Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/otJ7nfoJ-zl16yzl1V2lDFiM0HA.roa
File: otJ7nfoJ-zl16yzl1V2lDFiM0HA.roa (raw, json)
Hash identifier: ci4b1eT86BcKQNNV0LV6W2PZ/InXXcZnfo32SMed2tQ=
Subject key identifier: A2:D2:7B:9D:FA:09:FB:39:75:EB:2C:E5:D5:5D:A5:0C:58:8C:D0:70
Certificate issuer: /CN=2bbc002a2b359b1aa8879e1c4d70455b3192efac
Certificate serial: 0194244557D886DA09FD5BBD043FFAF237A6
Authority key identifier: 2B:BC:00:2A:2B:35:9B:1A:A8:87:9E:1C:4D:70:45:5B:31:92:EF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K7wAKis1mxqoh54cTXBFWzGS76w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/otJ7nfoJ-zl16yzl1V2lDFiM0HA.roa
Signing time: Wed 01 Jan 2025 23:48:31 +0000
ROA not before: Wed 01 Jan 2025 23:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29217
IP address blocks: 78.41.240.0/21 maxlen: 21
85.119.128.0/21 maxlen: 21
85.119.129.0/24 maxlen: 24
159.72.128.0/21 maxlen: 21
159.72.136.0/24 maxlen: 24
159.72.137.0/24 maxlen: 24
159.72.138.0/24 maxlen: 24
164.9.0.0/16 maxlen: 16
164.9.95.0/24 maxlen: 24
164.9.99.0/24 maxlen: 24
164.9.100.0/22 maxlen: 22
164.9.102.0/24 maxlen: 24
164.9.104.0/22 maxlen: 22
192.16.143.0/24 maxlen: 24
2a02:c58::/32 maxlen: 32
2a02:c58:6::/48 maxlen: 48
2a02:c58:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/K7wAKis1mxqoh54cTXBFWzGS76w.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/K7wAKis1mxqoh54cTXBFWzGS76w.mft
rsync://rpki.ripe.net/repository/DEFAULT/K7wAKis1mxqoh54cTXBFWzGS76w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:57:d8:86:da:09:fd:5b:bd:04:3f:fa:f2:37:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bbc002a2b359b1aa8879e1c4d70455b3192efac
Validity
Not Before: Jan 1 23:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2d27b9dfa09fb3975eb2ce5d55da50c588cd070
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:01:2e:51:a9:de:7d:d4:c1:73:4c:9f:7f:b4:
4c:fe:60:84:73:a8:4d:cb:b4:15:49:d3:a0:b4:f3:
07:e8:3e:a9:ee:ce:dd:12:00:f8:18:04:33:59:3d:
ab:b9:cc:86:4b:7a:5f:14:28:30:ad:5c:be:03:ad:
a8:af:4d:c2:53:4d:b5:67:2f:30:90:01:92:30:ae:
33:8d:0c:7b:ad:0b:98:fb:4d:db:16:7d:64:c9:60:
cb:e1:0f:c2:09:b0:44:59:de:3f:eb:e1:76:53:aa:
b6:26:cd:23:3c:32:a3:90:de:8d:33:6a:68:13:f0:
bf:32:8c:bc:20:70:ef:fc:3a:23:3e:23:e1:4f:f2:
c0:69:59:7e:4b:74:8c:4c:a8:f6:99:b9:81:55:49:
ca:3d:b9:bf:24:80:4e:d6:84:d4:8e:52:54:c9:bd:
0a:d3:5d:62:72:5e:d5:4b:c1:95:4a:55:8b:07:08:
4b:46:44:ea:7f:58:1f:7f:97:2c:33:02:bb:f6:74:
60:a2:aa:77:1c:c8:b1:44:7c:94:6e:c6:3a:96:a8:
88:ed:00:84:ba:c6:1f:6e:23:7f:86:22:50:0e:6a:
cd:ad:43:92:0c:40:64:d6:31:dc:88:65:f1:6f:dc:
ce:60:db:08:e9:dd:98:8c:02:75:4d:0a:af:49:53:
8b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D2:7B:9D:FA:09:FB:39:75:EB:2C:E5:D5:5D:A5:0C:58:8C:D0:70
X509v3 Authority Key Identifier:
keyid:2B:BC:00:2A:2B:35:9B:1A:A8:87:9E:1C:4D:70:45:5B:31:92:EF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K7wAKis1mxqoh54cTXBFWzGS76w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/otJ7nfoJ-zl16yzl1V2lDFiM0HA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/K7wAKis1mxqoh54cTXBFWzGS76w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.240.0/21
85.119.128.0/21
159.72.128.0-159.72.138.255
164.9.0.0/16
192.16.143.0/24
IPv6:
2a02:c58::/32
Signature Algorithm: sha256WithRSAEncryption
95:c4:60:44:f6:56:8a:5c:2b:80:09:5b:c2:cc:fb:74:7b:33:
f7:a2:92:84:44:81:7e:f3:98:c0:88:e1:ec:af:2b:36:e4:8d:
4b:37:fe:38:84:4e:2b:89:fc:85:37:f4:66:b8:fe:b3:19:77:
fd:90:03:39:14:1f:50:2d:d9:06:ac:fc:98:bf:54:63:fb:a4:
92:d9:45:29:a4:f2:42:64:3d:0b:53:3f:ba:f5:c4:61:a0:07:
2b:64:25:5f:b3:92:48:4c:39:fa:38:42:cc:72:76:61:5e:20:
de:44:2f:43:63:32:59:44:bb:7a:34:69:62:71:4f:30:99:cc:
65:28:2c:6d:60:3d:44:43:e6:13:c0:0d:b2:d3:c2:dd:37:90:
cc:0e:ff:b7:1a:45:3e:56:de:12:55:19:cf:e8:cb:b2:07:bc:
aa:39:75:81:d8:97:51:61:8e:b9:bc:04:3c:91:e1:92:37:a5:
35:d1:75:2a:bd:b9:ac:21:fa:31:54:cd:21:3d:8e:f2:98:ef:
88:f8:88:35:fc:f8:56:ec:1a:ce:77:0c:5a:56:ca:f1:30:72:
b8:61:71:f5:f4:f4:06:7b:16:e5:77:4b:26:27:f9:49:1c:47:
d0:db:d8:5e:a0:72:27:dd:32:47:de:1a:a3:4e:d2:62:f5:4b:
88:64:39:42
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZQkRVfYhtoJ/Vu9BD/68jemMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYmMwMDJhMmIzNTliMWFhODg3OWUxYzRkNzA0NTViMzE5
MmVmYWMwHhcNMjUwMTAxMjM0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmQyN2I5ZGZhMDlmYjM5NzVlYjJjZTVkNTVkYTUwYzU4OGNkMDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAEuUanefdTBc0yff7RM/mCEc6hN
y7QVSdOgtPMH6D6p7s7dEgD4GAQzWT2rucyGS3pfFCgwrVy+A62or03CU021Zy8w
kAGSMK4zjQx7rQuY+03bFn1kyWDL4Q/CCbBEWd4/6+F2U6q2Js0jPDKjkN6NM2po
E/C/Moy8IHDv/DojPiPhT/LAaVl+S3SMTKj2mbmBVUnKPbm/JIBO1oTUjlJUyb0K
011icl7VS8GVSlWLBwhLRkTqf1gff5csMwK79nRgoqp3HMixRHyUbsY6lqiI7QCE
usYfbiN/hiJQDmrNrUOSDEBk1jHciGXxb9zOYNsI6d2YjAJ1TQqvSVOLGQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFKLSe536Cfs5dess5dVdpQxYjNBwMB8GA1UdIwQY
MBaAFCu8ACorNZsaqIeeHE1wRVsxku+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzd3QUtpczFteHFvaDU0Y1RYQkZXekdTNzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83YzM3MjYtMmRiZS00MTc0LWIxNjQt
YTg5ODg5Y2U1Zjg0LzEvb3RKN25mb0otemwxNnl6bDFWMmxERmlNMEhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83YzM3MjYtMmRiZS00MTc0LWIxNjQtYTg5ODg5Y2U1Zjg0
LzEvSzd3QUtpczFteHFvaDU0Y1RYQkZXekdTNzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDArBAIAATAlAwQDTinwAwQD
VXeAMAwDBAefSIADBACfSIoDAwCkCQMEAMAQjzANBAIAAjAHAwUAKgIMWDANBgkq
hkiG9w0BAQsFAAOCAQEAlcRgRPZWilwrgAlbwsz7dHsz96KShESBfvOYwIjh7K8r
NuSNSzf+OIROK4n8hTf0Zrj+sxl3/ZADORQfUC3ZBqz8mL9UY/ukktlFKaTyQmQ9
C1M/uvXEYaAHK2QlX7OSSEw5+jhCzHJ2YV4g3kQvQ2MyWUS7ejRpYnFPMJnMZSgs
bWA9REPmE8ANstPC3TeQzA7/txpFPlbeElUZz+jLsge8qjl1gdiXUWGOubwEPJHh
kjelNdF1Kr25rCH6MVTNIT2O8pjviPiINfz4VuwazncMWlbK8TByuGFx9fT0BnsW
5XdLJif5SRxH0NvYXqByJ90yR94ao07SYvVLiGQ5Qg==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:04 2025 by rpki-client