Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/CX2cBCOKzOh_qypbeFmBGdlhLuM.roa
File: CX2cBCOKzOh_qypbeFmBGdlhLuM.roa (raw, json)
Hash identifier: TjA4S9ihv8gxn1r6FtZzJugsqz7gJ5qJNI/t8P7H7gE=
Subject key identifier: 09:7D:9C:04:23:8A:CC:E8:7F:AB:2A:5B:78:59:81:19:D9:61:2E:E3
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 01979E24D6CB26A442917C5F2D4E30317FF6
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/CX2cBCOKzOh_qypbeFmBGdlhLuM.roa
Signing time: Mon 23 Jun 2025 18:55:03 +0000
ROA not before: Mon 23 Jun 2025 18:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.247.59.0/24 maxlen: 24
188.241.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9e:24:d6:cb:26:a4:42:91:7c:5f:2d:4e:30:31:7f:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jun 23 18:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=097d9c04238acce87fab2a5b78598119d9612ee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:18:50:36:ef:d4:aa:69:5d:2e:07:56:af:ec:
be:6a:b6:88:90:a2:04:26:3c:9e:cf:4b:0a:02:e0:
f3:7f:48:c1:38:13:3f:50:6f:e8:42:8a:87:5b:a6:
aa:62:6a:39:60:01:93:f2:af:e3:01:61:3a:4f:8f:
10:69:4b:77:00:12:3a:87:93:33:68:4e:08:1e:2a:
6a:61:70:69:a7:ac:5b:60:8e:e6:9e:40:2c:93:a4:
47:73:76:8b:de:e3:76:6f:b3:78:9e:ea:29:18:7f:
25:c5:9f:9f:d7:e6:66:f8:35:29:e8:2a:58:c9:c1:
d4:6d:15:2e:46:68:40:ab:dd:29:77:56:c5:2a:f4:
8e:91:88:63:64:0b:e7:ad:78:67:5d:1a:35:e0:bd:
25:72:e1:38:1c:4b:a7:a9:88:32:54:37:e4:b4:da:
f8:fe:9e:f3:ed:ac:39:9b:9a:69:0e:17:ac:e9:77:
4a:25:67:85:a4:2a:7c:b2:a9:80:06:5e:57:b9:d4:
4e:40:d0:d3:7b:cc:2c:27:76:ca:1d:34:ab:6a:d5:
b7:aa:c4:77:32:d1:89:51:86:52:10:48:78:37:b2:
66:1b:26:d1:8f:ed:08:89:93:05:da:ed:3c:d4:45:
34:d0:91:37:7b:a8:ef:d9:22:59:ba:78:86:9e:b5:
04:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:7D:9C:04:23:8A:CC:E8:7F:AB:2A:5B:78:59:81:19:D9:61:2E:E3
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/CX2cBCOKzOh_qypbeFmBGdlhLuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.59.0/24
188.241.192.0/24
Signature Algorithm: sha256WithRSAEncryption
61:35:d3:3c:b7:ac:33:45:e5:55:dd:c4:f3:98:24:d2:f5:2e:
c8:3b:09:7d:76:b6:cd:a9:2c:cf:6c:74:60:b3:01:db:0d:b4:
9f:e1:82:e9:f8:50:fa:3d:af:32:18:a7:d8:04:a9:8f:b9:ed:
85:27:e7:7d:2d:fe:fe:e4:df:d2:e7:1d:6e:20:79:bf:94:ba:
29:ce:13:f9:60:25:90:f4:a7:ee:a5:a2:75:55:a9:78:36:b0:
62:02:62:ab:ff:92:e0:c2:a5:02:ef:bc:66:d8:55:92:9b:46:
0d:e9:ec:b1:51:62:7b:af:e0:66:3b:47:12:df:81:c8:57:32:
b7:da:50:ef:65:6f:76:e1:f0:67:ef:fb:5e:5c:82:f2:8e:a0:
82:58:42:a4:1f:ae:2d:d0:a0:f8:df:ca:3c:a0:9a:a9:22:eb:
3d:fd:57:3b:9b:4c:ba:ee:0c:0f:a4:c4:4d:f0:0a:04:a2:10:
07:15:f4:92:f9:f6:43:f6:a2:5b:3d:b5:ef:a1:ea:21:a0:78:
89:08:44:a3:82:5d:2b:9f:e2:69:8c:79:57:08:67:12:ce:b7:
16:ee:ca:f4:25:e2:33:f5:ed:a6:d5:55:76:77:3d:21:6a:27:
1c:67:15:fb:57:4d:3c:8e:d3:e9:ae:08:2b:23:0c:56:36:74:
cf:41:be:30
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZeeJNbLJqRCkXxfLU4wMX/2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwNjIzMTg1NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTdkOWMwNDIzOGFjY2U4N2ZhYjJhNWI3ODU5ODExOWQ5NjEyZWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRhQNu/UqmldLgdWr+y+araIkKIE
Jjyez0sKAuDzf0jBOBM/UG/oQoqHW6aqYmo5YAGT8q/jAWE6T48QaUt3ABI6h5Mz
aE4IHipqYXBpp6xbYI7mnkAsk6RHc3aL3uN2b7N4nuopGH8lxZ+f1+Zm+DUp6CpY
ycHUbRUuRmhAq90pd1bFKvSOkYhjZAvnrXhnXRo14L0lcuE4HEunqYgyVDfktNr4
/p7z7aw5m5ppDhes6XdKJWeFpCp8sqmABl5XudROQNDTe8wsJ3bKHTSratW3qsR3
MtGJUYZSEEh4N7JmGybRj+0IiZMF2u081EU00JE3e6jv2SJZuniGnrUEmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAl9nAQjiszof6sqW3hZgRnZYS7jMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvQ1gyY0JDT0t6T2hfcXlwYmVGbUJHZGxoTHVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVPc7AwQA
vPHAMA0GCSqGSIb3DQEBCwUAA4IBAQBhNdM8t6wzReVV3cTzmCTS9S7IOwl9drbN
qSzPbHRgswHbDbSf4YLp+FD6Pa8yGKfYBKmPue2FJ+d9Lf7+5N/S5x1uIHm/lLop
zhP5YCWQ9KfupaJ1Val4NrBiAmKr/5LgwqUC77xm2FWSm0YN6eyxUWJ7r+BmO0cS
34HIVzK32lDvZW924fBn7/teXILyjqCCWEKkH64t0KD438o8oJqpIus9/Vc7m0y6
7gwPpMRN8AoEohAHFfSS+fZD9qJbPbXvoeohoHiJCESjgl0rn+JpjHlXCGcSzrcW
7sr0JeIz9e2m1VV2dz0haiccZxX7V008jtPprggrIwxWNnTPQb4w
-----END CERTIFICATE-----
Generated at Sun Jun 29 01:06:35 2025 by rpki-client