Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/2b800e-6953-4009-b195-41b26607bf36/1/t9CNJf3eXwpeMjr9B2y5JwU1fgQ.roa
File: t9CNJf3eXwpeMjr9B2y5JwU1fgQ.roa (raw, json)
Hash identifier: 1VYdgaCmthgCjQEP8F7ZlA1j3DUuIWlR2jF27HX+0/o=
Subject key identifier: B7:D0:8D:25:FD:DE:5F:0A:5E:32:3A:FD:07:6C:B9:27:05:35:7E:04
Certificate issuer: /CN=8b9b0163eee9e792aaa16b7d5105d347211f3123
Certificate serial: 019427B60F1906864E853B75B51F28E9563A
Authority key identifier: 8B:9B:01:63:EE:E9:E7:92:AA:A1:6B:7D:51:05:D3:47:21:1F:31:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i5sBY-7p55KqoWt9UQXTRyEfMSM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/2b800e-6953-4009-b195-41b26607bf36/1/t9CNJf3eXwpeMjr9B2y5JwU1fgQ.roa
Signing time: Thu 02 Jan 2025 15:50:30 +0000
ROA not before: Thu 02 Jan 2025 15:50:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50873
IP address blocks: 185.237.176.0/24 maxlen: 24
2a0c:1b80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/2b800e-6953-4009-b195-41b26607bf36/1/i5sBY-7p55KqoWt9UQXTRyEfMSM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/2b800e-6953-4009-b195-41b26607bf36/1/i5sBY-7p55KqoWt9UQXTRyEfMSM.mft
rsync://rpki.ripe.net/repository/DEFAULT/i5sBY-7p55KqoWt9UQXTRyEfMSM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 15:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:0f:19:06:86:4e:85:3b:75:b5:1f:28:e9:56:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b9b0163eee9e792aaa16b7d5105d347211f3123
Validity
Not Before: Jan 2 15:50:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7d08d25fdde5f0a5e323afd076cb92705357e04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e3:59:43:1b:98:f6:98:e2:83:86:78:15:15:
f2:0f:ab:47:02:2a:0a:4e:7e:77:60:27:2f:26:e9:
0a:91:a3:b3:d2:25:51:2f:0a:31:c8:65:20:b0:ad:
75:12:e8:7f:8a:ee:28:cf:42:12:cc:96:74:8c:89:
d8:6d:d2:84:56:7f:90:e1:ae:b4:e5:21:f5:1a:7c:
9f:79:73:d2:a9:de:62:77:5b:21:42:88:31:f4:d9:
26:6d:fe:2b:64:c4:3f:6b:b1:a9:c0:7f:e1:11:a9:
3e:f4:19:d6:43:bd:5c:78:5e:c9:ee:77:3b:84:65:
44:be:9a:a5:8d:32:fe:ad:92:fd:d9:c1:66:ab:cb:
45:b3:71:dd:6a:cd:c9:25:bb:bd:a8:91:8d:7d:d6:
49:94:41:95:43:e4:71:49:3e:98:60:97:35:52:dc:
36:28:1c:b4:08:60:ba:9c:8f:cf:e5:d2:e9:ae:db:
e5:bf:c9:36:9d:77:e0:a3:57:4e:14:c1:b4:fc:31:
40:bd:59:f8:ad:6e:c9:30:4c:a2:9a:da:61:47:c2:
73:f6:ce:41:07:7d:95:0c:15:03:66:71:db:88:9e:
f6:99:1b:99:02:fb:a7:64:f1:21:e7:34:11:e2:98:
1f:1e:60:f5:41:15:00:35:44:51:26:74:de:35:83:
cb:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:D0:8D:25:FD:DE:5F:0A:5E:32:3A:FD:07:6C:B9:27:05:35:7E:04
X509v3 Authority Key Identifier:
keyid:8B:9B:01:63:EE:E9:E7:92:AA:A1:6B:7D:51:05:D3:47:21:1F:31:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5sBY-7p55KqoWt9UQXTRyEfMSM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/2b800e-6953-4009-b195-41b26607bf36/1/t9CNJf3eXwpeMjr9B2y5JwU1fgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/2b800e-6953-4009-b195-41b26607bf36/1/i5sBY-7p55KqoWt9UQXTRyEfMSM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.176.0/24
IPv6:
2a0c:1b80::/29
Signature Algorithm: sha256WithRSAEncryption
b7:36:36:2d:ad:ac:cd:ed:2a:3d:f5:5b:3d:1e:e1:67:95:84:
06:27:d7:e3:58:98:a9:91:f0:31:1f:bb:5f:22:dc:5a:12:14:
dd:c3:1c:18:c4:72:9e:64:97:85:f8:3e:22:c8:66:8e:7f:d5:
2b:2e:7a:6d:ef:8f:22:c3:b6:96:7d:9a:69:c7:b6:f4:f5:e4:
6a:c5:f7:b6:17:a0:03:58:f3:e9:0d:c3:c6:6c:cd:68:cf:62:
24:ed:d8:da:f8:4d:ed:7e:a9:be:a6:5a:09:15:91:aa:5d:8a:
1a:ea:fc:fa:af:44:2d:ae:7b:ad:19:21:2a:79:da:8e:72:50:
51:59:26:89:85:7f:86:d1:4d:1a:a5:35:c9:72:3d:76:c7:4c:
65:70:cd:72:ee:64:d8:dd:cc:4c:7f:8a:2c:65:4f:cf:8e:c8:
10:ba:64:78:c4:25:58:e7:ff:ae:82:0d:a2:92:ba:4b:fc:4f:
33:60:28:e8:8f:7c:8d:e2:2f:10:81:a4:c2:2b:be:5a:6a:a0:
ec:9c:af:0e:10:1a:d9:23:2a:8e:e0:70:06:84:00:a6:b6:8f:
93:1a:8a:dc:f3:ab:f5:cd:5d:1e:20:6b:13:e9:da:2a:e1:a0:
31:5a:91:91:2b:00:38:9e:1a:28:84:15:1a:76:55:94:3b:14:
f6:d8:9e:83
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntg8ZBoZOhTt1tR8o6VY6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOWIwMTYzZWVlOWU3OTJhYWExNmI3ZDUxMDVkMzQ3MjEx
ZjMxMjMwHhcNMjUwMTAyMTU1MDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2QwOGQyNWZkZGU1ZjBhNWUzMjNhZmQwNzZjYjkyNzA1MzU3ZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+NZQxuY9pjig4Z4FRXyD6tHAioK
Tn53YCcvJukKkaOz0iVRLwoxyGUgsK11Euh/iu4oz0ISzJZ0jInYbdKEVn+Q4a60
5SH1GnyfeXPSqd5id1shQogx9Nkmbf4rZMQ/a7GpwH/hEak+9BnWQ71ceF7J7nc7
hGVEvpqljTL+rZL92cFmq8tFs3Hdas3JJbu9qJGNfdZJlEGVQ+RxST6YYJc1Utw2
KBy0CGC6nI/P5dLprtvlv8k2nXfgo1dOFMG0/DFAvVn4rW7JMEyimtphR8Jz9s5B
B32VDBUDZnHbiJ72mRuZAvunZPEh5zQR4pgfHmD1QRUANURRJnTeNYPLuQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLfQjSX93l8KXjI6/QdsuScFNX4EMB8GA1UdIwQY
MBaAFIubAWPu6eeSqqFrfVEF00chHzEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTVzQlktN3A1NUtxb1d0OVVRWFRSeUVmTVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8yYjgwMGUtNjk1My00MDA5LWIxOTUt
NDFiMjY2MDdiZjM2LzEvdDlDTkpmM2VYd3BlTWpyOUIyeTVKd1UxZmdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8yYjgwMGUtNjk1My00MDA5LWIxOTUtNDFiMjY2MDdiZjM2
LzEvaTVzQlktN3A1NUtxb1d0OVVRWFRSeUVmTVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAue2wMA0E
AgACMAcDBQMqDBuAMA0GCSqGSIb3DQEBCwUAA4IBAQC3NjYtrazN7So99Vs9HuFn
lYQGJ9fjWJipkfAxH7tfItxaEhTdwxwYxHKeZJeF+D4iyGaOf9UrLnpt748iw7aW
fZppx7b09eRqxfe2F6ADWPPpDcPGbM1oz2Ik7dja+E3tfqm+ploJFZGqXYoa6vz6
r0QtrnutGSEqedqOclBRWSaJhX+G0U0apTXJcj12x0xlcM1y7mTY3cxMf4osZU/P
jsgQumR4xCVY5/+ugg2ikrpL/E8zYCjoj3yN4i8QgaTCK75aaqDsnK8OEBrZIyqO
4HAGhACmto+TGorc86v1zV0eIGsT6doq4aAxWpGRKwA4nhoohBUadlWUOxT22J6D
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:38:07 2025 by rpki-client