Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/ejCuuXb3IPaAQbLGykjSnhsrUI0.roa
File: ejCuuXb3IPaAQbLGykjSnhsrUI0.roa (raw, json)
Hash identifier: 2O/6jwQ1UqJYAgAcDjt8a/MDPHZ138YPWORfwXR/3iQ=
Subject key identifier: 7A:30:AE:B9:76:F7:20:F6:80:41:B2:C6:CA:48:D2:9E:1B:2B:50:8D
Certificate issuer: /CN=df27b939934a2cc206ffba6bce9c90fdcba39c71
Certificate serial: 01942825E787E7E8831B32D712CDFEF3D16E
Authority key identifier: DF:27:B9:39:93:4A:2C:C2:06:FF:BA:6B:CE:9C:90:FD:CB:A3:9C:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ye5OZNKLMIG_7przpyQ_cujnHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/ejCuuXb3IPaAQbLGykjSnhsrUI0.roa
Signing time: Thu 02 Jan 2025 17:52:40 +0000
ROA not before: Thu 02 Jan 2025 17:52:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202391
IP address blocks: 185.75.204.0/24 maxlen: 24
185.75.205.0/24 maxlen: 24
185.75.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/3ye5OZNKLMIG_7przpyQ_cujnHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/3ye5OZNKLMIG_7przpyQ_cujnHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ye5OZNKLMIG_7przpyQ_cujnHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:e7:87:e7:e8:83:1b:32:d7:12:cd:fe:f3:d1:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df27b939934a2cc206ffba6bce9c90fdcba39c71
Validity
Not Before: Jan 2 17:52:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a30aeb976f720f68041b2c6ca48d29e1b2b508d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a6:b2:df:3d:ae:89:0d:6f:00:57:09:55:1e:
c5:35:99:ad:a8:e3:20:f8:8e:22:b9:8f:84:35:3d:
fe:57:4f:22:6c:5e:0e:42:7e:55:99:c4:9a:7c:71:
86:f8:af:18:0c:ef:9e:71:c2:85:b2:05:74:ae:10:
31:40:aa:c2:ac:3c:85:20:0f:fe:b5:a7:6a:a7:7f:
14:76:2e:db:43:44:e3:ee:c7:d9:22:c3:b9:fc:ea:
0f:29:6e:0f:0d:35:d1:9f:0d:51:78:7b:19:28:61:
b2:8f:fb:9a:74:8d:92:e1:1a:2a:3a:35:7f:4a:18:
88:38:ad:6a:6f:78:87:eb:3a:39:0d:e8:2b:b5:f9:
9c:f9:48:bf:b4:e1:98:e9:49:71:fb:97:e2:84:41:
df:5c:7f:3e:d9:56:17:a1:cf:fe:5d:7a:b7:52:d9:
ed:13:f7:38:a5:76:a3:14:77:76:f8:ef:8f:87:9d:
ba:58:15:c5:6f:7a:b4:e4:70:a7:7e:0e:bd:8e:9e:
9a:9b:b4:27:5e:bf:d0:ea:1c:6e:3a:c3:6b:76:3b:
c0:56:c1:06:f3:d7:08:36:0f:0a:58:93:5f:28:aa:
31:dc:fc:0f:61:e0:3f:be:fc:97:8b:03:0c:0a:b3:
a8:97:19:43:7e:47:eb:8d:f5:9b:1a:7c:ed:98:cf:
99:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:30:AE:B9:76:F7:20:F6:80:41:B2:C6:CA:48:D2:9E:1B:2B:50:8D
X509v3 Authority Key Identifier:
keyid:DF:27:B9:39:93:4A:2C:C2:06:FF:BA:6B:CE:9C:90:FD:CB:A3:9C:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ye5OZNKLMIG_7przpyQ_cujnHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/ejCuuXb3IPaAQbLGykjSnhsrUI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/3ye5OZNKLMIG_7przpyQ_cujnHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.204.0-185.75.206.255
Signature Algorithm: sha256WithRSAEncryption
6f:4e:5a:3f:97:9b:c5:f5:5f:b1:02:6f:57:db:18:ad:65:ad:
34:94:4a:11:f7:b0:0e:6e:ca:13:8d:08:03:8f:f9:6b:eb:7f:
27:36:e1:c4:00:ce:cc:4e:ed:8c:89:32:87:4f:eb:05:22:75:
50:35:7b:6e:4a:8f:3b:fb:99:45:10:30:f7:46:f2:1d:58:1b:
6b:46:16:62:8d:8c:2c:bf:3c:33:cb:f3:eb:62:72:3c:b3:38:
77:2a:37:d6:46:c7:05:9c:fa:87:fd:e7:ed:ac:a2:54:b1:28:
90:8c:e0:c6:ba:db:88:61:ae:5b:7c:9f:0e:ab:1e:a3:68:52:
29:56:b2:b8:08:4e:43:de:d9:18:f3:5b:c1:09:fe:62:ca:c4:
e5:74:65:42:aa:b5:31:e6:18:4e:91:76:10:3f:b0:13:59:8e:
98:6b:8e:6c:8b:53:a2:b2:73:b5:db:2a:f5:79:99:ea:48:46:
c7:98:a8:33:c6:5b:2e:f9:a8:43:b6:e9:63:79:79:9b:f3:16:
b0:fa:a6:c3:69:ad:16:5d:7c:6a:c3:b6:f0:69:de:40:dd:c7:
fe:67:c7:a1:75:b5:a0:d9:4a:f0:f1:ec:00:ce:ea:f1:9e:0b:
09:ca:fb:58:7d:5b:78:15:f2:60:ae:28:bb:8b:e8:dd:99:4d:
19:c5:09:2e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQoJeeH5+iDGzLXEs3+89FuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMjdiOTM5OTM0YTJjYzIwNmZmYmE2YmNlOWM5MGZkY2Jh
MzljNzEwHhcNMjUwMTAyMTc1MjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTMwYWViOTc2ZjcyMGY2ODA0MWIyYzZjYTQ4ZDI5ZTFiMmI1MDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaay3z2uiQ1vAFcJVR7FNZmtqOMg
+I4iuY+ENT3+V08ibF4OQn5VmcSafHGG+K8YDO+eccKFsgV0rhAxQKrCrDyFIA/+
tadqp38Udi7bQ0Tj7sfZIsO5/OoPKW4PDTXRnw1ReHsZKGGyj/uadI2S4RoqOjV/
ShiIOK1qb3iH6zo5Degrtfmc+Ui/tOGY6Ulx+5fihEHfXH8+2VYXoc/+XXq3Utnt
E/c4pXajFHd2+O+Ph526WBXFb3q05HCnfg69jp6am7QnXr/Q6hxuOsNrdjvAVsEG
89cINg8KWJNfKKox3PwPYeA/vvyXiwMMCrOolxlDfkfrjfWbGnztmM+ZlwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHowrrl29yD2gEGyxspI0p4bK1CNMB8GA1UdIwQY
MBaAFN8nuTmTSizCBv+6a86ckP3Lo5xxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3llNU9aTktMTUlHXzdwcnpweVFfY3VqbkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi85NjYyNjEtODNiNS00ZWFkLWE0Njgt
NmVkNTRkM2ZlNGY0LzEvZWpDdXVYYjNJUGFBUWJMR3lralNuaHNyVUkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi85NjYyNjEtODNiNS00ZWFkLWE0NjgtNmVkNTRkM2ZlNGY0
LzEvM3llNU9aTktMTUlHXzdwcnpweVFfY3VqbkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5S8wD
BAC5S84wDQYJKoZIhvcNAQELBQADggEBAG9OWj+Xm8X1X7ECb1fbGK1lrTSUShH3
sA5uyhONCAOP+Wvrfyc24cQAzsxO7YyJModP6wUidVA1e25Kjzv7mUUQMPdG8h1Y
G2tGFmKNjCy/PDPL8+ticjyzOHcqN9ZGxwWc+of95+2solSxKJCM4Ma624hhrlt8
nw6rHqNoUilWsrgITkPe2RjzW8EJ/mLKxOV0ZUKqtTHmGE6RdhA/sBNZjphrjmyL
U6Kyc7XbKvV5mepIRseYqDPGWy75qEO26WN5eZvzFrD6psNprRZdfGrDtvBp3kDd
x/5nx6F1taDZSvDx7ADO6vGeCwnK+1h9W3gV8mCuKLuL6N2ZTRnFCS4=
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:09:46 2025 by rpki-client