Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/aTnDDG7156iJH1B7VtXl45Lxz4c.roa
File: aTnDDG7156iJH1B7VtXl45Lxz4c.roa (raw, json)
Hash identifier: uqmE7u3SyyyiP9Dvg82dGi927wLVOacs75i5/YZ4Qho=
Subject key identifier: 69:39:C3:0C:6E:F5:E7:A8:89:1F:50:7B:56:D5:E5:E3:92:F1:CF:87
Certificate issuer: /CN=437e030d44661a4c201eba03de452b04b8e7d9e5
Certificate serial: 019426D9E9B3056FB3F5F0436B04D6C2147A
Authority key identifier: 43:7E:03:0D:44:66:1A:4C:20:1E:BA:03:DE:45:2B:04:B8:E7:D9:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q34DDURmGkwgHroD3kUrBLjn2eU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/aTnDDG7156iJH1B7VtXl45Lxz4c.roa
Signing time: Thu 02 Jan 2025 11:50:02 +0000
ROA not before: Thu 02 Jan 2025 11:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202813
IP address blocks: 185.14.60.0/22 maxlen: 24
185.14.60.0/23 maxlen: 23
185.14.60.0/24 maxlen: 24
185.14.61.0/24 maxlen: 24
185.14.62.0/23 maxlen: 23
185.14.62.0/24 maxlen: 24
185.14.63.0/24 maxlen: 24
185.153.224.0/22 maxlen: 24
185.153.224.0/23 maxlen: 23
185.153.224.0/24 maxlen: 24
185.153.225.0/24 maxlen: 24
185.153.226.0/23 maxlen: 23
185.153.226.0/24 maxlen: 24
185.153.227.0/24 maxlen: 24
185.178.16.0/22 maxlen: 24
185.178.16.0/23 maxlen: 23
185.178.16.0/24 maxlen: 24
185.178.17.0/24 maxlen: 24
185.178.18.0/23 maxlen: 23
185.178.18.0/24 maxlen: 24
185.178.19.0/24 maxlen: 24
2a09:74c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/Q34DDURmGkwgHroD3kUrBLjn2eU.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/Q34DDURmGkwgHroD3kUrBLjn2eU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q34DDURmGkwgHroD3kUrBLjn2eU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:e9:b3:05:6f:b3:f5:f0:43:6b:04:d6:c2:14:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=437e030d44661a4c201eba03de452b04b8e7d9e5
Validity
Not Before: Jan 2 11:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6939c30c6ef5e7a8891f507b56d5e5e392f1cf87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:53:b1:a2:ed:50:21:ae:8b:ba:15:d8:3b:18:
24:54:82:2a:ed:e8:e2:2d:6a:f0:46:75:d0:38:23:
33:21:a5:1a:5b:6e:5a:4a:10:b4:1c:1e:97:c1:b4:
03:65:98:b8:5a:af:d8:86:45:b1:e3:7b:f2:a4:cc:
50:43:7c:56:98:01:37:d4:7d:25:e1:5b:62:37:14:
af:e0:4c:36:55:e3:f2:ed:2b:48:f0:ae:3b:ab:96:
49:3f:41:07:31:68:69:be:b5:c1:1f:05:5b:ae:28:
74:d0:68:a8:a5:c2:48:f8:f1:51:60:bd:4c:18:da:
7f:8e:d3:dc:78:30:46:d5:9d:a6:71:a6:d9:61:8f:
ca:ff:87:e9:32:d5:27:86:57:46:86:5f:b2:50:65:
0f:1c:2e:a5:03:d1:a2:ab:4e:cd:e7:2f:1d:4a:6e:
10:c7:9c:cc:07:f6:6c:cd:14:b2:19:92:fa:33:d1:
6b:9f:18:b9:f8:60:46:e2:a0:e9:1e:4b:28:d8:eb:
d5:cf:30:f1:e5:da:36:4e:c9:01:65:f2:f8:e8:c4:
db:09:54:8c:35:a4:67:61:be:bc:48:06:f1:e4:31:
d9:29:be:e8:20:e5:ea:a8:4b:03:9f:ab:c1:98:bd:
52:b0:9e:15:ec:e0:f3:f1:07:78:89:3b:fd:f7:65:
9f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:39:C3:0C:6E:F5:E7:A8:89:1F:50:7B:56:D5:E5:E3:92:F1:CF:87
X509v3 Authority Key Identifier:
keyid:43:7E:03:0D:44:66:1A:4C:20:1E:BA:03:DE:45:2B:04:B8:E7:D9:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q34DDURmGkwgHroD3kUrBLjn2eU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/aTnDDG7156iJH1B7VtXl45Lxz4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/Q34DDURmGkwgHroD3kUrBLjn2eU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.60.0/22
185.153.224.0/22
185.178.16.0/22
IPv6:
2a09:74c0::/29
Signature Algorithm: sha256WithRSAEncryption
a0:6f:31:d2:82:10:04:da:76:ad:f3:5b:28:48:03:75:23:4b:
ac:53:c7:fa:ca:8c:ea:04:b3:84:f2:d1:5f:c9:b3:54:aa:5d:
4f:9f:bd:4e:15:82:dd:c3:06:aa:b2:97:8a:82:4c:3a:43:ee:
94:da:f9:60:b8:66:bd:d8:f5:ff:31:a9:4d:52:8f:ca:5b:71:
ba:59:f9:b2:27:a0:0c:98:f5:99:3b:3d:fb:9d:2a:4d:4c:5f:
f7:ac:1d:97:58:c2:5e:04:e4:49:aa:b0:2e:e1:52:7a:a4:6a:
4f:48:1a:84:3c:70:32:d0:f0:65:6c:a8:27:73:ad:4f:bb:ca:
59:24:6f:9c:1b:b4:59:e4:d5:10:8b:86:c9:2d:6f:08:4f:a0:
02:5a:0c:d0:32:75:53:a2:f7:e3:27:7c:7e:f5:6f:b2:a3:57:
1c:0b:66:d3:96:91:26:be:40:77:e2:7d:87:c5:c2:0c:43:3a:
ca:f6:f9:06:42:03:37:6e:d7:0a:ae:29:c5:01:40:72:0e:cb:
47:ab:b7:d2:ee:31:b3:c7:4b:63:cb:d0:39:df:d8:56:5b:dc:
0c:cd:cc:d3:9d:4c:ac:02:95:a7:f9:69:ba:71:14:93:24:a2:
ac:74:62:5d:57:b6:79:95:80:d7:e0:be:d6:3d:53:5a:70:15:
4d:ad:90:3b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQm2emzBW+z9fBDawTWwhR6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzN2UwMzBkNDQ2NjFhNGMyMDFlYmEwM2RlNDUyYjA0Yjhl
N2Q5ZTUwHhcNMjUwMTAyMTE1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTM5YzMwYzZlZjVlN2E4ODkxZjUwN2I1NmQ1ZTVlMzkyZjFjZjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlOxou1QIa6LuhXYOxgkVIIq7eji
LWrwRnXQOCMzIaUaW25aShC0HB6XwbQDZZi4Wq/YhkWx43vypMxQQ3xWmAE31H0l
4VtiNxSv4Ew2VePy7StI8K47q5ZJP0EHMWhpvrXBHwVbrih00GiopcJI+PFRYL1M
GNp/jtPceDBG1Z2mcabZYY/K/4fpMtUnhldGhl+yUGUPHC6lA9Giq07N5y8dSm4Q
x5zMB/ZszRSyGZL6M9Frnxi5+GBG4qDpHkso2OvVzzDx5do2TskBZfL46MTbCVSM
NaRnYb68SAbx5DHZKb7oIOXqqEsDn6vBmL1SsJ4V7ODz8Qd4iTv992WfHwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGk5wwxu9eeoiR9Qe1bV5eOS8c+HMB8GA1UdIwQY
MBaAFEN+Aw1EZhpMIB66A95FKwS459nlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTM0RERVUm1Ha3dnSHJvRDNrVXJCTGpuMmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS80YmUyNTktYmU5Ni00MGZhLTg4MGUt
YmJkMjEwNmYzMzcwLzEvYVRuRERHNzE1NmlKSDFCN1Z0WGw0NUx4ejRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS80YmUyNTktYmU5Ni00MGZhLTg4MGUtYmJkMjEwNmYzMzcw
LzEvUTM0RERVUm1Ha3dnSHJvRDNrVXJCTGpuMmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuQ48AwQC
uZngAwQCubIQMA0EAgACMAcDBQMqCXTAMA0GCSqGSIb3DQEBCwUAA4IBAQCgbzHS
ghAE2nat81soSAN1I0usU8f6yozqBLOE8tFfybNUql1Pn71OFYLdwwaqspeKgkw6
Q+6U2vlguGa92PX/MalNUo/KW3G6WfmyJ6AMmPWZOz37nSpNTF/3rB2XWMJeBORJ
qrAu4VJ6pGpPSBqEPHAy0PBlbKgnc61Pu8pZJG+cG7RZ5NUQi4bJLW8IT6ACWgzQ
MnVTovfjJ3x+9W+yo1ccC2bTlpEmvkB34n2HxcIMQzrK9vkGQgM3btcKrinFAUBy
DstHq7fS7jGzx0tjy9A539hWW9wMzczTnUysApWn+Wm6cRSTJKKsdGJdV7Z5lYDX
4L7WPVNacBVNrZA7
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:24:45 2025 by rpki-client