Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/AgImtgZpo_v_WhpCc8iqf7Vv5Wg.roa
File: AgImtgZpo_v_WhpCc8iqf7Vv5Wg.roa (raw, json)
Hash identifier: 2lEiGGn7PNfwmh+bGdthM5thKczCZREfXl/uqPf8zvQ=
Subject key identifier: 02:02:26:B6:06:69:A3:FB:FF:5A:1A:42:73:C8:AA:7F:B5:6F:E5:68
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2EF2717D2E19AE98EB656763DD137
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/AgImtgZpo_v_WhpCc8iqf7Vv5Wg.roa
Signing time: Thu 02 Jan 2025 01:48:13 +0000
ROA not before: Thu 02 Jan 2025 01:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43513
IP address blocks: 85.254.5.0/24 maxlen: 24
85.254.16.0/22 maxlen: 22
85.254.24.0/22 maxlen: 22
85.254.32.0/21 maxlen: 21
85.254.49.72/32 maxlen: 32
85.254.49.73/32 maxlen: 32
85.254.49.74/32 maxlen: 32
85.254.49.75/32 maxlen: 32
85.254.142.0/23 maxlen: 23
85.254.145.0/24 maxlen: 24
159.148.102.0/24 maxlen: 24
159.148.198.0/23 maxlen: 23
159.148.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:ef:27:17:d2:e1:9a:e9:8e:b6:56:76:3d:d1:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=020226b60669a3fbff5a1a4273c8aa7fb56fe568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c2:ad:dc:01:b1:51:d6:cd:84:55:c8:15:86:
5f:63:dd:09:13:b6:51:81:d7:b2:2b:2b:e7:2f:68:
14:84:92:e6:34:69:da:41:c9:08:00:9c:61:65:67:
2d:41:89:e3:4c:e8:a3:dc:7e:6d:6b:53:69:b1:74:
b4:fb:2b:36:59:8d:07:2c:27:e0:24:9a:09:1a:4e:
09:96:ea:3b:cd:41:00:b5:74:ad:4f:a0:43:de:9b:
78:b7:e6:4a:32:7e:91:18:51:f0:d7:fd:d9:be:43:
e8:0d:91:50:a8:58:76:b7:a7:6d:c5:e3:62:00:0d:
e5:8e:ec:3f:d5:ae:e5:6c:91:3a:d7:67:91:60:f6:
61:7f:f8:d6:3d:d3:df:cf:e0:8b:bd:7c:d8:59:11:
c0:3a:af:a7:66:86:86:c7:02:0e:59:0e:d3:71:98:
d6:7f:7b:fa:e5:19:b3:c3:ef:b0:a2:a0:15:69:a5:
a6:94:7d:5f:dc:8d:19:71:ee:5b:37:f5:6f:c9:85:
01:68:b7:2a:3f:1e:27:a7:57:86:55:28:4d:7c:ca:
ec:9d:d1:fa:ac:f9:8c:ba:b5:bb:d5:1c:ca:e7:07:
98:f5:3b:c8:6a:db:08:e1:ca:56:d4:7b:44:9d:02:
33:16:fe:59:80:bc:88:e7:3d:b8:3a:10:1d:ed:0d:
21:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:02:26:B6:06:69:A3:FB:FF:5A:1A:42:73:C8:AA:7F:B5:6F:E5:68
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/AgImtgZpo_v_WhpCc8iqf7Vv5Wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.5.0/24
85.254.16.0/22
85.254.24.0/22
85.254.32.0/21
85.254.49.72/30
85.254.142.0/23
85.254.145.0/24
159.148.102.0/24
159.148.198.0-159.148.200.255
Signature Algorithm: sha256WithRSAEncryption
09:e7:9b:8d:65:8a:df:1e:8f:5f:29:d4:38:45:22:90:3b:f8:
01:80:bb:86:85:b8:02:38:67:43:87:c3:4a:b6:6c:eb:38:ae:
08:10:5c:a1:d7:e2:e9:4e:08:a4:ad:8f:5a:07:39:4c:19:5f:
6e:6e:42:82:70:17:88:b5:27:b1:6a:8d:62:95:b0:ec:7e:f3:
d6:9d:34:49:36:1c:70:d3:f6:4f:49:a0:8b:84:e0:09:df:2c:
9c:05:9d:20:31:04:6b:96:ba:b6:80:5f:f4:68:0f:05:bf:d5:
9d:8a:5c:94:15:32:cd:1f:a7:39:34:87:d2:42:55:06:e9:05:
e2:cd:72:da:87:c1:ad:7e:f2:d9:b2:f2:ac:bd:c3:49:0b:55:
07:1f:75:b7:9b:fa:a4:83:d1:ea:dd:4e:d5:ef:3f:e8:2b:d2:
26:53:69:af:3a:6a:a3:22:33:44:09:df:0a:97:a5:83:83:90:
26:b4:73:f5:e5:ba:55:1a:f2:38:c7:eb:0a:c3:2f:a5:69:3c:
07:83:5b:12:3e:cb:1f:26:53:8a:38:17:a9:bf:ce:08:8f:0a:
e3:fa:14:8e:e0:f2:31:10:fe:2a:6f:44:e9:50:62:d2:d0:83:
fe:88:93:b5:68:7d:fb:ce:2f:37:cb:60:62:63:69:b1:bc:e4:
83:5b:30:50
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQksu8nF9LhmumOtlZ2PdE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjAyMjZiNjA2NjlhM2ZiZmY1YTFhNDI3M2M4YWE3ZmI1NmZlNTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8Kt3AGxUdbNhFXIFYZfY90JE7ZR
gdeyKyvnL2gUhJLmNGnaQckIAJxhZWctQYnjTOij3H5ta1NpsXS0+ys2WY0HLCfg
JJoJGk4Jluo7zUEAtXStT6BD3pt4t+ZKMn6RGFHw1/3ZvkPoDZFQqFh2t6dtxeNi
AA3ljuw/1a7lbJE612eRYPZhf/jWPdPfz+CLvXzYWRHAOq+nZoaGxwIOWQ7TcZjW
f3v65Rmzw++woqAVaaWmlH1f3I0Zce5bN/VvyYUBaLcqPx4np1eGVShNfMrsndH6
rPmMurW71RzK5weY9TvIatsI4cpW1HtEnQIzFv5ZgLyI5z24OhAd7Q0hUwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFAICJrYGaaP7/1oaQnPIqn+1b+VoMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvQWdJbXRnWnBvX3ZfV2hwQ2M4aXFmN1Z2NVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAATA/AwQAVf4FAwQC
Vf4QAwQCVf4YAwQDVf4gAwUCVf4xSAMEAVX+jgMEAFX+kQMEAJ+UZjAMAwQBn5TG
AwQAn5TIMA0GCSqGSIb3DQEBCwUAA4IBAQAJ55uNZYrfHo9fKdQ4RSKQO/gBgLuG
hbgCOGdDh8NKtmzrOK4IEFyh1+LpTgikrY9aBzlMGV9ubkKCcBeItSexao1ilbDs
fvPWnTRJNhxw0/ZPSaCLhOAJ3yycBZ0gMQRrlrq2gF/0aA8Fv9WdilyUFTLNH6c5
NIfSQlUG6QXizXLah8GtfvLZsvKsvcNJC1UHH3W3m/qkg9Hq3U7V7z/oK9ImU2mv
OmqjIjNECd8Kl6WDg5AmtHP15bpVGvI4x+sKwy+laTwHg1sSPssfJlOKOBepv84I
jwrj+hSO4PIxEP4qb0TpUGLS0IP+iJO1aH37zi83y2BiY2mxvOSDWzBQ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:23 2025 by rpki-client