Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/m885sdRVL7vvTw9o72IDISfg7CA.roa
File: m885sdRVL7vvTw9o72IDISfg7CA.roa (raw, json)
Hash identifier: G7PZpicKtRlgQZhGAEn8Nx8P/JZomwfCGr+1m/KgFYQ=
Subject key identifier: 9B:CF:39:B1:D4:55:2F:BB:EF:4F:0F:68:EF:62:03:21:27:E0:EC:20
Certificate issuer: /CN=d0b849b9bc9042a1557331937e4ad71518af61cf
Certificate serial: 01943B7916CCA10F1C9CC5D0E6FF36D5EA7D
Authority key identifier: D0:B8:49:B9:BC:90:42:A1:55:73:31:93:7E:4A:D7:15:18:AF:61:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/m885sdRVL7vvTw9o72IDISfg7CA.roa
Signing time: Mon 06 Jan 2025 11:56:18 +0000
ROA not before: Mon 06 Jan 2025 11:56:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49645
IP address blocks: 5.183.168.0/24 maxlen: 24
5.183.171.0/24 maxlen: 24
91.213.76.0/24 maxlen: 24
185.234.128.0/22 maxlen: 22
185.234.128.0/24 maxlen: 24
185.234.129.0/24 maxlen: 24
185.234.130.0/24 maxlen: 24
194.36.140.0/24 maxlen: 24
194.36.141.0/24 maxlen: 24
2a0d:c9c0:1::/48 maxlen: 48
2a0d:c9c0:2::/48 maxlen: 48
2a0d:c9c0:3::/48 maxlen: 48
2a0d:c9c0:4::/48 maxlen: 48
2a0d:c9c0:5::/48 maxlen: 48
2a0d:c9c0:6::/48 maxlen: 48
2a0d:c9c0:7::/48 maxlen: 48
2a0d:c9c0:8::/48 maxlen: 48
2a0d:c9c0:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/0LhJubyQQqFVczGTfkrXFRivYc8.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/0LhJubyQQqFVczGTfkrXFRivYc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 08:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3b:79:16:cc:a1:0f:1c:9c:c5:d0:e6:ff:36:d5:ea:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0b849b9bc9042a1557331937e4ad71518af61cf
Validity
Not Before: Jan 6 11:56:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9bcf39b1d4552fbbef4f0f68ef62032127e0ec20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5c:88:63:12:8a:70:de:e9:a9:79:13:08:b2:
dd:f6:55:da:61:6b:61:cf:88:9f:b0:a8:97:d6:3d:
ba:e9:00:62:c8:cf:91:14:6e:ef:77:2c:1b:98:bb:
10:75:85:e2:ca:0e:3c:c6:58:3e:3f:70:1d:8c:67:
25:82:53:5d:79:3e:11:e9:76:34:0b:58:c8:49:1f:
e3:0c:f4:5f:5a:b0:23:63:8c:85:0c:b7:39:35:b2:
63:d6:5a:aa:d9:1f:b5:3b:4e:ba:b7:4c:d1:80:0d:
2c:3d:c0:06:e4:ff:c9:e2:79:f2:33:de:5e:9d:01:
3f:8b:18:a8:4d:92:b6:ef:48:b1:e8:7e:f5:80:59:
30:6a:41:71:12:16:16:18:64:be:a6:dd:4b:2a:b9:
4b:ce:32:68:b9:7b:4d:f1:64:35:ae:90:0a:54:79:
eb:1a:ac:78:5b:28:7f:ff:96:8d:bd:36:2c:5e:2b:
ab:8e:7d:0b:c4:e4:fb:c0:7f:29:f7:a6:3d:da:22:
0a:4b:f9:92:9f:59:19:1d:27:3f:ee:af:48:ae:08:
0b:a7:b9:b0:60:00:bd:4c:20:61:42:0b:d7:71:07:
c3:a9:03:28:ae:a0:93:c9:77:65:97:e7:26:4f:0f:
c6:2d:6a:39:14:67:0c:03:9d:b2:a7:a9:a6:45:94:
9a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:CF:39:B1:D4:55:2F:BB:EF:4F:0F:68:EF:62:03:21:27:E0:EC:20
X509v3 Authority Key Identifier:
keyid:D0:B8:49:B9:BC:90:42:A1:55:73:31:93:7E:4A:D7:15:18:AF:61:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/m885sdRVL7vvTw9o72IDISfg7CA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/0LhJubyQQqFVczGTfkrXFRivYc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.168.0/24
5.183.171.0/24
91.213.76.0/24
185.234.128.0/22
194.36.140.0/23
IPv6:
2a0d:c9c0:1::-2a0d:c9c0:9:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
62:be:0c:56:a7:bb:1a:87:cb:cf:d3:e1:e5:f6:c9:2b:6b:87:
12:7a:60:db:d2:34:69:4d:f5:30:d3:47:cc:bf:ac:5a:d3:20:
35:cb:2d:7b:31:17:1d:d6:a7:ad:90:b0:2c:25:71:55:d5:c1:
cc:05:f3:02:f5:12:46:42:58:2c:f7:41:64:81:05:4b:42:f1:
81:e0:80:d3:a0:fd:bc:ce:d3:04:84:2a:94:4d:49:39:83:98:
97:47:bf:39:37:9a:d7:b7:63:85:55:db:d2:d2:7a:fa:ec:77:
c1:0f:4a:f5:93:2d:d8:15:5d:da:41:c7:fb:a6:ab:f5:db:9f:
23:41:d9:dd:d1:d1:36:43:58:65:1c:7a:b7:2c:fd:ae:5c:2c:
51:3a:36:1d:be:7a:c8:46:11:a5:bd:f9:80:b9:a1:6c:ee:c1:
55:00:9f:2a:e4:52:59:97:69:e7:1d:81:ac:8b:b6:ef:47:cd:
2e:3a:0e:63:bb:2e:0d:70:e8:e9:eb:96:f5:9c:bc:02:55:57:
a3:6c:d5:92:89:67:fd:16:ed:80:18:b5:28:08:ad:59:18:9c:
02:10:5a:f9:79:9a:74:b9:b3:26:41:86:62:4c:6b:e6:fa:44:
33:b2:c9:9f:26:0d:dd:3c:b3:7d:62:64:c9:84:f8:4b:22:a1:
97:cb:3d:74
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQ7eRbMoQ8cnMXQ5v821ep9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYjg0OWI5YmM5MDQyYTE1NTczMzE5MzdlNGFkNzE1MThh
ZjYxY2YwHhcNMjUwMTA2MTE1NjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmNmMzliMWQ0NTUyZmJiZWY0ZjBmNjhlZjYyMDMyMTI3ZTBlYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFyIYxKKcN7pqXkTCLLd9lXaYWth
z4ifsKiX1j266QBiyM+RFG7vdywbmLsQdYXiyg48xlg+P3AdjGclglNdeT4R6XY0
C1jISR/jDPRfWrAjY4yFDLc5NbJj1lqq2R+1O066t0zRgA0sPcAG5P/J4nnyM95e
nQE/ixioTZK270ix6H71gFkwakFxEhYWGGS+pt1LKrlLzjJouXtN8WQ1rpAKVHnr
Gqx4Wyh//5aNvTYsXiurjn0LxOT7wH8p96Y92iIKS/mSn1kZHSc/7q9IrggLp7mw
YAC9TCBhQgvXcQfDqQMorqCTyXdll+cmTw/GLWo5FGcMA52yp6mmRZSahQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFJvPObHUVS+7708PaO9iAyEn4OwgMB8GA1UdIwQY
MBaAFNC4Sbm8kEKhVXMxk35K1xUYr2HPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMExoSnVieVFRcUZWY3pHVGZrclhGUml2WWM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hM2ZiNjctZDUxNC00YWVlLWFkYjkt
NzJiYWQ5ZDczYzgwLzEvbTg4NXNkUlZMN3Z2VHc5bzcySURJU2ZnN0NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hM2ZiNjctZDUxNC00YWVlLWFkYjktNzJiYWQ5ZDczYzgw
LzEvMExoSnVieVFRcUZWY3pHVGZrclhGUml2WWM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAkBAIAATAeAwQABbeoAwQA
BberAwQAW9VMAwQCueqAAwQBwiSMMBoEAgACMBQwEgMHACoNycAAAQMHASoNycAA
CDANBgkqhkiG9w0BAQsFAAOCAQEAYr4MVqe7GofLz9Ph5fbJK2uHEnpg29I0aU31
MNNHzL+sWtMgNcstezEXHdanrZCwLCVxVdXBzAXzAvUSRkJYLPdBZIEFS0LxgeCA
06D9vM7TBIQqlE1JOYOYl0e/OTea17djhVXb0tJ6+ux3wQ9K9ZMt2BVd2kHH+6ar
9dufI0HZ3dHRNkNYZRx6tyz9rlwsUTo2Hb56yEYRpb35gLmhbO7BVQCfKuRSWZdp
5x2BrIu270fNLjoOY7suDXDo6euW9Zy8AlVXo2zVkoln/RbtgBi1KAitWRicAhBa
+XmadLmzJkGGYkxr5vpEM7LJnyYN3TyzfWJkyYT4SyKhl8s9dA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:03:47 2025 by rpki-client