Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/2LtOz4ajw5z-BYdtFnZ-MwfigVU.roa
File: 2LtOz4ajw5z-BYdtFnZ-MwfigVU.roa (raw, json)
Hash identifier: N12jIJysC4WSn/Ee6HyuukqH+AReNx5MmVsXucpJIbA=
Subject key identifier: D8:BB:4E:CF:86:A3:C3:9C:FE:05:87:6D:16:76:7E:33:07:E2:81:55
Certificate issuer: /CN=44e888a76e99851b01fb86cec537d4d8e610de16
Certificate serial: 01970C3D059FFDFBA85F586F144A535A7A36
Authority key identifier: 44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/2LtOz4ajw5z-BYdtFnZ-MwfigVU.roa
Signing time: Mon 26 May 2025 10:56:54 +0000
ROA not before: Mon 26 May 2025 10:56:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48955
IP address blocks: 89.35.80.0/23 maxlen: 23
89.40.222.0/23 maxlen: 23
89.45.124.0/23 maxlen: 23
91.235.207.0/24 maxlen: 24
92.42.0.0/24 maxlen: 24
185.98.158.0/24 maxlen: 24
194.106.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0c:3d:05:9f:fd:fb:a8:5f:58:6f:14:4a:53:5a:7a:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44e888a76e99851b01fb86cec537d4d8e610de16
Validity
Not Before: May 26 10:56:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8bb4ecf86a3c39cfe05876d16767e3307e28155
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c6:de:58:32:46:31:5c:78:5d:7a:8c:cd:ca:
ba:fa:b2:b7:5b:ea:84:30:51:b2:8a:8b:5e:f8:0b:
16:b2:84:a1:77:e3:84:eb:db:0d:e1:d7:bd:2d:5a:
01:44:16:90:22:da:3a:2d:8a:27:2f:23:74:da:8d:
e4:3e:a9:86:6f:f0:de:d7:13:28:79:d7:bf:4f:28:
ce:08:bd:a9:8e:ed:ff:4b:f5:32:b9:be:c0:69:e3:
e7:91:da:66:4c:82:90:b0:88:5f:0b:c1:f2:6e:39:
85:2c:08:d3:62:e2:dc:87:d0:50:c2:93:a6:47:0c:
61:04:07:b1:e2:8b:f3:e9:48:db:8a:fb:b4:3a:1b:
02:03:7a:4c:eb:b7:40:74:c3:4a:a9:9b:07:4b:08:
1b:dc:ba:2c:22:56:58:25:d8:64:67:78:dc:3b:05:
33:40:e8:67:56:fe:06:92:d0:96:9b:75:02:b3:f0:
b6:cf:85:a7:ea:15:71:5f:85:72:42:30:0d:ad:bb:
41:ce:dc:a4:2d:8a:d8:6a:55:b1:66:68:d4:7a:16:
47:e3:38:5e:99:2b:83:91:1b:6c:8f:91:07:a4:bc:
c7:06:2a:f4:76:d9:44:a5:9b:30:21:5b:4a:78:f1:
91:b2:02:e7:8e:60:68:e3:3d:72:4e:75:42:4e:f6:
f9:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:BB:4E:CF:86:A3:C3:9C:FE:05:87:6D:16:76:7E:33:07:E2:81:55
X509v3 Authority Key Identifier:
keyid:44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/2LtOz4ajw5z-BYdtFnZ-MwfigVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.80.0/23
89.40.222.0/23
89.45.124.0/23
91.235.207.0/24
92.42.0.0/24
185.98.158.0/24
194.106.206.0/24
Signature Algorithm: sha256WithRSAEncryption
86:2d:01:7c:1e:4d:42:ca:59:f7:0d:3e:53:38:f1:a3:89:de:
4c:9e:e5:33:0f:95:2a:a0:54:53:71:18:c3:2b:8f:f0:99:7d:
45:cc:57:df:dd:f6:bb:fb:6f:d3:39:db:5c:0e:4f:24:66:c9:
5d:8f:19:a3:c7:d7:11:b0:2a:84:b0:6c:a6:48:e3:65:e2:13:
75:e3:dd:40:bd:ae:ab:b5:64:bb:60:7a:d8:b3:27:b5:87:ce:
e7:67:6f:0b:9b:f0:b8:a9:b7:29:a5:8d:bc:a2:fb:5a:57:52:
68:a2:5b:62:a7:b7:73:53:df:d3:59:f2:04:a4:1a:fd:f9:4f:
1f:ae:b1:7b:00:c8:24:23:0c:61:b7:5b:f0:64:6e:c2:52:ed:
b4:3e:f0:93:ea:fb:16:6e:63:40:be:d8:0c:52:57:65:4e:71:
a2:54:19:a1:34:cf:fc:af:b8:6a:6d:00:a1:66:b8:05:0d:52:
31:32:ea:1b:a3:6b:28:3c:f5:4a:29:46:ce:4c:73:ad:de:14:
16:e2:15:72:2e:25:11:54:91:67:cd:c9:b0:7c:28:1f:ab:86:
83:9f:97:24:83:f0:66:fa:17:be:2a:e6:76:1f:55:d6:4b:49:
a0:a0:f7:58:e1:12:a1:3f:bc:24:3c:fb:5f:1d:80:f2:6e:2b:
67:f1:f2:41
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZcMPQWf/fuoX1hvFEpTWno2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZTg4OGE3NmU5OTg1MWIwMWZiODZjZWM1MzdkNGQ4ZTYx
MGRlMTYwHhcNMjUwNTI2MTA1NjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGJiNGVjZjg2YTNjMzljZmUwNTg3NmQxNjc2N2UzMzA3ZTI4MTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MbeWDJGMVx4XXqMzcq6+rK3W+qE
MFGyiote+AsWsoShd+OE69sN4de9LVoBRBaQIto6LYonLyN02o3kPqmGb/De1xMo
ede/TyjOCL2pju3/S/Uyub7AaePnkdpmTIKQsIhfC8HybjmFLAjTYuLch9BQwpOm
RwxhBAex4ovz6Ujbivu0OhsCA3pM67dAdMNKqZsHSwgb3LosIlZYJdhkZ3jcOwUz
QOhnVv4GktCWm3UCs/C2z4Wn6hVxX4VyQjANrbtBztykLYrYalWxZmjUehZH4zhe
mSuDkRtsj5EHpLzHBir0dtlEpZswIVtKePGRsgLnjmBo4z1yTnVCTvb50wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNi7Ts+Go8Oc/gWHbRZ2fjMH4oFVMB8GA1UdIwQY
MBaAFEToiKdumYUbAfuGzsU31NjmEN4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk9pSXAyNlpoUnNCLTRiT3hUZlUyT1lRM2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84MmUyYmEtNDQyYy00MmIwLTkzMTUt
YmMwZGJhOTMyYjM1LzEvMkx0T3o0YWp3NXotQllkdEZuWi1Nd2ZpZ1ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84MmUyYmEtNDQyYy00MmIwLTkzMTUtYmMwZGJhOTMyYjM1
LzEvUk9pSXAyNlpoUnNCLTRiT3hUZlUyT1lRM2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBWSNQAwQB
WSjeAwQBWS18AwQAW+vPAwQAXCoAAwQAuWKeAwQAwmrOMA0GCSqGSIb3DQEBCwUA
A4IBAQCGLQF8Hk1Cyln3DT5TOPGjid5MnuUzD5UqoFRTcRjDK4/wmX1FzFff3fa7
+2/TOdtcDk8kZsldjxmjx9cRsCqEsGymSONl4hN1491Ava6rtWS7YHrYsye1h87n
Z28Lm/C4qbcppY28ovtaV1Jooltip7dzU9/TWfIEpBr9+U8frrF7AMgkIwxht1vw
ZG7CUu20PvCT6vsWbmNAvtgMUldlTnGiVBmhNM/8r7hqbQChZrgFDVIxMuobo2so
PPVKKUbOTHOt3hQW4hVyLiURVJFnzcmwfCgfq4aDn5ckg/Bm+he+KuZ2H1XWS0mg
oPdY4RKhP7wkPPtfHYDybitn8fJB
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:35:48 2025 by rpki-client