Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/F6UTD5xs6irn044j6Bn0b3rkg8E.roa
File: F6UTD5xs6irn044j6Bn0b3rkg8E.roa (raw, json)
Hash identifier: 9sFquSQ+RMEX3oUpXt6ncKZDty2H5HID8F9gmHeYrQI=
Subject key identifier: 17:A5:13:0F:9C:6C:EA:2A:E7:D3:8E:23:E8:19:F4:6F:7A:E4:83:C1
Certificate issuer: /CN=3ac78f33e8e1187327667fa94fd7446b8d91e5b4
Certificate serial: 01941F8C8B1CB3E4B2302D1EEC3284B102C7
Authority key identifier: 3A:C7:8F:33:E8:E1:18:73:27:66:7F:A9:4F:D7:44:6B:8D:91:E5:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OsePM-jhGHMnZn-pT9dEa42R5bQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/F6UTD5xs6irn044j6Bn0b3rkg8E.roa
Signing time: Wed 01 Jan 2025 01:48:11 +0000
ROA not before: Wed 01 Jan 2025 01:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203500
IP address blocks: 185.178.184.0/24 maxlen: 24
185.178.185.0/24 maxlen: 24
185.178.186.0/24 maxlen: 24
193.25.200.0/24 maxlen: 24
2a07:6780::/29 maxlen: 29
2a0a:6680:bee::/48 maxlen: 48
2a0a:6680:1000::/36 maxlen: 36
2a0a:6680:1979::/48 maxlen: 48
2a0a:6680:2000::/36 maxlen: 36
2a0a:6680:b300::/40 maxlen: 40
2a0a:6680:bee1::/48 maxlen: 48
2a0a:6680:bee5::/48 maxlen: 48
2a0a:6680:bee6::/48 maxlen: 48
2a0a:6680:cc91::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/OsePM-jhGHMnZn-pT9dEa42R5bQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/OsePM-jhGHMnZn-pT9dEa42R5bQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/OsePM-jhGHMnZn-pT9dEa42R5bQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:8b:1c:b3:e4:b2:30:2d:1e:ec:32:84:b1:02:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ac78f33e8e1187327667fa94fd7446b8d91e5b4
Validity
Not Before: Jan 1 01:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17a5130f9c6cea2ae7d38e23e819f46f7ae483c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e2:f1:63:e1:9a:42:df:f7:b1:f4:5f:5a:d0:
44:de:e7:f6:71:05:50:a5:65:ae:95:f8:e1:b7:48:
61:dd:0d:1b:4a:a3:ef:ae:08:88:82:a0:8e:30:c7:
0e:19:39:ad:07:7e:c1:e3:e1:b9:74:05:0f:75:6d:
9e:1c:36:c6:25:6a:57:b9:c8:43:73:98:7e:e5:49:
2a:9b:81:bf:d8:87:7d:7d:25:7f:52:bb:87:c5:a8:
5f:1c:50:52:70:f7:7f:46:22:3a:fa:26:3e:cb:d6:
bb:3d:c7:4d:d7:d6:50:d0:36:02:6c:d8:0e:13:36:
27:a6:7c:70:22:d9:26:f9:85:2f:17:13:a6:f1:c4:
3c:91:ef:8f:a9:de:8d:e9:bd:9a:79:15:56:55:2c:
f8:89:27:df:2a:16:81:90:8d:91:98:2f:60:80:b4:
a6:d7:b4:fb:d2:3d:c9:c9:7d:24:14:1d:21:8f:d2:
88:83:2f:3a:f2:03:c1:a6:b7:e1:fa:71:2f:72:d1:
0f:7d:f3:e3:ac:d7:38:00:8a:99:d7:b2:5b:63:50:
e1:f5:35:c9:1e:1a:f9:ec:75:2a:8c:fe:77:ad:ca:
51:16:30:fe:9f:b2:a3:b4:b0:9a:32:c5:f3:8f:7c:
d9:5a:70:f3:72:95:c9:14:36:a8:51:49:16:d9:42:
a7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:A5:13:0F:9C:6C:EA:2A:E7:D3:8E:23:E8:19:F4:6F:7A:E4:83:C1
X509v3 Authority Key Identifier:
keyid:3A:C7:8F:33:E8:E1:18:73:27:66:7F:A9:4F:D7:44:6B:8D:91:E5:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OsePM-jhGHMnZn-pT9dEa42R5bQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/F6UTD5xs6irn044j6Bn0b3rkg8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/OsePM-jhGHMnZn-pT9dEa42R5bQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.184.0-185.178.186.255
193.25.200.0/24
IPv6:
2a07:6780::/29
2a0a:6680:bee::/48
2a0a:6680:1000::-2a0a:6680:2fff:ffff:ffff:ffff:ffff:ffff
2a0a:6680:b300::/40
2a0a:6680:bee1::/48
2a0a:6680:bee5::-2a0a:6680:bee6:ffff:ffff:ffff:ffff:ffff
2a0a:6680:cc91::/48
Signature Algorithm: sha256WithRSAEncryption
04:08:7b:c0:9c:80:1e:31:ca:f2:4c:ef:30:6f:84:b0:0f:85:
39:93:70:10:ed:4b:c9:a3:c8:4f:14:bb:9e:41:83:7d:80:68:
9c:e1:ff:f6:03:09:a6:69:af:cb:45:c7:6e:f4:99:3b:17:74:
f3:23:86:c3:1b:80:ce:d8:53:65:d5:91:a2:ff:ee:9d:84:5f:
55:9b:6e:5f:a1:1c:21:54:bb:14:5a:62:1b:89:37:e4:82:0b:
e3:7f:a7:d0:49:a4:8c:86:7c:30:e9:a9:fd:16:12:c4:53:7a:
45:35:bc:6c:52:e9:a8:6c:bc:06:77:5e:19:8b:38:85:92:c5:
5b:7d:61:43:28:20:ec:91:32:87:28:64:a5:c3:90:92:e1:a6:
39:a4:de:6e:fa:32:f0:95:cd:7c:1b:d6:ff:aa:58:eb:79:82:
de:31:0c:fa:49:ab:d4:6e:e1:26:3f:8b:ef:87:cd:05:18:d3:
8f:fa:3a:e3:7e:c1:61:d4:e7:03:d4:be:dc:22:b7:1f:2b:ae:
a7:a5:40:6c:23:fd:66:8f:b7:0d:23:75:82:d3:d8:e2:fc:72:
54:2c:de:99:37:57:75:3c:f6:7f:a9:de:59:1e:82:da:f0:64:
6d:a2:62:5e:a9:c7:e3:aa:36:07:15:50:ca:3d:54:71:9e:51:
41:b6:f8:37
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZQfjIscs+SyMC0e7DKEsQLHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYzc4ZjMzZThlMTE4NzMyNzY2N2ZhOTRmZDc0NDZiOGQ5
MWU1YjQwHhcNMjUwMTAxMDE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2E1MTMwZjljNmNlYTJhZTdkMzhlMjNlODE5ZjQ2ZjdhZTQ4M2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0uLxY+GaQt/3sfRfWtBE3uf2cQVQ
pWWulfjht0hh3Q0bSqPvrgiIgqCOMMcOGTmtB37B4+G5dAUPdW2eHDbGJWpXuchD
c5h+5Ukqm4G/2Id9fSV/UruHxahfHFBScPd/RiI6+iY+y9a7PcdN19ZQ0DYCbNgO
EzYnpnxwItkm+YUvFxOm8cQ8ke+Pqd6N6b2aeRVWVSz4iSffKhaBkI2RmC9ggLSm
17T70j3JyX0kFB0hj9KIgy868gPBprfh+nEvctEPffPjrNc4AIqZ17JbY1Dh9TXJ
Hhr57HUqjP53rcpRFjD+n7KjtLCaMsXzj3zZWnDzcpXJFDaoUUkW2UKnqwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFBelEw+cbOoq59OOI+gZ9G965IPBMB8GA1UdIwQY
MBaAFDrHjzPo4RhzJ2Z/qU/XRGuNkeW0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3NlUE0tamhHSE1uWm4tcFQ5ZEVhNDJSNWJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy81ZWRhYWYtMzMyNy00M2VkLTkwYjEt
ZGMwMWY0YjRiYWU0LzEvRjZVVEQ1eHM2aXJuMDQ0ajZCbjBiM3JrZzhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy81ZWRhYWYtMzMyNy00M2VkLTkwYjEtZGMwMWY0YjRiYWU0
LzEvT3NlUE0tamhHSE1uWm4tcFQ5ZEVhNDJSNWJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwGgQCAAEwFDAMAwQDubK4
AwQAubK6AwQAwRnIMFYEAgACMFADBQMqB2eAAwcAKgpmgAvuMBADBgQqCmaAEAMG
BCoKZoAgAwYAKgpmgLMDBwAqCmaAvuEwEgMHACoKZoC+5QMHACoKZoC+5gMHACoK
ZoDMkTANBgkqhkiG9w0BAQsFAAOCAQEABAh7wJyAHjHK8kzvMG+EsA+FOZNwEO1L
yaPITxS7nkGDfYBonOH/9gMJpmmvy0XHbvSZOxd08yOGwxuAzthTZdWRov/unYRf
VZtuX6EcIVS7FFpiG4k35IIL43+n0EmkjIZ8MOmp/RYSxFN6RTW8bFLpqGy8Bnde
GYs4hZLFW31hQygg7JEyhyhkpcOQkuGmOaTebvoy8JXNfBvW/6pY63mC3jEM+kmr
1G7hJj+L74fNBRjTj/o6437BYdTnA9S+3CK3Hyuup6VAbCP9Zo+3DSN1gtPY4vxy
VCzemTdXdTz2f6neWR6C2vBkbaJiXqnH46o2BxVQyj1UcZ5RQbb4Nw==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:47 2025 by rpki-client