Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/bdc09a-2b2a-4797-a296-9cfdf3c2b348/1/xXYCNUnm-3UsiS0Y2j4IJt8GJmU.roa
File: xXYCNUnm-3UsiS0Y2j4IJt8GJmU.roa (raw, json)
Hash identifier: kfa/1BPOG2GKMxXo/zgSWZ2DSaf3+pCaWIgYdprI0TU=
Subject key identifier: C5:76:02:35:49:E6:FB:75:2C:89:2D:18:DA:3E:08:26:DF:06:26:65
Certificate issuer: /CN=cbd757e913aace434e6dd6d6d50a7edf72ce888c
Certificate serial: 019424449918B6A7759A6331CF7E2A72E542
Authority key identifier: CB:D7:57:E9:13:AA:CE:43:4E:6D:D6:D6:D5:0A:7E:DF:72:CE:88:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9dX6ROqzkNObdbW1Qp-33LOiIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/bdc09a-2b2a-4797-a296-9cfdf3c2b348/1/xXYCNUnm-3UsiS0Y2j4IJt8GJmU.roa
Signing time: Wed 01 Jan 2025 23:47:42 +0000
ROA not before: Wed 01 Jan 2025 23:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205099
IP address blocks: 185.194.202.0/23 maxlen: 24
185.230.80.0/22 maxlen: 24
2a0c:900::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/bdc09a-2b2a-4797-a296-9cfdf3c2b348/1/y9dX6ROqzkNObdbW1Qp-33LOiIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/bdc09a-2b2a-4797-a296-9cfdf3c2b348/1/y9dX6ROqzkNObdbW1Qp-33LOiIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/y9dX6ROqzkNObdbW1Qp-33LOiIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 05:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:99:18:b6:a7:75:9a:63:31:cf:7e:2a:72:e5:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd757e913aace434e6dd6d6d50a7edf72ce888c
Validity
Not Before: Jan 1 23:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c576023549e6fb752c892d18da3e0826df062665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c1:09:c0:87:74:7f:14:7d:05:2d:e2:e0:3f:
ad:30:f9:fc:68:5b:c2:0f:f1:c6:10:85:66:4d:f2:
72:09:c2:e0:b1:f6:2c:2c:9e:8d:85:08:ec:a8:5e:
7d:e6:91:58:01:37:5f:19:d8:29:66:73:fe:3d:12:
15:8d:50:dd:fa:0b:7c:c7:1d:57:d6:1c:c1:92:e2:
e0:5f:62:56:08:fd:9d:03:8c:9a:fc:ef:19:50:0c:
65:1c:a8:01:69:1f:01:02:76:0d:8f:aa:aa:8a:ce:
c2:b3:55:89:96:b9:da:ca:9c:b3:1c:12:e4:64:9c:
d6:ae:8b:11:83:df:28:4f:c9:c8:6a:60:f5:fe:69:
bb:85:12:f5:9f:6f:ad:b1:81:00:82:91:dd:1e:5a:
e4:72:12:21:f3:50:3c:76:dd:f8:f1:13:92:8d:44:
cf:84:03:92:29:72:66:af:e3:3c:17:95:08:24:ef:
56:3d:cc:f0:04:e6:15:36:cc:a1:1e:57:17:6b:14:
bc:8f:90:62:25:d5:a1:50:a1:41:52:0d:02:26:01:
f9:26:8b:63:e2:31:4c:9a:e3:74:75:54:22:4a:cb:
16:25:d8:89:8b:86:08:98:62:f1:d6:26:09:5a:78:
d2:a7:9b:43:f3:24:69:a9:35:93:98:80:22:5c:10:
b3:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:76:02:35:49:E6:FB:75:2C:89:2D:18:DA:3E:08:26:DF:06:26:65
X509v3 Authority Key Identifier:
keyid:CB:D7:57:E9:13:AA:CE:43:4E:6D:D6:D6:D5:0A:7E:DF:72:CE:88:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9dX6ROqzkNObdbW1Qp-33LOiIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/bdc09a-2b2a-4797-a296-9cfdf3c2b348/1/xXYCNUnm-3UsiS0Y2j4IJt8GJmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/bdc09a-2b2a-4797-a296-9cfdf3c2b348/1/y9dX6ROqzkNObdbW1Qp-33LOiIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.202.0/23
185.230.80.0/22
IPv6:
2a0c:900::/29
Signature Algorithm: sha256WithRSAEncryption
54:c6:1e:3e:f0:d8:59:b2:c1:cc:20:72:3a:22:03:4c:e8:fd:
45:84:a8:6f:ae:f5:05:a6:9c:7b:50:26:9c:b4:08:e0:99:b1:
e2:0a:c9:a1:60:60:4e:c4:8d:ba:9f:8e:f4:89:e1:6a:27:53:
3c:a8:72:be:a7:4f:c0:56:2d:f2:6c:57:97:0d:61:47:81:7b:
94:a1:5b:d8:6e:b8:dd:8f:ef:aa:b3:df:b4:43:bf:8f:39:ad:
47:43:cc:75:ef:92:88:d8:0e:cd:cd:14:96:7a:d0:62:fa:00:
47:91:a8:4b:21:6a:04:6c:b7:50:91:c4:fd:82:3e:6d:60:2a:
5b:ed:b1:eb:24:b4:48:cc:01:05:b2:51:21:7a:08:7f:8b:a6:
95:51:e4:9c:3e:22:4f:9c:4b:87:43:a0:73:6a:09:43:81:2a:
b9:03:0c:9c:43:fe:c1:5f:4d:8c:9d:35:e0:85:28:d2:5e:10:
78:4e:c4:44:1c:d9:69:99:79:f4:2f:d1:0c:5c:25:65:18:0c:
b8:f4:e9:5c:e8:b9:d5:39:10:49:7d:2f:f3:ef:56:02:4b:f7:
a4:ba:b0:a8:e6:9c:19:fc:b7:19:3b:e4:bb:e1:ba:3e:cf:41:
1f:ea:2f:7c:53:ae:eb:a7:cb:6c:67:a5:34:30:d4:92:81:af:
12:54:fa:6b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQkRJkYtqd1mmMxz34qcuVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDc1N2U5MTNhYWNlNDM0ZTZkZDZkNmQ1MGE3ZWRmNzJj
ZTg4OGMwHhcNMjUwMTAxMjM0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTc2MDIzNTQ5ZTZmYjc1MmM4OTJkMThkYTNlMDgyNmRmMDYyNjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8EJwId0fxR9BS3i4D+tMPn8aFvC
D/HGEIVmTfJyCcLgsfYsLJ6NhQjsqF595pFYATdfGdgpZnP+PRIVjVDd+gt8xx1X
1hzBkuLgX2JWCP2dA4ya/O8ZUAxlHKgBaR8BAnYNj6qqis7Cs1WJlrnaypyzHBLk
ZJzWrosRg98oT8nIamD1/mm7hRL1n2+tsYEAgpHdHlrkchIh81A8dt348ROSjUTP
hAOSKXJmr+M8F5UIJO9WPczwBOYVNsyhHlcXaxS8j5BiJdWhUKFBUg0CJgH5Jotj
4jFMmuN0dVQiSssWJdiJi4YImGLx1iYJWnjSp5tD8yRpqTWTmIAiXBCznQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMV2AjVJ5vt1LIktGNo+CCbfBiZlMB8GA1UdIwQY
MBaAFMvXV+kTqs5DTm3W1tUKft9yzoiMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlkWDZST3F6a05PYmRiVzFRcC0zM0xPaUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9iZGMwOWEtMmIyYS00Nzk3LWEyOTYt
OWNmZGYzYzJiMzQ4LzEveFhZQ05Vbm0tM1VzaVMwWTJqNElKdDhHSm1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9iZGMwOWEtMmIyYS00Nzk3LWEyOTYtOWNmZGYzYzJiMzQ4
LzEveTlkWDZST3F6a05PYmRiVzFRcC0zM0xPaUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBucLKAwQC
ueZQMA0EAgACMAcDBQMqDAkAMA0GCSqGSIb3DQEBCwUAA4IBAQBUxh4+8NhZssHM
IHI6IgNM6P1FhKhvrvUFppx7UCactAjgmbHiCsmhYGBOxI26n470ieFqJ1M8qHK+
p0/AVi3ybFeXDWFHgXuUoVvYbrjdj++qs9+0Q7+POa1HQ8x175KI2A7NzRSWetBi
+gBHkahLIWoEbLdQkcT9gj5tYCpb7bHrJLRIzAEFslEhegh/i6aVUeScPiJPnEuH
Q6BzaglDgSq5AwycQ/7BX02MnTXghSjSXhB4TsREHNlpmXn0L9EMXCVlGAy49Olc
6LnVORBJfS/z71YCS/ekurCo5pwZ/LcZO+S74bo+z0Ef6i98U67rp8tsZ6U0MNSS
ga8SVPpr
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:06:20 2025 by rpki-client