:59:d5:1b:0f:05:ee:44:
c2:dc:ba:64:24:0b:58:e0:27:00:6f:34:6b:b2:42:8b:ac:f2:
06:06:c4:52:f9:67:1e:9c:d8:e8:6d:d6:8f:84:e4:6f:1c:b8:
11:d0:48:35
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQkRVgPk6bH9I3j4XXGMDS9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYmMwMDJhMmIzNTliMWFhODg3OWUxYzRkNzA0NTViMzE5
MmVmYWMwHhcNMjUwMTAxMjM0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmVhNmMyYTA4ZTQ0OGQ1MGU1YTc2NDUzMjgwMDNlYTVkZGVhNTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzJqivExAWS21TOKGvHRuBSfwk+C
8iWkZ8IeY4F7NZV4sc/m2vTl+bfurkI8Gb/sZOxVMx9w39w/zBjQuGISue5dpCwv
YYnvLrkSLCuymJKO4ARiRzj1SzXdKXbbmH3PngOLTOkE0dJZt/4k6PAW7XTFSGyu
5+p61rkSykt5jhRV/x4o9OdmaBrXieNn5JBYmSR5q7RbQpWaWCS4R4DfraWxvP0M
ujOlOJKw3Xs9WkkjA1pyOOHMjZe0dAnkRkCWq081s5dlFI0+/HJ4HoTSJQ3zyjkK
czuSw2RyT71LP7lkYe7LFEB9DwW4FaYmT3pr2QuNGpqz0Na7gUJcgmU2tQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNvqbCoI5EjVDlp2RTKAA+pd3qUVMB8GA1UdIwQY
MBaAFCu8ACorNZsaqIeeHE1wRVsxku+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzd3QUtpczFteHFvaDU0Y1RYQkZXekdTNzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83YzM3MjYtMmRiZS00MTc0LWIxNjQt
YTg5ODg5Y2U1Zjg0LzEvMi1wc0tnamtTTlVPV25aRk1vQUQ2bDNlcFJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83YzM3MjYtMmRiZS00MTc0LWIxNjQtYTg5ODg5Y2U1Zjg0
LzEvSzd3QUtpczFteHFvaDU0Y1RYQkZXekdTNzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAdTloAD
BARTlqADBANTlrgwDQYJKoZIhvcNAQELBQADggEBAKhBSKnrNjS5sIW3kBSG+cfx
4rcPNAXAqFQyN0VrtcHAG1imXOf15RoFAZBzSH6i2VrgiOGYuHE49VI8IJxVa30k
82TlhAZ7Db0e2dm0ByT1lbBTozkwytyqkngmZSO237fd+kzSLeIziRNuBhDrUaQL
sqpVW2gFVINbUqfeYwg9Iu4QkQCzmlJkaG7KmQlfJDfSxoM+8eVdIgqwIeL+O3en
lZjUVKyPdUmmmThMPDRw7EYKxwrclQkERh1bVCTf5dgtyuCXlmkGZcpphOwqEenp
WdUbDwXuRMLcumQkC1jgJwBvNGuyQous8gYGxFL5Zx6c2Oht1o+E5G8cuBHQSDU=
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:18:34 2025 by rpki-client