Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/5f217a-de26-4bf0-ac20-4fdae09a677d/1/c2zsKW42u9qFvcl-pNszF08tguU.roa
File: c2zsKW42u9qFvcl-pNszF08tguU.roa (raw, json)
Hash identifier: V/eBjVd839gDYIh5zShIDIAcf0aMo/ChEoQd1e5SHwU=
Subject key identifier: 73:6C:EC:29:6E:36:BB:DA:85:BD:C9:7E:A4:DB:33:17:4F:2D:82:E5
Certificate issuer: /CN=6eef0dc51dfff0103419599906365572b7fe48fe
Certificate serial: 019660CE620F533A21208604CD44DAAE82F0
Authority key identifier: 6E:EF:0D:C5:1D:FF:F0:10:34:19:59:99:06:36:55:72:B7:FE:48:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bu8NxR3_8BA0GVmZBjZVcrf-SP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/5f217a-de26-4bf0-ac20-4fdae09a677d/1/c2zsKW42u9qFvcl-pNszF08tguU.roa
Signing time: Wed 23 Apr 2025 04:01:00 +0000
ROA not before: Wed 23 Apr 2025 04:01:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61055
IP address blocks: 185.10.72.0/24 maxlen: 24
185.10.73.0/24 maxlen: 24
185.10.74.0/24 maxlen: 24
185.10.75.0/24 maxlen: 24
2a02:dfc0:1::/48 maxlen: 48
2a02:dfc0:2::/48 maxlen: 48
2a02:dfc0:3::/48 maxlen: 48
2a02:dfc0:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/5f217a-de26-4bf0-ac20-4fdae09a677d/1/bu8NxR3_8BA0GVmZBjZVcrf-SP4.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/5f217a-de26-4bf0-ac20-4fdae09a677d/1/bu8NxR3_8BA0GVmZBjZVcrf-SP4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bu8NxR3_8BA0GVmZBjZVcrf-SP4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 21:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:60:ce:62:0f:53:3a:21:20:86:04:cd:44:da:ae:82:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eef0dc51dfff0103419599906365572b7fe48fe
Validity
Not Before: Apr 23 04:01:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=736cec296e36bbda85bdc97ea4db33174f2d82e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0d:a0:20:71:31:21:42:d5:b9:fb:64:d3:e3:
9b:7d:2a:5e:51:35:83:92:8f:58:bb:62:3e:df:24:
6f:7e:85:10:d3:00:20:0a:f3:61:f9:f2:01:1f:59:
30:79:3f:90:40:8f:a8:be:c3:e8:65:e3:04:5c:35:
cb:e5:b4:d5:86:dd:e4:24:21:33:12:a6:22:5b:dd:
b2:9e:b7:10:9c:60:4e:0b:59:32:3a:19:b1:94:02:
12:d5:6e:af:61:6f:95:df:4c:61:1f:2c:79:f7:c3:
98:5c:74:a4:d0:c1:c6:11:5c:d5:ba:3d:86:81:d7:
02:88:60:c5:c1:72:28:a9:00:d5:2d:2c:a5:69:ea:
d3:2b:69:32:67:8a:7d:91:9e:97:90:29:13:a3:a5:
36:e8:99:7b:1a:89:4a:e0:71:1f:49:33:91:b5:4b:
e2:4d:3f:8b:e4:0e:12:69:11:da:1e:88:6c:0a:12:
bf:76:67:2f:67:94:30:d1:3f:cb:96:8b:4f:75:d2:
95:37:d4:4e:42:05:dd:54:5b:76:9f:ff:9d:d7:a9:
13:10:84:59:f0:5e:9d:f4:cc:e4:8f:d6:4d:12:ed:
3b:ad:51:7d:a9:48:74:c9:ba:71:98:b9:44:aa:c4:
64:d5:e5:cc:8a:d9:1d:72:19:6d:35:d9:5b:a3:3d:
82:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:6C:EC:29:6E:36:BB:DA:85:BD:C9:7E:A4:DB:33:17:4F:2D:82:E5
X509v3 Authority Key Identifier:
keyid:6E:EF:0D:C5:1D:FF:F0:10:34:19:59:99:06:36:55:72:B7:FE:48:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bu8NxR3_8BA0GVmZBjZVcrf-SP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/5f217a-de26-4bf0-ac20-4fdae09a677d/1/c2zsKW42u9qFvcl-pNszF08tguU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/5f217a-de26-4bf0-ac20-4fdae09a677d/1/bu8NxR3_8BA0GVmZBjZVcrf-SP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.72.0/22
IPv6:
2a02:dfc0:1::-2a02:dfc0:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7e:3e:87:d1:b5:c5:7f:76:d3:db:8b:ba:21:bf:a5:b6:09:a4:
c8:8b:55:9d:52:94:98:10:ac:a2:3d:93:99:99:9e:dc:69:b5:
40:8c:6d:e1:2f:81:e8:bd:2a:3c:39:ac:83:a5:9e:d3:7b:e7:
c7:0a:b1:c5:48:ba:fb:3e:ea:ce:45:4e:c5:bc:82:e4:79:60:
3d:85:61:ae:de:90:09:37:4d:b8:66:c9:b1:ce:09:de:ca:54:
30:0f:79:24:1e:3c:2c:31:b8:22:3c:b7:11:14:4a:3e:20:03:
0c:f7:39:7d:da:ef:fc:f7:30:f5:d0:83:ea:3c:17:89:ce:fb:
80:bc:0c:54:db:f5:2b:46:0e:17:1d:c0:46:66:8e:72:a5:a6:
ba:ec:d3:99:b8:f1:34:c1:0e:8f:30:49:34:51:cf:d4:02:d0:
53:5d:cc:03:10:e3:7e:1a:52:9f:38:44:d4:67:0b:d9:fc:fc:
74:6d:b3:cd:73:b8:c8:b7:f4:43:95:fb:e3:8e:14:01:48:a4:
31:df:d3:86:ff:ab:49:8d:ab:79:69:2d:b5:18:34:51:d1:7a:
05:80:a1:2b:0e:bb:39:02:cb:f2:03:a9:72:db:a7:7c:29:be:
96:a0:d9:6f:45:35:2f:60:50:4e:b6:10:cf:f8:b6:2c:a8:fa:
3a:83:89:22
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZZgzmIPUzohIIYEzUTaroLwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlZWYwZGM1MWRmZmYwMTAzNDE5NTk5OTA2MzY1NTcyYjdm
ZTQ4ZmUwHhcNMjUwNDIzMDQwMTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzZjZWMyOTZlMzZiYmRhODViZGM5N2VhNGRiMzMxNzRmMmQ4MmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQ2gIHExIULVuftk0+ObfSpeUTWD
ko9Yu2I+3yRvfoUQ0wAgCvNh+fIBH1kweT+QQI+ovsPoZeMEXDXL5bTVht3kJCEz
EqYiW92ynrcQnGBOC1kyOhmxlAIS1W6vYW+V30xhHyx598OYXHSk0MHGEVzVuj2G
gdcCiGDFwXIoqQDVLSylaerTK2kyZ4p9kZ6XkCkTo6U26Jl7GolK4HEfSTORtUvi
TT+L5A4SaRHaHohsChK/dmcvZ5Qw0T/LlotPddKVN9ROQgXdVFt2n/+d16kTEIRZ
8F6d9Mzkj9ZNEu07rVF9qUh0ybpxmLlEqsRk1eXMitkdchltNdlboz2CvwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHNs7CluNrvahb3JfqTbMxdPLYLlMB8GA1UdIwQY
MBaAFG7vDcUd//AQNBlZmQY2VXK3/kj+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnU4TnhSM184QkEwR1ZtWkJqWlZjcmYtU1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS81ZjIxN2EtZGUyNi00YmYwLWFjMjAt
NGZkYWUwOWE2NzdkLzEvYzJ6c0tXNDJ1OXFGdmNsLXBOc3pGMDh0Z3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS81ZjIxN2EtZGUyNi00YmYwLWFjMjAtNGZkYWUwOWE2Nzdk
LzEvYnU4TnhSM184QkEwR1ZtWkJqWlZjcmYtU1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuQpIMBoE
AgACMBQwEgMHACoC38AAAQMHACoC38AABDANBgkqhkiG9w0BAQsFAAOCAQEAfj6H
0bXFf3bT24u6Ib+ltgmkyItVnVKUmBCsoj2TmZme3Gm1QIxt4S+B6L0qPDmsg6We
03vnxwqxxUi6+z7qzkVOxbyC5HlgPYVhrt6QCTdNuGbJsc4J3spUMA95JB48LDG4
Ijy3ERRKPiADDPc5fdrv/Pcw9dCD6jwXic77gLwMVNv1K0YOFx3ARmaOcqWmuuzT
mbjxNMEOjzBJNFHP1ALQU13MAxDjfhpSnzhE1GcL2fz8dG2zzXO4yLf0Q5X7444U
AUikMd/Thv+rSY2reWkttRg0UdF6BYChKw67OQLL8gOpctunfCm+lqDZb0U1L2BQ
TrYQz/i2LKj6OoOJIg==
-----END CERTIFICATE-----
Generated at Thu May 1 03:22:57 2025 by rpki-client