Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/8NRfsUTuURGgy6LvURHgXAUYZ-g.roa
File: 8NRfsUTuURGgy6LvURHgXAUYZ-g.roa (raw, json)
Hash identifier: 1qJKisnCOTNkYdR9Qi95p8WJ2QZapPEQJWApMHtlHz0=
Subject key identifier: F0:D4:5F:B1:44:EE:51:11:A0:CB:A2:EF:51:11:E0:5C:05:18:67:E8
Certificate issuer: /CN=1c766b058c096753a34ad625d53275cd2dba5b33
Certificate serial: 0194C56176DCEF9AC26051C89432FB7F7E70
Authority key identifier: 1C:76:6B:05:8C:09:67:53:A3:4A:D6:25:D5:32:75:CD:2D:BA:5B:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHZrBYwJZ1OjStYl1TJ1zS26WzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/8NRfsUTuURGgy6LvURHgXAUYZ-g.roa
Signing time: Sun 02 Feb 2025 06:38:06 +0000
ROA not before: Sun 02 Feb 2025 06:38:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210288
IP address blocks: 185.171.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/HHZrBYwJZ1OjStYl1TJ1zS26WzM.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/HHZrBYwJZ1OjStYl1TJ1zS26WzM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HHZrBYwJZ1OjStYl1TJ1zS26WzM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 06:40:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c5:61:76:dc:ef:9a:c2:60:51:c8:94:32:fb:7f:7e:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c766b058c096753a34ad625d53275cd2dba5b33
Validity
Not Before: Feb 2 06:38:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0d45fb144ee5111a0cba2ef5111e05c051867e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:70:c6:c0:ac:8c:28:b9:4f:91:e8:73:2e:02:
9e:03:f6:c5:f0:84:e9:64:e5:fc:e1:55:ce:22:1f:
ea:f3:08:74:bc:76:09:11:1b:93:4f:90:a3:ee:8e:
ae:23:9e:78:22:3d:57:76:3d:84:40:f7:55:55:31:
4b:72:a8:ef:b9:26:89:48:f0:5f:84:99:b7:0d:05:
39:c3:e0:f0:81:fa:e7:7b:a1:8a:53:04:c2:22:74:
29:c2:04:e6:79:82:85:ab:26:81:80:18:6c:8f:ed:
64:f1:e0:68:45:8e:09:80:88:c7:f9:24:e2:34:49:
92:a5:7d:42:01:c5:07:d9:c9:89:92:0d:8f:83:01:
94:bb:63:28:51:53:e0:09:b5:c5:8f:8b:6a:d1:46:
df:ae:3f:cc:02:f4:f7:c2:99:c4:58:c4:bf:e5:e9:
75:aa:60:44:9c:ab:93:6d:29:e9:47:f2:14:c5:84:
a4:6f:a2:17:c6:b5:b4:73:1e:c8:54:95:3d:c1:3f:
da:bd:63:c3:9a:83:59:58:aa:ec:03:5e:fe:97:7c:
2c:b6:12:46:16:e4:1a:53:7b:99:4a:d5:c1:65:79:
e0:26:60:34:4d:5d:83:5d:87:80:af:97:e9:fa:c7:
1a:3a:90:07:23:97:f9:82:de:a9:56:d2:75:d6:61:
aa:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:D4:5F:B1:44:EE:51:11:A0:CB:A2:EF:51:11:E0:5C:05:18:67:E8
X509v3 Authority Key Identifier:
keyid:1C:76:6B:05:8C:09:67:53:A3:4A:D6:25:D5:32:75:CD:2D:BA:5B:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHZrBYwJZ1OjStYl1TJ1zS26WzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/8NRfsUTuURGgy6LvURHgXAUYZ-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/HHZrBYwJZ1OjStYl1TJ1zS26WzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.53.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:55:15:bc:a3:f1:99:46:ca:04:fb:dd:eb:32:3f:2c:4a:d0:
8f:52:91:62:a9:59:28:f7:60:2f:c8:3a:06:35:60:19:3d:e8:
83:28:78:df:4a:53:cb:a5:4a:7b:42:c1:19:70:2e:44:94:ca:
37:69:5f:ac:3a:99:81:5b:a9:cc:01:64:8e:59:90:9f:a4:1e:
5c:2d:5b:3d:78:c0:88:e1:ce:bf:3c:e1:05:f6:2c:b7:61:ec:
d3:43:7d:e6:c8:59:97:c1:41:9e:c7:8f:12:0b:4c:c2:52:2e:
09:90:e2:dd:d8:9c:a5:b9:00:1c:9c:b5:49:71:aa:6a:ce:aa:
10:8c:57:a7:33:09:e1:df:66:dd:04:cf:44:a8:4e:fd:8f:f6:
be:bb:fc:8b:ac:23:05:5d:05:49:68:9d:ce:64:ab:e9:8d:65:
df:19:2a:f0:a3:2a:48:fc:bb:73:c8:8c:32:92:f2:fd:5f:0f:
37:1a:a0:9c:00:3c:19:d6:b1:bf:dd:16:92:bd:b0:ba:45:6f:
bf:41:a4:68:b9:5a:fd:64:28:39:f4:fd:f9:54:8d:c7:1c:c3:
06:4d:f1:62:f4:56:c8:1c:3d:58:df:94:eb:31:90:b5:40:12:
b5:d4:24:58:38:99:83:92:4c:52:a1:77:de:0c:cf:87:a4:f2:
66:d5:ec:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTFYXbc75rCYFHIlDL7f35wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNzY2YjA1OGMwOTY3NTNhMzRhZDYyNWQ1MzI3NWNkMmRi
YTViMzMwHhcNMjUwMjAyMDYzODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGQ0NWZiMTQ0ZWU1MTExYTBjYmEyZWY1MTExZTA1YzA1MTg2N2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXDGwKyMKLlPkehzLgKeA/bF8ITp
ZOX84VXOIh/q8wh0vHYJERuTT5Cj7o6uI554Ij1Xdj2EQPdVVTFLcqjvuSaJSPBf
hJm3DQU5w+Dwgfrne6GKUwTCInQpwgTmeYKFqyaBgBhsj+1k8eBoRY4JgIjH+STi
NEmSpX1CAcUH2cmJkg2PgwGUu2MoUVPgCbXFj4tq0Ubfrj/MAvT3wpnEWMS/5el1
qmBEnKuTbSnpR/IUxYSkb6IXxrW0cx7IVJU9wT/avWPDmoNZWKrsA17+l3wsthJG
FuQaU3uZStXBZXngJmA0TV2DXYeAr5fp+scaOpAHI5f5gt6pVtJ11mGqjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPDUX7FE7lERoMui71ER4FwFGGfoMB8GA1UdIwQY
MBaAFBx2awWMCWdTo0rWJdUydc0tulszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhackJZd0paMU9qU3RZbDFUSjF6UzI2V3pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hYjgzZGMtYzBlNy00ZWMzLWFmNzIt
ODE5MTdkZmZkY2Q3LzEvOE5SZnNVVHVVUkdneTZMdlVSSGdYQVVZWi1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hYjgzZGMtYzBlNy00ZWMzLWFmNzItODE5MTdkZmZkY2Q3
LzEvSEhackJZd0paMU9qU3RZbDFUSjF6UzI2V3pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuas1MA0G
CSqGSIb3DQEBCwUAA4IBAQDAVRW8o/GZRsoE+93rMj8sStCPUpFiqVko92AvyDoG
NWAZPeiDKHjfSlPLpUp7QsEZcC5ElMo3aV+sOpmBW6nMAWSOWZCfpB5cLVs9eMCI
4c6/POEF9iy3YezTQ33myFmXwUGex48SC0zCUi4JkOLd2JyluQAcnLVJcapqzqoQ
jFenMwnh32bdBM9EqE79j/a+u/yLrCMFXQVJaJ3OZKvpjWXfGSrwoypI/LtzyIwy
kvL9Xw83GqCcADwZ1rG/3RaSvbC6RW+/QaRouVr9ZCg59P35VI3HHMMGTfFi9FbI
HD1Y35TrMZC1QBK11CRYOJmDkkxSoXfeDM+HpPJm1ewg
-----END CERTIFICATE-----
Generated at Sun Feb 2 16:06:43 2025 by rpki-client