Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/a63fd8-9b36-496d-b6e2-b20ebe595475/1/IDl9kroYhzoJI3fNYZt14M849Mw.roa
File: IDl9kroYhzoJI3fNYZt14M849Mw.roa (raw, json)
Hash identifier: QNB7O1WZxj1n2YGUs6WaUGgoWKZNY20yWJ5q+ijsbDA=
Subject key identifier: 20:39:7D:92:BA:18:87:3A:09:23:77:CD:61:9B:75:E0:CF:38:F4:CC
Certificate issuer: /CN=ad3b529c9dc9526f099bf16ac89dcc8adfe18240
Certificate serial: 01942444AE1F524EC239B8D96230F96D1053
Authority key identifier: AD:3B:52:9C:9D:C9:52:6F:09:9B:F1:6A:C8:9D:CC:8A:DF:E1:82:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rTtSnJ3JUm8Jm_FqyJ3Mit_hgkA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/a63fd8-9b36-496d-b6e2-b20ebe595475/1/IDl9kroYhzoJI3fNYZt14M849Mw.roa
Signing time: Wed 01 Jan 2025 23:47:48 +0000
ROA not before: Wed 01 Jan 2025 23:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48501
IP address blocks: 185.161.140.0/22 maxlen: 22
185.161.140.0/24 maxlen: 24
185.161.141.0/24 maxlen: 24
185.161.142.0/24 maxlen: 24
185.161.143.0/24 maxlen: 24
2a07:c500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/a63fd8-9b36-496d-b6e2-b20ebe595475/1/rTtSnJ3JUm8Jm_FqyJ3Mit_hgkA.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/a63fd8-9b36-496d-b6e2-b20ebe595475/1/rTtSnJ3JUm8Jm_FqyJ3Mit_hgkA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rTtSnJ3JUm8Jm_FqyJ3Mit_hgkA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:ae:1f:52:4e:c2:39:b8:d9:62:30:f9:6d:10:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad3b529c9dc9526f099bf16ac89dcc8adfe18240
Validity
Not Before: Jan 1 23:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20397d92ba18873a092377cd619b75e0cf38f4cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:40:8e:e4:87:e0:4b:8d:ec:fe:fc:4b:7c:de:
28:79:66:6d:bf:ad:12:8e:4f:61:8f:75:b4:c2:a5:
ce:7d:e4:72:c5:37:bc:3b:d8:4c:9e:98:b3:03:75:
52:56:a6:3b:07:0c:ba:d1:c7:c9:54:c8:74:90:b4:
0f:42:d5:9b:a8:5d:20:12:d1:6f:65:ca:cc:80:c4:
e9:59:9e:24:ae:65:4b:b5:bc:bf:55:d3:e4:bf:fc:
c0:68:cd:d2:df:29:da:15:3b:55:93:d9:53:59:c5:
12:85:1d:90:2d:d0:d5:1b:91:c2:f5:ec:5e:ea:3f:
62:14:3e:02:7c:b6:ca:e6:56:07:de:6f:fe:a5:87:
ed:cf:20:41:8b:24:99:30:fc:01:57:fb:67:48:e8:
4f:f1:39:21:3f:43:68:99:e7:5c:22:81:c8:01:30:
1d:24:e7:ce:f5:b7:e8:9e:20:99:e1:64:53:fd:53:
2d:17:a6:80:81:f2:f2:0a:b6:0f:85:f7:3d:b2:44:
5b:99:bf:27:55:4f:bb:0f:c7:e3:0c:51:5a:83:11:
7a:2a:6d:38:5f:f0:3e:f1:72:aa:98:db:31:29:91:
6c:48:bc:cf:ad:c4:0f:1b:65:3b:35:22:bb:03:69:
03:d5:c2:f8:1e:18:0b:f1:9e:66:fa:31:2f:cc:39:
c5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:39:7D:92:BA:18:87:3A:09:23:77:CD:61:9B:75:E0:CF:38:F4:CC
X509v3 Authority Key Identifier:
keyid:AD:3B:52:9C:9D:C9:52:6F:09:9B:F1:6A:C8:9D:CC:8A:DF:E1:82:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rTtSnJ3JUm8Jm_FqyJ3Mit_hgkA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/a63fd8-9b36-496d-b6e2-b20ebe595475/1/IDl9kroYhzoJI3fNYZt14M849Mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/a63fd8-9b36-496d-b6e2-b20ebe595475/1/rTtSnJ3JUm8Jm_FqyJ3Mit_hgkA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.140.0/22
IPv6:
2a07:c500::/29
Signature Algorithm: sha256WithRSAEncryption
08:44:e4:3f:6c:b3:8f:1b:01:c2:a3:3e:36:58:27:67:a7:d4:
98:4a:0c:39:6d:65:d6:ae:71:96:2c:12:c4:34:da:d1:11:76:
7f:0e:1c:31:ed:d7:73:cf:74:f5:c2:8e:af:9e:dc:4d:c1:da:
41:19:06:25:15:ee:f2:f6:d1:e5:41:2f:b4:8c:0a:31:e2:82:
3e:71:01:df:42:fd:59:9b:3b:49:a3:82:73:18:a9:a7:e3:d7:
cd:f2:5c:f0:58:5a:3b:01:7d:8d:31:b1:3b:56:d6:f5:27:61:
15:71:1c:c2:8b:60:05:b3:45:85:24:da:07:9e:01:99:78:98:
70:01:2b:b9:7d:db:47:19:5b:d1:90:1c:e7:b2:40:4e:e4:de:
25:f2:94:4b:5b:07:e3:8f:dc:9a:79:0e:5c:0d:77:e9:6f:7a:
92:48:0c:b7:90:69:8e:39:5b:a8:8f:08:30:97:80:47:de:43:
27:84:77:de:95:56:cc:78:7d:66:a4:be:4f:b4:59:6d:85:65:
64:3e:01:02:da:46:c3:0c:85:29:0d:51:4f:81:f2:c8:92:46:
21:36:82:80:50:7a:4d:f0:bd:76:d8:54:65:d5:6c:e4:d7:2b:
c0:3a:05:ca:b5:b8:89:27:41:38:ba:50:0b:8e:27:67:4d:a5:
43:48:06:0f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRK4fUk7CObjZYjD5bRBTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkM2I1MjljOWRjOTUyNmYwOTliZjE2YWM4OWRjYzhhZGZl
MTgyNDAwHhcNMjUwMTAxMjM0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDM5N2Q5MmJhMTg4NzNhMDkyMzc3Y2Q2MTliNzVlMGNmMzhmNGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkCO5IfgS43s/vxLfN4oeWZtv60S
jk9hj3W0wqXOfeRyxTe8O9hMnpizA3VSVqY7Bwy60cfJVMh0kLQPQtWbqF0gEtFv
ZcrMgMTpWZ4krmVLtby/VdPkv/zAaM3S3ynaFTtVk9lTWcUShR2QLdDVG5HC9exe
6j9iFD4CfLbK5lYH3m/+pYftzyBBiySZMPwBV/tnSOhP8TkhP0NomedcIoHIATAd
JOfO9bfoniCZ4WRT/VMtF6aAgfLyCrYPhfc9skRbmb8nVU+7D8fjDFFagxF6Km04
X/A+8XKqmNsxKZFsSLzPrcQPG2U7NSK7A2kD1cL4HhgL8Z5m+jEvzDnFSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCA5fZK6GIc6CSN3zWGbdeDPOPTMMB8GA1UdIwQY
MBaAFK07UpydyVJvCZvxasidzIrf4YJAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclR0U25KM0pVbThKbV9GcXlKM01pdF9oZ2tBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hNjNmZDgtOWIzNi00OTZkLWI2ZTIt
YjIwZWJlNTk1NDc1LzEvSURsOWtyb1loem9KSTNmTlladDE0TTg0OU13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hNjNmZDgtOWIzNi00OTZkLWI2ZTItYjIwZWJlNTk1NDc1
LzEvclR0U25KM0pVbThKbV9GcXlKM01pdF9oZ2tBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaGMMA0E
AgACMAcDBQMqB8UAMA0GCSqGSIb3DQEBCwUAA4IBAQAIROQ/bLOPGwHCoz42WCdn
p9SYSgw5bWXWrnGWLBLENNrREXZ/Dhwx7ddzz3T1wo6vntxNwdpBGQYlFe7y9tHl
QS+0jAox4oI+cQHfQv1ZmztJo4JzGKmn49fN8lzwWFo7AX2NMbE7Vtb1J2EVcRzC
i2AFs0WFJNoHngGZeJhwASu5fdtHGVvRkBznskBO5N4l8pRLWwfjj9yaeQ5cDXfp
b3qSSAy3kGmOOVuojwgwl4BH3kMnhHfelVbMeH1mpL5PtFlthWVkPgEC2kbDDIUp
DVFPgfLIkkYhNoKAUHpN8L122FRl1Wzk1yvAOgXKtbiJJ0E4ulALjidnTaVDSAYP
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:15:27 2025 by rpki-client