Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/431105-67a2-49cb-b7e0-83ffc80073b2/1/2_qB8eFgSy7qYs-cTMDnxVlFBNw.roa
File: 2_qB8eFgSy7qYs-cTMDnxVlFBNw.roa (raw, json)
Hash identifier: fSrSkbUGiKE2ZlG+ZtKwnFUZkRCDBazw6Ikex7efYic=
Subject key identifier: DB:FA:81:F1:E1:60:4B:2E:EA:62:CF:9C:4C:C0:E7:C5:59:45:04:DC
Certificate issuer: /CN=ecbbf2ba5b32e42e8b6c03b836d764f975b5898f
Certificate serial: 0194206875FE56AA7E9B08300897C1D3FE75
Authority key identifier: EC:BB:F2:BA:5B:32:E4:2E:8B:6C:03:B8:36:D7:64:F9:75:B5:89:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Lvyulsy5C6LbAO4Ntdk-XW1iY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/431105-67a2-49cb-b7e0-83ffc80073b2/1/2_qB8eFgSy7qYs-cTMDnxVlFBNw.roa
Signing time: Wed 01 Jan 2025 05:48:24 +0000
ROA not before: Wed 01 Jan 2025 05:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59456
IP address blocks: 185.71.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/431105-67a2-49cb-b7e0-83ffc80073b2/1/7Lvyulsy5C6LbAO4Ntdk-XW1iY8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/431105-67a2-49cb-b7e0-83ffc80073b2/1/7Lvyulsy5C6LbAO4Ntdk-XW1iY8.mft
rsync://rpki.ripe.net/repository/DEFAULT/7Lvyulsy5C6LbAO4Ntdk-XW1iY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:75:fe:56:aa:7e:9b:08:30:08:97:c1:d3:fe:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecbbf2ba5b32e42e8b6c03b836d764f975b5898f
Validity
Not Before: Jan 1 05:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dbfa81f1e1604b2eea62cf9c4cc0e7c5594504dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:44:7f:73:e4:24:18:3e:a1:05:e9:a7:0d:df:
15:c3:05:b8:e4:2a:73:fd:00:2c:e5:5f:fb:14:7a:
5b:b7:03:f9:eb:1c:ea:6a:34:07:4a:05:21:01:31:
df:70:e1:9f:1e:59:c9:2c:6e:09:a4:19:72:75:e9:
98:7d:69:96:e0:98:93:fa:b9:5d:00:92:e0:fb:30:
b5:75:a9:fe:35:a2:e3:b3:7e:27:b1:c7:45:00:23:
ec:12:32:08:6a:f3:ae:73:e8:48:7b:28:3b:22:26:
b4:7e:22:10:66:d9:72:f5:c4:83:13:30:07:a7:8e:
8a:78:89:d4:d8:12:dc:88:db:a9:e2:27:fd:69:89:
db:de:a7:97:b7:2a:01:b6:a7:3f:54:de:8e:5f:68:
e8:d6:9b:ab:4c:0a:02:62:4d:4b:ce:07:00:e9:38:
a4:cc:18:8f:ac:1a:98:23:6e:c2:8e:72:cc:4b:7c:
0f:71:5c:33:eb:2e:95:ea:eb:a5:dc:4a:93:82:2b:
cc:54:87:84:cf:7d:15:9f:a7:7e:93:50:5f:0f:51:
8e:fa:c0:13:21:c2:e9:42:61:43:2f:5b:10:69:5b:
10:92:c8:a0:90:48:e7:bc:f5:28:c1:6f:b9:ab:da:
e9:28:50:f5:94:87:0d:54:12:a4:5d:8c:58:ce:4a:
40:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:FA:81:F1:E1:60:4B:2E:EA:62:CF:9C:4C:C0:E7:C5:59:45:04:DC
X509v3 Authority Key Identifier:
keyid:EC:BB:F2:BA:5B:32:E4:2E:8B:6C:03:B8:36:D7:64:F9:75:B5:89:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Lvyulsy5C6LbAO4Ntdk-XW1iY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/431105-67a2-49cb-b7e0-83ffc80073b2/1/2_qB8eFgSy7qYs-cTMDnxVlFBNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/431105-67a2-49cb-b7e0-83ffc80073b2/1/7Lvyulsy5C6LbAO4Ntdk-XW1iY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.136.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:01:1f:18:31:df:59:48:8d:55:6e:4f:a2:59:e5:c6:ce:9c:
0a:06:a7:db:7a:ac:17:4e:4e:55:4e:81:8d:e5:25:94:40:e6:
9b:85:93:a1:6b:a3:b1:40:c5:af:45:47:2b:02:5e:c6:8d:e9:
e3:37:34:16:72:00:34:e1:5e:92:94:ab:f4:97:aa:80:66:aa:
d6:a7:9a:13:d5:6e:4b:1c:e6:42:8a:4b:dd:cd:ed:98:28:ea:
6e:e9:93:ad:41:c1:e8:9e:70:62:b6:85:2f:23:9e:d5:a0:b2:
3b:ff:f2:5a:2a:b0:2c:94:c7:0e:07:48:71:d4:ce:52:22:a3:
ae:44:e1:70:96:a6:32:7b:08:ed:73:ea:a6:6b:44:c5:75:72:
e6:b9:ab:3f:d4:28:e8:76:bb:53:b7:2c:06:c1:cf:c9:80:1e:
00:b9:3d:1d:6f:c8:cc:99:48:90:d8:26:b0:4e:76:f6:a9:eb:
05:cc:e2:28:3d:40:ff:08:9e:ca:a9:e8:80:66:4d:cc:2a:6e:
84:54:f1:cb:18:2d:e9:11:7d:27:7e:5f:46:12:0b:45:7d:21:
17:bf:b4:c9:18:42:24:46:58:bc:5a:03:4e:35:d2:b6:0f:e5:
a3:96:65:ed:a5:c0:75:eb:19:b8:eb:47:18:4e:22:6f:2f:ea:
fc:a8:b7:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaHX+Vqp+mwgwCJfB0/51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjYmJmMmJhNWIzMmU0MmU4YjZjMDNiODM2ZDc2NGY5NzVi
NTg5OGYwHhcNMjUwMTAxMDU0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmZhODFmMWUxNjA0YjJlZWE2MmNmOWM0Y2MwZTdjNTU5NDUwNGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyER/c+QkGD6hBemnDd8VwwW45Cpz
/QAs5V/7FHpbtwP56xzqajQHSgUhATHfcOGfHlnJLG4JpBlydemYfWmW4JiT+rld
AJLg+zC1dan+NaLjs34nscdFACPsEjIIavOuc+hIeyg7Iia0fiIQZtly9cSDEzAH
p46KeInU2BLciNup4if9aYnb3qeXtyoBtqc/VN6OX2jo1purTAoCYk1LzgcA6Tik
zBiPrBqYI27CjnLMS3wPcVwz6y6V6uul3EqTgivMVIeEz30Vn6d+k1BfD1GO+sAT
IcLpQmFDL1sQaVsQksigkEjnvPUowW+5q9rpKFD1lIcNVBKkXYxYzkpAzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNv6gfHhYEsu6mLPnEzA58VZRQTcMB8GA1UdIwQY
MBaAFOy78rpbMuQui2wDuDbXZPl1tYmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0x2eXVsc3k1QzZMYkFPNE50ZGstWFcxaVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC80MzExMDUtNjdhMi00OWNiLWI3ZTAt
ODNmZmM4MDA3M2IyLzEvMl9xQjhlRmdTeTdxWXMtY1RNRG54VmxGQk53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC80MzExMDUtNjdhMi00OWNiLWI3ZTAtODNmZmM4MDA3M2Iy
LzEvN0x2eXVsc3k1QzZMYkFPNE50ZGstWFcxaVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUeIMA0G
CSqGSIb3DQEBCwUAA4IBAQArAR8YMd9ZSI1Vbk+iWeXGzpwKBqfbeqwXTk5VToGN
5SWUQOabhZOha6OxQMWvRUcrAl7GjenjNzQWcgA04V6SlKv0l6qAZqrWp5oT1W5L
HOZCikvdze2YKOpu6ZOtQcHonnBitoUvI57VoLI7//JaKrAslMcOB0hx1M5SIqOu
ROFwlqYyewjtc+qma0TFdXLmuas/1CjodrtTtywGwc/JgB4AuT0db8jMmUiQ2Caw
Tnb2qesFzOIoPUD/CJ7KqeiAZk3MKm6EVPHLGC3pEX0nfl9GEgtFfSEXv7TJGEIk
Rli8WgNONdK2D+WjlmXtpcB16xm460cYTiJvL+r8qLdy
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:51:27 2025 by rpki-client