Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/t3uSAegbFXAgvcMRKArmSOOjc88.roa
File: t3uSAegbFXAgvcMRKArmSOOjc88.roa (raw, json)
Hash identifier: 4JXslF6DFYbC7wM1C83bbrfYplmPiSougkSoNLfd1xU=
Subject key identifier: B7:7B:92:01:E8:1B:15:70:20:BD:C3:11:28:0A:E6:48:E3:A3:73:CF
Certificate issuer: /CN=1e234242957bb1be129681721f9c2cd08df07baa
Certificate serial: 0194AF0018CACF226FDBE51575F719D6C5C7
Authority key identifier: 1E:23:42:42:95:7B:B1:BE:12:96:81:72:1F:9C:2C:D0:8D:F0:7B:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HiNCQpV7sb4SloFyH5ws0I3we6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/t3uSAegbFXAgvcMRKArmSOOjc88.roa
Signing time: Tue 28 Jan 2025 22:20:06 +0000
ROA not before: Tue 28 Jan 2025 22:20:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199484
IP address blocks: 185.40.72.0/22 maxlen: 24
185.40.72.0/24 maxlen: 24
185.40.73.0/24 maxlen: 24
185.40.74.0/24 maxlen: 24
185.40.75.0/24 maxlen: 24
195.142.152.0/22 maxlen: 24
195.142.152.0/24 maxlen: 24
195.142.154.0/24 maxlen: 24
195.142.184.0/22 maxlen: 22
195.142.184.0/24 maxlen: 24
195.142.185.0/24 maxlen: 24
195.142.186.0/24 maxlen: 24
195.142.187.0/24 maxlen: 24
195.142.192.0/22 maxlen: 24
195.142.192.0/24 maxlen: 24
195.142.193.0/24 maxlen: 24
195.142.194.0/24 maxlen: 24
195.155.96.0/22 maxlen: 24
195.155.96.0/24 maxlen: 24
195.155.97.0/24 maxlen: 24
195.155.98.0/24 maxlen: 24
195.155.99.0/24 maxlen: 24
2a01:4c20::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/HiNCQpV7sb4SloFyH5ws0I3we6o.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/HiNCQpV7sb4SloFyH5ws0I3we6o.mft
rsync://rpki.ripe.net/repository/DEFAULT/HiNCQpV7sb4SloFyH5ws0I3we6o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 13:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:af:00:18:ca:cf:22:6f:db:e5:15:75:f7:19:d6:c5:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e234242957bb1be129681721f9c2cd08df07baa
Validity
Not Before: Jan 28 22:20:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b77b9201e81b157020bdc311280ae648e3a373cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3f:31:65:40:5f:ce:c0:22:d1:18:cf:a3:0b:
32:22:62:a3:44:17:c9:0b:c2:52:fd:44:fa:e4:f6:
73:68:91:64:6b:06:64:5a:3b:cf:4d:96:d1:b6:85:
9c:76:6f:78:8b:8b:8f:0b:d0:5d:71:35:56:69:2a:
43:18:19:df:8a:60:ad:97:5d:e2:cd:ac:01:63:ee:
29:8b:dc:3c:59:c2:4a:a9:21:f6:cc:52:6b:81:31:
92:93:6a:7c:9a:1d:6e:6c:d7:5b:94:ac:8e:ad:41:
d5:33:81:53:2c:94:3b:cf:db:91:78:7f:c6:e7:28:
c8:bc:f0:ff:4e:b4:53:6f:af:db:79:d6:6c:c8:58:
3d:75:94:d3:49:3c:a1:99:6c:81:76:8f:7a:0b:25:
0d:de:b8:23:3e:3d:39:b7:d1:bd:93:6a:b9:33:b6:
41:61:f7:8a:99:e7:7c:d1:d9:ab:29:e3:d2:9e:86:
ce:7c:80:f4:bd:03:75:1d:13:03:4c:db:19:39:9b:
b7:11:71:9c:35:9b:7d:3b:ca:4d:f2:54:59:f0:dc:
25:d5:d1:59:46:bd:c7:20:06:cb:ef:1c:e2:61:2a:
b0:50:50:11:95:ac:eb:cf:c2:8f:4c:7d:cd:ff:b3:
ef:30:58:81:c9:3a:e6:39:97:34:76:25:10:e5:34:
49:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:7B:92:01:E8:1B:15:70:20:BD:C3:11:28:0A:E6:48:E3:A3:73:CF
X509v3 Authority Key Identifier:
keyid:1E:23:42:42:95:7B:B1:BE:12:96:81:72:1F:9C:2C:D0:8D:F0:7B:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HiNCQpV7sb4SloFyH5ws0I3we6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/t3uSAegbFXAgvcMRKArmSOOjc88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/HiNCQpV7sb4SloFyH5ws0I3we6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.72.0/22
195.142.152.0/22
195.142.184.0/22
195.142.192.0/22
195.155.96.0/22
IPv6:
2a01:4c20::/29
Signature Algorithm: sha256WithRSAEncryption
82:9d:e6:68:fc:dd:8a:9d:4a:fa:a7:b8:8e:6d:08:ba:24:25:
f4:b5:99:da:fb:9e:cb:cd:1d:44:5f:47:2c:51:25:8f:95:93:
c4:e7:19:36:29:e8:28:1c:02:d5:32:cb:a9:57:66:49:a0:af:
8c:4b:bb:9c:3a:43:71:77:64:20:5b:4d:67:69:39:f8:ed:a8:
b3:04:5a:8a:1c:42:f7:d1:0a:26:93:8b:6b:b6:de:d8:c3:3c:
a8:72:60:fc:f3:d2:b4:16:4e:da:f5:a2:2a:a6:60:67:3d:56:
a1:d5:54:88:9c:a1:0f:1e:80:b6:e1:27:30:e9:9d:36:05:ec:
ce:07:e8:43:bc:4f:44:a5:bd:f5:93:fd:24:ac:4b:c6:a5:7a:
2e:50:69:85:c9:25:33:cd:d3:ee:7c:e9:98:38:07:ef:f3:f1:
9d:36:94:1a:c9:2e:aa:17:de:c8:f6:41:16:37:ba:8b:4b:91:
3a:7a:b0:a2:72:9c:50:5c:6b:da:6a:90:37:f6:22:64:c3:06:
b1:12:57:5f:0e:44:4a:32:1a:ac:c9:ca:c6:2b:a8:03:7c:dc:
36:52:d1:67:f8:56:7d:0b:b9:8f:cf:7b:3d:33:ba:f9:c9:c6:
a4:f1:0c:29:89:2c:82:18:c4:6b:c6:22:9b:54:32:c2:16:e9:
2a:7c:ee:08
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZSvABjKzyJv2+UVdfcZ1sXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMjM0MjQyOTU3YmIxYmUxMjk2ODE3MjFmOWMyY2QwOGRm
MDdiYWEwHhcNMjUwMTI4MjIyMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzdiOTIwMWU4MWIxNTcwMjBiZGMzMTEyODBhZTY0OGUzYTM3M2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuT8xZUBfzsAi0RjPowsyImKjRBfJ
C8JS/UT65PZzaJFkawZkWjvPTZbRtoWcdm94i4uPC9BdcTVWaSpDGBnfimCtl13i
zawBY+4pi9w8WcJKqSH2zFJrgTGSk2p8mh1ubNdblKyOrUHVM4FTLJQ7z9uReH/G
5yjIvPD/TrRTb6/bedZsyFg9dZTTSTyhmWyBdo96CyUN3rgjPj05t9G9k2q5M7ZB
YfeKmed80dmrKePSnobOfID0vQN1HRMDTNsZOZu3EXGcNZt9O8pN8lRZ8Nwl1dFZ
Rr3HIAbL7xziYSqwUFARlazrz8KPTH3N/7PvMFiByTrmOZc0diUQ5TRJ8wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLd7kgHoGxVwIL3DESgK5kjjo3PPMB8GA1UdIwQY
MBaAFB4jQkKVe7G+EpaBch+cLNCN8HuqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGlOQ1FwVjdzYjRTbG9GeUg1d3MwSTN3ZTZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iM2FlMzMtNmQ2Mi00MDkzLTkyZWMt
NTYzODUyNmZmNjQxLzEvdDN1U0FlZ2JGWEFndmNNUktBcm1TT09qYzg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iM2FlMzMtNmQ2Mi00MDkzLTkyZWMtNTYzODUyNmZmNjQx
LzEvSGlOQ1FwVjdzYjRTbG9GeUg1d3MwSTN3ZTZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCuShIAwQC
w46YAwQCw464AwQCw47AAwQCw5tgMA0EAgACMAcDBQMqAUwgMA0GCSqGSIb3DQEB
CwUAA4IBAQCCneZo/N2KnUr6p7iObQi6JCX0tZna+57LzR1EX0csUSWPlZPE5xk2
KegoHALVMsupV2ZJoK+MS7ucOkNxd2QgW01naTn47aizBFqKHEL30Qomk4trtt7Y
wzyocmD889K0Fk7a9aIqpmBnPVah1VSInKEPHoC24Scw6Z02BezOB+hDvE9Epb31
k/0krEvGpXouUGmFySUzzdPufOmYOAfv8/GdNpQayS6qF97I9kEWN7qLS5E6erCi
cpxQXGvaapA39iJkwwaxEldfDkRKMhqsycrGK6gDfNw2UtFn+FZ9C7mPz3s9M7r5
ycak8QwpiSyCGMRrxiKbVDLCFukqfO4I
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:21:23 2025 by rpki-client