Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/d9a01c-5c91-4d00-a09a-f8792f577b9a/1/rgad5_QrqjzIqPuzW_IRWvVFFb4.roa
File: rgad5_QrqjzIqPuzW_IRWvVFFb4.roa (raw, json)
Hash identifier: CW37KfuVvlCtejt5YGCTadY3jiqhfL5iQfoIqu008Bo=
Subject key identifier: AE:06:9D:E7:F4:2B:AA:3C:C8:A8:FB:B3:5B:F2:11:5A:F5:45:15:BE
Certificate issuer: /CN=75386a6fae1e55f576a405bd74b7f08e7a6c4653
Certificate serial: 0194266BE358FE9953FCF46CE324E39B7C31
Authority key identifier: 75:38:6A:6F:AE:1E:55:F5:76:A4:05:BD:74:B7:F0:8E:7A:6C:46:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dThqb64eVfV2pAW9dLfwjnpsRlM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/d9a01c-5c91-4d00-a09a-f8792f577b9a/1/rgad5_QrqjzIqPuzW_IRWvVFFb4.roa
Signing time: Thu 02 Jan 2025 09:49:52 +0000
ROA not before: Thu 02 Jan 2025 09:49:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51269
IP address blocks: 185.32.70.0/24 maxlen: 24
185.163.124.0/22 maxlen: 22
194.146.126.0/24 maxlen: 24
194.147.47.0/24 maxlen: 24
194.147.67.0/24 maxlen: 24
2a0b:b800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/d9a01c-5c91-4d00-a09a-f8792f577b9a/1/dThqb64eVfV2pAW9dLfwjnpsRlM.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/d9a01c-5c91-4d00-a09a-f8792f577b9a/1/dThqb64eVfV2pAW9dLfwjnpsRlM.mft
rsync://rpki.ripe.net/repository/DEFAULT/dThqb64eVfV2pAW9dLfwjnpsRlM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:e3:58:fe:99:53:fc:f4:6c:e3:24:e3:9b:7c:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75386a6fae1e55f576a405bd74b7f08e7a6c4653
Validity
Not Before: Jan 2 09:49:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae069de7f42baa3cc8a8fbb35bf2115af54515be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:06:17:62:70:58:85:6a:5f:d7:97:97:80:50:
43:34:16:bf:34:70:a3:4d:c0:8a:89:ca:8b:13:9f:
b0:2d:7b:44:f3:15:db:3a:9d:47:d6:18:57:cb:4a:
df:22:fb:3b:76:33:5c:34:a2:33:01:f7:ba:b7:2a:
51:3e:fd:c8:31:fb:14:b0:7a:d9:e6:41:81:08:2b:
1e:f5:72:a9:5e:21:70:a3:1b:e3:32:c7:f1:a9:7f:
80:13:be:cc:a2:2b:fe:63:d3:71:5c:82:93:b0:33:
cc:5c:be:cf:9b:2d:be:c0:3c:8c:c9:50:25:e2:12:
31:51:a9:6b:57:b2:f8:af:11:02:2d:6c:06:d2:e5:
bd:87:d3:c2:55:42:0e:af:98:48:80:f9:8e:74:19:
a8:8c:e5:e5:02:09:57:ef:fb:6a:3a:33:0f:f7:74:
be:0f:51:ff:ca:db:09:1d:7d:88:bd:51:c9:d1:ce:
70:c9:37:e3:b7:d6:86:ea:5c:db:3f:d4:b7:f8:fe:
25:dc:a2:ce:35:75:e0:0f:45:12:16:90:8a:a4:9b:
19:4a:35:03:47:90:77:80:e5:59:1c:92:fa:8a:1d:
72:db:81:75:70:43:ee:53:be:19:8a:de:a9:c5:12:
ec:dc:e8:2c:4c:5c:3b:58:81:5d:7c:ea:74:4d:41:
6f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:06:9D:E7:F4:2B:AA:3C:C8:A8:FB:B3:5B:F2:11:5A:F5:45:15:BE
X509v3 Authority Key Identifier:
keyid:75:38:6A:6F:AE:1E:55:F5:76:A4:05:BD:74:B7:F0:8E:7A:6C:46:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dThqb64eVfV2pAW9dLfwjnpsRlM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d9a01c-5c91-4d00-a09a-f8792f577b9a/1/rgad5_QrqjzIqPuzW_IRWvVFFb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d9a01c-5c91-4d00-a09a-f8792f577b9a/1/dThqb64eVfV2pAW9dLfwjnpsRlM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.70.0/24
185.163.124.0/22
194.146.126.0/24
194.147.47.0/24
194.147.67.0/24
IPv6:
2a0b:b800::/29
Signature Algorithm: sha256WithRSAEncryption
a2:dd:1a:56:a4:c8:4f:ee:bd:bc:96:48:eb:af:70:b5:86:a9:
d7:9c:b1:1f:ef:66:9b:12:4a:f6:f9:50:9b:e0:38:ad:8f:93:
ff:f0:a4:48:8b:0e:22:27:bf:67:70:e7:73:35:79:db:a5:55:
b6:48:0b:41:16:80:e3:eb:47:a1:69:7e:cc:b2:9f:f4:b0:2f:
7a:c6:33:0b:b8:30:f2:7b:4d:7a:82:2d:f9:dd:a9:a1:62:b9:
50:7a:dd:30:4f:a8:45:13:98:2a:16:1a:93:ef:b6:7f:fe:a0:
33:94:45:56:a9:4b:5f:07:ec:23:bb:b1:58:27:dc:42:f9:b3:
a0:aa:a2:24:c6:6b:2b:16:c4:12:ab:1b:30:e1:cb:65:de:d6:
1a:c2:fe:7b:c7:80:e2:16:8d:ca:bb:90:ca:26:e6:fe:f5:34:
26:48:e0:e0:52:34:34:dc:e0:a2:31:df:02:c4:0c:84:48:a6:
b0:2c:c8:51:4d:b6:0a:87:6b:02:38:21:e6:3b:77:ae:63:af:
e9:fa:64:96:bf:b1:f9:b0:11:97:02:4f:31:d8:b7:6f:ef:c2:
64:b8:52:ad:7b:d7:cd:cf:a1:56:87:88:d6:b2:53:46:df:52:
cb:9a:2e:15:bf:cd:6a:5f:9b:1d:ad:99:ed:b2:e7:fe:3d:6c:
c9:bc:d8:21
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQma+NY/plT/PRs4yTjm3wxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1Mzg2YTZmYWUxZTU1ZjU3NmE0MDViZDc0YjdmMDhlN2E2
YzQ2NTMwHhcNMjUwMTAyMDk0OTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTA2OWRlN2Y0MmJhYTNjYzhhOGZiYjM1YmYyMTE1YWY1NDUxNWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQYXYnBYhWpf15eXgFBDNBa/NHCj
TcCKicqLE5+wLXtE8xXbOp1H1hhXy0rfIvs7djNcNKIzAfe6typRPv3IMfsUsHrZ
5kGBCCse9XKpXiFwoxvjMsfxqX+AE77Moiv+Y9NxXIKTsDPMXL7Pmy2+wDyMyVAl
4hIxUalrV7L4rxECLWwG0uW9h9PCVUIOr5hIgPmOdBmojOXlAglX7/tqOjMP93S+
D1H/ytsJHX2IvVHJ0c5wyTfjt9aG6lzbP9S3+P4l3KLONXXgD0USFpCKpJsZSjUD
R5B3gOVZHJL6ih1y24F1cEPuU74Zit6pxRLs3OgsTFw7WIFdfOp0TUFv9QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFK4Gnef0K6o8yKj7s1vyEVr1RRW+MB8GA1UdIwQY
MBaAFHU4am+uHlX1dqQFvXS38I56bEZTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFRocWI2NGVWZlYycEFXOWRMZndqbnBzUmxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9kOWEwMWMtNWM5MS00ZDAwLWEwOWEt
Zjg3OTJmNTc3YjlhLzEvcmdhZDVfUXJxanpJcVB1eldfSVJXdlZGRmI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9kOWEwMWMtNWM5MS00ZDAwLWEwOWEtZjg3OTJmNTc3Yjlh
LzEvZFRocWI2NGVWZlYycEFXOWRMZndqbnBzUmxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAuSBGAwQC
uaN8AwQAwpJ+AwQAwpMvAwQAwpNDMA0EAgACMAcDBQMqC7gAMA0GCSqGSIb3DQEB
CwUAA4IBAQCi3RpWpMhP7r28lkjrr3C1hqnXnLEf72abEkr2+VCb4Ditj5P/8KRI
iw4iJ79ncOdzNXnbpVW2SAtBFoDj60ehaX7Msp/0sC96xjMLuDDye016gi353amh
YrlQet0wT6hFE5gqFhqT77Z//qAzlEVWqUtfB+wju7FYJ9xC+bOgqqIkxmsrFsQS
qxsw4ctl3tYawv57x4DiFo3Ku5DKJub+9TQmSODgUjQ03OCiMd8CxAyESKawLMhR
TbYKh2sCOCHmO3euY6/p+mSWv7H5sBGXAk8x2Ldv78JkuFKte9fNz6FWh4jWslNG
31LLmi4Vv81qX5sdrZntsuf+PWzJvNgh
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:26:35 2025 by rpki-client