Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/8q_1sdbmWayLtmP8mTZB8kLpDTw.roa
File: 8q_1sdbmWayLtmP8mTZB8kLpDTw.roa (raw, json)
Hash identifier: uQTkc3VWGLAWZhJNFH53PtzgfyjjEyHOxqo6DRrQtqk=
Subject key identifier: F2:AF:F5:B1:D6:E6:59:AC:8B:B6:63:FC:99:36:41:F2:42:E9:0D:3C
Certificate issuer: /CN=301a648725ee26a460cb9b1cbcd9c9c832c449af
Certificate serial: 019423695DDF18B869EBC2100B21118DFA64
Authority key identifier: 30:1A:64:87:25:EE:26:A4:60:CB:9B:1C:BC:D9:C9:C8:32:C4:49:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MBpkhyXuJqRgy5scvNnJyDLESa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/8q_1sdbmWayLtmP8mTZB8kLpDTw.roa
Signing time: Wed 01 Jan 2025 19:48:15 +0000
ROA not before: Wed 01 Jan 2025 19:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57395
IP address blocks: 5.183.48.0/22 maxlen: 22
89.207.153.0/24 maxlen: 24
176.98.160.0/24 maxlen: 24
176.98.161.0/24 maxlen: 24
176.98.162.0/24 maxlen: 24
176.98.163.0/24 maxlen: 24
176.98.164.0/24 maxlen: 24
176.98.165.0/24 maxlen: 24
176.98.166.0/24 maxlen: 24
176.98.167.0/24 maxlen: 24
185.181.168.0/24 maxlen: 24
185.181.169.0/24 maxlen: 24
185.181.170.0/24 maxlen: 24
185.181.171.0/24 maxlen: 24
185.254.0.0/24 maxlen: 24
185.254.1.0/24 maxlen: 24
193.150.64.0/24 maxlen: 24
2a0b:33c0:1::/48 maxlen: 48
2a0b:33c0:2::/48 maxlen: 48
2a0b:33c0:3::/48 maxlen: 48
2a0b:33c0:6::/48 maxlen: 48
2a0b:33c0:10::/48 maxlen: 48
2a0b:33c0:50::/48 maxlen: 48
2a0b:33c0:51::/48 maxlen: 48
2a0b:33c0:107::/48 maxlen: 48
2a0b:33c0:112::/48 maxlen: 48
2a0b:33c0:113::/48 maxlen: 48
2a0b:33c0:114::/48 maxlen: 48
2a0b:33c0:117::/48 maxlen: 48
2a0b:33c0:118::/48 maxlen: 48
2a0e:d200::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/MBpkhyXuJqRgy5scvNnJyDLESa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/MBpkhyXuJqRgy5scvNnJyDLESa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/MBpkhyXuJqRgy5scvNnJyDLESa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:5d:df:18:b8:69:eb:c2:10:0b:21:11:8d:fa:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=301a648725ee26a460cb9b1cbcd9c9c832c449af
Validity
Not Before: Jan 1 19:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2aff5b1d6e659ac8bb663fc993641f242e90d3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:47:fc:8a:f5:ca:e8:a2:8c:b8:ed:1f:65:03:
9c:a0:ca:6c:8f:0b:56:d2:44:e7:a3:ff:61:b6:ba:
1e:c2:27:13:8c:25:fb:86:51:1c:aa:33:52:c7:ed:
dc:e9:97:6e:c6:1a:36:ef:5b:73:74:9d:bf:2a:b4:
d9:0a:57:e3:d0:80:4c:b7:0a:81:5e:7d:5a:ad:0f:
fc:18:e9:64:f7:a6:82:a6:3c:dc:57:d4:62:1b:b5:
55:4d:ca:af:f5:96:11:aa:f6:64:16:6e:61:e2:d0:
e0:5e:78:4e:36:bf:05:36:03:23:cd:1a:d1:3f:5e:
cc:0c:21:34:4d:cd:c0:ab:50:4f:7e:db:6a:03:eb:
df:22:08:36:c9:fb:f9:d9:bb:2e:63:93:d2:7a:c5:
50:25:43:c1:c3:f9:15:19:fc:28:1f:f8:1d:97:62:
08:1b:c0:32:dc:2b:ab:4c:98:07:ed:ea:15:b8:58:
29:f4:70:52:a7:ef:a7:4e:00:59:6c:ed:df:14:73:
9a:c9:ad:c4:55:1e:c0:14:dd:ff:72:0a:38:45:c3:
b5:58:b6:be:78:3f:55:5e:f5:94:a5:55:a5:f0:bf:
f8:c7:91:d7:0b:4d:bc:63:b9:9e:3d:58:9b:26:53:
cb:24:df:3d:62:54:db:2b:96:a1:5b:0a:d5:3f:8e:
9a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AF:F5:B1:D6:E6:59:AC:8B:B6:63:FC:99:36:41:F2:42:E9:0D:3C
X509v3 Authority Key Identifier:
keyid:30:1A:64:87:25:EE:26:A4:60:CB:9B:1C:BC:D9:C9:C8:32:C4:49:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBpkhyXuJqRgy5scvNnJyDLESa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/8q_1sdbmWayLtmP8mTZB8kLpDTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/MBpkhyXuJqRgy5scvNnJyDLESa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.48.0/22
89.207.153.0/24
176.98.160.0/21
185.181.168.0/22
185.254.0.0/23
193.150.64.0/24
IPv6:
2a0b:33c0:1::-2a0b:33c0:3:ffff:ffff:ffff:ffff:ffff
2a0b:33c0:6::/48
2a0b:33c0:10::/48
2a0b:33c0:50::/47
2a0b:33c0:107::/48
2a0b:33c0:112::-2a0b:33c0:114:ffff:ffff:ffff:ffff:ffff
2a0b:33c0:117::-2a0b:33c0:118:ffff:ffff:ffff:ffff:ffff
2a0e:d200::/29
Signature Algorithm: sha256WithRSAEncryption
2e:d9:78:b2:bb:61:ac:3d:84:bc:42:22:42:1a:51:75:90:dc:
e4:e6:80:0b:72:e4:25:3f:a2:de:20:87:f1:5c:45:98:87:82:
b9:ee:bb:f0:e6:f6:f8:a3:23:b0:eb:6e:e1:97:bd:1e:07:be:
ca:2b:ab:c5:f9:fe:65:16:88:93:3e:7c:d1:67:bf:27:cb:f2:
04:90:44:10:e6:ce:d8:1b:8e:98:29:ab:d3:08:81:4a:ee:52:
d5:3d:34:3a:02:b1:3b:98:df:ca:0a:b3:c6:a3:d9:be:4f:9b:
bb:b8:71:e0:ce:16:76:f7:23:5d:f6:25:19:70:ad:d8:17:8f:
10:2b:06:aa:a7:11:52:ad:2d:96:0b:01:b1:fc:1e:a5:2c:11:
6f:9d:d3:eb:c9:ce:44:03:fa:77:cf:26:ad:44:fe:bc:f5:23:
1a:e3:bf:85:4b:c1:27:dc:82:c0:8c:50:42:b0:00:b1:f5:94:
b9:ee:19:ed:4f:23:c4:b1:7e:8c:33:db:a8:84:3d:22:23:45:
cb:b9:a3:64:a6:66:26:e4:14:49:74:49:b8:ae:99:17:bc:31:
16:36:7c:d2:c8:e5:60:7e:c4:3d:b6:50:63:a6:90:4f:43:b9:
61:7e:e1:6c:5c:9b:39:f4:b1:ec:bd:e5:5b:7e:0e:97:74:2b:
56:78:99:97
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAZQjaV3fGLhp68IQCyERjfpkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMWE2NDg3MjVlZTI2YTQ2MGNiOWIxY2JjZDljOWM4MzJj
NDQ5YWYwHhcNMjUwMTAxMTk0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmFmZjViMWQ2ZTY1OWFjOGJiNjYzZmM5OTM2NDFmMjQyZTkwZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikf8ivXK6KKMuO0fZQOcoMpsjwtW
0kTno/9htroewicTjCX7hlEcqjNSx+3c6Zduxho271tzdJ2/KrTZClfj0IBMtwqB
Xn1arQ/8GOlk96aCpjzcV9RiG7VVTcqv9ZYRqvZkFm5h4tDgXnhONr8FNgMjzRrR
P17MDCE0Tc3Aq1BPfttqA+vfIgg2yfv52bsuY5PSesVQJUPBw/kVGfwoH/gdl2II
G8Ay3CurTJgH7eoVuFgp9HBSp++nTgBZbO3fFHOaya3EVR7AFN3/cgo4RcO1WLa+
eD9VXvWUpVWl8L/4x5HXC028Y7mePVibJlPLJN89YlTbK5ahWwrVP46a0wIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFPKv9bHW5lmsi7Zj/Jk2QfJC6Q08MB8GA1UdIwQY
MBaAFDAaZIcl7iakYMubHLzZycgyxEmvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUJwa2h5WHVKcVJneTVzY3ZObkp5RExFU2E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8wMjRmMGYtMjBjNS00ODI4LWIzMzIt
YTViMmQwOWUwNWNmLzEvOHFfMXNkYm1XYXlMdG1QOG1UWkI4a0xwRFR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8wMjRmMGYtMjBjNS00ODI4LWIzMzItYTViMmQwOWUwNWNm
LzEvTUJwa2h5WHVKcVJneTVzY3ZObkp5RExFU2E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGuBggrBgEFBQcBBwEB/wSBnjCBmzAqBAIAATAkAwQCBbcw
AwQAWc+ZAwQDsGKgAwQCubWoAwQBuf4AAwQAwZZAMG0EAgACMGcwEgMHACoLM8AA
AQMHAioLM8AAAAMHACoLM8AABgMHACoLM8AAEAMHASoLM8AAUAMHACoLM8ABBzAS
AwcBKgszwAESAwcAKgszwAEUMBIDBwAqCzPAARcDBwAqCzPAARgDBQMqDtIAMA0G
CSqGSIb3DQEBCwUAA4IBAQAu2Xiyu2GsPYS8QiJCGlF1kNzk5oALcuQlP6LeIIfx
XEWYh4K57rvw5vb4oyOw627hl70eB77KK6vF+f5lFoiTPnzRZ78ny/IEkEQQ5s7Y
G46YKavTCIFK7lLVPTQ6ArE7mN/KCrPGo9m+T5u7uHHgzhZ29yNd9iUZcK3YF48Q
KwaqpxFSrS2WCwGx/B6lLBFvndPryc5EA/p3zyatRP689SMa47+FS8En3ILAjFBC
sACx9ZS57hntTyPEsX6MM9uohD0iI0XLuaNkpmYm5BRJdEm4rpkXvDEWNnzSyOVg
fsQ9tlBjppBPQ7lhfuFsXJs59LHsveVbfg6XdCtWeJmX
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:23 2025 by rpki-client