Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8fa051-4357-4d31-8537-6812babc5a8b/1/TJ9h-OeDoNwLJy-bpo2ooNFoYYY.roa
File: TJ9h-OeDoNwLJy-bpo2ooNFoYYY.roa (raw, json)
Hash identifier: uSX/ck6PKaNlZa7GifLSaPti7K35d8cXLGS+lgOUDKc=
Subject key identifier: 4C:9F:61:F8:E7:83:A0:DC:0B:27:2F:9B:A6:8D:A8:A0:D1:68:61:86
Certificate issuer: /CN=e97656f22015589ff7cc66056867f605d81449bc
Certificate serial: 0194221FB0B4667E8A3FC298A80AB211D620
Authority key identifier: E9:76:56:F2:20:15:58:9F:F7:CC:66:05:68:67:F6:05:D8:14:49:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XZW8iAVWJ_3zGYFaGf2BdgUSbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/8fa051-4357-4d31-8537-6812babc5a8b/1/TJ9h-OeDoNwLJy-bpo2ooNFoYYY.roa
Signing time: Wed 01 Jan 2025 13:48:09 +0000
ROA not before: Wed 01 Jan 2025 13:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204249
IP address blocks: 185.37.162.0/24 maxlen: 24
185.54.164.0/24 maxlen: 24
185.54.165.0/24 maxlen: 24
185.54.166.0/24 maxlen: 24
185.54.167.0/24 maxlen: 24
2a00:f7a0:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/8fa051-4357-4d31-8537-6812babc5a8b/1/6XZW8iAVWJ_3zGYFaGf2BdgUSbw.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/8fa051-4357-4d31-8537-6812babc5a8b/1/6XZW8iAVWJ_3zGYFaGf2BdgUSbw.mft
rsync://rpki.ripe.net/repository/DEFAULT/6XZW8iAVWJ_3zGYFaGf2BdgUSbw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:b0:b4:66:7e:8a:3f:c2:98:a8:0a:b2:11:d6:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e97656f22015589ff7cc66056867f605d81449bc
Validity
Not Before: Jan 1 13:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c9f61f8e783a0dc0b272f9ba68da8a0d1686186
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2f:19:11:b0:10:2e:c4:35:6b:ba:af:5f:b6:
68:13:5d:7e:d4:67:51:d5:3c:00:0e:fb:76:82:9d:
68:56:5f:bc:ad:35:20:e2:e6:57:7e:98:fa:55:1b:
84:c9:6b:61:54:17:c0:e9:50:7a:e0:a8:7d:ae:cd:
5b:9b:b4:2a:48:7f:da:8f:a0:8a:74:b1:88:38:38:
76:55:ca:4c:68:c4:23:8f:f2:7c:90:a7:d2:bf:3c:
5e:b7:d9:73:e4:46:73:f8:f6:33:29:00:2c:b4:45:
6c:50:1a:88:6d:e9:df:99:ef:f7:76:7b:5a:42:52:
31:e1:ea:58:9b:b8:cf:2c:a1:41:aa:08:74:0f:89:
ff:51:38:69:a3:a8:11:67:62:3c:5b:06:5c:8e:f3:
7f:ce:03:f4:d6:cf:03:f7:ae:85:b9:aa:fc:48:2b:
93:ba:02:26:a1:8e:04:5d:e5:aa:24:27:3e:9a:ee:
af:e0:60:d8:15:54:95:35:90:32:44:6e:7a:69:af:
2a:d1:49:a7:2f:5a:38:37:f2:60:d4:2b:17:2c:d2:
a4:1f:54:34:c8:5b:75:62:87:fc:7e:6a:45:d8:77:
45:07:1b:3c:61:0d:8a:db:9d:c2:e9:25:9a:9d:78:
6b:89:41:0b:ec:37:6b:ab:7a:93:91:db:cd:1f:09:
30:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:9F:61:F8:E7:83:A0:DC:0B:27:2F:9B:A6:8D:A8:A0:D1:68:61:86
X509v3 Authority Key Identifier:
keyid:E9:76:56:F2:20:15:58:9F:F7:CC:66:05:68:67:F6:05:D8:14:49:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XZW8iAVWJ_3zGYFaGf2BdgUSbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8fa051-4357-4d31-8537-6812babc5a8b/1/TJ9h-OeDoNwLJy-bpo2ooNFoYYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8fa051-4357-4d31-8537-6812babc5a8b/1/6XZW8iAVWJ_3zGYFaGf2BdgUSbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.162.0/24
185.54.164.0/22
IPv6:
2a00:f7a0:100::/48
Signature Algorithm: sha256WithRSAEncryption
0b:08:1d:98:af:f1:11:a1:17:28:78:b8:4b:d8:17:17:50:39:
02:05:ab:28:05:b1:7e:a1:75:d8:9d:43:6d:d5:35:1f:cf:3d:
c9:22:18:59:9a:63:3e:8f:3f:9b:85:0d:52:cb:8c:36:51:dd:
79:04:5e:b5:e2:df:12:7a:c6:2b:07:42:b9:42:d6:3f:48:d4:
4e:ce:18:5a:87:02:4e:7e:84:93:e6:41:44:a7:0d:63:11:06:
17:0c:72:a8:22:e6:74:ca:d1:5f:a5:ae:e9:e7:ee:49:b5:47:
78:de:32:35:a1:70:2e:3d:52:26:6b:ff:c3:59:de:5e:d4:a5:
ae:49:9a:7e:77:53:c1:33:16:f2:7b:e0:56:81:7b:4a:2b:9f:
04:26:54:97:0c:d1:a4:b0:9a:12:b6:13:58:89:73:85:ef:77:
cc:88:d5:74:16:d2:a0:dd:c1:c8:d2:ce:55:e5:24:b9:3a:7c:
5d:25:e0:b6:8c:b6:32:1e:7f:f2:c2:d1:99:61:d8:98:95:6b:
5f:bd:b2:3e:b3:43:5a:24:78:d9:7f:98:8e:15:a0:17:c5:90:
29:bb:5a:33:1d:1b:17:33:07:c8:db:f2:63:5f:7f:6b:08:14:
17:3f:2c:b5:f0:56:51:f5:c9:63:cf:78:92:93:a4:39:21:de:
10:44:85:99
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQiH7C0Zn6KP8KYqAqyEdYgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzY1NmYyMjAxNTU4OWZmN2NjNjYwNTY4NjdmNjA1ZDgx
NDQ5YmMwHhcNMjUwMTAxMTM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzlmNjFmOGU3ODNhMGRjMGIyNzJmOWJhNjhkYThhMGQxNjg2MTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyC8ZEbAQLsQ1a7qvX7ZoE11+1GdR
1TwADvt2gp1oVl+8rTUg4uZXfpj6VRuEyWthVBfA6VB64Kh9rs1bm7QqSH/aj6CK
dLGIODh2VcpMaMQjj/J8kKfSvzxet9lz5EZz+PYzKQAstEVsUBqIbenfme/3dnta
QlIx4epYm7jPLKFBqgh0D4n/UThpo6gRZ2I8WwZcjvN/zgP01s8D966Fuar8SCuT
ugImoY4EXeWqJCc+mu6v4GDYFVSVNZAyRG56aa8q0UmnL1o4N/Jg1CsXLNKkH1Q0
yFt1Yof8fmpF2HdFBxs8YQ2K253C6SWanXhriUEL7Ddrq3qTkdvNHwkwtQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEyfYfjng6DcCycvm6aNqKDRaGGGMB8GA1UdIwQY
MBaAFOl2VvIgFVif98xmBWhn9gXYFEm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhaVzhpQVZXSl8zekdZRmFHZjJCZGdVU2J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84ZmEwNTEtNDM1Ny00ZDMxLTg1Mzct
NjgxMmJhYmM1YThiLzEvVEo5aC1PZURvTndMSnktYnBvMm9vTkZvWVlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84ZmEwNTEtNDM1Ny00ZDMxLTg1MzctNjgxMmJhYmM1YThi
LzEvNlhaVzhpQVZXSl8zekdZRmFHZjJCZGdVU2J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuSWiAwQC
uTakMA8EAgACMAkDBwAqAPegAQAwDQYJKoZIhvcNAQELBQADggEBAAsIHZiv8RGh
Fyh4uEvYFxdQOQIFqygFsX6hddidQ23VNR/PPckiGFmaYz6PP5uFDVLLjDZR3XkE
XrXi3xJ6xisHQrlC1j9I1E7OGFqHAk5+hJPmQUSnDWMRBhcMcqgi5nTK0V+lrunn
7km1R3jeMjWhcC49UiZr/8NZ3l7Upa5Jmn53U8EzFvJ74FaBe0ornwQmVJcM0aSw
mhK2E1iJc4Xvd8yI1XQW0qDdwcjSzlXlJLk6fF0l4LaMtjIef/LC0Zlh2JiVa1+9
sj6zQ1okeNl/mI4VoBfFkCm7WjMdGxczB8jb8mNff2sIFBc/LLXwVlH1yWPPeJKT
pDkh3hBEhZk=
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:40:17 2025 by rpki-client