Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/xDp3K5cwdwo-amBn4Z3yMMAdo3Y.roa
File: xDp3K5cwdwo-amBn4Z3yMMAdo3Y.roa (raw, json)
Hash identifier: eoBx0TZUtOUgkA8rEPSl3wkXkZ2dgXNZBSrXrhwvq14=
Subject key identifier: C4:3A:77:2B:97:30:77:0A:3E:6A:60:67:E1:9D:F2:30:C0:1D:A3:76
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 019425FD585FA236006CBEB76E43841AB2D1
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/xDp3K5cwdwo-amBn4Z3yMMAdo3Y.roa
Signing time: Thu 02 Jan 2025 07:49:07 +0000
ROA not before: Thu 02 Jan 2025 07:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202727
IP address blocks: 185.156.80.0/22 maxlen: 22
185.163.28.0/22 maxlen: 22
185.171.156.0/22 maxlen: 22
185.180.244.0/22 maxlen: 22
185.191.92.0/22 maxlen: 22
185.211.24.0/22 maxlen: 22
185.218.248.0/22 maxlen: 22
185.249.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:58:5f:a2:36:00:6c:be:b7:6e:43:84:1a:b2:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Jan 2 07:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c43a772b9730770a3e6a6067e19df230c01da376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e1:64:96:35:6e:34:90:38:48:91:c7:84:2d:
ec:92:99:47:6d:a4:ba:cd:66:a7:66:c5:91:19:e6:
86:77:ab:e8:01:89:f0:55:68:9d:5a:00:83:cc:a9:
2a:19:b1:1a:82:2e:c0:96:41:87:19:53:ac:5f:21:
f2:b8:0e:4d:d5:28:2a:62:78:7c:91:fe:ba:87:4b:
8b:ed:ca:a2:a7:f9:ac:82:a5:ea:7b:48:d6:df:da:
7b:91:c1:c7:19:db:0c:c1:62:d6:ab:e9:04:3f:9c:
b1:d8:c1:6f:ca:6f:25:e2:a7:3f:ec:26:97:27:ef:
26:10:a2:4d:ac:a3:2c:c6:ef:08:f1:1d:1e:6a:e4:
52:2c:d7:dd:b2:bf:5e:07:2a:ab:13:18:f8:ca:68:
e6:79:8f:7a:6a:21:4e:c5:21:ea:c8:15:28:5b:e0:
ed:a7:0a:68:bd:ce:36:00:b7:f4:32:cc:8f:4d:e4:
42:82:71:b8:0e:e9:de:52:34:2e:01:88:82:ac:ff:
c3:e6:3d:f2:ec:e7:b7:76:61:78:e1:ae:f1:50:6f:
a9:d1:fe:f8:29:2c:8f:75:c5:a6:d6:84:45:dd:26:
f9:9d:d6:53:57:ce:49:c3:ca:07:e5:07:99:c9:5f:
53:80:df:13:0e:81:aa:b2:f7:43:9f:33:00:f1:2f:
72:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:3A:77:2B:97:30:77:0A:3E:6A:60:67:E1:9D:F2:30:C0:1D:A3:76
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/xDp3K5cwdwo-amBn4Z3yMMAdo3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.80.0/22
185.163.28.0/22
185.171.156.0/22
185.180.244.0/22
185.191.92.0/22
185.211.24.0/22
185.218.248.0/22
185.249.28.0/22
Signature Algorithm: sha256WithRSAEncryption
59:0f:65:a9:37:ba:53:4d:3e:92:90:12:0a:bc:34:d9:11:1d:
59:85:ce:5f:bb:c8:67:29:55:a9:62:78:c4:13:37:18:92:f6:
79:d5:83:96:fb:13:03:d7:c7:7d:09:1d:46:20:92:31:fa:ca:
c6:46:49:04:39:a4:14:fd:dd:8d:59:be:b6:5a:da:bb:6e:ce:
8a:cb:90:8f:cd:d7:ea:7e:5c:f2:62:43:d9:ac:cf:36:a4:66:
78:87:3f:c3:00:5c:ea:36:67:77:a4:c2:23:c4:bd:db:be:8f:
9d:dd:d1:e6:71:67:42:0c:c9:a5:3a:4e:2c:c2:29:6e:a4:ee:
43:e6:f9:36:00:9a:d3:d3:0e:28:78:b4:a8:05:d4:1f:96:fa:
3e:f2:37:39:59:0c:9b:64:92:ba:2b:ad:50:b4:75:a8:4e:78:
e8:3d:23:78:55:06:59:fd:75:a1:d3:2b:02:ce:b8:92:19:22:
04:a2:e1:a8:12:8e:86:2a:db:73:3d:0c:81:61:7c:7a:3a:d4:
0f:58:ac:0f:6c:ca:3e:d3:fd:b7:53:34:dc:83:6f:61:d1:58:
18:96:2f:db:4b:35:c7:0a:b1:79:2f:17:34:45:4b:a6:5e:1f:
74:dc:1f:58:f6:f2:6d:c5:96:bc:24:5d:91:60:58:0d:9f:6f:
46:a1:da:67
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQl/VhfojYAbL63bkOEGrLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjUwMTAyMDc0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDNhNzcyYjk3MzA3NzBhM2U2YTYwNjdlMTlkZjIzMGMwMWRhMzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOFkljVuNJA4SJHHhC3skplHbaS6
zWanZsWRGeaGd6voAYnwVWidWgCDzKkqGbEagi7AlkGHGVOsXyHyuA5N1SgqYnh8
kf66h0uL7cqip/msgqXqe0jW39p7kcHHGdsMwWLWq+kEP5yx2MFvym8l4qc/7CaX
J+8mEKJNrKMsxu8I8R0eauRSLNfdsr9eByqrExj4ymjmeY96aiFOxSHqyBUoW+Dt
pwpovc42ALf0MsyPTeRCgnG4DuneUjQuAYiCrP/D5j3y7Oe3dmF44a7xUG+p0f74
KSyPdcWm1oRF3Sb5ndZTV85Jw8oH5QeZyV9TgN8TDoGqsvdDnzMA8S9ypQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFMQ6dyuXMHcKPmpgZ+Gd8jDAHaN2MB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEveERwM0s1Y3dkd28tYW1CbjRaM3lNTUFkbzNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCuZxQAwQC
uaMcAwQCuaucAwQCubT0AwQCub9cAwQCudMYAwQCudr4AwQCufkcMA0GCSqGSIb3
DQEBCwUAA4IBAQBZD2WpN7pTTT6SkBIKvDTZER1Zhc5fu8hnKVWpYnjEEzcYkvZ5
1YOW+xMD18d9CR1GIJIx+srGRkkEOaQU/d2NWb62Wtq7bs6Ky5CPzdfqflzyYkPZ
rM82pGZ4hz/DAFzqNmd3pMIjxL3bvo+d3dHmcWdCDMmlOk4swilupO5D5vk2AJrT
0w4oeLSoBdQflvo+8jc5WQybZJK6K61QtHWoTnjoPSN4VQZZ/XWh0ysCzriSGSIE
ouGoEo6GKttzPQyBYXx6OtQPWKwPbMo+0/23UzTcg29h0VgYli/bSzXHCrF5Lxc0
RUumXh903B9Y9vJtxZa8JF2RYFgNn29Godpn
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:25:21 2025 by rpki-client