Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/B2a7UMBcmVpTHdk-u_JmRx-JdqQ.roa
File: B2a7UMBcmVpTHdk-u_JmRx-JdqQ.roa (raw, json)
Hash identifier: PGVJcxBOINxlzgMLBx++EOP+aeordegEoLqhb0N/+ZE=
Subject key identifier: 07:66:BB:50:C0:5C:99:5A:53:1D:D9:3E:BB:F2:66:47:1F:89:76:A4
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0195F67E5A1B91FE3D264C8F93727A9EEB19
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/B2a7UMBcmVpTHdk-u_JmRx-JdqQ.roa
Signing time: Wed 02 Apr 2025 12:33:50 +0000
ROA not before: Wed 02 Apr 2025 12:33:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57630
IP address blocks: 192.71.0.0/24 maxlen: 24
192.165.3.0/24 maxlen: 24
192.165.134.0/23 maxlen: 23
192.165.152.0/22 maxlen: 24
192.165.157.0/24 maxlen: 24
193.180.92.0/24 maxlen: 24
193.181.34.0/24 maxlen: 24
193.183.20.0/24 maxlen: 24
193.183.49.0/24 maxlen: 24
193.183.59.0/24 maxlen: 24
193.234.3.0/24 maxlen: 24
193.234.94.0/24 maxlen: 24
193.234.116.0/22 maxlen: 22
193.234.144.0/24 maxlen: 24
193.234.205.0/24 maxlen: 24
194.14.57.0/24 maxlen: 24
194.68.24.0/24 maxlen: 24
194.68.181.0/24 maxlen: 24
194.71.0.0/23 maxlen: 23
194.71.219.0/24 maxlen: 24
194.103.3.0/24 maxlen: 24
194.103.16.0/23 maxlen: 24
194.103.95.0/24 maxlen: 24
194.103.145.0/24 maxlen: 24
194.103.197.0/24 maxlen: 24
194.132.120.0/24 maxlen: 24
194.132.164.0/24 maxlen: 24
194.132.166.0/24 maxlen: 24
194.132.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f6:7e:5a:1b:91:fe:3d:26:4c:8f:93:72:7a:9e:eb:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Apr 2 12:33:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0766bb50c05c995a531dd93ebbf266471f8976a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:02:74:fb:4d:ad:74:64:63:2e:81:6a:b8:56:
4a:33:12:24:56:47:d3:4c:07:4f:49:bd:cf:e2:1a:
8b:a2:1a:40:b2:0a:96:55:e5:ea:e7:f7:5e:c2:2f:
58:5d:77:eb:5c:49:f4:a3:e4:91:87:17:d6:0f:5c:
f5:e9:6c:1e:5b:2b:bc:83:72:31:fa:a6:ca:f7:fa:
df:d3:6e:70:5c:e4:9f:c7:43:d1:fe:ac:df:c7:ee:
6f:26:91:88:19:46:73:04:4a:f8:af:a9:e7:d8:15:
50:6d:82:84:45:01:7e:87:62:e2:87:5a:79:56:42:
ba:84:09:1e:36:a8:4b:a5:97:88:8e:14:c4:33:c1:
df:3a:c8:4e:6d:bd:1d:68:66:c4:26:42:6d:87:77:
51:cb:3d:62:31:4d:9b:ff:66:1c:b8:93:b6:ea:20:
99:fc:f5:08:00:08:1b:02:ed:88:71:e3:a7:80:da:
c1:6b:24:66:73:a9:32:7f:59:90:b7:bb:18:8c:a4:
7c:8a:73:27:85:bf:3b:48:bb:34:21:8b:42:0c:8f:
f1:99:c0:4b:8f:ac:5c:b8:f8:87:43:a8:be:ba:3f:
90:b5:80:38:e9:9a:07:44:ee:45:da:5d:d3:d5:fd:
e6:ae:27:d0:7d:95:01:d3:31:e7:e6:23:52:21:db:
ad:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:66:BB:50:C0:5C:99:5A:53:1D:D9:3E:BB:F2:66:47:1F:89:76:A4
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/B2a7UMBcmVpTHdk-u_JmRx-JdqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.0.0/24
192.165.3.0/24
192.165.134.0/23
192.165.152.0/22
192.165.157.0/24
193.180.92.0/24
193.181.34.0/24
193.183.20.0/24
193.183.49.0/24
193.183.59.0/24
193.234.3.0/24
193.234.94.0/24
193.234.116.0/22
193.234.144.0/24
193.234.205.0/24
194.14.57.0/24
194.68.24.0/24
194.68.181.0/24
194.71.0.0/23
194.71.219.0/24
194.103.3.0/24
194.103.16.0/23
194.103.95.0/24
194.103.145.0/24
194.103.197.0/24
194.132.120.0/24
194.132.164.0/24
194.132.166.0/24
194.132.186.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:60:86:38:19:99:d3:ee:12:68:e6:00:e3:d6:59:40:d5:3d:
05:0f:43:a8:57:4e:2f:45:17:68:a2:e4:e5:a2:2f:40:21:69:
2a:3a:ef:10:92:14:0f:39:bc:f7:0e:23:85:97:cb:fa:6f:81:
09:a8:68:06:0a:a4:86:dd:8c:ee:a3:59:b6:37:e8:7d:ed:13:
4f:5a:12:a4:e7:a9:81:97:1a:9e:09:d6:c8:94:27:18:56:e1:
cc:9c:38:33:2d:3e:62:33:13:d1:c0:f7:72:c0:80:e9:7e:7b:
25:a0:0f:2a:57:c8:c1:38:c5:88:40:f7:ff:d4:05:20:4e:79:
5a:39:15:80:14:9e:57:88:e3:8b:1d:64:ba:62:cc:b7:61:ca:
e0:ad:1c:48:22:58:bb:2b:f6:2a:ee:c6:cd:76:9a:3f:3c:91:
7b:61:61:bc:8e:36:6c:ca:aa:19:94:15:b0:24:15:c8:88:b7:
c6:43:9b:ab:d0:11:47:41:4d:2f:30:fc:3b:30:1c:3b:b4:99:
a2:bc:51:3f:f4:30:ef:0d:e1:ca:66:b7:3f:39:c5:f6:a5:af:
6c:8b:76:6e:9f:dd:ba:bc:37:76:4f:29:cc:46:ab:b4:51:f5:
de:de:6e:14:98:9f:1d:8a:99:69:32:1d:d4:2d:b3:1b:98:4e:
ef:34:f6:4e
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZX2flobkf49JkyPk3J6nusZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwNDAyMTIzMzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzY2YmI1MGMwNWM5OTVhNTMxZGQ5M2ViYmYyNjY0NzFmODk3NmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgJ0+02tdGRjLoFquFZKMxIkVkfT
TAdPSb3P4hqLohpAsgqWVeXq5/dewi9YXXfrXEn0o+SRhxfWD1z16WweWyu8g3Ix
+qbK9/rf025wXOSfx0PR/qzfx+5vJpGIGUZzBEr4r6nn2BVQbYKERQF+h2Lih1p5
VkK6hAkeNqhLpZeIjhTEM8HfOshObb0daGbEJkJth3dRyz1iMU2b/2YcuJO26iCZ
/PUIAAgbAu2IceOngNrBayRmc6kyf1mQt7sYjKR8inMnhb87SLs0IYtCDI/xmcBL
j6xcuPiHQ6i+uj+QtYA46ZoHRO5F2l3T1f3mrifQfZUB0zHn5iNSIdutOwIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFAdmu1DAXJlaUx3ZPrvyZkcfiXakMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvQjJhN1VNQmNtVnBUSGRrLXVfSm1SeC1KZHFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4DBADA
RwADBADApQMDBAHApYYDBALApZgDBADApZ0DBADBtFwDBADBtSIDBADBtxQDBADB
tzEDBADBtzsDBADB6gMDBADB6l4DBALB6nQDBADB6pADBADB6s0DBADCDjkDBADC
RBgDBADCRLUDBAHCRwADBADCR9sDBADCZwMDBAHCZxADBADCZ18DBADCZ5EDBADC
Z8UDBADChHgDBADChKQDBADChKYDBADChLowDQYJKoZIhvcNAQELBQADggEBAJxg
hjgZmdPuEmjmAOPWWUDVPQUPQ6hXTi9FF2ii5OWiL0AhaSo67xCSFA85vPcOI4WX
y/pvgQmoaAYKpIbdjO6jWbY36H3tE09aEqTnqYGXGp4J1siUJxhW4cycODMtPmIz
E9HA93LAgOl+eyWgDypXyME4xYhA9//UBSBOeVo5FYAUnleI44sdZLpizLdhyuCt
HEgiWLsr9iruxs12mj88kXthYbyONmzKqhmUFbAkFciIt8ZDm6vQEUdBTS8w/Dsw
HDu0maK8UT/0MO8N4cpmtz85xfalr2yLdm6f3bq8N3ZPKcxGq7RR9d7ebhSYnx2K
mWkyHdQtsxuYTu809k4=
-----END CERTIFICATE-----
Generated at Thu Apr 10 14:50:52 2025 by rpki-client