Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/T2nBcN90QL37RbdRO-q8DLQ77Ek.roa
File: T2nBcN90QL37RbdRO-q8DLQ77Ek.roa (raw, json)
Hash identifier: 31WpgwL2EfZ5Tm1AWagxgpt2F5zFwFiQsAAVBMSiTzA=
Subject key identifier: 4F:69:C1:70:DF:74:40:BD:FB:45:B7:51:3B:EA:BC:0C:B4:3B:EC:49
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0195F620F61FC8FA7279E99F4167C2730A1A
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/T2nBcN90QL37RbdRO-q8DLQ77Ek.roa
Signing time: Wed 02 Apr 2025 10:51:50 +0000
ROA not before: Wed 02 Apr 2025 10:51:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 2.58.171.0/24 maxlen: 24
88.151.61.0/24 maxlen: 24
88.209.192.0/24 maxlen: 24
88.209.207.0/24 maxlen: 24
88.209.209.0/24 maxlen: 24
88.209.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f6:20:f6:1f:c8:fa:72:79:e9:9f:41:67:c2:73:0a:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Apr 2 10:51:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f69c170df7440bdfb45b7513beabc0cb43bec49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7b:55:af:e1:36:17:3a:fc:36:c7:2a:73:ad:
19:47:f5:c9:47:f5:d5:74:72:3c:82:a2:33:f4:d1:
a4:52:2a:d1:4d:c8:32:cd:66:18:c0:0f:3b:ec:eb:
7c:21:57:b6:94:a2:f7:a7:23:a4:cb:52:eb:c8:e3:
18:45:50:33:2f:95:92:e9:47:0c:e8:ea:15:b5:82:
f8:c9:ea:23:01:76:20:ff:2c:43:a8:cb:89:61:54:
a4:07:7a:85:1d:3c:e8:9e:3d:7f:b2:4e:e8:62:ad:
ec:80:63:53:37:54:02:54:5a:69:45:f7:40:26:3d:
66:77:3c:25:2c:7e:2b:c4:da:2a:8b:14:a3:0c:08:
0d:5e:69:87:95:38:53:23:b4:23:39:f7:3c:c3:50:
ea:c6:9b:46:5d:8f:d5:6d:5e:0d:2f:21:65:95:59:
19:0a:e9:7a:32:fb:0d:5e:66:98:1c:cb:df:90:0c:
1b:cf:35:e7:0c:08:c5:8f:d2:9a:17:1c:3c:67:4c:
b3:34:99:3f:a9:4e:38:c4:6c:d0:f7:3f:40:9b:5e:
c9:e5:ba:ec:92:cc:37:f9:b0:5d:00:6a:4c:10:bb:
ba:7d:c0:aa:93:c3:10:66:2b:83:e5:94:ed:43:2b:
4b:fb:e6:54:a2:2e:0d:f6:25:92:55:d0:c3:e4:e0:
b8:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:69:C1:70:DF:74:40:BD:FB:45:B7:51:3B:EA:BC:0C:B4:3B:EC:49
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/T2nBcN90QL37RbdRO-q8DLQ77Ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.171.0/24
88.151.61.0/24
88.209.192.0/24
88.209.207.0/24
88.209.209.0/24
88.209.222.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:3d:74:46:e6:7d:b8:b0:84:95:9c:5f:c5:4c:bc:1f:68:3a:
ac:4c:be:33:43:50:bc:94:41:28:b4:a3:51:5c:af:12:61:44:
ea:5c:75:a8:62:d6:92:2f:52:c5:ad:c2:f7:78:b8:2a:8d:13:
ac:1e:04:9a:f8:d7:dd:77:f9:29:31:02:07:da:d9:69:26:10:
2a:71:a2:20:78:57:44:91:2f:b0:c0:cf:58:e0:39:9e:05:9f:
1b:55:83:ab:75:8c:00:fa:a6:73:62:9d:85:46:00:d4:a2:2d:
a6:43:d2:f6:10:46:37:79:00:6d:cf:16:d0:18:30:2d:57:5f:
c4:99:a0:50:1e:4f:b7:80:c6:46:02:43:80:67:ee:ba:80:1d:
56:01:83:16:8b:c4:e9:13:1b:4c:fb:ce:e6:33:60:b9:dc:79:
f0:91:ee:52:83:96:15:2e:06:c9:e7:7e:9f:e2:be:87:d9:3c:
d1:d5:eb:d1:7c:07:63:20:08:31:33:f5:a4:b3:b1:9e:f0:a7:
e1:e1:6d:51:e9:ba:1e:bb:95:3d:ee:fa:c4:59:a7:b9:9c:93:
b9:2d:5f:ce:41:56:5b:e6:00:dd:9b:38:73:23:22:72:a8:18:
f7:e5:0c:0a:2f:16:4b:22:a0:8c:45:d6:04:df:67:ae:c9:8c:
0d:a0:05:f0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZX2IPYfyPpyeemfQWfCcwoaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwNDAyMTA1MTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjY5YzE3MGRmNzQ0MGJkZmI0NWI3NTEzYmVhYmMwY2I0M2JlYzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHtVr+E2Fzr8Nscqc60ZR/XJR/XV
dHI8gqIz9NGkUirRTcgyzWYYwA877Ot8IVe2lKL3pyOky1LryOMYRVAzL5WS6UcM
6OoVtYL4yeojAXYg/yxDqMuJYVSkB3qFHTzonj1/sk7oYq3sgGNTN1QCVFppRfdA
Jj1mdzwlLH4rxNoqixSjDAgNXmmHlThTI7QjOfc8w1DqxptGXY/VbV4NLyFllVkZ
Cul6MvsNXmaYHMvfkAwbzzXnDAjFj9KaFxw8Z0yzNJk/qU44xGzQ9z9Am17J5brs
ksw3+bBdAGpMELu6fcCqk8MQZiuD5ZTtQytL++ZUoi4N9iWSVdDD5OC44QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFE9pwXDfdEC9+0W3UTvqvAy0O+xJMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVDJuQmNOOTBRTDM3UmJkUk8tcThETFE3N0VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAAjqrAwQA
WJc9AwQAWNHAAwQAWNHPAwQAWNHRAwQAWNHeMA0GCSqGSIb3DQEBCwUAA4IBAQCd
PXRG5n24sISVnF/FTLwfaDqsTL4zQ1C8lEEotKNRXK8SYUTqXHWoYtaSL1LFrcL3
eLgqjROsHgSa+Nfdd/kpMQIH2tlpJhAqcaIgeFdEkS+wwM9Y4DmeBZ8bVYOrdYwA
+qZzYp2FRgDUoi2mQ9L2EEY3eQBtzxbQGDAtV1/EmaBQHk+3gMZGAkOAZ+66gB1W
AYMWi8TpExtM+87mM2C53Hnwke5Sg5YVLgbJ536f4r6H2TzR1evRfAdjIAgxM/Wk
s7Ge8Kfh4W1R6boeu5U97vrEWae5nJO5LV/OQVZb5gDdmzhzIyJyqBj35QwKLxZL
IqCMRdYE32euyYwNoAXw
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:01:59 2025 by rpki-client