Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/2hZweGDLaTOG9__dBEdUkTtfsSw.roa
File: 2hZweGDLaTOG9__dBEdUkTtfsSw.roa (raw, json)
Hash identifier: x2mvxEnLHZTwd7sK9WWW9RrPHq1tkRpvzUBh9hY6j6E=
Subject key identifier: DA:16:70:78:60:CB:69:33:86:F7:FF:DD:04:47:54:91:3B:5F:B1:2C
Certificate issuer: /CN=b869ee66164d3cb41dbd2df5417817c32f4cea05
Certificate serial: 0195230EBA23D058482BC3CD10F99F965610
Authority key identifier: B8:69:EE:66:16:4D:3C:B4:1D:BD:2D:F5:41:78:17:C3:2F:4C:EA:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uGnuZhZNPLQdvS31QXgXwy9M6gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/2hZweGDLaTOG9__dBEdUkTtfsSw.roa
Signing time: Thu 20 Feb 2025 11:12:02 +0000
ROA not before: Thu 20 Feb 2025 11:12:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199366
IP address blocks: 2.56.60.0/24 maxlen: 24
2.56.61.0/24 maxlen: 24
2.56.62.0/24 maxlen: 24
46.20.10.0/24 maxlen: 24
46.20.12.0/24 maxlen: 24
46.20.13.0/24 maxlen: 24
95.130.174.0/24 maxlen: 24
185.19.92.0/24 maxlen: 24
185.19.93.0/24 maxlen: 24
185.19.94.0/24 maxlen: 24
185.19.95.0/24 maxlen: 24
185.59.28.0/24 maxlen: 24
185.59.30.0/24 maxlen: 24
185.59.31.0/24 maxlen: 24
185.114.193.0/24 maxlen: 24
185.114.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/uGnuZhZNPLQdvS31QXgXwy9M6gU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/uGnuZhZNPLQdvS31QXgXwy9M6gU.mft
rsync://rpki.ripe.net/repository/DEFAULT/uGnuZhZNPLQdvS31QXgXwy9M6gU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:23:0e:ba:23:d0:58:48:2b:c3:cd:10:f9:9f:96:56:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b869ee66164d3cb41dbd2df5417817c32f4cea05
Validity
Not Before: Feb 20 11:12:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da16707860cb693386f7ffdd044754913b5fb12c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a0:57:20:fe:2f:fc:6e:1b:39:b2:85:8b:b0:
a6:b1:4d:96:77:b6:5c:88:51:62:5d:22:29:ab:22:
09:85:bd:7b:97:0c:a0:af:d4:01:c0:cc:7b:f1:ff:
bc:4b:56:5e:31:c3:c6:ca:6b:f0:f3:28:c1:c8:8f:
ed:aa:0c:99:4d:49:5d:08:71:a6:d7:d1:da:53:a8:
20:a4:f3:bf:bf:3a:04:d9:86:9b:69:f4:b4:60:41:
17:a6:c0:24:d4:3c:ba:67:90:ad:13:27:2a:58:96:
39:6f:f0:06:98:09:db:6e:b0:bc:21:3e:ed:6b:1b:
30:37:d4:47:5d:d9:5b:56:a5:77:a5:f9:67:80:f2:
45:54:75:af:5a:a1:8c:a1:fb:1c:9e:d9:cc:f1:02:
db:09:50:bc:88:06:43:b9:10:a6:df:88:17:1c:88:
74:b9:7e:69:fe:18:41:61:75:68:59:fc:8b:46:69:
83:09:06:e3:49:dc:42:f7:de:73:66:2d:0f:5e:db:
e3:ef:e7:46:29:6d:0b:41:5d:a2:51:33:fd:2e:99:
48:f6:eb:43:10:63:3a:45:83:d7:64:a8:f6:b4:3e:
39:1f:a9:ec:ad:0a:a7:c9:cd:90:f8:3c:36:92:c3:
a0:75:2a:6e:10:61:3c:e8:dc:66:81:78:c2:f4:ce:
61:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:16:70:78:60:CB:69:33:86:F7:FF:DD:04:47:54:91:3B:5F:B1:2C
X509v3 Authority Key Identifier:
keyid:B8:69:EE:66:16:4D:3C:B4:1D:BD:2D:F5:41:78:17:C3:2F:4C:EA:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uGnuZhZNPLQdvS31QXgXwy9M6gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/2hZweGDLaTOG9__dBEdUkTtfsSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/uGnuZhZNPLQdvS31QXgXwy9M6gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.60.0-2.56.62.255
46.20.10.0/24
46.20.12.0/23
95.130.174.0/24
185.19.92.0/22
185.59.28.0/24
185.59.30.0/23
185.114.193.0/24
185.114.195.0/24
Signature Algorithm: sha256WithRSAEncryption
93:10:4c:6f:9a:af:e6:52:b1:c0:d4:e1:29:53:6e:ae:88:ca:
2d:d5:23:12:b1:7a:c8:05:7f:7e:ea:5c:80:7c:00:94:30:0a:
d1:cc:5f:ce:74:3a:66:6f:e8:e3:ec:5a:75:04:3f:10:fb:05:
04:1f:34:92:2b:4d:8e:5f:63:35:01:83:1e:29:a0:7a:10:bd:
2c:a4:01:4e:53:3a:ea:77:79:23:c5:68:17:dd:75:d4:41:66:
f1:96:14:33:67:45:b4:11:74:e0:32:f1:8e:ad:c2:48:54:d2:
ab:73:8c:2a:82:a1:36:62:a1:c7:57:20:6f:f6:fc:dd:e9:0d:
ad:28:a6:c6:9a:dd:7b:8f:9e:62:a9:f9:0d:7b:77:65:4a:6b:
22:62:bb:e7:e6:c8:4f:9f:0f:82:28:59:ae:33:dd:3d:8f:6f:
2b:a2:46:29:2f:1c:b6:3d:ad:74:42:ea:f9:f6:a2:e4:11:b5:
4a:18:df:89:be:e5:78:46:22:67:17:05:1c:f7:d3:a9:41:61:
29:0f:8c:50:e6:f7:69:8d:98:6c:b2:98:5c:8e:f0:73:95:b9:
42:6b:56:5c:fa:c0:43:cf:ac:84:c4:5c:9f:5c:87:e0:88:d0:
01:af:78:88:9c:3a:62:81:2a:e8:b6:f8:ed:cf:ca:d2:60:95:
f9:f1:85:a9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZUjDroj0FhIK8PNEPmfllYQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NjllZTY2MTY0ZDNjYjQxZGJkMmRmNTQxNzgxN2MzMmY0
Y2VhMDUwHhcNMjUwMjIwMTExMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTE2NzA3ODYwY2I2OTMzODZmN2ZmZGQwNDQ3NTQ5MTNiNWZiMTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqBXIP4v/G4bObKFi7CmsU2Wd7Zc
iFFiXSIpqyIJhb17lwygr9QBwMx78f+8S1ZeMcPGymvw8yjByI/tqgyZTUldCHGm
19HaU6ggpPO/vzoE2YabafS0YEEXpsAk1Dy6Z5CtEycqWJY5b/AGmAnbbrC8IT7t
axswN9RHXdlbVqV3pflngPJFVHWvWqGMofscntnM8QLbCVC8iAZDuRCm34gXHIh0
uX5p/hhBYXVoWfyLRmmDCQbjSdxC995zZi0PXtvj7+dGKW0LQV2iUTP9LplI9utD
EGM6RYPXZKj2tD45H6nsrQqnyc2Q+Dw2ksOgdSpuEGE86NxmgXjC9M5h1wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFNoWcHhgy2kzhvf/3QRHVJE7X7EsMB8GA1UdIwQY
MBaAFLhp7mYWTTy0Hb0t9UF4F8MvTOoFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUdudVpoWk5QTFFkdlMzMVFYZ1h3eTlNNmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8xZDVlZTEtYWNjZi00NzRmLWE1ODkt
Y2QxZmE0ODQ0MTFiLzEvMmhad2VHRExhVE9HOV9fZEJFZFVrVHRmc1N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8xZDVlZTEtYWNjZi00NzRmLWE1ODktY2QxZmE0ODQ0MTFi
LzEvdUdudVpoWk5QTFFkdlMzMVFYZ1h3eTlNNmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBAICODwD
BAACOD4DBAAuFAoDBAEuFAwDBABfgq4DBAK5E1wDBAC5OxwDBAG5Ox4DBAC5csED
BAC5csMwDQYJKoZIhvcNAQELBQADggEBAJMQTG+ar+ZSscDU4SlTbq6Iyi3VIxKx
esgFf37qXIB8AJQwCtHMX850OmZv6OPsWnUEPxD7BQQfNJIrTY5fYzUBgx4poHoQ
vSykAU5TOup3eSPFaBfdddRBZvGWFDNnRbQRdOAy8Y6twkhU0qtzjCqCoTZiocdX
IG/2/N3pDa0opsaa3XuPnmKp+Q17d2VKayJiu+fmyE+fD4IoWa4z3T2PbyuiRikv
HLY9rXRC6vn2ouQRtUoY34m+5XhGImcXBRz306lBYSkPjFDm92mNmGyymFyO8HOV
uUJrVlz6wEPPrITEXJ9ch+CI0AGveIicOmKBKui2+O3PytJglfnxhak=
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:58:17 2025 by rpki-client