Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/i2JZjMut_w-qPnDbf6tDM4Mxj8w.roa
File: i2JZjMut_w-qPnDbf6tDM4Mxj8w.roa (raw, json)
Hash identifier: b8bHbU79HttBgog3KsyrUtcYgsOCLoL6pGsEYHT8jic=
Subject key identifier: 8B:62:59:8C:CB:AD:FF:0F:AA:3E:70:DB:7F:AB:43:33:83:31:8F:CC
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019527AF6C5AA0BC07C0A03D6385978BA81C
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/i2JZjMut_w-qPnDbf6tDM4Mxj8w.roa
Signing time: Fri 21 Feb 2025 08:46:02 +0000
ROA not before: Fri 21 Feb 2025 08:46:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48942
IP address blocks: 194.103.239.0/24 maxlen: 24
194.132.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:27:af:6c:5a:a0:bc:07:c0:a0:3d:63:85:97:8b:a8:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Feb 21 08:46:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b62598ccbadff0faa3e70db7fab433383318fcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:41:b8:05:9b:fd:46:8f:0b:5f:05:80:cc:2c:
69:8c:1d:23:81:08:d8:26:36:a7:0d:19:f7:01:01:
4a:74:ac:2d:b6:4a:88:8e:4e:98:0f:5f:34:e7:e4:
0c:4f:4e:c5:e0:bc:f2:9f:ab:28:01:55:f8:89:62:
fa:30:ed:52:fa:71:d6:6a:6c:9b:dc:87:f6:8c:d3:
0a:85:c4:ca:a4:bd:9c:d3:98:fc:72:56:b3:46:01:
cc:91:8c:57:dd:95:0a:58:45:5e:a9:a3:37:e3:bb:
a0:cd:bd:50:2d:89:98:41:ec:ea:72:e8:29:54:53:
c9:dd:56:31:59:44:39:ad:6e:f1:43:f8:c2:a4:0b:
3a:00:f6:19:c9:d0:aa:e0:df:53:98:07:18:2f:20:
50:9d:7b:61:76:f8:50:e3:94:5b:5d:f0:94:ad:ec:
c7:a6:97:e1:63:4b:7d:0f:9f:98:6f:c4:24:4c:fd:
e8:b3:bc:e3:19:c5:c4:1a:f3:8f:e5:dd:a3:b9:2e:
47:e3:66:44:d5:cd:73:07:8d:d9:3e:77:4b:e8:bb:
ee:e3:5a:81:17:aa:d7:74:33:8d:b4:a6:9e:e7:af:
aa:1f:f8:9e:fa:b1:98:9c:17:5b:d3:23:dc:5e:e5:
73:88:93:2b:47:19:7d:60:be:eb:c6:d8:55:42:5c:
cf:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:62:59:8C:CB:AD:FF:0F:AA:3E:70:DB:7F:AB:43:33:83:31:8F:CC
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/i2JZjMut_w-qPnDbf6tDM4Mxj8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.103.239.0/24
194.132.167.0/24
Signature Algorithm: sha256WithRSAEncryption
12:b8:9b:dc:2a:35:b4:9f:06:f7:c1:73:18:c7:b4:c6:ea:7e:
49:b1:cf:d3:f2:6d:8e:e3:c9:a9:df:b5:8f:c3:d0:91:26:f0:
7d:28:f9:82:6a:8a:06:66:79:3c:ea:b0:f9:a5:58:86:e0:c7:
b7:db:d4:df:b8:ee:2b:0f:fb:5a:b5:2c:0d:c7:e5:09:de:cf:
c2:0f:13:b2:04:e1:30:b0:e3:7c:e6:67:3a:0d:90:d3:c6:50:
12:d9:cd:18:26:ee:c4:65:9d:39:06:90:a4:d5:e7:72:a2:13:
e3:f5:de:a9:ba:08:cb:4c:6e:fa:23:36:f4:75:7f:63:d7:04:
f3:8d:0a:19:e9:96:f1:14:7c:71:42:e0:a6:9a:bc:31:cf:73:
6f:ad:2c:70:c5:0d:05:4d:54:92:f7:ae:f1:f1:7e:cc:99:e0:
1e:ab:e6:38:6c:fa:51:c6:90:4e:73:2b:43:f7:a8:94:fb:23:
36:90:09:e9:f2:37:5d:35:82:35:2c:06:70:5e:da:59:12:0e:
85:21:29:cf:27:35:95:a9:6f:0f:d1:8d:1f:1e:88:0a:ae:a8:
a5:29:0a:93:14:86:a9:ad:74:8f:af:ad:1e:9a:e3:96:e4:ea:
07:e7:1f:a6:75:f7:ec:4f:bc:8f:dc:e5:e7:26:62:64:50:71:
0c:d2:8c:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUnr2xaoLwHwKA9Y4WXi6gcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMjIxMDg0NjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjYyNTk4Y2NiYWRmZjBmYWEzZTcwZGI3ZmFiNDMzMzgzMzE4ZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUG4BZv9Ro8LXwWAzCxpjB0jgQjY
JjanDRn3AQFKdKwttkqIjk6YD1805+QMT07F4Lzyn6soAVX4iWL6MO1S+nHWamyb
3If2jNMKhcTKpL2c05j8clazRgHMkYxX3ZUKWEVeqaM347ugzb1QLYmYQezqcugp
VFPJ3VYxWUQ5rW7xQ/jCpAs6APYZydCq4N9TmAcYLyBQnXthdvhQ45RbXfCUrezH
ppfhY0t9D5+Yb8QkTP3os7zjGcXEGvOP5d2juS5H42ZE1c1zB43ZPndL6Lvu41qB
F6rXdDONtKae56+qH/ie+rGYnBdb0yPcXuVziJMrRxl9YL7rxthVQlzPtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFItiWYzLrf8Pqj5w23+rQzODMY/MMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvaTJKWmpNdXRfdy1xUG5EYmY2dERNNE14ajh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwmfvAwQA
woSnMA0GCSqGSIb3DQEBCwUAA4IBAQASuJvcKjW0nwb3wXMYx7TG6n5Jsc/T8m2O
48mp37WPw9CRJvB9KPmCaooGZnk86rD5pViG4Me329TfuO4rD/tatSwNx+UJ3s/C
DxOyBOEwsON85mc6DZDTxlAS2c0YJu7EZZ05BpCk1edyohPj9d6pugjLTG76Izb0
dX9j1wTzjQoZ6ZbxFHxxQuCmmrwxz3NvrSxwxQ0FTVSS967x8X7MmeAeq+Y4bPpR
xpBOcytD96iU+yM2kAnp8jddNYI1LAZwXtpZEg6FISnPJzWVqW8P0Y0fHogKrqil
KQqTFIaprXSPr60emuOW5OoH5x+mdffsT7yP3OXnJmJkUHEM0oxf
-----END CERTIFICATE-----
Generated at Thu Apr 10 14:50:53 2025 by rpki-client