Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/045a38-e0ba-487f-b461-7266afc98dba/1/36Bb65z44MAsVTDbQRVeDeDmufQ.roa
File: 36Bb65z44MAsVTDbQRVeDeDmufQ.roa (raw, json)
Hash identifier: uPSc0dWD/LjqPKmpNOCLQpNBH6/TFH+CbImLmGpMPVg=
Subject key identifier: DF:A0:5B:EB:9C:F8:E0:C0:2C:55:30:DB:41:15:5E:0D:E0:E6:B9:F4
Certificate issuer: /CN=eddd61bacf654e665d912a76de8f63b5004c7e48
Certificate serial: 019428283ADE94C886E829A61F7E648EDDD3
Authority key identifier: ED:DD:61:BA:CF:65:4E:66:5D:91:2A:76:DE:8F:63:B5:00:4C:7E:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7d1hus9lTmZdkSp23o9jtQBMfkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/045a38-e0ba-487f-b461-7266afc98dba/1/36Bb65z44MAsVTDbQRVeDeDmufQ.roa
Signing time: Thu 02 Jan 2025 17:55:12 +0000
ROA not before: Thu 02 Jan 2025 17:55:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202536
IP address blocks: 185.92.0.0/24 maxlen: 24
185.92.1.0/24 maxlen: 24
185.92.2.0/24 maxlen: 24
185.92.3.0/24 maxlen: 24
2a05:ef00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/045a38-e0ba-487f-b461-7266afc98dba/1/7d1hus9lTmZdkSp23o9jtQBMfkg.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/045a38-e0ba-487f-b461-7266afc98dba/1/7d1hus9lTmZdkSp23o9jtQBMfkg.mft
rsync://rpki.ripe.net/repository/DEFAULT/7d1hus9lTmZdkSp23o9jtQBMfkg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:28:3a:de:94:c8:86:e8:29:a6:1f:7e:64:8e:dd:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eddd61bacf654e665d912a76de8f63b5004c7e48
Validity
Not Before: Jan 2 17:55:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfa05beb9cf8e0c02c5530db41155e0de0e6b9f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:5b:f6:f4:ef:eb:33:f9:75:c9:c9:8f:0b:e3:
7a:78:13:e0:b4:24:3c:16:da:53:d8:db:b5:4e:7d:
df:bb:e2:a2:28:45:b3:a7:27:e3:1f:16:3e:2f:9d:
f3:2e:3b:fa:84:af:e1:c6:29:f6:d3:1b:cf:0b:09:
4b:ed:48:5c:65:a3:ba:73:bc:20:08:85:0b:2e:66:
a9:64:71:fb:aa:ab:66:df:43:2a:23:2d:f3:0b:2d:
42:31:98:04:67:56:bc:9a:06:58:3c:9a:5d:dc:21:
8a:16:1f:4c:b2:bb:a0:b2:29:b1:58:d0:31:66:f2:
11:2f:b6:2c:e4:70:1c:10:ca:4a:4b:94:5e:15:23:
ac:d1:07:18:dc:42:e1:bb:ef:b0:11:2a:1d:bb:d4:
22:ca:15:08:61:2f:fc:80:b6:89:0d:1b:db:24:91:
e6:bf:69:90:d6:52:55:11:d5:3a:47:66:33:80:ee:
19:ff:e4:0d:83:6e:12:52:10:ba:cf:56:bb:90:f6:
2e:07:dc:fe:52:73:e8:01:e6:a6:c8:3c:d2:6c:a5:
2c:cb:4f:09:d4:65:a7:93:44:be:24:56:89:41:e5:
dd:a3:21:f8:75:7a:1a:e7:a6:48:84:9e:d6:09:c0:
44:7a:8c:32:12:91:4b:01:39:cd:72:ed:67:45:46:
f1:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:A0:5B:EB:9C:F8:E0:C0:2C:55:30:DB:41:15:5E:0D:E0:E6:B9:F4
X509v3 Authority Key Identifier:
keyid:ED:DD:61:BA:CF:65:4E:66:5D:91:2A:76:DE:8F:63:B5:00:4C:7E:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d1hus9lTmZdkSp23o9jtQBMfkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/045a38-e0ba-487f-b461-7266afc98dba/1/36Bb65z44MAsVTDbQRVeDeDmufQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/045a38-e0ba-487f-b461-7266afc98dba/1/7d1hus9lTmZdkSp23o9jtQBMfkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.92.0.0/22
IPv6:
2a05:ef00::/29
Signature Algorithm: sha256WithRSAEncryption
5d:34:d7:8a:cb:45:cf:7a:39:24:cd:af:00:23:da:d0:0e:00:
10:de:d1:9a:40:70:17:ab:55:ef:0d:b1:47:12:38:1d:ec:9c:
73:b1:0b:69:2c:65:07:fe:96:dd:f5:a0:f5:bd:2d:85:25:ae:
eb:f1:f7:8d:7c:4f:61:e4:36:18:8d:d2:e4:07:18:27:19:de:
1a:cf:73:4a:7a:89:63:82:45:75:1b:75:88:4c:b2:48:d5:be:
43:66:56:61:3a:73:69:f2:bd:a1:19:35:4c:36:a1:a3:c3:20:
79:88:a3:d6:31:39:77:5b:87:c5:cc:4f:e1:e4:0f:f7:94:52:
ea:f0:92:1b:9c:40:47:8c:67:16:c3:65:a4:6f:b1:86:f0:d8:
b2:c3:13:58:a1:e9:74:98:50:1b:98:a3:77:02:b1:7e:ac:43:
a3:c9:6a:a0:76:25:e9:71:e6:14:44:20:76:ea:e9:46:2a:9c:
e4:17:3f:da:0f:e5:16:ae:2d:e7:ac:61:29:a4:7e:31:cb:f7:
c8:f0:ec:25:27:55:18:4a:04:d2:4d:9a:62:cd:e9:da:be:91:
79:fe:40:34:b0:f3:4a:3f:ba:3d:4a:43:62:f3:aa:da:8c:42:
10:c8:f6:18:28:0d:72:4a:85:bd:50:ae:bf:bd:91:de:ae:b7:
11:fb:18:66
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoKDrelMiG6CmmH35kjt3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkZGQ2MWJhY2Y2NTRlNjY1ZDkxMmE3NmRlOGY2M2I1MDA0
YzdlNDgwHhcNMjUwMTAyMTc1NTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmEwNWJlYjljZjhlMGMwMmM1NTMwZGI0MTE1NWUwZGUwZTZiOWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Vv29O/rM/l1ycmPC+N6eBPgtCQ8
FtpT2Nu1Tn3fu+KiKEWzpyfjHxY+L53zLjv6hK/hxin20xvPCwlL7UhcZaO6c7wg
CIULLmapZHH7qqtm30MqIy3zCy1CMZgEZ1a8mgZYPJpd3CGKFh9MsrugsimxWNAx
ZvIRL7Ys5HAcEMpKS5ReFSOs0QcY3ELhu++wESodu9QiyhUIYS/8gLaJDRvbJJHm
v2mQ1lJVEdU6R2YzgO4Z/+QNg24SUhC6z1a7kPYuB9z+UnPoAeamyDzSbKUsy08J
1GWnk0S+JFaJQeXdoyH4dXoa56ZIhJ7WCcBEeowyEpFLATnNcu1nRUbxWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN+gW+uc+ODALFUw20EVXg3g5rn0MB8GA1UdIwQY
MBaAFO3dYbrPZU5mXZEqdt6PY7UATH5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2QxaHVzOWxUbVpka1NwMjNvOWp0UUJNZmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wNDVhMzgtZTBiYS00ODdmLWI0NjEt
NzI2NmFmYzk4ZGJhLzEvMzZCYjY1ejQ0TUFzVlREYlFSVmVEZURtdWZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wNDVhMzgtZTBiYS00ODdmLWI0NjEtNzI2NmFmYzk4ZGJh
LzEvN2QxaHVzOWxUbVpka1NwMjNvOWp0UUJNZmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVwAMA0E
AgACMAcDBQMqBe8AMA0GCSqGSIb3DQEBCwUAA4IBAQBdNNeKy0XPejkkza8AI9rQ
DgAQ3tGaQHAXq1XvDbFHEjgd7JxzsQtpLGUH/pbd9aD1vS2FJa7r8feNfE9h5DYY
jdLkBxgnGd4az3NKeoljgkV1G3WITLJI1b5DZlZhOnNp8r2hGTVMNqGjwyB5iKPW
MTl3W4fFzE/h5A/3lFLq8JIbnEBHjGcWw2Wkb7GG8NiywxNYoel0mFAbmKN3ArF+
rEOjyWqgdiXpceYURCB26ulGKpzkFz/aD+UWri3nrGEppH4xy/fI8OwlJ1UYSgTS
TZpizenavpF5/kA0sPNKP7o9SkNi86rajEIQyPYYKA1ySoW9UK6/vZHerrcR+xhm
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:31:58 2025 by rpki-client