Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/CNtM8zejZ349bsOx94QsI819vZU.roa
File: CNtM8zejZ349bsOx94QsI819vZU.roa (raw, json)
Hash identifier: xxnS1MVGHtYdDD2abmYeFD2yf6kRsOETWylSJhltDEE=
Subject key identifier: 08:DB:4C:F3:37:A3:67:7E:3D:6E:C3:B1:F7:84:2C:23:CD:7D:BD:95
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 019589FD3DE63008A4F1AF74D9BF480C042A
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/CNtM8zejZ349bsOx94QsI819vZU.roa
Signing time: Wed 12 Mar 2025 10:53:49 +0000
ROA not before: Wed 12 Mar 2025 10:53:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.83.202.0/24 maxlen: 24
188.209.130.0/24 maxlen: 24
188.209.134.0/24 maxlen: 24
188.209.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.mft
rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:89:fd:3d:e6:30:08:a4:f1:af:74:d9:bf:48:0c:04:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Mar 12 10:53:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08db4cf337a3677e3d6ec3b1f7842c23cd7dbd95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9b:17:d2:82:91:9a:df:18:b3:16:51:e2:9f:
ab:84:65:c9:e5:75:48:d0:e1:df:03:b1:cc:31:07:
51:fb:6a:64:8f:85:03:cc:d1:8a:58:d9:25:30:80:
37:23:d2:43:0f:6f:a0:5d:9b:34:a7:20:e8:9a:95:
2c:7e:fa:b7:e3:e5:16:9f:d3:28:f1:85:0f:f7:2d:
c9:c7:4a:4a:63:09:ba:e0:dd:21:c8:dd:51:59:72:
76:7e:7c:23:f9:ba:b0:4d:86:54:50:65:10:d4:d0:
90:f2:42:ed:4d:08:ea:b2:12:12:e2:61:bf:6f:f6:
1b:ca:8d:67:9a:89:8f:24:e0:9b:34:a6:b3:0f:30:
c4:82:eb:53:04:a8:73:d7:cd:9b:9b:47:0d:df:30:
b5:33:89:39:15:8d:2a:be:73:df:e0:29:b1:a5:de:
50:5d:db:25:ef:b4:f5:e4:1e:87:31:78:4a:3e:f0:
28:61:13:89:5d:49:5f:4b:d0:2b:76:78:cc:7f:22:
70:f2:8d:9d:d4:90:eb:dc:b9:60:fe:0d:06:57:0d:
75:20:78:31:b8:03:eb:59:86:04:0f:74:5f:0c:3d:
3e:b5:d7:db:69:fc:8a:e2:f0:7d:29:9f:0c:b9:6f:
a8:12:9f:5a:fb:db:e2:0b:23:a1:20:3f:27:61:cf:
32:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:DB:4C:F3:37:A3:67:7E:3D:6E:C3:B1:F7:84:2C:23:CD:7D:BD:95
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/CNtM8zejZ349bsOx94QsI819vZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.202.0/24
188.209.130.0/24
188.209.134.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:a2:b1:4c:74:33:9c:a5:cf:b7:67:f1:a0:89:68:b9:89:67:
c2:10:f3:a9:e4:2e:4c:b0:52:a8:72:ce:93:a9:75:91:6c:be:
01:e5:ca:32:ac:e0:ff:f0:8e:f6:22:1c:ca:04:6b:7d:5b:38:
d0:a6:97:74:a0:1d:89:5b:51:26:79:bd:12:de:c3:e1:ec:5b:
93:83:6a:28:6c:e2:13:56:8b:1d:33:64:48:92:b9:e0:04:9e:
3b:c6:1c:9a:89:95:23:5b:10:85:c7:13:62:0c:69:67:da:ba:
c6:8e:e0:c1:49:60:0b:23:a8:90:73:70:0d:21:8e:17:0f:05:
83:6a:93:36:31:60:39:12:97:b9:9c:0e:61:f1:d3:a5:fb:17:
57:4c:1b:e7:a3:1b:bb:74:9c:1e:e0:95:75:32:c1:01:26:01:
5a:42:ad:48:ec:59:28:bc:88:d5:25:92:b2:9d:f5:0f:a1:8d:
78:df:36:c5:64:4c:c6:a1:90:8d:6a:55:76:1a:7c:10:5e:b3:
c6:db:6f:30:f7:1f:7c:7c:0a:07:8b:cd:ae:98:0b:6c:b2:dc:
78:20:7b:c4:ff:81:48:26:6c:61:51:b5:b4:f1:06:a2:a7:03:
e6:01:8c:a6:fd:dc:38:ff:31:fc:96:0d:c4:1a:46:21:d8:04:
50:50:5b:b9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZWJ/T3mMAik8a902b9IDAQqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwMzEyMTA1MzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGRiNGNmMzM3YTM2NzdlM2Q2ZWMzYjFmNzg0MmMyM2NkN2RiZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZsX0oKRmt8YsxZR4p+rhGXJ5XVI
0OHfA7HMMQdR+2pkj4UDzNGKWNklMIA3I9JDD2+gXZs0pyDompUsfvq34+UWn9Mo
8YUP9y3Jx0pKYwm64N0hyN1RWXJ2fnwj+bqwTYZUUGUQ1NCQ8kLtTQjqshIS4mG/
b/Ybyo1nmomPJOCbNKazDzDEgutTBKhz182bm0cN3zC1M4k5FY0qvnPf4Cmxpd5Q
Xdsl77T15B6HMXhKPvAoYROJXUlfS9ArdnjMfyJw8o2d1JDr3Llg/g0GVw11IHgx
uAPrWYYED3RfDD0+tdfbafyK4vB9KZ8MuW+oEp9a+9viCyOhID8nYc8yBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAjbTPM3o2d+PW7DsfeELCPNfb2VMB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvQ050TTh6ZWpaMzQ5YnNPeDk0UXNJODE5dlpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuVPKAwQA
vNGCAwQBvNGGMA0GCSqGSIb3DQEBCwUAA4IBAQA6orFMdDOcpc+3Z/GgiWi5iWfC
EPOp5C5MsFKocs6TqXWRbL4B5coyrOD/8I72IhzKBGt9WzjQppd0oB2JW1Emeb0S
3sPh7FuTg2oobOITVosdM2RIkrngBJ47xhyaiZUjWxCFxxNiDGln2rrGjuDBSWAL
I6iQc3ANIY4XDwWDapM2MWA5Epe5nA5h8dOl+xdXTBvnoxu7dJwe4JV1MsEBJgFa
Qq1I7FkovIjVJZKynfUPoY143zbFZEzGoZCNalV2GnwQXrPG228w9x98fAoHi82u
mAtsstx4IHvE/4FIJmxhUbW08QaipwPmAYym/dw4/zH8lg3EGkYh2ARQUFu5
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:33:46 2025 by rpki-client