Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/2oz98cSpD_HfmbvVpCvhgnyi4OA.roa
File: 2oz98cSpD_HfmbvVpCvhgnyi4OA.roa (raw, json)
Hash identifier: 1YZakT96PbFg2VFeJnwO3tLx+sC6QD4wzizl1nTO9yA=
Subject key identifier: DA:8C:FD:F1:C4:A9:0F:F1:DF:99:BB:D5:A4:2B:E1:82:7C:A2:E0:E0
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 019696EE2118B3ED25EF428543A013A287AD
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/2oz98cSpD_HfmbvVpCvhgnyi4OA.roa
Signing time: Sat 03 May 2025 16:15:10 +0000
ROA not before: Sat 03 May 2025 16:15:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.206.2.0/23 maxlen: 23
82.206.4.0/22 maxlen: 24
82.206.16.0/22 maxlen: 22
82.206.72.0/21 maxlen: 21
82.206.80.0/21 maxlen: 21
82.206.80.0/22 maxlen: 24
82.206.84.0/22 maxlen: 24
82.206.88.0/21 maxlen: 21
82.206.96.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.mft
rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 04:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:96:ee:21:18:b3:ed:25:ef:42:85:43:a0:13:a2:87:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: May 3 16:15:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da8cfdf1c4a90ff1df99bbd5a42be1827ca2e0e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f4:e4:99:90:9c:78:5e:54:af:39:5f:20:a1:
50:9a:d9:96:86:ea:60:59:d5:1b:e5:54:2b:e3:1c:
a8:ff:de:40:32:a9:f6:05:be:06:13:89:2c:3a:ee:
ca:a1:14:e0:d5:9a:87:ac:10:e9:11:42:d3:b0:ef:
e6:42:96:dc:68:f1:c8:85:5d:29:f8:10:2c:55:55:
f0:e0:dd:0f:9c:bb:3d:1b:d8:51:ec:a6:70:8a:56:
31:63:33:c7:8c:0a:f9:30:83:10:2d:86:c2:91:fa:
bb:b3:47:95:d1:b0:62:5d:1d:4c:c1:2b:59:7e:66:
b6:7c:26:a2:8c:be:d6:3b:d2:06:fe:23:a2:17:3d:
0b:1b:da:2f:fa:6b:94:29:8c:5f:6e:99:5a:1f:9e:
69:7d:c2:16:00:be:c5:9e:0b:35:25:08:5a:10:50:
cb:68:41:d7:bc:c5:08:80:95:39:0e:f1:07:37:a4:
a4:ab:3a:a1:3a:7d:99:fc:79:50:db:d6:a0:a4:02:
c3:c7:d8:80:62:ae:7f:b0:54:a2:1b:bd:e3:78:79:
54:ce:0e:27:7d:f2:a8:80:d1:55:f1:3b:4b:87:51:
90:b9:d6:59:c6:97:a5:15:a4:90:ef:04:29:34:1b:
b5:02:9a:01:7f:5d:68:42:78:3f:05:59:81:ad:a3:
9b:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:8C:FD:F1:C4:A9:0F:F1:DF:99:BB:D5:A4:2B:E1:82:7C:A2:E0:E0
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/2oz98cSpD_HfmbvVpCvhgnyi4OA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.2.0-82.206.7.255
82.206.16.0/22
82.206.72.0-82.206.111.255
Signature Algorithm: sha256WithRSAEncryption
36:5a:d5:ee:02:2a:5a:0a:5c:66:c5:55:12:65:05:b4:43:14:
b0:5c:3a:df:5d:10:c0:e8:fd:45:42:37:92:c4:d5:c4:d2:0a:
7a:0f:58:89:8c:97:b7:6f:5a:a9:f6:84:ee:47:a2:2a:8d:e1:
dc:c4:a5:d1:71:fc:7a:5c:e8:ed:57:7f:e8:36:b7:1a:ef:55:
72:1f:74:94:c4:35:87:d4:de:7e:f7:0c:9b:e4:46:ea:bc:34:
7f:c3:52:b0:69:9c:ba:b8:17:a4:20:db:dc:8e:d0:e3:59:98:
bf:92:76:63:e3:f4:45:bf:c6:47:ed:f7:d5:5e:58:62:11:fd:
d5:c8:65:81:86:ca:bd:97:44:cd:18:76:d0:a1:31:9e:08:18:
5c:fd:50:4a:9e:da:2e:38:f5:62:b1:18:55:a2:20:0b:fc:be:
05:b0:5f:f1:7c:ab:27:55:7c:fa:94:f5:19:9b:d3:cf:ee:26:
9b:f0:15:e9:14:38:4b:47:47:3a:bd:db:72:b3:a2:0f:8c:77:
18:0a:9b:c9:af:c3:1f:eb:64:8b:02:ef:e7:55:e0:86:19:c0:
cc:ca:43:65:44:d2:cf:02:f3:e7:6a:67:66:ed:21:29:16:ab:
cb:3b:ff:31:39:dd:52:db:36:fc:e4:69:ea:e5:b2:9e:e8:f6:
3d:d1:5b:f0
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZaW7iEYs+0l70KFQ6ATooetMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjUwNTAzMTYxNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYThjZmRmMWM0YTkwZmYxZGY5OWJiZDVhNDJiZTE4MjdjYTJlMGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4fTkmZCceF5UrzlfIKFQmtmWhupg
WdUb5VQr4xyo/95AMqn2Bb4GE4ksOu7KoRTg1ZqHrBDpEULTsO/mQpbcaPHIhV0p
+BAsVVXw4N0PnLs9G9hR7KZwilYxYzPHjAr5MIMQLYbCkfq7s0eV0bBiXR1MwStZ
fma2fCaijL7WO9IG/iOiFz0LG9ov+muUKYxfbplaH55pfcIWAL7Fngs1JQhaEFDL
aEHXvMUIgJU5DvEHN6SkqzqhOn2Z/HlQ29agpALDx9iAYq5/sFSiG73jeHlUzg4n
ffKogNFV8TtLh1GQudZZxpelFaSQ7wQpNBu1ApoBf11oQng/BVmBraObZQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNqM/fHEqQ/x35m71aQr4YJ8ouDgMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvMm96OThjU3BEX0hmbWJ2VnBDdmhnbnlpNE9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAFSzgID
BANSzgADBAJSzhAwDAMEA1LOSAMEBFLOYDANBgkqhkiG9w0BAQsFAAOCAQEANlrV
7gIqWgpcZsVVEmUFtEMUsFw6310QwOj9RUI3ksTVxNIKeg9YiYyXt29aqfaE7kei
Ko3h3MSl0XH8elzo7Vd/6Da3Gu9Vch90lMQ1h9TefvcMm+RG6rw0f8NSsGmcurgX
pCDb3I7Q41mYv5J2Y+P0Rb/GR+331V5YYhH91chlgYbKvZdEzRh20KExnggYXP1Q
Sp7aLjj1YrEYVaIgC/y+BbBf8XyrJ1V8+pT1GZvTz+4mm/AV6RQ4S0dHOr3bcrOi
D4x3GAqbya/DH+tkiwLv51XghhnAzMpDZUTSzwLz52pnZu0hKRaryzv/MTndUts2
/ORp6uWynuj2PdFb8A==
-----END CERTIFICATE-----
Generated at Thu May 8 12:18:18 2025 by rpki-client