Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/bcbd03-d231-4d33-b3c5-98fa827186a9/1/1-OxGWMnguhulz6f31kCb1mmRHrM.roa
File: 1-OxGWMnguhulz6f31kCb1mmRHrM.roa (raw, json)
Hash identifier: SvBOg3Xrt3LXP7jg7xDbyxKXVwwahdO0dORGRkeHvnw=
Subject key identifier: F8:EC:46:58:C9:E0:BA:1B:A5:CF:A7:F7:D6:40:9B:D6:69:91:1E:B3
Certificate issuer: /CN=162d78249b721b4d2ce8cf6dfcfbc4422213ac9d
Certificate serial: 0194252225E834C86F9F1F256560E3CEB6F8
Authority key identifier: 16:2D:78:24:9B:72:1B:4D:2C:E8:CF:6D:FC:FB:C4:42:22:13:AC:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fi14JJtyG00s6M9t_PvEQiITrJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/bcbd03-d231-4d33-b3c5-98fa827186a9/1/1-OxGWMnguhulz6f31kCb1mmRHrM.roa
Signing time: Thu 02 Jan 2025 03:49:42 +0000
ROA not before: Thu 02 Jan 2025 03:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203944
IP address blocks: 185.118.216.0/22 maxlen: 22
185.118.216.0/23 maxlen: 23
185.118.218.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/bcbd03-d231-4d33-b3c5-98fa827186a9/1/Fi14JJtyG00s6M9t_PvEQiITrJ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/bcbd03-d231-4d33-b3c5-98fa827186a9/1/Fi14JJtyG00s6M9t_PvEQiITrJ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Fi14JJtyG00s6M9t_PvEQiITrJ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 15:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:25:e8:34:c8:6f:9f:1f:25:65:60:e3:ce:b6:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=162d78249b721b4d2ce8cf6dfcfbc4422213ac9d
Validity
Not Before: Jan 2 03:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8ec4658c9e0ba1ba5cfa7f7d6409bd669911eb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e8:f7:81:1e:30:5a:c5:94:4a:bd:c2:db:40:
17:0f:2b:47:c5:1e:4e:16:2e:1a:d3:46:c1:e6:d8:
47:fe:3a:b5:56:5b:a0:be:72:89:44:0c:a4:b7:7b:
ef:38:f6:e3:3e:ab:cf:fe:12:25:57:56:5d:94:a6:
74:da:1c:9f:42:bc:8b:01:9b:45:8f:f2:dc:14:6d:
8f:54:2a:77:f7:f0:cd:2d:99:47:87:3d:a7:42:9d:
2f:4d:dc:fc:d7:6b:a4:72:ff:d0:4d:e6:81:58:d8:
ab:75:06:ae:47:f5:5e:c1:4c:05:67:47:18:8d:1d:
07:89:c7:08:d6:b6:26:cc:9b:a0:88:40:64:2c:d9:
f9:cf:97:f6:e6:7a:5f:ac:67:c1:fd:71:43:d9:84:
5e:73:2a:e4:6b:79:cc:26:01:fc:8b:3f:a8:d6:63:
83:4d:b1:cf:44:46:27:d0:43:a6:f4:8f:4e:9e:f1:
40:17:f7:2c:3c:a9:00:f2:85:26:11:6b:ed:4d:42:
d7:2f:3a:0f:ec:3d:39:3b:ac:9a:5f:ab:03:89:1a:
97:58:c2:d8:2c:e5:b6:e6:3d:10:50:14:6f:88:13:
0f:56:3a:7d:a9:3c:7e:d2:e0:1f:37:8a:dc:52:93:
88:95:be:f0:d9:cf:0d:1b:fc:97:2c:0f:3b:34:8b:
de:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:EC:46:58:C9:E0:BA:1B:A5:CF:A7:F7:D6:40:9B:D6:69:91:1E:B3
X509v3 Authority Key Identifier:
keyid:16:2D:78:24:9B:72:1B:4D:2C:E8:CF:6D:FC:FB:C4:42:22:13:AC:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fi14JJtyG00s6M9t_PvEQiITrJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/bcbd03-d231-4d33-b3c5-98fa827186a9/1/1-OxGWMnguhulz6f31kCb1mmRHrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/bcbd03-d231-4d33-b3c5-98fa827186a9/1/Fi14JJtyG00s6M9t_PvEQiITrJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.216.0/22
Signature Algorithm: sha256WithRSAEncryption
43:0f:c6:c4:44:67:5c:0c:52:f4:a7:2b:46:ce:0c:6d:be:25:
b5:f7:de:b2:f3:ac:ad:4c:3c:5c:e9:cf:7a:c8:44:0d:8d:45:
99:b8:c0:21:ce:4f:2d:6c:d1:6d:85:eb:a1:9d:12:72:2e:be:
0c:d5:f8:41:8a:93:a2:f7:8b:40:e2:70:e7:8c:57:79:bd:a3:
0b:85:ef:fd:20:fd:e5:b5:c6:f1:c3:83:36:af:db:98:9f:b0:
86:63:f3:50:f4:86:01:86:40:f9:cd:23:5f:96:e0:1c:dd:01:
8e:3c:f1:ee:d7:14:c6:ae:18:18:a1:a7:16:c6:45:9a:21:a9:
d6:5b:aa:7d:48:8e:5d:7a:f6:50:d5:77:59:89:94:60:2b:35:
a9:63:4e:3e:fe:28:f4:42:ee:2e:03:fe:8e:52:88:90:49:f7:
83:64:99:c0:88:0e:5a:c4:08:73:a4:1a:e9:17:05:98:98:ff:
d8:1d:8d:11:78:72:b5:5b:0a:9c:8f:10:79:a8:eb:9b:18:ef:
0e:fa:c5:35:f1:ed:96:7b:5a:eb:85:8d:5a:bd:21:d7:87:4f:
53:e2:f0:80:ea:7f:ca:bf:8d:5a:ca:66:82:3c:99:c4:be:57:
0b:e6:8f:45:5c:58:42:2f:15:d7:34:03:50:08:4a:b4:61:17:
6a:6a:77:ea
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQlIiXoNMhvnx8lZWDjzrb4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MmQ3ODI0OWI3MjFiNGQyY2U4Y2Y2ZGZjZmJjNDQyMjIx
M2FjOWQwHhcNMjUwMTAyMDM0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGVjNDY1OGM5ZTBiYTFiYTVjZmE3ZjdkNjQwOWJkNjY5OTExZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOj3gR4wWsWUSr3C20AXDytHxR5O
Fi4a00bB5thH/jq1VlugvnKJRAykt3vvOPbjPqvP/hIlV1ZdlKZ02hyfQryLAZtF
j/LcFG2PVCp39/DNLZlHhz2nQp0vTdz812ukcv/QTeaBWNirdQauR/VewUwFZ0cY
jR0HiccI1rYmzJugiEBkLNn5z5f25npfrGfB/XFD2YRecyrka3nMJgH8iz+o1mOD
TbHPREYn0EOm9I9OnvFAF/csPKkA8oUmEWvtTULXLzoP7D05O6yaX6sDiRqXWMLY
LOW25j0QUBRviBMPVjp9qTx+0uAfN4rcUpOIlb7w2c8NG/yXLA87NIveEQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPjsRljJ4Lobpc+n99ZAm9ZpkR6zMB8GA1UdIwQY
MBaAFBYteCSbchtNLOjPbfz7xEIiE6ydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmkxNEpKdHlHMDBzNk05dF9QdkVRaUlUckowLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iY2JkMDMtZDIzMS00ZDMzLWIzYzUt
OThmYTgyNzE4NmE5LzEvMS1PeEdXTW5ndWh1bHo2ZjMxa0NiMW1tUkhyTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTEvYmNiZDAzLWQyMzEtNGQzMy1iM2M1LTk4ZmE4MjcxODZh
OS8xL0ZpMTRKSnR5RzAwczZNOXRfUHZFUWlJVHJKMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArl22DAN
BgkqhkiG9w0BAQsFAAOCAQEAQw/GxERnXAxS9KcrRs4Mbb4ltffesvOsrUw8XOnP
eshEDY1FmbjAIc5PLWzRbYXroZ0Sci6+DNX4QYqToveLQOJw54xXeb2jC4Xv/SD9
5bXG8cODNq/bmJ+whmPzUPSGAYZA+c0jX5bgHN0Bjjzx7tcUxq4YGKGnFsZFmiGp
1luqfUiOXXr2UNV3WYmUYCs1qWNOPv4o9ELuLgP+jlKIkEn3g2SZwIgOWsQIc6Qa
6RcFmJj/2B2NEXhytVsKnI8QeajrmxjvDvrFNfHtlnta64WNWr0h14dPU+LwgOp/
yr+NWspmgjyZxL5XC+aPRVxYQi8V1zQDUAhKtGEXamp36g==
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:23:05 2025 by rpki-client