Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/AdjQIooKgS9nrihyK5H3RjOYzpk.roa
File: AdjQIooKgS9nrihyK5H3RjOYzpk.roa (raw, json)
Hash identifier: J+H8gRl0h5PdLeO3Pr5SN5qOysI9j0bQuAblhI7I65o=
Subject key identifier: 01:D8:D0:22:8A:0A:81:2F:67:AE:28:72:2B:91:F7:46:33:98:CE:99
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0195F4D934C1984714BF2B8E197BA7FE902E
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/AdjQIooKgS9nrihyK5H3RjOYzpk.roa
Signing time: Wed 02 Apr 2025 04:53:50 +0000
ROA not before: Wed 02 Apr 2025 04:53:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201776
IP address blocks: 2.63.144.0/20 maxlen: 20
2.63.176.0/20 maxlen: 20
2.63.224.0/20 maxlen: 20
46.61.150.0/24 maxlen: 24
46.61.245.0/24 maxlen: 24
84.42.92.0/22 maxlen: 24
84.42.92.0/24 maxlen: 24
84.42.93.0/24 maxlen: 24
84.42.94.0/24 maxlen: 24
84.42.95.0/24 maxlen: 24
92.50.204.0/23 maxlen: 23
92.50.204.0/24 maxlen: 24
92.50.205.0/24 maxlen: 24
176.119.169.0/24 maxlen: 24
176.119.170.0/24 maxlen: 24
176.119.171.0/24 maxlen: 24
176.119.172.0/24 maxlen: 24
176.208.74.0/24 maxlen: 24
176.211.120.0/22 maxlen: 22
188.128.76.0/23 maxlen: 24
188.128.76.0/24 maxlen: 24
188.128.77.0/24 maxlen: 24
188.254.122.0/23 maxlen: 24
188.254.122.0/24 maxlen: 24
188.254.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f4:d9:34:c1:98:47:14:bf:2b:8e:19:7b:a7:fe:90:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 2 04:53:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01d8d0228a0a812f67ae28722b91f7463398ce99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ba:c3:09:fc:57:49:34:d6:ee:d9:0c:a8:6c:
cc:8d:c0:17:80:7a:48:ac:22:a9:7b:6a:1c:4a:41:
fd:8b:71:d9:7a:9f:bd:67:3d:34:9d:3f:4a:ac:44:
51:8e:b9:af:12:01:a7:0a:25:d6:6e:01:62:09:66:
69:1d:d5:ff:80:57:7b:74:55:4d:61:ea:9f:24:71:
ec:c3:94:eb:27:b1:27:24:a8:9b:a1:f5:01:2d:46:
62:89:0b:5d:26:36:04:70:6d:d9:23:80:ad:4b:4b:
9e:57:8d:63:84:cc:50:ff:73:3c:d3:9b:2f:62:0b:
8e:2a:69:37:5e:e8:93:3a:b7:45:2f:4a:51:c7:cc:
d0:d8:88:62:ca:e3:9c:89:86:48:f4:d7:f0:ac:0b:
1c:9d:99:7d:1b:58:15:84:b1:51:31:6a:eb:57:4e:
cf:33:bd:3c:7c:c6:bf:48:3f:c0:42:fc:f9:e4:57:
4f:98:b1:99:92:66:7d:fe:46:b0:39:a2:0a:d5:b0:
37:80:8f:a3:ff:37:ef:b8:4c:d9:d8:82:61:c6:9c:
15:ef:ce:9d:c0:ac:31:a4:e7:c7:b3:83:6d:fc:0c:
90:62:35:9d:0f:31:fd:c4:0e:62:1e:3e:c9:0f:fa:
4d:2f:0f:a2:5f:a3:d3:f2:84:05:1d:9b:9b:e9:c8:
c5:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:D8:D0:22:8A:0A:81:2F:67:AE:28:72:2B:91:F7:46:33:98:CE:99
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/AdjQIooKgS9nrihyK5H3RjOYzpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.63.144.0/20
2.63.176.0/20
2.63.224.0/20
46.61.150.0/24
46.61.245.0/24
84.42.92.0/22
92.50.204.0/23
176.119.169.0-176.119.172.255
176.208.74.0/24
176.211.120.0/22
188.128.76.0/23
188.254.122.0/23
Signature Algorithm: sha256WithRSAEncryption
09:81:8c:24:29:f4:a2:87:45:00:6e:b5:50:f1:07:f3:11:b3:
e9:61:14:b2:65:ba:ec:66:34:83:44:1c:8a:00:cf:12:0e:f6:
4a:23:a3:35:fc:22:3a:eb:40:fb:98:8d:86:02:7e:d0:98:a1:
e8:8b:81:de:96:67:f7:5d:34:40:a7:6f:37:2b:c2:d6:36:ac:
38:85:68:19:03:1b:98:23:03:19:26:ce:c4:09:b6:35:c9:bd:
49:bc:9d:9f:eb:09:f5:fb:63:07:bb:d6:bb:11:6b:b4:4b:9b:
76:98:a6:65:b3:c5:6f:ff:9c:7e:93:c5:7a:3d:25:7e:5f:8c:
78:cb:ee:1c:2a:0e:ab:fe:6e:c4:a0:f3:49:dd:ba:42:0d:9f:
3b:2a:1b:95:01:b1:1d:0f:20:f1:89:b1:48:ee:4d:91:6f:e5:
e6:9f:b8:d2:8a:86:d1:ea:14:48:90:c6:2a:65:2f:dd:8d:ba:
c3:d5:54:b1:30:c2:e5:2f:29:4d:e8:d2:9e:70:2c:24:1c:78:
e9:a4:34:75:77:ea:26:64:34:c1:7a:d9:ea:52:1d:c8:2b:4e:
91:df:56:38:1c:fd:8e:63:ee:08:9d:d3:47:c0:b9:19:b2:da:
e5:95:72:78:f2:7e:f1:24:77:b0:d7:42:55:15:eb:e3:77:b5:
f8:9b:35:53
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZX02TTBmEcUvyuOGXun/pAuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwNDAyMDQ1MzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWQ4ZDAyMjhhMGE4MTJmNjdhZTI4NzIyYjkxZjc0NjMzOThjZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrrDCfxXSTTW7tkMqGzMjcAXgHpI
rCKpe2ocSkH9i3HZep+9Zz00nT9KrERRjrmvEgGnCiXWbgFiCWZpHdX/gFd7dFVN
YeqfJHHsw5TrJ7EnJKibofUBLUZiiQtdJjYEcG3ZI4CtS0ueV41jhMxQ/3M805sv
YguOKmk3XuiTOrdFL0pRx8zQ2IhiyuOciYZI9NfwrAscnZl9G1gVhLFRMWrrV07P
M708fMa/SD/AQvz55FdPmLGZkmZ9/kawOaIK1bA3gI+j/zfvuEzZ2IJhxpwV786d
wKwxpOfHs4Nt/AyQYjWdDzH9xA5iHj7JD/pNLw+iX6PT8oQFHZub6cjFXwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFAHY0CKKCoEvZ64ociuR90YzmM6ZMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvQWRqUUlvb0tnUzlucmloeUs1SDNSak9ZenBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQEAj+QAwQE
Aj+wAwQEAj/gAwQALj2WAwQALj31AwQCVCpcAwQBXDLMMAwDBACwd6kDBACwd6wD
BACw0EoDBAKw03gDBAG8gEwDBAG8/nowDQYJKoZIhvcNAQELBQADggEBAAmBjCQp
9KKHRQButVDxB/MRs+lhFLJluuxmNINEHIoAzxIO9kojozX8IjrrQPuYjYYCftCY
oeiLgd6WZ/ddNECnbzcrwtY2rDiFaBkDG5gjAxkmzsQJtjXJvUm8nZ/rCfX7Ywe7
1rsRa7RLm3aYpmWzxW//nH6TxXo9JX5fjHjL7hwqDqv+bsSg80ndukINnzsqG5UB
sR0PIPGJsUjuTZFv5eafuNKKhtHqFEiQxiplL92NusPVVLEwwuUvKU3o0p5wLCQc
eOmkNHV36iZkNMF62epSHcgrTpHfVjgc/Y5j7gid00fAuRmy2uWVcnjyfvEkd7DX
QlUV6+N3tfibNVM=
-----END CERTIFICATE-----
Generated at Tue Apr 8 19:07:31 2025 by rpki-client