Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/1K5S67uusJJll8Ab0hq1pL5liKA.roa
File: 1K5S67uusJJll8Ab0hq1pL5liKA.roa (raw, json)
Hash identifier: StmRzvzcRi3NdAfCMsQ2aiXFRAlDcm1+BCF0RfR6JW8=
Subject key identifier: D4:AE:52:EB:BB:AE:B0:92:65:97:C0:1B:D2:1A:B5:A4:BE:65:88:A0
Certificate issuer: /CN=dbaef5c32bea4b54d17e241b5cccaf07bc0a8ee9
Certificate serial: 0194228D1BEC83EC68E4BAC3E8B005B8B813
Authority key identifier: DB:AE:F5:C3:2B:EA:4B:54:D1:7E:24:1B:5C:CC:AF:07:BC:0A:8E:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2671wyvqS1TRfiQbXMyvB7wKjuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/1K5S67uusJJll8Ab0hq1pL5liKA.roa
Signing time: Wed 01 Jan 2025 15:47:40 +0000
ROA not before: Wed 01 Jan 2025 15:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203827
IP address blocks: 185.255.220.0/24 maxlen: 24
185.255.221.0/24 maxlen: 24
185.255.222.0/24 maxlen: 24
185.255.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/2671wyvqS1TRfiQbXMyvB7wKjuk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/2671wyvqS1TRfiQbXMyvB7wKjuk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2671wyvqS1TRfiQbXMyvB7wKjuk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 12:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:1b:ec:83:ec:68:e4:ba:c3:e8:b0:05:b8:b8:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbaef5c32bea4b54d17e241b5cccaf07bc0a8ee9
Validity
Not Before: Jan 1 15:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4ae52ebbbaeb0926597c01bd21ab5a4be6588a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e7:7c:17:b2:0e:7e:f6:a1:fa:24:26:0b:70:
46:2b:42:1e:76:9e:17:21:36:a9:bb:c8:ea:d6:37:
ac:fb:18:a3:83:ed:40:23:2e:3c:cc:52:d4:aa:fc:
5f:5f:71:d4:fb:a9:30:46:de:aa:2b:be:63:52:33:
74:4d:fb:87:28:77:d5:d5:99:2c:e7:f3:a7:ae:aa:
2d:44:e6:d4:36:5b:3a:c1:b7:22:d1:bb:35:35:aa:
2f:20:6c:ff:b5:c1:32:e9:17:26:df:b2:0f:5f:91:
8c:6d:39:7d:52:a2:30:fe:98:38:40:d1:94:32:d4:
7d:22:b9:75:fc:e9:42:a6:8d:38:d6:6a:29:fd:ce:
fb:cc:dd:c6:86:d1:8b:7e:6e:94:df:a8:82:21:57:
04:6c:ce:3c:05:e3:ff:9b:3d:b5:a6:0b:18:30:c9:
76:8f:85:b1:f2:55:62:0a:88:e9:d9:45:b2:cb:e4:
76:b2:4a:2a:4f:56:19:ad:f0:b5:2e:76:33:d2:83:
2f:5b:98:d0:fa:71:08:89:e5:81:e3:72:2b:17:34:
97:51:26:f3:c3:78:71:a2:91:84:d5:e0:9b:d7:06:
31:4f:79:35:47:a8:10:cf:9d:fa:47:06:30:1f:9a:
06:c4:df:25:89:7c:20:f5:dd:15:17:36:ba:8a:01:
a5:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:AE:52:EB:BB:AE:B0:92:65:97:C0:1B:D2:1A:B5:A4:BE:65:88:A0
X509v3 Authority Key Identifier:
keyid:DB:AE:F5:C3:2B:EA:4B:54:D1:7E:24:1B:5C:CC:AF:07:BC:0A:8E:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2671wyvqS1TRfiQbXMyvB7wKjuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/1K5S67uusJJll8Ab0hq1pL5liKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/2671wyvqS1TRfiQbXMyvB7wKjuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.220.0/22
Signature Algorithm: sha256WithRSAEncryption
66:e9:4c:da:2c:53:f4:7e:24:c1:8a:f6:99:11:3c:70:55:d9:
0e:ad:fe:f3:cd:c8:30:a7:ab:18:2e:fa:fc:a6:78:27:82:59:
0d:0b:8c:98:18:ee:25:41:33:13:df:11:80:06:2c:12:e6:90:
33:a0:51:38:b7:3a:b2:6c:9f:d8:70:1b:30:a9:3d:d5:0f:36:
66:a5:aa:4a:53:56:30:cd:92:51:2f:85:89:72:b3:b2:28:24:
0d:78:00:02:33:57:b9:09:96:78:de:44:d9:fe:e9:3a:13:79:
ef:8d:cb:53:13:ae:fb:69:8e:5a:a2:67:d2:2f:14:d2:a7:a5:
39:c8:e7:73:40:45:81:fd:d1:40:00:2e:a0:3c:7c:d9:05:cd:
13:3a:c2:a5:76:ac:e5:07:b2:bc:8a:6b:19:15:f6:2f:0d:cd:
58:5e:67:7e:21:00:93:e1:d2:1f:ae:64:a1:02:6e:40:5a:73:
f2:cb:15:ff:d7:87:df:b1:1e:b4:7a:ae:f1:56:41:b1:7d:8e:
97:d8:3e:82:a8:94:1c:65:42:2b:cf:60:0c:5f:c3:53:c8:8b:
c8:f7:eb:c6:2a:95:0a:c0:34:bc:49:cb:64:72:96:f1:cf:26:
45:2b:a3:0c:e7:31:30:13:67:9f:7f:e5:18:65:ca:aa:42:a5:
b3:c0:bb:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijRvsg+xo5LrD6LAFuLgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYWVmNWMzMmJlYTRiNTRkMTdlMjQxYjVjY2NhZjA3YmMw
YThlZTkwHhcNMjUwMTAxMTU0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGFlNTJlYmJiYWViMDkyNjU5N2MwMWJkMjFhYjVhNGJlNjU4OGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOd8F7IOfvah+iQmC3BGK0Iedp4X
ITapu8jq1jes+xijg+1AIy48zFLUqvxfX3HU+6kwRt6qK75jUjN0TfuHKHfV1Zks
5/OnrqotRObUNls6wbci0bs1NaovIGz/tcEy6Rcm37IPX5GMbTl9UqIw/pg4QNGU
MtR9Irl1/OlCpo041mop/c77zN3GhtGLfm6U36iCIVcEbM48BeP/mz21pgsYMMl2
j4Wx8lViCojp2UWyy+R2skoqT1YZrfC1LnYz0oMvW5jQ+nEIieWB43IrFzSXUSbz
w3hxopGE1eCb1wYxT3k1R6gQz536RwYwH5oGxN8liXwg9d0VFza6igGlUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNSuUuu7rrCSZZfAG9IataS+ZYigMB8GA1UdIwQY
MBaAFNuu9cMr6ktU0X4kG1zMrwe8Co7pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjY3MXd5dnFTMVRSZmlRYlhNeXZCN3dLanVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9kZWU2NmYtNDVjYy00Y2I0LTlmYmIt
NjQyY2U2NzRmOTc0LzEvMUs1UzY3dXVzSkpsbDhBYjBocTFwTDVsaUtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9kZWU2NmYtNDVjYy00Y2I0LTlmYmItNjQyY2U2NzRmOTc0
LzEvMjY3MXd5dnFTMVRSZmlRYlhNeXZCN3dLanVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuf/cMA0G
CSqGSIb3DQEBCwUAA4IBAQBm6UzaLFP0fiTBivaZETxwVdkOrf7zzcgwp6sYLvr8
pngnglkNC4yYGO4lQTMT3xGABiwS5pAzoFE4tzqybJ/YcBswqT3VDzZmpapKU1Yw
zZJRL4WJcrOyKCQNeAACM1e5CZZ43kTZ/uk6E3nvjctTE677aY5aomfSLxTSp6U5
yOdzQEWB/dFAAC6gPHzZBc0TOsKldqzlB7K8imsZFfYvDc1YXmd+IQCT4dIfrmSh
Am5AWnPyyxX/14ffsR60eq7xVkGxfY6X2D6CqJQcZUIrz2AMX8NTyIvI9+vGKpUK
wDS8SctkcpbxzyZFK6MM5zEwE2eff+UYZcqqQqWzwLtK
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:23:16 2025 by rpki-client