Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/2492fd-6e37-4582-84e8-8ca25f488ebf/1/m150QYtpxXBTiSlnK92QRVRD5zo.roa
File: m150QYtpxXBTiSlnK92QRVRD5zo.roa (raw, json)
Hash identifier: ebTEJw9nejGCIduesrnIYj5ZZrinqeTVbBAfSnKeowc=
Subject key identifier: 9B:5E:74:41:8B:69:C5:70:53:89:29:67:2B:DD:90:45:54:43:E7:3A
Certificate issuer: /CN=2ca37da970c466457583bbe02b2a0e72fbdc6328
Certificate serial: 01966CF929725C28EBF21D47B5B989BF42E6
Authority key identifier: 2C:A3:7D:A9:70:C4:66:45:75:83:BB:E0:2B:2A:0E:72:FB:DC:63:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LKN9qXDEZkV1g7vgKyoOcvvcYyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/2492fd-6e37-4582-84e8-8ca25f488ebf/1/m150QYtpxXBTiSlnK92QRVRD5zo.roa
Signing time: Fri 25 Apr 2025 12:43:10 +0000
ROA not before: Fri 25 Apr 2025 12:43:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59729
IP address blocks: 80.89.12.0/24 maxlen: 24
80.89.13.0/24 maxlen: 24
80.89.14.0/24 maxlen: 24
80.89.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/2492fd-6e37-4582-84e8-8ca25f488ebf/1/LKN9qXDEZkV1g7vgKyoOcvvcYyg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/2492fd-6e37-4582-84e8-8ca25f488ebf/1/LKN9qXDEZkV1g7vgKyoOcvvcYyg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LKN9qXDEZkV1g7vgKyoOcvvcYyg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6c:f9:29:72:5c:28:eb:f2:1d:47:b5:b9:89:bf:42:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ca37da970c466457583bbe02b2a0e72fbdc6328
Validity
Not Before: Apr 25 12:43:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b5e74418b69c570538929672bdd90455443e73a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a4:c1:c8:57:47:0e:d4:9c:31:b7:36:91:a8:
89:06:a0:f0:5c:74:c3:13:8e:4f:8d:45:89:79:48:
82:69:1d:e9:44:35:89:ce:e1:dc:58:bc:ef:94:1e:
4f:c1:e5:76:f5:1d:a6:9a:33:06:0a:44:62:79:c4:
20:12:1c:53:80:38:66:1c:97:3b:cd:22:c8:d8:ed:
5d:03:01:4c:64:70:aa:ec:02:13:62:2e:85:01:f4:
8e:ba:fa:29:d5:fe:c7:90:ba:aa:d0:a8:76:68:a6:
46:aa:11:13:5a:51:09:b0:ed:2f:a7:43:11:2e:bd:
a2:05:44:97:07:c9:f4:72:ed:39:dd:72:b6:91:67:
41:c4:4b:49:86:c0:58:d6:a5:4d:c2:f2:c7:d8:8d:
f1:8e:ca:d2:03:ad:e8:e4:34:3d:31:ec:0a:86:1b:
91:21:ad:11:19:c7:9a:f2:e1:fe:d3:a1:f1:d4:d3:
3d:fe:86:12:56:75:9c:8a:5b:52:33:81:78:b4:12:
1e:ab:ba:17:30:4d:69:8d:8b:12:e0:74:db:11:15:
60:a2:f2:37:6b:5f:aa:48:d3:a1:ca:e7:e3:35:20:
cc:89:fc:85:a5:03:8c:a2:65:36:9e:3b:83:1e:73:
75:c2:56:a0:67:1c:28:05:33:f2:f9:97:d6:09:ef:
3c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:5E:74:41:8B:69:C5:70:53:89:29:67:2B:DD:90:45:54:43:E7:3A
X509v3 Authority Key Identifier:
keyid:2C:A3:7D:A9:70:C4:66:45:75:83:BB:E0:2B:2A:0E:72:FB:DC:63:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKN9qXDEZkV1g7vgKyoOcvvcYyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2492fd-6e37-4582-84e8-8ca25f488ebf/1/m150QYtpxXBTiSlnK92QRVRD5zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2492fd-6e37-4582-84e8-8ca25f488ebf/1/LKN9qXDEZkV1g7vgKyoOcvvcYyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.89.12.0/22
Signature Algorithm: sha256WithRSAEncryption
50:04:b9:d3:9a:b3:a4:5f:13:63:57:43:dd:05:4f:a4:6c:fe:
22:52:f8:30:ad:1c:94:eb:1b:30:b4:fa:6f:80:a0:6e:48:84:
ee:12:0b:de:f9:4a:52:22:fe:0c:be:5e:f7:99:75:49:15:4f:
0a:7b:d1:bc:ad:fe:b9:f0:2c:51:a8:e8:93:cf:fc:c1:20:36:
68:68:e4:54:a3:68:07:cb:e1:18:3f:5d:01:67:c4:ef:a1:b7:
2d:51:eb:fc:ee:d7:3a:1c:fd:ec:a5:6e:12:d0:e8:62:b6:52:
ce:42:29:56:ea:56:11:6f:33:01:ce:56:88:70:fa:e3:67:41:
f8:60:72:c9:80:06:51:03:fe:4e:56:5b:79:db:5f:74:90:54:
c6:94:ca:ca:97:55:55:19:b5:58:c8:6a:12:23:95:fb:4a:f9:
5c:49:54:0e:5e:f0:e6:30:a2:24:11:50:b3:41:07:56:22:ea:
42:15:b2:1e:2e:90:fe:5f:28:03:ec:c2:34:d8:08:ae:2e:97:
df:e3:3d:b0:7b:d7:aa:d7:41:0a:49:a1:8e:7f:2f:3d:7f:d4:
63:1f:6e:7f:d7:cb:29:a1:c4:ef:48:de:74:0f:24:c1:b9:aa:
5a:a1:1e:40:32:7a:05:b9:0a:30:e4:97:88:0e:e7:9e:c1:13:
86:95:69:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZs+SlyXCjr8h1HtbmJv0LmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYTM3ZGE5NzBjNDY2NDU3NTgzYmJlMDJiMmEwZTcyZmJk
YzYzMjgwHhcNMjUwNDI1MTI0MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjVlNzQ0MThiNjljNTcwNTM4OTI5NjcyYmRkOTA0NTU0NDNlNzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqTByFdHDtScMbc2kaiJBqDwXHTD
E45PjUWJeUiCaR3pRDWJzuHcWLzvlB5PweV29R2mmjMGCkRiecQgEhxTgDhmHJc7
zSLI2O1dAwFMZHCq7AITYi6FAfSOuvop1f7HkLqq0Kh2aKZGqhETWlEJsO0vp0MR
Lr2iBUSXB8n0cu053XK2kWdBxEtJhsBY1qVNwvLH2I3xjsrSA63o5DQ9MewKhhuR
Ia0RGcea8uH+06Hx1NM9/oYSVnWciltSM4F4tBIeq7oXME1pjYsS4HTbERVgovI3
a1+qSNOhyufjNSDMifyFpQOMomU2njuDHnN1wlagZxwoBTPy+ZfWCe88XQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJtedEGLacVwU4kpZyvdkEVUQ+c6MB8GA1UdIwQY
MBaAFCyjfalwxGZFdYO74CsqDnL73GMoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEtOOXFYREVaa1YxZzd2Z0t5b09jdnZjWXlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8yNDkyZmQtNmUzNy00NTgyLTg0ZTgt
OGNhMjVmNDg4ZWJmLzEvbTE1MFFZdHB4WEJUaVNsbks5MlFSVlJENXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8yNDkyZmQtNmUzNy00NTgyLTg0ZTgtOGNhMjVmNDg4ZWJm
LzEvTEtOOXFYREVaa1YxZzd2Z0t5b09jdnZjWXlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUFkMMA0G
CSqGSIb3DQEBCwUAA4IBAQBQBLnTmrOkXxNjV0PdBU+kbP4iUvgwrRyU6xswtPpv
gKBuSITuEgve+UpSIv4Mvl73mXVJFU8Ke9G8rf658CxRqOiTz/zBIDZoaORUo2gH
y+EYP10BZ8TvobctUev87tc6HP3spW4S0OhitlLOQilW6lYRbzMBzlaIcPrjZ0H4
YHLJgAZRA/5OVlt52190kFTGlMrKl1VVGbVYyGoSI5X7SvlcSVQOXvDmMKIkEVCz
QQdWIupCFbIeLpD+XygD7MI02AiuLpff4z2we9eq10EKSaGOfy89f9RjH25/18sp
ocTvSN50DyTBuapaoR5AMnoFuQow5JeIDueewROGlWlv
-----END CERTIFICATE-----
Generated at Mon Apr 28 01:01:17 2025 by rpki-client