Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/2bitAWBYtHnJOfetAxEk1NWDm2Y.roa
File: 2bitAWBYtHnJOfetAxEk1NWDm2Y.roa (raw, json)
Hash identifier: Ny4sMxLaEUhtST4+VmyAnyHZb/s80LG64s9z9X1sBRQ=
Subject key identifier: D9:B8:AD:01:60:58:B4:79:C9:39:F7:AD:03:11:24:D4:D5:83:9B:66
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 019521E4451088DE313B1E6BAB9BFA9BE167
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/2bitAWBYtHnJOfetAxEk1NWDm2Y.roa
Signing time: Thu 20 Feb 2025 05:46:02 +0000
ROA not before: Thu 20 Feb 2025 05:46:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 84.55.17.0/24 maxlen: 24
84.55.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:21:e4:45:10:88:de:31:3b:1e:6b:ab:9b:fa:9b:e1:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Feb 20 05:46:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9b8ad016058b479c939f7ad031124d4d5839b66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:38:e3:fe:c3:48:62:ee:85:e4:2f:a1:bf:0b:
fb:04:be:46:eb:a1:5c:51:dc:d7:45:ff:de:b1:94:
b7:99:06:2e:1c:2c:4c:d4:24:23:37:e7:1a:eb:8a:
e1:f8:e7:68:f0:31:ef:ce:9f:55:25:55:5a:82:b1:
5b:29:f1:79:59:e6:21:91:cb:3c:58:4f:ef:d9:84:
2d:bc:9c:6b:81:d7:53:ad:f3:9a:fe:2a:fa:74:64:
c4:d5:37:68:25:59:7c:86:4c:bb:b1:24:f5:61:00:
e8:e0:b2:6a:c6:a7:29:c6:e9:b4:2d:56:83:17:db:
8a:39:cc:79:7e:5a:42:5e:7b:f5:25:cb:8e:bb:e3:
d6:5e:98:aa:ff:04:d3:d6:e5:ac:b3:94:8e:8c:18:
9a:c8:1d:20:8c:05:25:45:82:c2:60:08:30:5e:ec:
c5:80:1f:7c:b0:65:f9:e5:4b:52:56:ca:3f:7b:7a:
44:6c:19:54:5a:02:99:4e:62:7d:94:dc:c9:fb:b3:
88:f8:2d:02:ff:58:d9:23:28:7b:3e:d3:58:cf:59:
83:77:da:04:58:37:f1:38:ee:a5:e9:df:73:99:6a:
93:cc:ce:93:36:fa:0e:4d:f9:3f:2b:8f:48:26:97:
1c:b8:93:13:2c:1c:9c:27:fd:79:73:81:26:d7:7c:
a0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B8:AD:01:60:58:B4:79:C9:39:F7:AD:03:11:24:D4:D5:83:9B:66
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/2bitAWBYtHnJOfetAxEk1NWDm2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.55.17.0/24
84.55.22.0/24
Signature Algorithm: sha256WithRSAEncryption
90:45:bf:c9:27:47:03:42:b1:a2:7f:ce:34:38:31:c9:31:6f:
02:a5:2d:b7:75:bd:53:2e:de:a6:7d:8f:83:fb:df:93:33:b0:
cc:ea:ea:b8:c2:ce:1e:79:b2:b2:38:a1:0f:d8:9b:aa:69:55:
99:f6:b3:8c:39:3a:a0:e5:07:71:56:bc:a5:13:04:33:29:f7:
66:1d:1a:13:2a:0b:25:1e:8c:f6:e6:13:e7:d1:53:7e:fe:f8:
0e:a5:0d:1a:b0:8a:16:d1:f7:df:13:7d:10:ff:8d:ae:a7:a3:
f8:af:5a:3c:b1:4e:96:ae:b9:d4:1d:5f:ee:46:96:ed:2c:97:
53:72:36:20:4b:ed:4a:b9:13:b9:22:01:db:25:cc:dd:ed:a8:
38:d7:1d:08:ac:3b:6d:3d:3b:08:1f:e3:f3:ef:3d:ad:5c:1b:
8b:0b:e4:fe:c2:2a:80:b8:cf:95:3c:6b:ff:8f:2d:1c:a6:64:
d6:09:23:5a:d4:16:dc:8a:fd:6e:98:9b:c8:e3:09:64:22:54:
2a:f5:33:6c:42:4d:9a:cc:a3:17:59:eb:b8:7f:3e:1a:64:67:
f7:31:d3:3b:56:36:ca:f9:cf:b7:8d:f7:d4:37:ab:7e:4b:80:
44:21:f6:f1:11:34:a9:5d:31:fe:97:a0:23:78:8c:ad:b5:fc:
7d:42:66:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUh5EUQiN4xOx5rq5v6m+FnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjUwMjIwMDU0NjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWI4YWQwMTYwNThiNDc5YzkzOWY3YWQwMzExMjRkNGQ1ODM5YjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTjj/sNIYu6F5C+hvwv7BL5G66Fc
UdzXRf/esZS3mQYuHCxM1CQjN+ca64rh+Odo8DHvzp9VJVVagrFbKfF5WeYhkcs8
WE/v2YQtvJxrgddTrfOa/ir6dGTE1TdoJVl8hky7sST1YQDo4LJqxqcpxum0LVaD
F9uKOcx5flpCXnv1JcuOu+PWXpiq/wTT1uWss5SOjBiayB0gjAUlRYLCYAgwXuzF
gB98sGX55UtSVso/e3pEbBlUWgKZTmJ9lNzJ+7OI+C0C/1jZIyh7PtNYz1mDd9oE
WDfxOO6l6d9zmWqTzM6TNvoOTfk/K49IJpccuJMTLBycJ/15c4Em13yg5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNm4rQFgWLR5yTn3rQMRJNTVg5tmMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvMmJpdEFXQll0SG5KT2ZldEF4RWsxTldEbTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVDcRAwQA
VDcWMA0GCSqGSIb3DQEBCwUAA4IBAQCQRb/JJ0cDQrGif840ODHJMW8CpS23db1T
Lt6mfY+D+9+TM7DM6uq4ws4eebKyOKEP2JuqaVWZ9rOMOTqg5QdxVrylEwQzKfdm
HRoTKgslHoz25hPn0VN+/vgOpQ0asIoW0fffE30Q/42up6P4r1o8sU6WrrnUHV/u
RpbtLJdTcjYgS+1KuRO5IgHbJczd7ag41x0IrDttPTsIH+Pz7z2tXBuLC+T+wiqA
uM+VPGv/jy0cpmTWCSNa1Bbciv1umJvI4wlkIlQq9TNsQk2azKMXWeu4fz4aZGf3
MdM7VjbK+c+3jffUN6t+S4BEIfbxETSpXTH+l6AjeIyttfx9QmbZ
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:15:44 2025 by rpki-client