Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/2ax4rXEQA4dV7JremBmC0hQtaug.roa
File: 2ax4rXEQA4dV7JremBmC0hQtaug.roa (raw, json)
Hash identifier: R/IKnZobJlpQGcUf505T2eKyq/irMcu2IrwltIWV+u4=
Subject key identifier: D9:AC:78:AD:71:10:03:87:55:EC:9A:DE:98:19:82:D2:14:2D:6A:E8
Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial: 019427B4F3B9FB3FA2BFA6596C31CB9F8606
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/2ax4rXEQA4dV7JremBmC0hQtaug.roa
Signing time: Thu 02 Jan 2025 15:49:17 +0000
ROA not before: Thu 02 Jan 2025 15:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214636
IP address blocks: 185.143.0.0/22 maxlen: 22
185.143.0.0/23 maxlen: 23
185.143.0.0/24 maxlen: 24
185.143.1.0/24 maxlen: 24
185.143.2.0/23 maxlen: 23
185.143.2.0/24 maxlen: 24
185.143.3.0/24 maxlen: 24
185.174.212.0/24 maxlen: 24
185.232.172.0/22 maxlen: 22
185.232.172.0/23 maxlen: 23
185.232.172.0/24 maxlen: 24
185.232.173.0/24 maxlen: 24
185.232.174.0/23 maxlen: 23
185.232.174.0/24 maxlen: 24
185.232.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.mft
rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:f3:b9:fb:3f:a2:bf:a6:59:6c:31:cb:9f:86:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Validity
Not Before: Jan 2 15:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9ac78ad7110038755ec9ade981982d2142d6ae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:64:b0:e1:b5:de:0a:e3:27:c4:73:d3:8c:b0:
2c:a3:42:9c:46:4f:b8:b2:61:f2:1d:c9:ff:91:9a:
44:9f:5a:7a:58:01:b2:f2:3f:d3:89:a3:75:6b:51:
e5:fb:67:ac:9a:d7:48:e4:47:d1:40:6d:05:32:13:
70:f3:87:7b:54:9e:9d:07:79:e7:0d:7a:e5:f0:b5:
df:58:06:4e:cc:af:c7:45:0d:aa:30:16:a5:8a:2f:
18:02:cb:74:78:fd:24:f3:27:7d:18:5c:f8:51:fc:
1e:af:79:9d:0b:01:2f:9b:93:05:71:fc:b6:cb:68:
9b:3c:02:6f:8d:22:32:8b:d8:42:f2:5e:a7:59:48:
42:ec:d7:29:3d:ef:dd:f3:14:5d:6a:78:e2:52:2c:
35:1f:f4:a1:1a:08:01:1f:e5:d9:3f:98:1e:2b:4e:
0c:ef:fb:59:c9:8f:eb:fb:8a:14:8e:9d:d6:38:3b:
19:58:39:97:6b:94:ce:5a:74:29:36:76:92:71:88:
31:03:ab:f2:77:45:a9:5e:66:b6:fa:67:22:4c:f8:
06:55:8b:01:6c:b5:8a:44:f8:f2:69:75:ae:ad:a4:
13:76:13:86:ab:73:5a:9c:8a:7a:83:b0:6e:d8:74:
d2:e2:c2:ac:a0:8a:c3:35:e4:9a:c6:a4:c0:3e:b0:
51:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:AC:78:AD:71:10:03:87:55:EC:9A:DE:98:19:82:D2:14:2D:6A:E8
X509v3 Authority Key Identifier:
keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/2ax4rXEQA4dV7JremBmC0hQtaug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.0.0/22
185.174.212.0/24
185.232.172.0/22
Signature Algorithm: sha256WithRSAEncryption
63:77:51:c2:c5:6f:46:fa:ba:46:cf:f7:7a:73:d4:ec:46:29:
4f:7a:5e:ae:74:51:7a:32:54:2b:ea:21:c1:e9:41:c7:c2:ed:
3d:b4:20:71:59:29:d8:bc:68:a9:f8:23:c3:3c:7f:a1:c5:40:
d4:af:5f:36:f0:92:f9:ab:f1:e4:06:d7:54:f9:6d:b9:b1:8b:
60:91:bc:c0:f6:b9:5c:d1:32:0e:b2:33:65:91:31:70:9f:aa:
b3:27:d2:88:71:8d:d8:1d:d9:30:f1:c9:c1:f4:34:3c:6b:8f:
de:e3:5e:46:db:31:e9:fe:b0:15:3e:54:7a:39:3a:3c:71:cd:
32:9e:c1:b8:19:02:2c:53:05:86:ec:a4:33:bc:82:5e:75:b8:
ae:2d:a9:03:a2:a6:fa:c7:e3:fe:14:8b:55:7a:9f:be:d9:98:
e9:bf:09:b7:b5:2e:b7:17:84:48:4b:e9:c3:ff:c1:01:22:f7:
7b:d2:17:06:0f:97:6d:0f:3b:7c:ca:59:53:26:67:a4:46:9c:
8a:d1:27:df:fd:3c:8f:18:c5:b7:3d:53:70:6d:bb:a4:d8:cf:
21:dc:40:d9:81:7f:4c:75:f8:b5:8d:6f:45:7e:c4:c8:3e:b6:
9d:7e:26:a2:07:c2:ce:50:0c:88:da:51:88:b0:73:9c:f8:4d:
dc:f1:1f:c3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQntPO5+z+iv6ZZbDHLn4YGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzM2Y2FmZGRiNmViYjhkN2M3Njk0M2Y0YTI3MWUwMzg1
MTBhYTkwHhcNMjUwMTAyMTU0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWFjNzhhZDcxMTAwMzg3NTVlYzlhZGU5ODE5ODJkMjE0MmQ2YWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymSw4bXeCuMnxHPTjLAso0KcRk+4
smHyHcn/kZpEn1p6WAGy8j/TiaN1a1Hl+2esmtdI5EfRQG0FMhNw84d7VJ6dB3nn
DXrl8LXfWAZOzK/HRQ2qMBalii8YAst0eP0k8yd9GFz4Ufwer3mdCwEvm5MFcfy2
y2ibPAJvjSIyi9hC8l6nWUhC7NcpPe/d8xRdanjiUiw1H/ShGggBH+XZP5geK04M
7/tZyY/r+4oUjp3WODsZWDmXa5TOWnQpNnaScYgxA6vyd0WpXma2+mciTPgGVYsB
bLWKRPjyaXWuraQTdhOGq3NanIp6g7Bu2HTS4sKsoIrDNeSaxqTAPrBRNwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNmseK1xEAOHVeya3pgZgtIULWroMB8GA1UdIwQY
MBaAFK5zbK/dtuu418dpQ/SiceA4UQqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2Mt
M2FhMTUwYTkyYWI3LzEvMmF4NHJYRVFBNGRWN0pyZW1CbUMwaFF0YXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2MtM2FhMTUwYTkyYWI3
LzEvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuY8AAwQA
ua7UAwQCueisMA0GCSqGSIb3DQEBCwUAA4IBAQBjd1HCxW9G+rpGz/d6c9TsRilP
el6udFF6MlQr6iHB6UHHwu09tCBxWSnYvGip+CPDPH+hxUDUr1828JL5q/HkBtdU
+W25sYtgkbzA9rlc0TIOsjNlkTFwn6qzJ9KIcY3YHdkw8cnB9DQ8a4/e415G2zHp
/rAVPlR6OTo8cc0ynsG4GQIsUwWG7KQzvIJedbiuLakDoqb6x+P+FItVep++2Zjp
vwm3tS63F4RIS+nD/8EBIvd70hcGD5dtDzt8yllTJmekRpyK0Sff/TyPGMW3PVNw
bbuk2M8h3EDZgX9Mdfi1jW9FfsTIPradfiaiB8LOUAyI2lGIsHOc+E3c8R/D
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:07:03 2025 by rpki-client