Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/8bff72-5c16-4484-acc2-7eb4c088590f/1/2ba1m8Gy_1XOQ9HVKpmmzSbnedQ.roa
File: 2ba1m8Gy_1XOQ9HVKpmmzSbnedQ.roa (raw, json)
Hash identifier: nQyh0Ol7+Fw/xV4Vz5V2aR6KWFx7hjc+pCgRAL93L9k=
Subject key identifier: D9:B6:B5:9B:C1:B2:FF:55:CE:43:D1:D5:2A:99:A6:CD:26:E7:79:D4
Certificate issuer: /CN=cadc74e10830421d4eeea98244cfd1b4119037ff
Certificate serial: 0194266C3A903D8F1F0A127AC5EC9395BED3
Authority key identifier: CA:DC:74:E1:08:30:42:1D:4E:EE:A9:82:44:CF:D1:B4:11:90:37:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ytx04QgwQh1O7qmCRM_RtBGQN_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/8bff72-5c16-4484-acc2-7eb4c088590f/1/2ba1m8Gy_1XOQ9HVKpmmzSbnedQ.roa
Signing time: Thu 02 Jan 2025 09:50:14 +0000
ROA not before: Thu 02 Jan 2025 09:50:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 680
IP address blocks: 141.71.0.0/16 maxlen: 16
192.108.51.0/24 maxlen: 24
192.108.52.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/8bff72-5c16-4484-acc2-7eb4c088590f/1/ytx04QgwQh1O7qmCRM_RtBGQN_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/8bff72-5c16-4484-acc2-7eb4c088590f/1/ytx04QgwQh1O7qmCRM_RtBGQN_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ytx04QgwQh1O7qmCRM_RtBGQN_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 03:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:3a:90:3d:8f:1f:0a:12:7a:c5:ec:93:95:be:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cadc74e10830421d4eeea98244cfd1b4119037ff
Validity
Not Before: Jan 2 09:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9b6b59bc1b2ff55ce43d1d52a99a6cd26e779d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c7:c6:3d:a6:10:69:23:30:12:7e:27:ed:4b:
ce:fc:5b:69:90:50:84:80:ac:dc:f5:40:3e:fc:0e:
4c:9f:9c:6d:47:a4:6b:92:03:e8:52:01:cf:cc:23:
f3:44:49:f3:bd:37:6d:4f:f0:3d:6f:07:c7:ee:25:
bc:2a:91:a3:18:95:7f:f8:79:5c:eb:52:53:fe:7b:
98:06:6f:64:4b:bf:42:83:dd:5d:a3:bf:43:3d:aa:
59:07:82:17:4a:bd:58:1c:10:5c:52:6e:89:11:35:
88:42:1d:c9:62:6c:93:ef:32:44:85:8e:8c:92:9a:
38:a7:ec:55:c0:d3:ef:a0:32:ae:c8:fa:5d:e5:2c:
de:af:08:65:74:fd:73:6d:ee:43:a2:75:2a:0f:46:
ac:2f:9c:ef:54:11:98:d3:0a:3d:20:9c:a2:a4:ac:
f4:1c:98:7d:ca:be:10:45:60:d0:44:b6:c8:03:74:
7e:8c:5c:c6:42:94:b9:eb:82:35:9d:c0:cb:64:82:
9e:db:a2:ee:96:cd:31:8b:68:3e:d2:87:77:c7:fc:
ba:56:cb:39:aa:68:09:f1:6e:8f:8e:9d:cd:5f:e3:
fe:20:0e:c1:3b:bc:86:70:de:69:9f:4d:38:18:4d:
2f:67:d9:3a:c2:9d:82:a8:83:a5:58:5b:d5:05:91:
3f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B6:B5:9B:C1:B2:FF:55:CE:43:D1:D5:2A:99:A6:CD:26:E7:79:D4
X509v3 Authority Key Identifier:
keyid:CA:DC:74:E1:08:30:42:1D:4E:EE:A9:82:44:CF:D1:B4:11:90:37:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ytx04QgwQh1O7qmCRM_RtBGQN_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8bff72-5c16-4484-acc2-7eb4c088590f/1/2ba1m8Gy_1XOQ9HVKpmmzSbnedQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8bff72-5c16-4484-acc2-7eb4c088590f/1/ytx04QgwQh1O7qmCRM_RtBGQN_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.71.0.0/16
192.108.51.0-192.108.53.255
Signature Algorithm: sha256WithRSAEncryption
15:42:2c:25:1d:88:80:4d:20:3a:80:ab:09:47:7f:4d:ab:c5:
53:04:da:df:39:0d:d2:a8:2a:11:4b:17:36:e8:af:93:f5:48:
dd:40:71:d8:31:b7:b0:b5:3a:65:03:fb:4c:a1:d1:55:79:1d:
c5:e2:ab:69:fb:c9:ea:ae:54:e2:b5:55:5f:fc:1d:b5:81:56:
74:94:94:bc:4c:65:a6:43:16:64:1f:4b:e6:55:15:06:d9:b3:
84:da:8d:95:57:a1:97:08:05:44:2f:2c:94:f9:05:00:fa:73:
10:8a:e3:24:60:37:60:4e:be:77:21:63:bd:cb:55:34:42:71:
b0:71:64:4e:33:50:a9:f1:d0:2c:5f:b6:c6:29:24:9a:95:25:
94:54:97:bf:ab:0e:6e:01:8f:e1:6c:33:7b:9a:e8:71:21:ba:
2a:1d:19:79:d0:b3:c3:51:b6:88:2b:46:09:2d:12:84:09:ee:
fc:4a:44:7b:51:7c:0d:7c:4d:e7:95:bf:df:6e:15:8a:68:df:
ea:d2:7c:5a:d1:a0:24:fd:0e:f8:f7:cc:5f:c3:fe:2f:5b:d8:
66:18:53:b7:29:50:0d:f7:f9:68:48:a9:ed:9a:7b:d8:d5:53:
ff:62:ad:00:8e:cf:4f:a0:93:f8:0c:6f:f8:87:a5:4c:e2:21:
ae:b2:7f:e5
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQmbDqQPY8fChJ6xeyTlb7TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZGM3NGUxMDgzMDQyMWQ0ZWVlYTk4MjQ0Y2ZkMWI0MTE5
MDM3ZmYwHhcNMjUwMTAyMDk1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWI2YjU5YmMxYjJmZjU1Y2U0M2QxZDUyYTk5YTZjZDI2ZTc3OWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsfGPaYQaSMwEn4n7UvO/FtpkFCE
gKzc9UA+/A5Mn5xtR6RrkgPoUgHPzCPzREnzvTdtT/A9bwfH7iW8KpGjGJV/+Hlc
61JT/nuYBm9kS79Cg91do79DPapZB4IXSr1YHBBcUm6JETWIQh3JYmyT7zJEhY6M
kpo4p+xVwNPvoDKuyPpd5SzerwhldP1zbe5DonUqD0asL5zvVBGY0wo9IJyipKz0
HJh9yr4QRWDQRLbIA3R+jFzGQpS564I1ncDLZIKe26Luls0xi2g+0od3x/y6Vss5
qmgJ8W6Pjp3NX+P+IA7BO7yGcN5pn004GE0vZ9k6wp2CqIOlWFvVBZE/IQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNm2tZvBsv9VzkPR1SqZps0m53nUMB8GA1UdIwQY
MBaAFMrcdOEIMEIdTu6pgkTP0bQRkDf/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXR4MDRRZ3dRaDFPN3FtQ1JNX1J0QkdRTl84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC84YmZmNzItNWMxNi00NDg0LWFjYzIt
N2ViNGMwODg1OTBmLzEvMmJhMW04R3lfMVhPUTlIVktwbW16U2JuZWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC84YmZmNzItNWMxNi00NDg0LWFjYzItN2ViNGMwODg1OTBm
LzEveXR4MDRRZ3dRaDFPN3FtQ1JNX1J0QkdRTl84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwMAjUcwDAME
AMBsMwMEAcBsNDANBgkqhkiG9w0BAQsFAAOCAQEAFUIsJR2IgE0gOoCrCUd/TavF
UwTa3zkN0qgqEUsXNuivk/VI3UBx2DG3sLU6ZQP7TKHRVXkdxeKrafvJ6q5U4rVV
X/wdtYFWdJSUvExlpkMWZB9L5lUVBtmzhNqNlVehlwgFRC8slPkFAPpzEIrjJGA3
YE6+dyFjvctVNEJxsHFkTjNQqfHQLF+2xikkmpUllFSXv6sObgGP4Wwze5rocSG6
Kh0ZedCzw1G2iCtGCS0ShAnu/EpEe1F8DXxN55W/324Vimjf6tJ8WtGgJP0O+PfM
X8P+L1vYZhhTtylQDff5aEip7Zp72NVT/2KtAI7PT6CT+Axv+IelTOIhrrJ/5Q==
-----END CERTIFICATE-----
Generated at Sat Apr 12 13:24:59 2025 by rpki-client