Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/y26WpZEldCdiwpqodYBCZ3hzMbM.roa
File: y26WpZEldCdiwpqodYBCZ3hzMbM.roa (raw, json)
Hash identifier: Q1+h8XgN41jDqcPqF4sdoSdNWkaGt5GnKBqYH1YkYlc=
Subject key identifier: CB:6E:96:A5:91:25:74:27:62:C2:9A:A8:75:80:42:67:78:73:31:B3
Certificate issuer: /CN=88727fad5b5c06852e1dafa071ce4767a799e050
Certificate serial: 019422FBEF9FE663FA0315EEFF3C9C04AE0E
Authority key identifier: 88:72:7F:AD:5B:5C:06:85:2E:1D:AF:A0:71:CE:47:67:A7:99:E0:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/y26WpZEldCdiwpqodYBCZ3hzMbM.roa
Signing time: Wed 01 Jan 2025 17:48:43 +0000
ROA not before: Wed 01 Jan 2025 17:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48944
IP address blocks: 185.193.208.0/22 maxlen: 22
185.193.208.0/23 maxlen: 23
185.193.208.0/24 maxlen: 24
185.193.209.0/24 maxlen: 24
185.193.210.0/23 maxlen: 23
185.193.210.0/24 maxlen: 24
185.193.211.0/24 maxlen: 24
185.214.36.0/22 maxlen: 22
185.214.36.0/23 maxlen: 23
185.214.36.0/24 maxlen: 24
185.214.37.0/24 maxlen: 24
185.214.38.0/23 maxlen: 23
185.214.38.0/24 maxlen: 24
185.214.39.0/24 maxlen: 24
185.226.132.0/22 maxlen: 22
185.226.132.0/24 maxlen: 24
185.226.133.0/24 maxlen: 24
185.226.134.0/24 maxlen: 24
185.226.135.0/24 maxlen: 24
2a0a:3e40::/29 maxlen: 29
2a0b:92c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.mft
rsync://rpki.ripe.net/repository/DEFAULT/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:ef:9f:e6:63:fa:03:15:ee:ff:3c:9c:04:ae:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88727fad5b5c06852e1dafa071ce4767a799e050
Validity
Not Before: Jan 1 17:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb6e96a59125742762c29aa875804267787331b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ff:51:50:26:d3:28:73:2a:62:91:e8:0f:fd:
03:cb:88:22:a2:1f:b6:66:3f:0b:f5:87:27:37:b3:
77:67:e6:72:17:3c:34:0e:3a:2c:6e:3e:99:6f:38:
c7:2b:e7:e7:7a:98:b0:e0:dd:18:55:0f:cf:c8:5e:
5f:34:86:32:ce:3c:f2:58:75:fe:34:fe:b6:81:c8:
5d:25:eb:b9:25:de:18:05:c4:3e:ed:8a:0e:49:08:
ae:72:de:1f:9a:be:b5:e3:1e:76:52:06:1e:af:f2:
0b:1a:c6:09:60:80:de:a4:00:ee:b4:f7:c5:d9:bb:
36:7b:82:ef:41:9e:14:e9:64:f9:a3:1a:22:40:f3:
cd:eb:11:a0:6b:88:f2:52:45:54:3a:c8:2b:60:f0:
02:11:72:a0:78:47:ce:02:59:74:ce:d3:be:a6:95:
ae:10:c9:f0:9b:89:53:f3:17:99:1b:35:73:6e:d1:
84:13:1d:13:8a:49:66:7d:35:13:0e:d0:05:75:94:
cd:52:eb:af:6d:0b:c1:f4:38:3a:fa:1e:9f:69:ee:
2b:ba:93:d5:2f:41:18:26:8c:f9:c0:7f:df:88:6b:
e9:41:c8:88:b6:c2:3b:67:06:cb:2a:f1:a6:f2:b8:
02:f5:b9:75:c2:70:20:6c:41:d1:76:de:32:3e:8f:
82:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:6E:96:A5:91:25:74:27:62:C2:9A:A8:75:80:42:67:78:73:31:B3
X509v3 Authority Key Identifier:
keyid:88:72:7F:AD:5B:5C:06:85:2E:1D:AF:A0:71:CE:47:67:A7:99:E0:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/y26WpZEldCdiwpqodYBCZ3hzMbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.208.0/22
185.214.36.0/22
185.226.132.0/22
IPv6:
2a0a:3e40::/29
2a0b:92c0::/29
Signature Algorithm: sha256WithRSAEncryption
7a:00:28:8c:72:f3:96:2d:37:5b:87:5b:02:c6:c1:7a:5f:1c:
c2:4a:3f:9b:07:29:79:ac:f4:c5:a9:da:bc:73:9f:af:07:16:
42:ed:f2:db:a8:86:1f:0a:f4:33:8b:9b:03:f4:22:a3:9f:c3:
e7:37:75:67:c2:22:1b:04:28:80:e7:58:3e:d2:c5:f0:6e:0e:
99:e3:14:1e:d3:2d:7d:59:00:d1:d2:68:5f:f4:fe:bb:9c:f4:
e9:10:56:0f:cd:f5:69:58:50:33:1b:37:f4:a5:cb:bb:a8:17:
bf:6b:69:cf:16:9e:fd:8b:b5:0c:e0:63:ea:6a:0c:c7:00:78:
02:72:ab:fb:3c:bb:5a:e8:75:6d:97:81:4c:39:38:53:d4:06:
ce:fb:a0:28:bd:3c:95:98:1b:33:c1:36:67:e3:08:f8:a2:0b:
33:31:53:85:c8:b4:3e:21:f8:f9:3f:54:80:07:fe:34:e8:6c:
3c:ff:02:78:ec:28:ae:15:9e:e7:4a:23:e7:3a:f5:57:f9:a5:
55:90:20:28:57:6f:cf:cb:90:a3:cb:29:a5:b8:0d:86:af:3b:
9b:3b:dd:8c:e0:d5:be:ab:8a:ef:ca:bd:b5:24:bd:77:c9:af:
27:fd:d7:59:fe:6c:6b:75:d5:7b:6e:08:0d:5a:de:f0:aa:df:
13:f6:3b:bb
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQi+++f5mP6AxXu/zycBK4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NzI3ZmFkNWI1YzA2ODUyZTFkYWZhMDcxY2U0NzY3YTc5
OWUwNTAwHhcNMjUwMTAxMTc0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjZlOTZhNTkxMjU3NDI3NjJjMjlhYTg3NTgwNDI2Nzc4NzMzMWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0P9RUCbTKHMqYpHoD/0Dy4gioh+2
Zj8L9YcnN7N3Z+ZyFzw0Djosbj6ZbzjHK+fnepiw4N0YVQ/PyF5fNIYyzjzyWHX+
NP62gchdJeu5Jd4YBcQ+7YoOSQiuct4fmr614x52UgYer/ILGsYJYIDepADutPfF
2bs2e4LvQZ4U6WT5oxoiQPPN6xGga4jyUkVUOsgrYPACEXKgeEfOAll0ztO+ppWu
EMnwm4lT8xeZGzVzbtGEEx0TiklmfTUTDtAFdZTNUuuvbQvB9Dg6+h6fae4rupPV
L0EYJoz5wH/fiGvpQciItsI7ZwbLKvGm8rgC9bl1wnAgbEHRdt4yPo+CGwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFMtulqWRJXQnYsKaqHWAQmd4czGzMB8GA1UdIwQY
MBaAFIhyf61bXAaFLh2voHHOR2enmeBQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUhKX3JWdGNCb1V1SGEtZ2NjNUhaNmVaNEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9hNGEyNjAtODRiMC00NjhlLWI0OTct
NWE0MTkyNmZlZDdjLzEveTI2V3BaRWxkQ2Rpd3Bxb2RZQkNaM2h6TWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9hNGEyNjAtODRiMC00NjhlLWI0OTctNWE0MTkyNmZlZDdj
LzEvaUhKX3JWdGNCb1V1SGEtZ2NjNUhaNmVaNEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCucHQAwQC
udYkAwQCueKEMBQEAgACMA4DBQMqCj5AAwUDKguSwDANBgkqhkiG9w0BAQsFAAOC
AQEAegAojHLzli03W4dbAsbBel8cwko/mwcpeaz0xanavHOfrwcWQu3y26iGHwr0
M4ubA/Qio5/D5zd1Z8IiGwQogOdYPtLF8G4OmeMUHtMtfVkA0dJoX/T+u5z06RBW
D831aVhQMxs39KXLu6gXv2tpzxae/Yu1DOBj6moMxwB4AnKr+zy7Wuh1bZeBTDk4
U9QGzvugKL08lZgbM8E2Z+MI+KILMzFThci0PiH4+T9UgAf+NOhsPP8CeOworhWe
50oj5zr1V/mlVZAgKFdvz8uQo8sppbgNhq87mzvdjODVvquK78q9tSS9d8mvJ/3X
Wf5sa3XVe24IDVre8KrfE/Y7uw==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:06 2025 by rpki-client