Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/85ce82-dd06-4958-9e82-db10dcfec4bf/1/1-mbK63EZxL8v4V6vFmj_lwXzRxM.roa
File: 1-mbK63EZxL8v4V6vFmj_lwXzRxM.roa (raw, json)
Hash identifier: JWU55a5ri6Rn4UB9DqsCMDblGiRbnZJJXlkoHYetX7A=
Subject key identifier: FA:66:CA:EB:71:19:C4:BF:2F:E1:5E:AF:16:68:FF:97:05:F3:47:13
Certificate issuer: /CN=c9aef87167585d2898315aa3753f3fa68dad2c6d
Certificate serial: 01950F099B29181DE0E30CB442C1EF59DA0B
Authority key identifier: C9:AE:F8:71:67:58:5D:28:98:31:5A:A3:75:3F:3F:A6:8D:AD:2C:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ya74cWdYXSiYMVqjdT8_po2tLG0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/85ce82-dd06-4958-9e82-db10dcfec4bf/1/1-mbK63EZxL8v4V6vFmj_lwXzRxM.roa
Signing time: Sun 16 Feb 2025 13:54:02 +0000
ROA not before: Sun 16 Feb 2025 13:54:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215892
IP address blocks: 185.129.109.0/24 maxlen: 24
185.129.111.0/24 maxlen: 24
185.151.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/85ce82-dd06-4958-9e82-db10dcfec4bf/1/ya74cWdYXSiYMVqjdT8_po2tLG0.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/85ce82-dd06-4958-9e82-db10dcfec4bf/1/ya74cWdYXSiYMVqjdT8_po2tLG0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ya74cWdYXSiYMVqjdT8_po2tLG0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 22:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:0f:09:9b:29:18:1d:e0:e3:0c:b4:42:c1:ef:59:da:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9aef87167585d2898315aa3753f3fa68dad2c6d
Validity
Not Before: Feb 16 13:54:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa66caeb7119c4bf2fe15eaf1668ff9705f34713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5c:db:3c:62:d9:56:ff:7d:7d:fc:99:e3:b4:
77:a6:e4:c0:a3:24:a0:62:b5:f0:3b:6b:11:ae:86:
1f:7d:cd:b3:df:6e:2d:9b:9c:f5:22:84:44:37:2b:
25:9c:ba:67:d9:db:67:a2:24:e8:09:6d:b1:9a:8e:
26:7c:3b:aa:6e:74:ab:a8:a4:79:bc:bd:45:1e:48:
ba:68:9f:97:09:23:e3:1e:f4:e2:3d:d9:1f:93:9f:
45:6b:ef:56:b9:d9:6d:23:96:dd:c3:5b:c2:16:5d:
29:d0:56:ee:48:7b:4c:99:2a:99:a8:e6:aa:ef:eb:
80:f7:69:a5:ab:4e:88:a0:cf:e8:98:6b:3d:26:13:
7d:05:ba:d6:2f:32:fd:09:48:94:36:56:33:6a:5b:
3b:89:6e:32:97:ad:70:8a:93:29:d8:88:23:d8:f3:
6a:a6:43:ac:5f:cf:0e:2d:ba:a8:28:c2:24:73:27:
c3:49:61:84:82:4c:ba:00:a0:f5:a9:49:5d:5e:89:
e4:7b:30:de:6b:ce:0a:e2:b7:7d:b4:08:7d:d5:40:
e8:68:34:2c:f3:69:e5:4d:41:55:17:2f:f9:89:15:
c6:f1:16:7f:d1:6a:e4:4b:39:ad:d4:c8:07:cc:88:
62:c5:f8:3d:c2:63:c5:b9:d8:0f:aa:64:7d:0f:3c:
ad:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:66:CA:EB:71:19:C4:BF:2F:E1:5E:AF:16:68:FF:97:05:F3:47:13
X509v3 Authority Key Identifier:
keyid:C9:AE:F8:71:67:58:5D:28:98:31:5A:A3:75:3F:3F:A6:8D:AD:2C:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ya74cWdYXSiYMVqjdT8_po2tLG0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/85ce82-dd06-4958-9e82-db10dcfec4bf/1/1-mbK63EZxL8v4V6vFmj_lwXzRxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/85ce82-dd06-4958-9e82-db10dcfec4bf/1/ya74cWdYXSiYMVqjdT8_po2tLG0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.109.0/24
185.129.111.0/24
185.151.239.0/24
Signature Algorithm: sha256WithRSAEncryption
af:25:eb:35:36:64:44:f0:3c:03:eb:1f:8c:9e:76:b2:d3:62:
04:28:ba:5a:db:00:e5:18:16:cc:d1:21:c7:be:e8:5e:a8:a2:
ca:3e:36:83:01:c6:6a:e8:af:b5:10:e4:c6:52:85:cf:ee:c6:
12:41:a1:a1:b6:be:11:7e:b8:c1:86:55:5a:1f:9d:36:cb:39:
07:e6:ea:4b:45:dd:1b:74:b6:c6:77:4d:b7:08:63:c9:e8:ab:
4f:3b:5f:47:0f:93:c6:07:f4:b9:bf:5d:c7:e3:4e:97:1f:2d:
74:c3:85:96:8d:c1:60:0d:69:89:47:b9:88:63:fd:dc:e2:59:
69:a0:f7:6f:e8:fd:14:56:ef:34:ab:e9:64:63:7c:18:19:3c:
ef:da:7f:67:34:bd:53:19:a8:ed:cc:01:17:82:1f:a7:bf:9d:
17:a8:50:40:cd:b2:1b:11:b4:c9:ad:9e:a6:f9:c0:4a:f3:9b:
ad:89:3d:33:19:ed:d7:1f:f2:48:cf:2d:fd:44:0f:37:af:cb:
44:99:8d:bc:a4:0f:46:fd:5b:7e:5d:f6:4d:91:c7:0c:eb:56:
e2:6e:51:da:6f:91:20:9f:56:92:58:7e:df:f4:f7:bf:a7:55:
dc:99:ca:db:e3:58:aa:96:10:f2:c7:e7:97:a3:35:b9:96:a4:
4b:2f:51:25
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZUPCZspGB3g4wy0QsHvWdoLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YWVmODcxNjc1ODVkMjg5ODMxNWFhMzc1M2YzZmE2OGRh
ZDJjNmQwHhcNMjUwMjE2MTM1NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTY2Y2FlYjcxMTljNGJmMmZlMTVlYWYxNjY4ZmY5NzA1ZjM0NzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1zbPGLZVv99ffyZ47R3puTAoySg
YrXwO2sRroYffc2z324tm5z1IoRENyslnLpn2dtnoiToCW2xmo4mfDuqbnSrqKR5
vL1FHki6aJ+XCSPjHvTiPdkfk59Fa+9WudltI5bdw1vCFl0p0FbuSHtMmSqZqOaq
7+uA92mlq06IoM/omGs9JhN9BbrWLzL9CUiUNlYzals7iW4yl61wipMp2Igj2PNq
pkOsX88OLbqoKMIkcyfDSWGEgky6AKD1qUldXonkezDea84K4rd9tAh91UDoaDQs
82nlTUFVFy/5iRXG8RZ/0WrkSzmt1MgHzIhixfg9wmPFudgPqmR9Dzyt5wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPpmyutxGcS/L+FerxZo/5cF80cTMB8GA1UdIwQY
MBaAFMmu+HFnWF0omDFao3U/P6aNrSxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWE3NGNXZFlYU2lZTVZxamRUOF9wbzJ0TEcwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi84NWNlODItZGQwNi00OTU4LTllODIt
ZGIxMGRjZmVjNGJmLzEvMS1tYks2M0VaeEw4djRWNnZGbWpfbHdYelJ4TS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDIvODVjZTgyLWRkMDYtNDk1OC05ZTgyLWRiMTBkY2ZlYzRi
Zi8xL3lhNzRjV2RZWFNpWU1WcWpkVDhfcG8ydExHMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEALmBbQME
ALmBbwMEALmX7zANBgkqhkiG9w0BAQsFAAOCAQEAryXrNTZkRPA8A+sfjJ52stNi
BCi6WtsA5RgWzNEhx77oXqiiyj42gwHGauivtRDkxlKFz+7GEkGhoba+EX64wYZV
Wh+dNss5B+bqS0XdG3S2xndNtwhjyeirTztfRw+Txgf0ub9dx+NOlx8tdMOFlo3B
YA1piUe5iGP93OJZaaD3b+j9FFbvNKvpZGN8GBk879p/ZzS9Uxmo7cwBF4Ifp7+d
F6hQQM2yGxG0ya2epvnASvObrYk9Mxnt1x/ySM8t/UQPN6/LRJmNvKQPRv1bfl32
TZHHDOtW4m5R2m+RIJ9Wklh+3/T3v6dV3JnK2+NYqpYQ8sfnl6M1uZakSy9RJQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:33:07 2025 by rpki-client