Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/2bHCnDTM_sPE8f8QHj3rF0uoVPA.roa
File: 2bHCnDTM_sPE8f8QHj3rF0uoVPA.roa (raw, json)
Hash identifier: 2a1xZkEAeB63IekWAOFLp4WU7x//4o3cJppYTlflt7o=
Subject key identifier: D9:B1:C2:9C:34:CC:FE:C3:C4:F1:FF:10:1E:3D:EB:17:4B:A8:54:F0
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0196FC4F43D29A0856CCA085F293212E47C4
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/2bHCnDTM_sPE8f8QHj3rF0uoVPA.roa
Signing time: Fri 23 May 2025 08:42:55 +0000
ROA not before: Fri 23 May 2025 08:42:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 5.180.50.0/24 maxlen: 24
5.180.51.0/24 maxlen: 24
5.180.80.0/24 maxlen: 24
5.253.39.0/24 maxlen: 24
45.8.188.0/22 maxlen: 24
45.8.192.0/22 maxlen: 24
45.8.199.0/24 maxlen: 24
45.8.255.0/24 maxlen: 24
45.9.0.0/24 maxlen: 24
45.9.1.0/24 maxlen: 24
85.208.107.0/24 maxlen: 24
85.208.113.0/24 maxlen: 24
85.208.115.0/24 maxlen: 24
85.209.160.0/24 maxlen: 24
193.168.208.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 17:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fc:4f:43:d2:9a:08:56:cc:a0:85:f2:93:21:2e:47:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: May 23 08:42:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9b1c29c34ccfec3c4f1ff101e3deb174ba854f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:51:43:0f:93:e1:0a:34:e1:a7:86:56:64:0b:
da:95:1c:d3:7f:57:61:db:85:e3:b1:b6:f9:c1:04:
3c:a7:7c:ef:e6:74:88:58:e2:d5:53:0e:9a:1f:33:
74:99:a2:35:bf:b3:21:b5:f7:5b:14:65:e7:05:4c:
2a:09:db:ba:26:60:ac:33:82:70:54:3c:d4:c2:24:
0b:e3:59:58:82:17:d5:79:fe:e1:bc:76:1d:02:d7:
0c:f8:17:95:da:fe:dc:2e:f7:6f:ea:24:78:e8:2b:
b7:55:d1:b1:48:2c:0c:0d:8d:e9:f2:1c:46:30:c3:
41:36:30:ec:97:c7:0b:06:17:40:da:32:b0:0d:cb:
cc:09:bb:8f:3e:42:00:af:a6:34:2e:75:04:ed:64:
92:d2:b4:b1:91:a7:01:94:cc:72:1d:93:1f:66:2c:
c6:bc:a7:12:9f:70:86:be:45:ed:b9:be:d2:6a:bb:
e5:03:e7:4b:da:cd:42:1b:4b:db:06:88:77:39:04:
96:ec:64:07:f9:f5:f1:00:f7:f4:1b:c6:34:dd:80:
e4:0c:35:a9:a4:0b:59:e0:e3:a6:c8:26:3f:3e:6a:
93:13:85:e7:e1:53:b0:cc:cf:19:12:0e:c8:86:0a:
32:64:05:71:b8:b5:8e:f1:2f:7b:0a:f7:e2:c8:98:
48:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B1:C2:9C:34:CC:FE:C3:C4:F1:FF:10:1E:3D:EB:17:4B:A8:54:F0
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/2bHCnDTM_sPE8f8QHj3rF0uoVPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.50.0/23
5.180.80.0/24
5.253.39.0/24
45.8.188.0-45.8.195.255
45.8.199.0/24
45.8.255.0-45.9.1.255
85.208.107.0/24
85.208.113.0/24
85.208.115.0/24
85.209.160.0/24
193.168.208.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:87:b8:db:ee:e8:84:ff:91:70:ad:e8:7c:51:2a:1c:3e:a8:
e5:88:21:b0:69:58:f9:84:23:99:f0:49:bc:f0:4b:d6:da:96:
09:26:ad:21:5e:61:14:4a:b7:75:89:8c:60:1e:56:f5:e3:06:
da:9c:ee:79:bf:45:3d:92:67:ff:2c:60:e4:50:92:bd:1b:1d:
23:c1:0d:23:fc:6a:dd:43:48:8e:7c:b6:b9:2a:28:43:ce:8a:
ef:9a:92:57:4d:fe:0c:3c:c3:01:e0:ed:0d:74:e4:a4:c2:74:
6c:40:32:ea:64:a9:45:7f:8d:a5:ad:1a:fd:e4:ab:b5:a2:de:
98:25:04:b8:e7:f9:11:3c:2e:61:75:a7:51:27:a3:1d:e0:59:
45:04:bf:24:04:e9:ba:12:e7:7d:06:2b:7f:cc:40:47:dc:b9:
d4:6b:7c:b2:47:9f:77:71:e1:dc:c2:cf:df:fb:80:ec:91:d5:
e6:76:4f:20:f5:93:3d:d8:30:dd:e2:ee:84:11:ab:cd:0e:2e:
e0:81:33:d1:78:2f:9f:d0:b2:ba:8f:f4:7e:e4:a8:b7:7a:b4:
63:46:b6:a7:08:c8:32:5c:cf:f0:eb:4f:85:62:60:53:3e:d3:
7d:a4:56:5c:d5:9a:e3:19:ff:a1:f4:35:d2:a6:b4:6a:26:40:
16:15:0b:6e
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZb8T0PSmghWzKCF8pMhLkfEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwNTIzMDg0MjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWIxYzI5YzM0Y2NmZWMzYzRmMWZmMTAxZTNkZWIxNzRiYTg1NGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFFDD5PhCjThp4ZWZAvalRzTf1dh
24Xjsbb5wQQ8p3zv5nSIWOLVUw6aHzN0maI1v7MhtfdbFGXnBUwqCdu6JmCsM4Jw
VDzUwiQL41lYghfVef7hvHYdAtcM+BeV2v7cLvdv6iR46Cu3VdGxSCwMDY3p8hxG
MMNBNjDsl8cLBhdA2jKwDcvMCbuPPkIAr6Y0LnUE7WSS0rSxkacBlMxyHZMfZizG
vKcSn3CGvkXtub7SarvlA+dL2s1CG0vbBoh3OQSW7GQH+fXxAPf0G8Y03YDkDDWp
pAtZ4OOmyCY/PmqTE4Xn4VOwzM8ZEg7IhgoyZAVxuLWO8S97CvfiyJhIDQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFNmxwpw0zP7DxPH/EB496xdLqFTwMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvMmJIQ25EVE1fc1BFOGY4UUhqM3JGMHVvVlBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQBBbQyAwQA
BbRQAwQABf0nMAwDBAItCLwDBAItCMADBAAtCMcwDAMEAC0I/wMEAS0JAAMEAFXQ
awMEAFXQcQMEAFXQcwMEAFXRoAMEAsGo0DANBgkqhkiG9w0BAQsFAAOCAQEAb4e4
2+7ohP+RcK3ofFEqHD6o5YghsGlY+YQjmfBJvPBL1tqWCSatIV5hFEq3dYmMYB5W
9eMG2pzueb9FPZJn/yxg5FCSvRsdI8ENI/xq3UNIjny2uSooQ86K75qSV03+DDzD
AeDtDXTkpMJ0bEAy6mSpRX+Npa0a/eSrtaLemCUEuOf5ETwuYXWnUSejHeBZRQS/
JATpuhLnfQYrf8xAR9y51Gt8skefd3Hh3MLP3/uA7JHV5nZPIPWTPdgw3eLuhBGr
zQ4u4IEz0Xgvn9Cyuo/0fuSot3q0Y0a2pwjIMlzP8OtPhWJgUz7TfaRWXNWa4xn/
ofQ10qa0aiZAFhULbg==
-----END CERTIFICATE-----
Generated at Sun Jun 15 01:08:23 2025 by rpki-client