Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/CNq9H2OXEp4278EAIur7EjhdgiM.roa
File: CNq9H2OXEp4278EAIur7EjhdgiM.roa (raw, json)
Hash identifier: ezaoiiM4UlLTR0sbj1Fr7oZom9N7jm9fEV33MK67n/k=
Subject key identifier: 08:DA:BD:1F:63:97:12:9E:36:EF:C1:00:22:EA:FB:12:38:5D:82:23
Certificate issuer: /CN=f970049cba7f39aeed31d65313c7b953f3fda135
Certificate serial: 019667C5FC7EB9C56A44A68CFE335ECA01FE
Authority key identifier: F9:70:04:9C:BA:7F:39:AE:ED:31:D6:53:13:C7:B9:53:F3:FD:A1:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/CNq9H2OXEp4278EAIur7EjhdgiM.roa
Signing time: Thu 24 Apr 2025 12:29:10 +0000
ROA not before: Thu 24 Apr 2025 12:29:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50757
IP address blocks: 2.110.21.0/24 maxlen: 24
212.70.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 09:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:67:c5:fc:7e:b9:c5:6a:44:a6:8c:fe:33:5e:ca:01:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f970049cba7f39aeed31d65313c7b953f3fda135
Validity
Not Before: Apr 24 12:29:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08dabd1f6397129e36efc10022eafb12385d8223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d6:7e:17:41:cd:75:cd:c2:18:aa:3f:89:cd:
fd:14:c7:2b:9c:07:d7:97:cd:4a:49:38:dc:b1:b3:
16:29:50:01:cc:80:6a:00:a0:e5:2f:f5:76:58:b3:
93:b5:2f:07:f4:be:d5:01:8f:b9:d0:e5:8a:99:a3:
e8:37:57:1b:17:dc:d3:7a:4f:d5:c2:a8:78:47:a7:
9b:16:de:cb:9e:c4:d0:ff:83:67:52:1a:8b:99:df:
73:3b:b7:e8:19:18:c8:78:d4:81:92:4c:fd:cc:13:
c2:6e:71:10:9e:d1:b2:c1:dd:eb:17:ff:68:c6:66:
59:f2:d9:d2:c7:ab:8d:70:32:f5:8d:08:cd:b4:5b:
0e:9a:91:85:a6:87:35:21:a2:2e:16:bc:aa:b5:0f:
24:ff:65:5d:3c:56:fe:54:76:33:80:be:a2:bb:f2:
64:16:aa:a2:e8:5a:f7:5b:c4:ef:75:79:1f:3c:d0:
1c:5b:1a:3b:94:da:ea:c2:c7:09:9e:03:a9:24:14:
87:10:2b:53:12:f8:5f:bf:0b:49:df:67:4c:87:8d:
99:97:25:63:9b:d6:33:83:28:19:9c:43:8e:cd:95:
fa:05:fb:08:96:9e:42:dd:b5:21:e2:e2:d2:90:7f:
18:ca:7e:a7:62:a8:14:72:60:79:97:44:94:38:7b:
11:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:DA:BD:1F:63:97:12:9E:36:EF:C1:00:22:EA:FB:12:38:5D:82:23
X509v3 Authority Key Identifier:
keyid:F9:70:04:9C:BA:7F:39:AE:ED:31:D6:53:13:C7:B9:53:F3:FD:A1:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/CNq9H2OXEp4278EAIur7EjhdgiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.110.21.0/24
212.70.2.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:27:08:ed:d1:5d:36:5a:7f:35:c4:cd:c5:31:db:97:3d:00:
87:50:43:37:7c:8f:d2:6e:57:1c:4c:04:5b:76:19:e2:5d:17:
64:99:55:ab:57:c5:c1:31:3f:4c:22:5e:e7:ae:a7:75:e6:83:
09:52:65:ff:93:24:f8:41:70:cb:93:42:9c:8c:f2:5a:cc:47:
ea:0d:0f:25:df:f9:65:cc:b7:22:a2:a7:9d:53:1b:b0:f7:0d:
4a:f7:1c:dd:36:c2:2f:83:2c:1c:b0:87:ad:cb:62:1c:59:b9:
8c:14:46:37:7c:75:2e:2e:66:80:46:87:17:5b:5b:e8:db:82:
f2:48:da:cc:f8:89:f8:b0:79:78:e8:6f:7d:e0:80:47:7c:48:
19:85:99:ff:4f:49:c0:97:4c:6e:cf:c0:65:aa:24:c4:a5:18:
5b:ef:1e:4e:91:87:05:38:be:6b:b4:34:37:c7:1d:a5:5e:ba:
01:13:75:00:27:89:be:6b:78:c3:bf:da:d8:bb:fe:fb:ab:06:
90:8e:cb:d1:17:fa:1b:7c:96:55:80:ac:a2:74:37:e1:52:e8:
ad:2d:92:88:c6:e0:14:b2:17:38:6d:f7:92:c2:97:85:32:b0:
51:c1:14:ea:dd:07:2d:47:70:a2:f5:b0:05:89:ce:ca:62:69:
37:84:00:23
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZZnxfx+ucVqRKaM/jNeygH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NzAwNDljYmE3ZjM5YWVlZDMxZDY1MzEzYzdiOTUzZjNm
ZGExMzUwHhcNMjUwNDI0MTIyOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGRhYmQxZjYzOTcxMjllMzZlZmMxMDAyMmVhZmIxMjM4NWQ4MjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9Z+F0HNdc3CGKo/ic39FMcrnAfX
l81KSTjcsbMWKVABzIBqAKDlL/V2WLOTtS8H9L7VAY+50OWKmaPoN1cbF9zTek/V
wqh4R6ebFt7LnsTQ/4NnUhqLmd9zO7foGRjIeNSBkkz9zBPCbnEQntGywd3rF/9o
xmZZ8tnSx6uNcDL1jQjNtFsOmpGFpoc1IaIuFryqtQ8k/2VdPFb+VHYzgL6iu/Jk
Fqqi6Fr3W8TvdXkfPNAcWxo7lNrqwscJngOpJBSHECtTEvhfvwtJ32dMh42ZlyVj
m9YzgygZnEOOzZX6BfsIlp5C3bUh4uLSkH8Yyn6nYqgUcmB5l0SUOHsRzwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAjavR9jlxKeNu/BACLq+xI4XYIjMB8GA1UdIwQY
MBaAFPlwBJy6fzmu7THWUxPHuVPz/aE1MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1YQUVuTHBfT2E3dE1kWlRFOGU1VV9QOW9UVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIvMTNmNWYxLTQ1YjYtNGJjMS1iNWE1
LTUyMWZhNDFkZmM5Ni8xL0NOcTlIMk9YRXA0Mjc4RUFJdXI3RWpoZGdpTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTIvMTNmNWYxLTQ1YjYtNGJjMS1iNWE1LTUyMWZhNDFkZmM5
Ni8xLzEtWEFFbkxwX09hN3RNZFpURThlNVVfUDlvVFUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAACbhUD
BADURgIwDQYJKoZIhvcNAQELBQADggEBAEonCO3RXTZafzXEzcUx25c9AIdQQzd8
j9JuVxxMBFt2GeJdF2SZVatXxcExP0wiXueup3XmgwlSZf+TJPhBcMuTQpyM8lrM
R+oNDyXf+WXMtyKip51TG7D3DUr3HN02wi+DLBywh63LYhxZuYwURjd8dS4uZoBG
hxdbW+jbgvJI2sz4ifiweXjob33ggEd8SBmFmf9PScCXTG7PwGWqJMSlGFvvHk6R
hwU4vmu0NDfHHaVeugETdQAnib5reMO/2ti7/vurBpCOy9EX+ht8llWArKJ0N+FS
6K0tkojG4BSyFzht95LCl4UysFHBFOrdBy1HcKL1sAWJzspiaTeEACM=
-----END CERTIFICATE-----
Generated at Mon May 5 17:11:56 2025 by rpki-client