Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/RMqD4QZBwk_wzHsp1loeMRU2jMk.roa
File: RMqD4QZBwk_wzHsp1loeMRU2jMk.roa (raw, json)
Hash identifier: nCQ5Eq/Er1do1Gz84LWpqzugPw71HtroPiJZlZhFk8k=
Subject key identifier: 44:CA:83:E1:06:41:C2:4F:F0:CC:7B:29:D6:5A:1E:31:15:36:8C:C9
Certificate issuer: /CN=dcb65a90ed3cf4ae0452554ee34b92a8476dcf10
Certificate serial: 01942445A598AC04DD5F359AB3918D4E2010
Authority key identifier: DC:B6:5A:90:ED:3C:F4:AE:04:52:55:4E:E3:4B:92:A8:47:6D:CF:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/RMqD4QZBwk_wzHsp1loeMRU2jMk.roa
Signing time: Wed 01 Jan 2025 23:48:51 +0000
ROA not before: Wed 01 Jan 2025 23:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59796
IP address blocks: 185.217.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/3LZakO089K4EUlVO40uSqEdtzxA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/3LZakO089K4EUlVO40uSqEdtzxA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:a5:98:ac:04:dd:5f:35:9a:b3:91:8d:4e:20:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcb65a90ed3cf4ae0452554ee34b92a8476dcf10
Validity
Not Before: Jan 1 23:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44ca83e10641c24ff0cc7b29d65a1e3115368cc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:61:78:59:2e:f3:a8:2a:b4:bb:9f:81:da:3b:
9c:84:3d:7d:93:de:4b:2c:19:83:50:3e:45:20:6e:
1b:eb:28:0c:9b:16:e7:32:80:75:76:2b:a1:c3:45:
cf:1f:ff:97:51:04:f5:a7:d2:c2:d6:c6:9b:59:ea:
6d:55:92:61:22:c3:c1:cf:69:27:21:55:1d:e7:bd:
a8:10:72:e1:e7:92:fe:51:d1:d7:b2:14:9b:85:5e:
7d:91:b6:be:96:1c:94:f8:11:1e:01:b0:ee:28:73:
43:e5:32:8a:48:c8:fc:17:ea:5c:c1:54:58:61:81:
75:12:f5:73:b7:d2:45:01:04:f1:49:08:1b:e7:03:
ee:ed:ba:39:63:c3:cb:68:c4:ac:98:d3:14:62:93:
21:37:92:3a:4a:29:4e:1c:22:82:df:17:64:f4:ad:
56:7c:1f:9e:5f:2c:d7:57:2b:3a:bd:51:94:c5:bf:
1c:56:36:86:ef:60:38:6b:e0:b0:ee:fb:7a:72:47:
b3:59:32:71:1a:67:cc:0a:87:97:f9:01:3e:a2:44:
91:f2:6d:5d:e2:21:39:dd:c0:bc:5d:50:fe:d0:f7:
f5:ac:1a:5e:7b:f6:24:13:52:04:a9:b3:99:26:6f:
b9:dd:03:29:e9:cb:9e:f6:f6:f5:2c:ef:23:dd:b5:
ff:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:CA:83:E1:06:41:C2:4F:F0:CC:7B:29:D6:5A:1E:31:15:36:8C:C9
X509v3 Authority Key Identifier:
keyid:DC:B6:5A:90:ED:3C:F4:AE:04:52:55:4E:E3:4B:92:A8:47:6D:CF:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/RMqD4QZBwk_wzHsp1loeMRU2jMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/3LZakO089K4EUlVO40uSqEdtzxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.90.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:f6:ae:69:5d:da:45:e2:ce:9b:5b:8f:6c:47:7a:91:9f:61:
77:73:b1:e9:82:70:fe:fa:bc:9a:c2:88:6d:8c:69:22:6b:47:
b0:0f:a8:d0:fc:63:ea:48:53:17:b2:77:37:48:1f:cc:ea:70:
2f:e2:ef:1d:31:9f:63:5c:71:ae:0e:62:04:c8:9b:6c:68:e9:
b1:e7:fb:45:7f:93:8c:42:e6:cf:56:00:1e:15:3b:ec:eb:4c:
16:bf:83:15:96:55:97:7e:27:79:6e:ba:a5:bf:bf:8b:e8:95:
d5:ae:a6:50:f1:14:7e:20:d2:82:17:44:a7:c9:3b:e2:1a:e7:
91:8e:55:73:b5:94:9a:68:8e:95:1e:a6:51:8f:72:f1:8c:0f:
45:46:c3:47:4f:e2:c4:85:2a:7d:8b:e7:a7:a8:ec:68:5b:d4:
a0:fe:f5:42:df:4b:f7:5c:fa:e2:fd:13:f3:3e:bf:93:61:1f:
26:fb:5f:bc:16:c4:20:2c:8a:c8:a8:b7:e9:84:c0:72:f4:2b:
94:c3:da:ac:b0:f7:5c:1d:98:98:d7:65:d9:1a:b7:26:df:e4:
d3:52:1c:58:e4:34:45:22:4f:b9:cf:f0:db:96:96:e8:08:ec:
fd:27:37:f4:ae:a8:d7:a3:e6:22:fd:8c:ae:76:ef:4d:65:b6:
11:60:0d:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRaWYrATdXzWas5GNTiAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYjY1YTkwZWQzY2Y0YWUwNDUyNTU0ZWUzNGI5MmE4NDc2
ZGNmMTAwHhcNMjUwMTAxMjM0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGNhODNlMTA2NDFjMjRmZjBjYzdiMjlkNjVhMWUzMTE1MzY4Y2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22F4WS7zqCq0u5+B2juchD19k95L
LBmDUD5FIG4b6ygMmxbnMoB1diuhw0XPH/+XUQT1p9LC1sabWeptVZJhIsPBz2kn
IVUd572oEHLh55L+UdHXshSbhV59kba+lhyU+BEeAbDuKHND5TKKSMj8F+pcwVRY
YYF1EvVzt9JFAQTxSQgb5wPu7bo5Y8PLaMSsmNMUYpMhN5I6SilOHCKC3xdk9K1W
fB+eXyzXVys6vVGUxb8cVjaG72A4a+Cw7vt6ckezWTJxGmfMCoeX+QE+okSR8m1d
4iE53cC8XVD+0Pf1rBpee/YkE1IEqbOZJm+53QMp6cue9vb1LO8j3bX/5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFETKg+EGQcJP8Mx7KdZaHjEVNozJMB8GA1UdIwQY
MBaAFNy2WpDtPPSuBFJVTuNLkqhHbc8QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0xaYWtPMDg5SzRFVWxWTzQwdVNxRWR0enhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wOTIwMGUtOTk5ZC00YjQ1LWE3NDEt
ODVhOTU1ZjIxNjNiLzEvUk1xRDRRWkJ3a193ekhzcDFsb2VNUlUyak1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wOTIwMGUtOTk5ZC00YjQ1LWE3NDEtODVhOTU1ZjIxNjNi
LzEvM0xaYWtPMDg5SzRFVWxWTzQwdVNxRWR0enhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudlaMA0G
CSqGSIb3DQEBCwUAA4IBAQC19q5pXdpF4s6bW49sR3qRn2F3c7HpgnD++ryawoht
jGkia0ewD6jQ/GPqSFMXsnc3SB/M6nAv4u8dMZ9jXHGuDmIEyJtsaOmx5/tFf5OM
QubPVgAeFTvs60wWv4MVllWXfid5brqlv7+L6JXVrqZQ8RR+INKCF0SnyTviGueR
jlVztZSaaI6VHqZRj3LxjA9FRsNHT+LEhSp9i+enqOxoW9Sg/vVC30v3XPri/RPz
Pr+TYR8m+1+8FsQgLIrIqLfphMBy9CuUw9qssPdcHZiY12XZGrcm3+TTUhxY5DRF
Ik+5z/DblpboCOz9Jzf0rqjXo+Yi/Yyudu9NZbYRYA2f
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:16:11 2025 by rpki-client