Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4It1hFfWOp_U2VD708R-bYcBGiM.roa
File: 4It1hFfWOp_U2VD708R-bYcBGiM.roa (raw, json)
Hash identifier: G0OmwJTAag9eHlhISIs64LLhXzLyP5FwHtxojLaexbQ=
Subject key identifier: E0:8B:75:84:57:D6:3A:9F:D4:D9:50:FB:D3:C4:7E:6D:87:01:1A:23
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0194282484C56FF81F3AD0415B78C57F0EEE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4It1hFfWOp_U2VD708R-bYcBGiM.roa
Signing time: Thu 02 Jan 2025 17:51:09 +0000
ROA not before: Thu 02 Jan 2025 17:51:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49418
IP address blocks: 185.218.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 00:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:84:c5:6f:f8:1f:3a:d0:41:5b:78:c5:7f:0e:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e08b758457d63a9fd4d950fbd3c47e6d87011a23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:cc:7a:7c:68:36:30:1e:b4:09:85:e5:52:dc:
be:1e:c5:15:3a:33:96:21:69:88:20:96:e9:ae:5b:
43:34:0a:4e:51:2c:66:df:a7:0c:5d:c8:4a:ec:fb:
2d:ea:e5:19:25:2c:26:ec:de:24:fe:64:22:4f:9c:
4e:36:2c:f8:8d:fd:1d:1a:05:9c:69:30:9b:ea:95:
42:9b:e9:96:cb:b6:a2:7b:9e:91:66:82:5d:71:2e:
98:07:5f:d9:a9:95:b6:ea:ef:4b:74:2c:4d:c1:1d:
9c:17:ff:48:83:05:fa:59:74:eb:22:9f:7b:9c:37:
8d:37:1d:45:e9:43:6f:b8:fc:87:d4:7a:22:d4:4a:
fb:89:ce:d6:28:cd:5b:0c:2c:4c:b1:a8:2d:bd:b7:
c3:02:89:2c:1e:1b:e2:f8:2e:3c:56:d0:c0:ee:03:
87:e2:40:9d:82:60:cb:d7:04:d5:59:d3:34:cf:90:
07:cf:61:4f:1a:9b:eb:e7:00:5d:8d:35:51:11:50:
38:38:b7:79:b4:ca:e5:da:e6:e3:2a:ce:06:92:b5:
ac:60:60:08:27:a1:a5:ba:7f:6f:61:c7:b4:ac:e1:
c5:f6:db:c0:17:0a:f3:76:2b:e4:2f:9d:b8:ee:7e:
1a:79:fe:5f:f1:b8:b4:5a:dc:13:86:93:f0:7b:54:
5e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:8B:75:84:57:D6:3A:9F:D4:D9:50:FB:D3:C4:7E:6D:87:01:1A:23
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4It1hFfWOp_U2VD708R-bYcBGiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.137.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:28:4b:a4:70:2d:1b:c7:41:4a:de:93:1f:22:87:21:06:b6:
cf:d5:a8:3a:95:d2:08:ad:0a:d2:39:13:78:c5:79:f3:4b:5d:
4b:16:20:f9:1f:4b:ee:98:85:bf:4c:68:61:f9:b8:7e:00:50:
27:63:e9:67:c8:c8:35:58:bc:22:2c:21:d1:12:a9:37:95:db:
5c:54:d8:0c:f7:af:6f:8f:41:b6:36:3b:dd:5e:03:f8:7f:9f:
1a:af:99:55:48:53:d2:c6:83:0e:8e:ca:cf:db:29:ca:c5:8b:
d5:a4:32:8a:5c:98:cb:54:a1:4b:c0:e0:e1:c2:f3:33:ff:c6:
1b:90:b7:dc:a7:05:c9:1b:82:80:7c:24:1e:35:39:3c:0d:f3:
1a:55:9c:3f:02:9e:5b:ee:82:ca:85:08:d2:1d:fb:e7:83:a5:
c1:82:05:47:f2:7c:e6:c9:c4:e5:d3:e6:8e:1d:37:87:b3:02:
4a:d4:50:61:2e:97:70:79:b5:67:29:5d:14:4d:a0:af:dd:fc:
21:11:91:21:c6:4f:b1:a2:40:c2:83:53:c9:e8:6a:a5:48:66:
7c:db:44:75:0c:19:c1:d4:0a:8e:6d:fa:f4:1b:d7:31:16:b6:
40:9b:71:9f:da:69:29:2e:90:b5:7c:68:0f:4f:bf:c0:a0:74:
fe:3e:82:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJITFb/gfOtBBW3jFfw7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDhiNzU4NDU3ZDYzYTlmZDRkOTUwZmJkM2M0N2U2ZDg3MDExYTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscx6fGg2MB60CYXlUty+HsUVOjOW
IWmIIJbprltDNApOUSxm36cMXchK7Pst6uUZJSwm7N4k/mQiT5xONiz4jf0dGgWc
aTCb6pVCm+mWy7aie56RZoJdcS6YB1/ZqZW26u9LdCxNwR2cF/9IgwX6WXTrIp97
nDeNNx1F6UNvuPyH1Hoi1Er7ic7WKM1bDCxMsagtvbfDAoksHhvi+C48VtDA7gOH
4kCdgmDL1wTVWdM0z5AHz2FPGpvr5wBdjTVREVA4OLd5tMrl2ubjKs4GkrWsYGAI
J6Glun9vYce0rOHF9tvAFwrzdivkL5247n4aef5f8bi0WtwThpPwe1RewwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOCLdYRX1jqf1NlQ+9PEfm2HARojMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNEl0MWhGZldPcF9VMlZENzA4Ui1iWWNCR2lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudqJMA0G
CSqGSIb3DQEBCwUAA4IBAQCrKEukcC0bx0FK3pMfIochBrbP1ag6ldIIrQrSORN4
xXnzS11LFiD5H0vumIW/TGhh+bh+AFAnY+lnyMg1WLwiLCHREqk3ldtcVNgM969v
j0G2NjvdXgP4f58ar5lVSFPSxoMOjsrP2ynKxYvVpDKKXJjLVKFLwODhwvMz/8Yb
kLfcpwXJG4KAfCQeNTk8DfMaVZw/Ap5b7oLKhQjSHfvng6XBggVH8nzmycTl0+aO
HTeHswJK1FBhLpdwebVnKV0UTaCv3fwhEZEhxk+xokDCg1PJ6GqlSGZ820R1DBnB
1AqObfr0G9cxFrZAm3Gf2mkpLpC1fGgPT7/AoHT+PoJ3
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:01:08 2025 by rpki-client