Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/8d3895-65c2-4b8e-a547-8ad74cc6a6b9/1/YkgHQRkVRrWyQ2p2wgLse2qkaoY.roa
File: YkgHQRkVRrWyQ2p2wgLse2qkaoY.roa (raw, json)
Hash identifier: p9EN6Inc80zOT2cHk5ltmrKNAtRT7MPUi50PrYUILc0=
Subject key identifier: 62:48:07:41:19:15:46:B5:B2:43:6A:76:C2:02:EC:7B:6A:A4:6A:86
Certificate issuer: /CN=5dab456a051d4a93788bef4fac0d07bdc0c9f0cf
Certificate serial: 019427B656F87E2BB09CA50FA2F6D79AD3AA
Authority key identifier: 5D:AB:45:6A:05:1D:4A:93:78:8B:EF:4F:AC:0D:07:BD:C0:C9:F0:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XatFagUdSpN4i-9PrA0HvcDJ8M8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/8d3895-65c2-4b8e-a547-8ad74cc6a6b9/1/YkgHQRkVRrWyQ2p2wgLse2qkaoY.roa
Signing time: Thu 02 Jan 2025 15:50:48 +0000
ROA not before: Thu 02 Jan 2025 15:50:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60502
IP address blocks: 185.221.224.0/22 maxlen: 22
185.221.224.0/23 maxlen: 23
185.221.226.0/23 maxlen: 23
2a0c:5000::/30 maxlen: 30
2a0c:5000::/32 maxlen: 32
2a0c:5000::/48 maxlen: 48
2a0c:5000:225::/48 maxlen: 48
2a0c:5000:3072::/48 maxlen: 48
2a0c:5000:3073::/48 maxlen: 48
2a0c:5000:3082::/48 maxlen: 48
2a0c:5000:3083::/48 maxlen: 48
2a0c:5000:3084::/48 maxlen: 48
2a0c:5001::/32 maxlen: 32
2a0c:5002::/32 maxlen: 32
2a0c:5003::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/8d3895-65c2-4b8e-a547-8ad74cc6a6b9/1/XatFagUdSpN4i-9PrA0HvcDJ8M8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/8d3895-65c2-4b8e-a547-8ad74cc6a6b9/1/XatFagUdSpN4i-9PrA0HvcDJ8M8.mft
rsync://rpki.ripe.net/repository/DEFAULT/XatFagUdSpN4i-9PrA0HvcDJ8M8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 20:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:56:f8:7e:2b:b0:9c:a5:0f:a2:f6:d7:9a:d3:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dab456a051d4a93788bef4fac0d07bdc0c9f0cf
Validity
Not Before: Jan 2 15:50:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62480741191546b5b2436a76c202ec7b6aa46a86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0d:8a:67:03:c3:65:bc:3e:f8:e3:9c:44:51:
34:a7:39:06:5a:0a:b5:c6:65:b5:d4:dc:25:82:21:
dd:59:4b:87:43:56:cd:9a:75:8a:39:d9:60:c6:c9:
0d:56:1f:13:b3:c1:df:c0:7a:b7:47:e1:80:c7:60:
bb:6e:c7:a8:f3:b8:9f:be:ca:c9:7c:17:8e:98:50:
07:be:1f:71:14:e7:d0:d6:1f:18:e8:88:3d:d0:be:
64:18:eb:d0:bc:ff:87:10:05:66:70:fa:e2:de:f0:
80:86:5a:28:7d:a0:e3:45:c8:84:10:83:4a:15:ad:
db:6d:26:44:33:0e:11:8d:c9:1c:f3:f4:99:2d:fa:
b7:11:78:d0:e2:f2:a2:53:ea:28:96:22:09:c6:61:
ee:fe:0e:95:d1:1e:7d:66:fb:50:a4:8f:d8:db:5f:
9e:90:0d:50:31:e1:47:8e:b4:b9:fc:e1:8a:38:27:
12:8a:48:07:ac:0e:7d:e1:b8:8a:75:2e:79:5c:55:
6d:d1:5c:a0:fa:8a:b0:3f:a3:c9:ea:af:eb:84:2c:
46:53:17:51:92:99:c9:2b:e4:b4:2a:35:b6:d3:95:
d1:67:95:8b:f4:c0:0f:77:fb:e2:5f:3e:52:f2:bc:
32:ed:34:e5:af:05:ab:2d:b9:f2:3c:81:00:a8:44:
3f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:48:07:41:19:15:46:B5:B2:43:6A:76:C2:02:EC:7B:6A:A4:6A:86
X509v3 Authority Key Identifier:
keyid:5D:AB:45:6A:05:1D:4A:93:78:8B:EF:4F:AC:0D:07:BD:C0:C9:F0:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XatFagUdSpN4i-9PrA0HvcDJ8M8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/8d3895-65c2-4b8e-a547-8ad74cc6a6b9/1/YkgHQRkVRrWyQ2p2wgLse2qkaoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/8d3895-65c2-4b8e-a547-8ad74cc6a6b9/1/XatFagUdSpN4i-9PrA0HvcDJ8M8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.224.0/22
IPv6:
2a0c:5000::/30
Signature Algorithm: sha256WithRSAEncryption
5c:7c:0b:33:fa:e5:bc:71:1f:f5:e2:90:ed:c4:ee:a7:9b:00:
3b:db:dc:8c:b2:39:eb:28:b1:91:d7:a7:41:71:76:59:48:5f:
3e:16:63:db:e5:7b:58:8a:85:f2:bd:5e:8a:46:f2:db:88:eb:
8c:67:ba:b2:35:2f:f0:55:3c:cb:d6:28:cb:c6:fd:9b:be:6b:
c0:a4:ac:19:58:3e:e4:e1:7e:c8:56:e6:41:c4:3e:a5:ee:bf:
12:7a:a7:2b:46:f0:7a:80:b8:1e:43:8f:84:bb:0e:8b:d2:c0:
72:1c:ae:a8:4f:28:1c:0b:ae:cb:72:90:77:95:d5:22:32:75:
4f:87:7e:3f:a6:18:6a:d0:54:5b:5f:0d:37:9d:c3:cb:98:78:
b6:77:77:d0:3f:7c:e5:fc:fa:97:8d:82:f5:91:ca:f2:bf:98:
2c:30:8a:2d:1d:df:14:50:49:59:7c:6e:2f:e0:d8:23:28:f7:
1b:7e:c3:9c:78:89:8b:f5:42:74:e4:dc:63:4d:1e:b4:8e:0d:
e9:61:db:49:be:62:17:d3:1a:cf:4c:26:b2:c0:3d:58:de:6e:
b8:49:7b:1c:bd:cc:2b:b1:14:01:67:df:c5:cf:23:c8:dd:04:
10:9b:fa:40:57:c8:b9:e0:73:86:6f:e7:22:a3:3f:8a:cf:f0:
95:fd:a8:a5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntlb4fiuwnKUPovbXmtOqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYWI0NTZhMDUxZDRhOTM3ODhiZWY0ZmFjMGQwN2JkYzBj
OWYwY2YwHhcNMjUwMTAyMTU1MDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjQ4MDc0MTE5MTU0NmI1YjI0MzZhNzZjMjAyZWM3YjZhYTQ2YTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtw2KZwPDZbw++OOcRFE0pzkGWgq1
xmW11NwlgiHdWUuHQ1bNmnWKOdlgxskNVh8Ts8HfwHq3R+GAx2C7bseo87ifvsrJ
fBeOmFAHvh9xFOfQ1h8Y6Ig90L5kGOvQvP+HEAVmcPri3vCAhloofaDjRciEEINK
Fa3bbSZEMw4Rjckc8/SZLfq3EXjQ4vKiU+ooliIJxmHu/g6V0R59ZvtQpI/Y21+e
kA1QMeFHjrS5/OGKOCcSikgHrA594biKdS55XFVt0Vyg+oqwP6PJ6q/rhCxGUxdR
kpnJK+S0KjW205XRZ5WL9MAPd/viXz5S8rwy7TTlrwWrLbnyPIEAqEQ/JwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGJIB0EZFUa1skNqdsIC7HtqpGqGMB8GA1UdIwQY
MBaAFF2rRWoFHUqTeIvvT6wNB73AyfDPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGF0RmFnVWRTcE40aS05UHJBMEh2Y0RKOE04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi84ZDM4OTUtNjVjMi00YjhlLWE1NDct
OGFkNzRjYzZhNmI5LzEvWWtnSFFSa1ZScld5UTJwMndnTHNlMnFrYW9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi84ZDM4OTUtNjVjMi00YjhlLWE1NDctOGFkNzRjYzZhNmI5
LzEvWGF0RmFnVWRTcE40aS05UHJBMEh2Y0RKOE04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCud3gMA0E
AgACMAcDBQIqDFAAMA0GCSqGSIb3DQEBCwUAA4IBAQBcfAsz+uW8cR/14pDtxO6n
mwA729yMsjnrKLGR16dBcXZZSF8+FmPb5XtYioXyvV6KRvLbiOuMZ7qyNS/wVTzL
1ijLxv2bvmvApKwZWD7k4X7IVuZBxD6l7r8SeqcrRvB6gLgeQ4+Euw6L0sByHK6o
TygcC67LcpB3ldUiMnVPh34/phhq0FRbXw03ncPLmHi2d3fQP3zl/PqXjYL1kcry
v5gsMIotHd8UUElZfG4v4NgjKPcbfsOceImL9UJ05NxjTR60jg3pYdtJvmIX0xrP
TCaywD1Y3m64SXscvcwrsRQBZ9/FzyPI3QQQm/pAV8i54HOGb+cioz+Kz/CV/ail
-----END CERTIFICATE-----
Generated at Tue Apr 22 06:13:26 2025 by rpki-client