Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/2j9Y51xwRYelF6JrKcKDFxJ1u_0.roa
File: 2j9Y51xwRYelF6JrKcKDFxJ1u_0.roa (raw, json)
Hash identifier: 0/wxjfgZFvKq0jXNMFirhtTQajhUkEHAhxXEqfHBgNk=
Subject key identifier: DA:3F:58:E7:5C:70:45:87:A5:17:A2:6B:29:C2:83:17:12:75:BB:FD
Certificate issuer: /CN=03ea508a85bc73a9aaa203a8a7baf9c162e6f36c
Certificate serial: 0194266BF20F8E0B67CF3A92BBD475A02EF3
Authority key identifier: 03:EA:50:8A:85:BC:73:A9:AA:A2:03:A8:A7:BA:F9:C1:62:E6:F3:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A-pQioW8c6mqogOop7r5wWLm82w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/2j9Y51xwRYelF6JrKcKDFxJ1u_0.roa
Signing time: Thu 02 Jan 2025 09:49:56 +0000
ROA not before: Thu 02 Jan 2025 09:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12843
IP address blocks: 185.55.100.0/22 maxlen: 22
185.55.100.0/23 maxlen: 23
185.55.102.0/23 maxlen: 23
2a01:8e20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.mft
rsync://rpki.ripe.net/repository/DEFAULT/A-pQioW8c6mqogOop7r5wWLm82w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:f2:0f:8e:0b:67:cf:3a:92:bb:d4:75:a0:2e:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03ea508a85bc73a9aaa203a8a7baf9c162e6f36c
Validity
Not Before: Jan 2 09:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da3f58e75c704587a517a26b29c283171275bbfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8b:25:a3:3a:9a:5f:71:35:1c:51:4f:d2:c0:
ea:f4:aa:06:a4:91:49:95:78:e7:4b:f1:d0:bc:85:
f1:99:85:7c:f7:44:4f:7b:d4:0b:a5:39:4b:fb:18:
86:45:12:1c:04:85:f8:be:f7:2c:d3:8a:83:1f:41:
6b:61:8b:97:0d:66:c0:4f:ea:3c:c5:71:ac:35:a9:
e0:b1:18:45:05:f0:5b:66:e3:16:11:d1:61:6f:1b:
d2:7e:9f:d6:ba:c7:4e:7c:55:7f:d6:0b:bd:7b:86:
b7:00:23:b6:cb:20:e6:cd:33:1d:5b:25:a1:45:c2:
9b:e5:4e:8d:b6:37:29:eb:5a:23:ad:2b:e5:af:e4:
6d:ec:f7:3e:46:a7:3d:51:96:0f:31:b9:05:90:e3:
8c:c9:1e:8d:fa:71:5a:0d:75:cf:7a:06:63:5b:78:
50:f1:7f:a2:23:b2:20:e9:7a:d7:ad:1d:20:6d:02:
c3:27:35:24:65:77:d9:e7:b5:d8:94:28:3f:77:94:
c5:77:5a:7a:37:e7:c5:25:3c:4c:d6:72:cc:99:ca:
18:26:f2:8e:7d:1f:07:d5:1c:3f:25:2c:83:23:90:
67:f6:ae:26:4d:9d:4f:4a:47:93:0a:e6:17:27:e6:
f6:7c:f8:01:16:c4:68:c1:e9:a6:f6:f0:a2:33:94:
ba:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:3F:58:E7:5C:70:45:87:A5:17:A2:6B:29:C2:83:17:12:75:BB:FD
X509v3 Authority Key Identifier:
keyid:03:EA:50:8A:85:BC:73:A9:AA:A2:03:A8:A7:BA:F9:C1:62:E6:F3:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A-pQioW8c6mqogOop7r5wWLm82w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/2j9Y51xwRYelF6JrKcKDFxJ1u_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.55.100.0/22
IPv6:
2a01:8e20::/32
Signature Algorithm: sha256WithRSAEncryption
08:59:71:64:b3:06:6e:b1:4a:b3:59:b8:45:e7:a5:7c:08:99:
cf:36:9e:14:39:b1:d2:be:ce:f3:ce:38:23:16:95:2d:e2:67:
dd:ec:0b:2e:00:c1:65:94:fb:3e:18:a4:ee:60:d6:a3:3a:4c:
ba:f2:78:48:ca:f3:52:a1:b1:28:78:aa:de:5b:7c:b4:0b:44:
81:51:51:ee:62:2e:14:83:b2:be:97:59:09:ac:8c:f8:4c:b4:
5d:65:3f:3e:69:3f:18:09:3f:6a:a6:59:5b:1c:97:72:26:ac:
c3:22:db:aa:86:db:51:60:91:40:60:50:07:00:d7:c4:db:50:
b3:b9:ab:26:22:31:00:cf:8b:e3:b4:95:a7:7b:09:10:fc:3e:
0a:26:47:36:d6:b3:c5:76:8a:8d:eb:08:4c:91:d3:78:e9:b5:
41:4f:b8:87:82:58:9c:65:e6:6a:92:ce:a3:da:90:54:d3:55:
44:54:fe:e6:1f:ec:ec:43:21:30:8e:ba:31:83:49:16:2e:cb:
b0:8a:f0:12:3b:8e:22:c0:9b:e5:c3:c9:34:63:f6:5c:57:ce:
cd:53:60:ad:3a:7c:8e:3c:7b:09:f6:72:22:41:fc:e7:b6:e5:
ac:20:fd:99:1f:a4:cc:76:f2:6e:50:fc:84:17:ca:3b:b7:27:
ae:29:ad:40
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQma/IPjgtnzzqSu9R1oC7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZWE1MDhhODViYzczYTlhYWEyMDNhOGE3YmFmOWMxNjJl
NmYzNmMwHhcNMjUwMTAyMDk0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTNmNThlNzVjNzA0NTg3YTUxN2EyNmIyOWMyODMxNzEyNzViYmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIslozqaX3E1HFFP0sDq9KoGpJFJ
lXjnS/HQvIXxmYV890RPe9QLpTlL+xiGRRIcBIX4vvcs04qDH0FrYYuXDWbAT+o8
xXGsNangsRhFBfBbZuMWEdFhbxvSfp/WusdOfFV/1gu9e4a3ACO2yyDmzTMdWyWh
RcKb5U6Ntjcp61ojrSvlr+Rt7Pc+Rqc9UZYPMbkFkOOMyR6N+nFaDXXPegZjW3hQ
8X+iI7Ig6XrXrR0gbQLDJzUkZXfZ57XYlCg/d5TFd1p6N+fFJTxM1nLMmcoYJvKO
fR8H1Rw/JSyDI5Bn9q4mTZ1PSkeTCuYXJ+b2fPgBFsRowemm9vCiM5S6WQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNo/WOdccEWHpReiaynCgxcSdbv9MB8GA1UdIwQY
MBaAFAPqUIqFvHOpqqIDqKe6+cFi5vNsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQS1wUWlvVzhjNm1xb2dPb3A3cjV3V0xtODJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85ZWIzNDYtN2IwNy00MTA4LTlmYjAt
ZDcyNzA5MDVlOTIzLzEvMmo5WTUxeHdSWWVsRjZKcktjS0RGeEoxdV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85ZWIzNDYtN2IwNy00MTA4LTlmYjAtZDcyNzA5MDVlOTIz
LzEvQS1wUWlvVzhjNm1xb2dPb3A3cjV3V0xtODJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTdkMA0E
AgACMAcDBQAqAY4gMA0GCSqGSIb3DQEBCwUAA4IBAQAIWXFkswZusUqzWbhF56V8
CJnPNp4UObHSvs7zzjgjFpUt4mfd7AsuAMFllPs+GKTuYNajOky68nhIyvNSobEo
eKreW3y0C0SBUVHuYi4Ug7K+l1kJrIz4TLRdZT8+aT8YCT9qpllbHJdyJqzDItuq
httRYJFAYFAHANfE21CzuasmIjEAz4vjtJWnewkQ/D4KJkc21rPFdoqN6whMkdN4
6bVBT7iHglicZeZqks6j2pBU01VEVP7mH+zsQyEwjroxg0kWLsuwivASO44iwJvl
w8k0Y/ZcV87NU2CtOnyOPHsJ9nIiQfzntuWsIP2ZH6TMdvJuUPyEF8o7tyeuKa1A
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:25:07 2025 by rpki-client