Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/Ca2-ogSZC5B8tEEmtw5KxAEhJPM.roa
File: Ca2-ogSZC5B8tEEmtw5KxAEhJPM.roa (raw, json)
Hash identifier: 9b2u0lDf0ZcTigZmXHynF17wPQBPLYhpE0B4WDhTJ3Y=
Subject key identifier: 09:AD:BE:A2:04:99:0B:90:7C:B4:41:26:B7:0E:4A:C4:01:21:24:F3
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0194228E41C098CED1C1953E16F911D644D2
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/Ca2-ogSZC5B8tEEmtw5KxAEhJPM.roa
Signing time: Wed 01 Jan 2025 15:48:55 +0000
ROA not before: Wed 01 Jan 2025 15:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9087
IP address blocks: 213.145.72.0/23 maxlen: 23
213.145.76.0/23 maxlen: 23
213.145.78.0/23 maxlen: 23
213.145.90.0/23 maxlen: 24
213.145.92.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 09:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:41:c0:98:ce:d1:c1:95:3e:16:f9:11:d6:44:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jan 1 15:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09adbea204990b907cb44126b70e4ac4012124f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:66:4a:63:c1:d8:30:e1:12:81:7e:40:44:f6:
ce:18:31:b5:e4:df:68:42:ba:80:ff:af:1f:23:31:
30:8d:77:f2:0b:99:70:b4:28:ce:c8:90:9d:88:df:
bc:ae:4b:29:bc:19:5b:84:45:d4:0c:9e:ee:93:72:
61:b0:e2:59:f1:e3:70:cc:bb:a0:d9:8a:87:00:9c:
61:35:f1:eb:fc:37:52:4a:fb:86:08:32:d4:05:fa:
a0:f5:cd:48:ca:8a:0f:f7:d8:f9:e3:b2:e5:12:b2:
c8:0d:64:b6:04:27:83:86:3d:53:65:fe:f5:89:79:
ab:31:2f:98:94:19:4c:16:5d:b7:2c:20:5d:87:40:
7d:61:e2:9e:8f:b8:15:9d:90:6c:19:87:f0:f7:65:
03:3e:15:0b:ba:47:d7:01:96:bc:19:2b:af:a1:37:
74:81:84:fe:3a:65:71:a4:19:79:dd:c6:cb:89:a1:
b6:73:a4:5b:a1:ef:86:b6:fa:c5:2b:e2:97:59:07:
d0:e2:2a:28:52:98:44:47:94:4e:9b:6c:66:3e:d6:
e3:92:6a:ae:75:54:52:a7:81:ba:bb:a3:86:ce:77:
8a:71:98:67:e3:de:e2:7d:a4:97:73:30:9b:1d:e2:
44:db:aa:f8:3a:6e:b1:77:3c:04:df:0f:58:d3:8e:
4b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:AD:BE:A2:04:99:0B:90:7C:B4:41:26:B7:0E:4A:C4:01:21:24:F3
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/Ca2-ogSZC5B8tEEmtw5KxAEhJPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.145.72.0/23
213.145.76.0/22
213.145.90.0-213.145.93.255
Signature Algorithm: sha256WithRSAEncryption
e4:10:9b:d1:a5:72:d3:3e:ef:08:0c:9c:9c:41:48:e1:21:82:
e1:40:d3:47:57:26:41:a3:99:f5:d5:af:a1:7f:28:6a:a4:38:
8c:42:3a:ca:3d:db:e3:01:d5:1a:c7:cc:22:67:e8:db:3b:c7:
3c:4d:42:71:17:8c:8f:c5:fc:bf:3e:bc:21:b2:f5:98:53:1e:
a5:73:26:d2:ff:f4:19:31:20:ea:75:d6:8c:a1:f4:0a:68:80:
21:25:62:ac:22:93:f5:0a:15:5f:5f:09:f1:82:8c:ac:4a:46:
f8:83:a2:b2:6f:d7:03:1c:f4:4e:7e:99:99:30:35:cf:e2:47:
35:e6:8a:a5:1a:9c:82:fe:5a:e5:5c:6e:76:6f:01:8e:0d:07:
63:a3:20:84:a1:d2:c9:64:c8:f7:ca:d5:68:89:45:af:b8:11:
fd:40:bd:36:97:11:df:d5:3b:10:06:bd:56:5a:be:a5:36:e2:
54:bd:51:7c:ed:a5:8e:92:f5:8d:b5:38:17:b3:ae:ab:1e:a1:
a6:f3:dd:dc:21:8c:c6:17:48:d0:e1:4e:ec:ae:c2:be:cd:3b:
82:cd:02:82:25:a2:a8:1c:99:71:9f:29:16:aa:21:46:e0:79:
93:db:d9:42:a1:1d:44:3a:6b:b6:8a:2b:2b:f9:47:60:bc:4a:
f3:e5:15:10
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQijkHAmM7RwZU+FvkR1kTSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUwMTAxMTU0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWFkYmVhMjA0OTkwYjkwN2NiNDQxMjZiNzBlNGFjNDAxMjEyNGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2ZKY8HYMOESgX5ARPbOGDG15N9o
QrqA/68fIzEwjXfyC5lwtCjOyJCdiN+8rkspvBlbhEXUDJ7uk3JhsOJZ8eNwzLug
2YqHAJxhNfHr/DdSSvuGCDLUBfqg9c1IyooP99j547LlErLIDWS2BCeDhj1TZf71
iXmrMS+YlBlMFl23LCBdh0B9YeKej7gVnZBsGYfw92UDPhULukfXAZa8GSuvoTd0
gYT+OmVxpBl53cbLiaG2c6Rboe+GtvrFK+KXWQfQ4iooUphER5ROm2xmPtbjkmqu
dVRSp4G6u6OGzneKcZhn497ifaSXczCbHeJE26r4Om6xdzwE3w9Y045LOQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAmtvqIEmQuQfLRBJrcOSsQBISTzMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvQ2EyLW9nU1pDNUI4dEVFbXR3NUt4QUVoSlBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQB1ZFIAwQC
1ZFMMAwDBAHVkVoDBAHVkVwwDQYJKoZIhvcNAQELBQADggEBAOQQm9GlctM+7wgM
nJxBSOEhguFA00dXJkGjmfXVr6F/KGqkOIxCOso92+MB1RrHzCJn6Ns7xzxNQnEX
jI/F/L8+vCGy9ZhTHqVzJtL/9BkxIOp11oyh9ApogCElYqwik/UKFV9fCfGCjKxK
RviDorJv1wMc9E5+mZkwNc/iRzXmiqUanIL+WuVcbnZvAY4NB2OjIISh0slkyPfK
1WiJRa+4Ef1AvTaXEd/VOxAGvVZavqU24lS9UXztpY6S9Y21OBezrqseoabz3dwh
jMYXSNDhTuyuwr7NO4LNAoIloqgcmXGfKRaqIUbgeZPb2UKhHUQ6a7aKKyv5R2C8
SvPlFRA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:05:43 2025 by rpki-client