Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/5aa05a-720e-4d56-a3a8-a01c37b88728/1/2bBaeD35kseI457ZAPL2x12So_w.roa
File: 2bBaeD35kseI457ZAPL2x12So_w.roa (raw, json)
Hash identifier: oq5BcVgGKnzmBudzjO96n+tl2tyiGaHICIAPgJhlDTA=
Subject key identifier: D9:B0:5A:78:3D:F9:92:C7:88:E3:9E:D9:00:F2:F6:C7:5D:92:A3:FC
Certificate issuer: /CN=3b3a05dbb9c77fa16ed10469747a5c6e6eab88de
Certificate serial: 01942444D8CFFFEDBE9D24CF1532A1EC56F3
Authority key identifier: 3B:3A:05:DB:B9:C7:7F:A1:6E:D1:04:69:74:7A:5C:6E:6E:AB:88:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OzoF27nHf6Fu0QRpdHpcbm6riN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/5aa05a-720e-4d56-a3a8-a01c37b88728/1/2bBaeD35kseI457ZAPL2x12So_w.roa
Signing time: Wed 01 Jan 2025 23:47:59 +0000
ROA not before: Wed 01 Jan 2025 23:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58224
IP address blocks: 185.133.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/5aa05a-720e-4d56-a3a8-a01c37b88728/1/OzoF27nHf6Fu0QRpdHpcbm6riN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/5aa05a-720e-4d56-a3a8-a01c37b88728/1/OzoF27nHf6Fu0QRpdHpcbm6riN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/OzoF27nHf6Fu0QRpdHpcbm6riN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:d8:cf:ff:ed:be:9d:24:cf:15:32:a1:ec:56:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b3a05dbb9c77fa16ed10469747a5c6e6eab88de
Validity
Not Before: Jan 1 23:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9b05a783df992c788e39ed900f2f6c75d92a3fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4e:47:69:55:09:c1:7c:d0:ed:b9:b5:fb:bb:
4b:7e:e6:bd:5c:25:7b:4f:d4:ce:62:f4:9f:ff:b6:
07:fc:c9:eb:61:93:b0:86:10:e0:8f:6d:94:95:ff:
b9:d4:11:3e:f3:3a:37:97:65:6a:58:8e:13:aa:7c:
cd:89:68:3b:50:39:ab:cb:76:8f:27:7d:ce:fe:41:
e3:cd:74:30:74:f4:2d:5a:3f:d5:a6:eb:be:d2:53:
64:ed:e6:0b:96:7c:b7:b3:b2:78:04:e0:ae:9b:81:
d7:23:c2:f5:ff:b6:05:b2:f8:9f:43:77:a4:b4:7f:
a1:60:05:68:8c:4a:85:ef:20:d2:49:d5:d1:55:19:
ad:a4:5b:e0:2b:08:75:36:cd:24:fa:c6:ef:47:ba:
ef:95:41:96:13:84:8c:21:c8:09:22:a1:66:fa:f3:
d8:df:b0:7c:9b:c6:b4:82:0c:e7:15:53:fa:ed:9f:
19:3f:88:96:cb:07:68:df:f2:de:8c:1f:c6:a4:ef:
82:51:45:7d:be:19:57:76:36:4f:b0:18:20:f3:93:
60:3c:20:66:4e:21:60:c5:f1:7f:db:9b:3a:9c:a0:
77:42:f3:06:4f:51:ff:1f:1e:27:eb:a3:86:3a:d1:
29:aa:c2:d1:b5:d6:20:46:79:1f:20:64:82:df:3d:
d5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B0:5A:78:3D:F9:92:C7:88:E3:9E:D9:00:F2:F6:C7:5D:92:A3:FC
X509v3 Authority Key Identifier:
keyid:3B:3A:05:DB:B9:C7:7F:A1:6E:D1:04:69:74:7A:5C:6E:6E:AB:88:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OzoF27nHf6Fu0QRpdHpcbm6riN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/5aa05a-720e-4d56-a3a8-a01c37b88728/1/2bBaeD35kseI457ZAPL2x12So_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/5aa05a-720e-4d56-a3a8-a01c37b88728/1/OzoF27nHf6Fu0QRpdHpcbm6riN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.125.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:74:5b:bf:7c:eb:ce:f9:20:fa:a6:e5:15:58:63:a2:4c:e7:
0e:3f:75:77:88:07:f5:07:e0:fa:8d:47:ab:82:62:6a:85:23:
7c:40:c9:3a:96:31:93:72:99:1b:9a:a1:3d:b4:0f:46:a5:f1:
18:9c:b2:9a:30:19:82:ed:a2:97:ef:ef:ba:d9:bf:27:ca:a1:
76:28:b6:26:f1:c0:e1:e5:ad:b7:9e:95:63:97:cd:f2:03:53:
63:5b:7e:b3:76:32:4b:a5:c0:f6:e1:1e:8e:03:ca:ca:0b:34:
6d:e6:15:c3:dd:a8:3a:4a:d9:66:4c:a8:36:2a:25:7e:90:ee:
14:e2:1c:be:25:ea:a7:ba:01:59:da:90:dd:f3:d7:c7:6a:03:
d7:ad:cf:19:a5:43:c1:c3:07:59:8b:c0:c7:18:ec:57:b1:c1:
b8:2f:67:f0:52:c1:ba:65:35:67:2d:f2:f1:4b:0d:09:f0:20:
ba:7c:29:49:92:ca:33:4a:ad:f3:45:bf:52:e8:35:1d:0d:c7:
48:1f:e7:72:d2:59:b8:90:01:9c:f0:15:cc:66:60:73:61:b8:
0c:18:e0:97:5a:a1:c5:5e:7a:23:c1:d5:70:5d:7c:8e:0c:20:
f6:99:91:34:35:62:34:12:fe:01:d0:6b:30:61:c7:c0:c3:7d:
9f:b4:66:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRNjP/+2+nSTPFTKh7FbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiM2EwNWRiYjljNzdmYTE2ZWQxMDQ2OTc0N2E1YzZlNmVh
Yjg4ZGUwHhcNMjUwMTAxMjM0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWIwNWE3ODNkZjk5MmM3ODhlMzllZDkwMGYyZjZjNzVkOTJhM2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnU5HaVUJwXzQ7bm1+7tLfua9XCV7
T9TOYvSf/7YH/MnrYZOwhhDgj22Ulf+51BE+8zo3l2VqWI4TqnzNiWg7UDmry3aP
J33O/kHjzXQwdPQtWj/Vpuu+0lNk7eYLlny3s7J4BOCum4HXI8L1/7YFsvifQ3ek
tH+hYAVojEqF7yDSSdXRVRmtpFvgKwh1Ns0k+sbvR7rvlUGWE4SMIcgJIqFm+vPY
37B8m8a0ggznFVP67Z8ZP4iWywdo3/LejB/GpO+CUUV9vhlXdjZPsBgg85NgPCBm
TiFgxfF/25s6nKB3QvMGT1H/Hx4n66OGOtEpqsLRtdYgRnkfIGSC3z3V/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNmwWng9+ZLHiOOe2QDy9sddkqP8MB8GA1UdIwQY
MBaAFDs6Bdu5x3+hbtEEaXR6XG5uq4jeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3pvRjI3bkhmNkZ1MFFScGRIcGNibTZyaU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS81YWEwNWEtNzIwZS00ZDU2LWEzYTgt
YTAxYzM3Yjg4NzI4LzEvMmJCYWVEMzVrc2VJNDU3WkFQTDJ4MTJTb193LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS81YWEwNWEtNzIwZS00ZDU2LWEzYTgtYTAxYzM3Yjg4NzI4
LzEvT3pvRjI3bkhmNkZ1MFFScGRIcGNibTZyaU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYV9MA0G
CSqGSIb3DQEBCwUAA4IBAQDLdFu/fOvO+SD6puUVWGOiTOcOP3V3iAf1B+D6jUer
gmJqhSN8QMk6ljGTcpkbmqE9tA9GpfEYnLKaMBmC7aKX7++62b8nyqF2KLYm8cDh
5a23npVjl83yA1NjW36zdjJLpcD24R6OA8rKCzRt5hXD3ag6StlmTKg2KiV+kO4U
4hy+JeqnugFZ2pDd89fHagPXrc8ZpUPBwwdZi8DHGOxXscG4L2fwUsG6ZTVnLfLx
Sw0J8CC6fClJksozSq3zRb9S6DUdDcdIH+dy0lm4kAGc8BXMZmBzYbgMGOCXWqHF
XnojwdVwXXyODCD2mZE0NWI0Ev4B0GswYcfAw32ftGYY
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:39:06 2025 by rpki-client