Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/J2J2124S8bl0D8F_rprl_YIDy9g.roa
File: J2J2124S8bl0D8F_rprl_YIDy9g.roa (raw, json)
Hash identifier: EwSuszD8kbzr8hDPn6y6v2FnpMpKvYRTbCp+B6KwMRQ=
Subject key identifier: 27:62:76:D7:6E:12:F1:B9:74:0F:C1:7F:AE:9A:E5:FD:82:03:CB:D8
Certificate issuer: /CN=bb4731884ba0f573fa618b6e7ad503a12c965af3
Certificate serial: 0195380937DDE818A42FA15CE9A6E6E66C95
Authority key identifier: BB:47:31:88:4B:A0:F5:73:FA:61:8B:6E:7A:D5:03:A1:2C:96:5A:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u0cxiEug9XP6YYtuetUDoSyWWvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/J2J2124S8bl0D8F_rprl_YIDy9g.roa
Signing time: Mon 24 Feb 2025 12:58:03 +0000
ROA not before: Mon 24 Feb 2025 12:58:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200308
IP address blocks: 185.248.28.0/22 maxlen: 24
195.189.245.0/24 maxlen: 24
2a0d:dd80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/u0cxiEug9XP6YYtuetUDoSyWWvM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/u0cxiEug9XP6YYtuetUDoSyWWvM.mft
rsync://rpki.ripe.net/repository/DEFAULT/u0cxiEug9XP6YYtuetUDoSyWWvM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:38:09:37:dd:e8:18:a4:2f:a1:5c:e9:a6:e6:e6:6c:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb4731884ba0f573fa618b6e7ad503a12c965af3
Validity
Not Before: Feb 24 12:58:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=276276d76e12f1b9740fc17fae9ae5fd8203cbd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1a:7d:14:ad:26:4c:04:ee:7f:b3:e7:5e:c9:
57:74:82:4b:98:47:c7:fd:5d:40:5f:1c:38:9f:4c:
43:ff:84:f2:11:d3:53:87:79:6b:bb:9a:18:e8:b8:
d2:af:e3:70:3f:8f:f9:53:c2:f4:07:da:aa:52:f7:
7b:a7:67:f1:63:64:11:71:16:be:36:93:3b:bd:c4:
aa:cc:c4:9d:aa:43:73:b6:a8:57:06:eb:ed:9a:2c:
8d:80:ea:12:0f:0c:6a:07:7e:3d:6b:63:49:84:d8:
f0:77:8b:d8:0f:fd:7d:d7:58:cb:fd:d8:ac:91:5e:
8b:67:ab:93:17:67:de:c1:e6:2c:14:d0:05:96:58:
68:4f:45:20:2b:72:f1:62:6a:21:3a:8c:ba:30:1f:
df:27:a4:25:1d:60:c7:f2:08:3e:16:cc:b6:8d:90:
fa:ad:53:a7:ad:cb:51:8d:cb:5f:d6:ef:18:73:59:
79:33:23:9c:42:1f:21:80:a6:56:ed:cb:bc:3c:4b:
18:d7:eb:99:2a:35:92:de:aa:0b:a9:63:ba:ce:ec:
f5:20:84:0a:6a:65:a0:3e:1a:d9:50:25:6c:39:8a:
ce:99:63:89:9f:ad:6d:d3:96:78:62:09:48:24:1e:
8f:25:ea:b6:54:8d:3d:ed:7b:06:be:8e:b9:cf:e9:
fa:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:62:76:D7:6E:12:F1:B9:74:0F:C1:7F:AE:9A:E5:FD:82:03:CB:D8
X509v3 Authority Key Identifier:
keyid:BB:47:31:88:4B:A0:F5:73:FA:61:8B:6E:7A:D5:03:A1:2C:96:5A:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0cxiEug9XP6YYtuetUDoSyWWvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/J2J2124S8bl0D8F_rprl_YIDy9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/u0cxiEug9XP6YYtuetUDoSyWWvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.28.0/22
195.189.245.0/24
IPv6:
2a0d:dd80::/29
Signature Algorithm: sha256WithRSAEncryption
71:77:db:35:b3:70:d4:e7:40:a6:4e:b3:1d:64:66:36:57:6a:
10:14:0c:8a:8b:0b:a3:60:46:e1:64:23:6f:7b:a0:0e:0c:2c:
65:33:be:49:6d:d2:a2:9e:fc:47:d7:f2:31:ea:f7:31:ae:df:
be:10:4c:e7:9c:65:10:a8:87:95:88:df:d2:e5:af:fd:c6:47:
70:3f:7c:dc:99:02:5e:66:6d:40:61:2a:2f:2b:b9:85:89:e0:
7b:4f:60:e0:0c:c7:e0:c0:5b:17:5f:ec:e8:08:2d:17:ed:30:
21:09:14:65:2b:11:6a:09:c2:55:e2:ed:fb:68:25:87:80:e0:
5d:ad:7f:3f:46:14:76:70:a1:a4:33:e8:da:b7:d0:79:12:19:
0c:bc:cd:99:40:93:c1:49:ff:de:e3:3b:95:12:89:e8:9c:d1:
18:23:bb:6b:b3:f1:72:7a:cd:30:19:8b:99:a9:fc:74:f5:11:
cb:54:f2:8b:aa:63:fb:41:33:a5:c7:13:71:bd:0f:c2:b7:13:
6e:45:d6:2f:74:0d:58:b5:e6:1b:13:fc:7d:ff:89:94:33:f0:
e5:ea:d8:9a:ba:9a:34:27:88:e4:1d:70:66:6a:e8:03:06:47:
43:b1:2f:6f:ee:a6:03:a1:ef:1d:e3:4c:64:f0:48:d4:9d:1d:
1f:bf:12:a2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZU4CTfd6BikL6Fc6abm5myVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDczMTg4NGJhMGY1NzNmYTYxOGI2ZTdhZDUwM2ExMmM5
NjVhZjMwHhcNMjUwMjI0MTI1ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzYyNzZkNzZlMTJmMWI5NzQwZmMxN2ZhZTlhZTVmZDgyMDNjYmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxp9FK0mTATuf7PnXslXdIJLmEfH
/V1AXxw4n0xD/4TyEdNTh3lru5oY6LjSr+NwP4/5U8L0B9qqUvd7p2fxY2QRcRa+
NpM7vcSqzMSdqkNztqhXBuvtmiyNgOoSDwxqB349a2NJhNjwd4vYD/1911jL/dis
kV6LZ6uTF2feweYsFNAFllhoT0UgK3LxYmohOoy6MB/fJ6QlHWDH8gg+Fsy2jZD6
rVOnrctRjctf1u8Yc1l5MyOcQh8hgKZW7cu8PEsY1+uZKjWS3qoLqWO6zuz1IIQK
amWgPhrZUCVsOYrOmWOJn61t05Z4YglIJB6PJeq2VI097XsGvo65z+n6XwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCdidtduEvG5dA/Bf66a5f2CA8vYMB8GA1UdIwQY
MBaAFLtHMYhLoPVz+mGLbnrVA6EsllrzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBjeGlFdWc5WFA2WVl0dWV0VURvU3lXV3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9jMjEyYTItMzdlOS00YWQ2LWJiZTYt
ODM1YTU4NDJiOTRjLzEvSjJKMjEyNFM4YmwwRDhGX3JwcmxfWUlEeTlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9jMjEyYTItMzdlOS00YWQ2LWJiZTYtODM1YTU4NDJiOTRj
LzEvdTBjeGlFdWc5WFA2WVl0dWV0VURvU3lXV3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCufgcAwQA
w731MA0EAgACMAcDBQMqDd2AMA0GCSqGSIb3DQEBCwUAA4IBAQBxd9s1s3DU50Cm
TrMdZGY2V2oQFAyKiwujYEbhZCNve6AODCxlM75JbdKinvxH1/Ix6vcxrt++EEzn
nGUQqIeViN/S5a/9xkdwP3zcmQJeZm1AYSovK7mFieB7T2DgDMfgwFsXX+zoCC0X
7TAhCRRlKxFqCcJV4u37aCWHgOBdrX8/RhR2cKGkM+jat9B5EhkMvM2ZQJPBSf/e
4zuVEononNEYI7trs/Fyes0wGYuZqfx09RHLVPKLqmP7QTOlxxNxvQ/CtxNuRdYv
dA1YteYbE/x9/4mUM/Dl6tiaupo0J4jkHXBmaugDBkdDsS9v7qYDoe8d40xk8EjU
nR0fvxKi
-----END CERTIFICATE-----
Generated at Mon Apr 28 09:20:48 2025 by rpki-client