Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/eebdcd-896f-4675-a246-5dcbbde35dcd/1/poxmGDjmFhEykYFtUrK86QVNSBE.roa
File: poxmGDjmFhEykYFtUrK86QVNSBE.roa (raw, json)
Hash identifier: LiFoIRCZoOCJ6MEjwTK5FSST0U+wUgy2+UPXqJfWuqM=
Subject key identifier: A6:8C:66:18:38:E6:16:11:32:91:81:6D:52:B2:BC:E9:05:4D:48:11
Certificate issuer: /CN=2fbd3c7e9c77f9a8894905650d7f5a439a07265d
Certificate serial: 019423D735934D60117DF24EA9C1780BB0A7
Authority key identifier: 2F:BD:3C:7E:9C:77:F9:A8:89:49:05:65:0D:7F:5A:43:9A:07:26:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L708fpx3-aiJSQVlDX9aQ5oHJl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/eebdcd-896f-4675-a246-5dcbbde35dcd/1/poxmGDjmFhEykYFtUrK86QVNSBE.roa
Signing time: Wed 01 Jan 2025 21:48:13 +0000
ROA not before: Wed 01 Jan 2025 21:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204581
IP address blocks: 185.239.228.0/22 maxlen: 24
194.59.157.0/24 maxlen: 24
194.59.168.0/24 maxlen: 24
194.59.176.0/24 maxlen: 24
194.59.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/eebdcd-896f-4675-a246-5dcbbde35dcd/1/L708fpx3-aiJSQVlDX9aQ5oHJl0.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/eebdcd-896f-4675-a246-5dcbbde35dcd/1/L708fpx3-aiJSQVlDX9aQ5oHJl0.mft
rsync://rpki.ripe.net/repository/DEFAULT/L708fpx3-aiJSQVlDX9aQ5oHJl0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 09:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:35:93:4d:60:11:7d:f2:4e:a9:c1:78:0b:b0:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fbd3c7e9c77f9a8894905650d7f5a439a07265d
Validity
Not Before: Jan 1 21:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a68c661838e616113291816d52b2bce9054d4811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:15:b6:63:a1:b0:04:ca:3c:6c:40:ab:4f:58:
cb:6f:4e:d1:17:bf:06:2f:db:ea:c0:0b:83:5f:32:
c2:46:e6:bb:00:a9:cd:3d:d3:ef:c1:67:44:34:cb:
85:1d:08:42:f2:17:dc:7e:3b:33:c0:20:c6:5e:aa:
6d:b0:fd:36:2e:12:87:b1:9f:fc:62:be:4a:75:b5:
d7:28:fc:47:d6:bf:db:e8:f7:31:c5:71:e7:43:bc:
b9:f4:64:6d:c5:c7:3d:59:c0:a3:8e:ec:1a:45:11:
8c:9b:ed:4c:28:b7:64:1e:8a:1d:6b:dc:86:61:fa:
46:52:c6:d7:50:ba:4e:6a:68:14:a7:70:2b:9a:dc:
3e:e4:eb:94:51:f9:66:b2:30:b8:23:b3:5a:9d:6c:
ea:16:17:13:c5:4c:f8:2b:5d:68:b0:c1:e8:97:2e:
dc:72:29:25:43:3a:53:6b:c3:52:78:24:ef:70:2e:
7d:85:f8:b6:43:e5:68:61:8b:f1:81:95:9e:98:fe:
4d:92:d8:0e:d8:24:ca:a8:f4:3e:45:b8:f9:50:39:
46:17:3f:61:30:9b:79:dd:e5:7b:8e:21:e9:c4:88:
24:49:7d:81:2d:dd:50:e2:f8:38:d8:34:51:6f:6b:
20:6d:c7:a8:43:dd:7e:b4:12:54:3b:48:5c:4a:08:
fc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:8C:66:18:38:E6:16:11:32:91:81:6D:52:B2:BC:E9:05:4D:48:11
X509v3 Authority Key Identifier:
keyid:2F:BD:3C:7E:9C:77:F9:A8:89:49:05:65:0D:7F:5A:43:9A:07:26:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L708fpx3-aiJSQVlDX9aQ5oHJl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/eebdcd-896f-4675-a246-5dcbbde35dcd/1/poxmGDjmFhEykYFtUrK86QVNSBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/eebdcd-896f-4675-a246-5dcbbde35dcd/1/L708fpx3-aiJSQVlDX9aQ5oHJl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.228.0/22
194.59.157.0/24
194.59.168.0/24
194.59.176.0/24
194.59.181.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:be:59:00:1e:eb:e2:23:72:d9:d7:b0:08:d4:45:42:fd:49:
b3:48:d8:5e:c1:19:c3:e5:1f:c6:af:79:28:59:fc:47:08:a1:
c8:fb:2c:73:0d:4c:59:f2:5c:5a:ab:2e:5f:94:94:06:39:d4:
f6:6a:2b:7e:ca:99:65:c0:f8:0f:53:74:f7:0f:03:57:16:f3:
dd:da:2c:9e:32:a6:c2:c1:1f:36:91:75:80:b9:7a:c8:ee:2b:
6b:ec:7b:2b:2b:28:bf:97:05:9e:c8:09:ca:2a:6c:ff:21:06:
01:de:2e:42:44:f8:23:bb:a0:d5:45:5b:24:82:8b:94:d5:33:
8b:bd:d8:46:8e:54:c4:22:bb:b8:58:62:77:cc:f9:d6:59:36:
74:1e:70:ae:82:6e:6d:ac:db:88:2d:d3:12:a2:63:7e:74:26:
9b:1c:81:75:0c:29:4c:66:61:27:15:ad:5c:07:95:96:a2:44:
ee:60:0c:5f:0d:97:35:1e:5f:04:0f:81:60:33:ef:d8:7e:c3:
cc:b9:37:8d:7c:11:c7:24:97:08:f3:c7:d1:01:5f:0d:63:e4:
93:13:41:01:1b:fe:00:b2:3f:a5:71:57:7c:77:b4:29:50:1d:
f1:f4:a8:82:65:77:12:6f:09:fb:34:31:e4:ef:fb:52:fa:18:
0c:40:43:d9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQj1zWTTWARffJOqcF4C7CnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYmQzYzdlOWM3N2Y5YTg4OTQ5MDU2NTBkN2Y1YTQzOWEw
NzI2NWQwHhcNMjUwMTAxMjE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjhjNjYxODM4ZTYxNjExMzI5MTgxNmQ1MmIyYmNlOTA1NGQ0ODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRW2Y6GwBMo8bECrT1jLb07RF78G
L9vqwAuDXzLCRua7AKnNPdPvwWdENMuFHQhC8hfcfjszwCDGXqptsP02LhKHsZ/8
Yr5KdbXXKPxH1r/b6PcxxXHnQ7y59GRtxcc9WcCjjuwaRRGMm+1MKLdkHooda9yG
YfpGUsbXULpOamgUp3Armtw+5OuUUflmsjC4I7NanWzqFhcTxUz4K11osMHoly7c
ciklQzpTa8NSeCTvcC59hfi2Q+VoYYvxgZWemP5NktgO2CTKqPQ+Rbj5UDlGFz9h
MJt53eV7jiHpxIgkSX2BLd1Q4vg42DRRb2sgbceoQ91+tBJUO0hcSgj8ewIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKaMZhg45hYRMpGBbVKyvOkFTUgRMB8GA1UdIwQY
MBaAFC+9PH6cd/moiUkFZQ1/WkOaByZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDcwOGZweDMtYWlKU1FWbERYOWFRNW9ISmwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9lZWJkY2QtODk2Zi00Njc1LWEyNDYt
NWRjYmJkZTM1ZGNkLzEvcG94bUdEam1GaEV5a1lGdFVySzg2UVZOU0JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9lZWJkY2QtODk2Zi00Njc1LWEyNDYtNWRjYmJkZTM1ZGNk
LzEvTDcwOGZweDMtYWlKU1FWbERYOWFRNW9ISmwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCue/kAwQA
wjudAwQAwjuoAwQAwjuwAwQAwju1MA0GCSqGSIb3DQEBCwUAA4IBAQANvlkAHuvi
I3LZ17AI1EVC/UmzSNhewRnD5R/Gr3koWfxHCKHI+yxzDUxZ8lxaqy5flJQGOdT2
ait+ypllwPgPU3T3DwNXFvPd2iyeMqbCwR82kXWAuXrI7itr7HsrKyi/lwWeyAnK
Kmz/IQYB3i5CRPgju6DVRVskgouU1TOLvdhGjlTEIru4WGJ3zPnWWTZ0HnCugm5t
rNuILdMSomN+dCabHIF1DClMZmEnFa1cB5WWokTuYAxfDZc1Hl8ED4FgM+/YfsPM
uTeNfBHHJJcI88fRAV8NY+STE0EBG/4Asj+lcVd8d7QpUB3x9KiCZXcSbwn7NDHk
7/tS+hgMQEPZ
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:21:02 2025 by rpki-client