Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/CFHgd4L73NmnKwbNZX4Ea5xUqNI.roa
File: CFHgd4L73NmnKwbNZX4Ea5xUqNI.roa (raw, json)
Hash identifier: 1vwfxPtMAo6Ane/X/c4BMzTm00LQJy+F2i0HA+2GRDU=
Subject key identifier: 08:51:E0:77:82:FB:DC:D9:A7:2B:06:CD:65:7E:04:6B:9C:54:A8:D2
Certificate issuer: /CN=5ee004befa553ddb35564fb7762b05eb222ecf93
Certificate serial: 0194206827D78DCD4039CCB794D50BF65DCD
Authority key identifier: 5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/CFHgd4L73NmnKwbNZX4Ea5xUqNI.roa
Signing time: Wed 01 Jan 2025 05:48:04 +0000
ROA not before: Wed 01 Jan 2025 05:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50611
IP address blocks: 185.95.96.0/23 maxlen: 24
185.95.98.0/23 maxlen: 24
2a00:1c3e:96::/47 maxlen: 48
2a00:1c3e:98::/47 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:27:d7:8d:cd:40:39:cc:b7:94:d5:0b:f6:5d:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee004befa553ddb35564fb7762b05eb222ecf93
Validity
Not Before: Jan 1 05:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0851e07782fbdcd9a72b06cd657e046b9c54a8d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:bb:b7:cd:bb:2f:cd:7e:3b:45:a3:c5:34:d6:
a9:76:f6:e4:66:54:ed:36:4d:25:31:8c:e9:e1:65:
f1:82:1d:ce:61:d1:5d:1d:7f:71:68:31:7a:7a:d6:
55:0b:34:f3:8d:50:a1:f4:fb:b7:3c:9f:ee:bc:ec:
17:79:82:a0:ba:b6:51:e4:a1:91:02:5d:65:4a:d1:
0a:ec:27:35:9f:84:4e:1b:dc:76:dc:3e:96:9a:ce:
db:20:32:3f:0c:1f:ee:da:b9:a2:00:34:8b:8a:cb:
03:0a:8a:7f:bc:21:6d:bf:1d:fd:65:35:4f:80:4e:
9e:6e:bc:c4:fb:58:fe:1d:e7:dc:64:f9:94:64:88:
17:40:e4:10:b2:16:bc:02:34:67:6a:31:86:50:e8:
bc:1a:21:3f:a0:a2:26:96:85:07:0b:bd:c9:aa:56:
ad:fe:01:a8:e3:6f:82:60:ff:fd:ec:bf:f9:8d:2c:
c0:75:00:c5:43:8b:c6:24:3c:a7:09:cf:85:fc:86:
14:09:ae:48:9c:f9:60:1e:04:76:23:be:fa:99:91:
c1:bd:da:4f:62:33:43:e8:1a:41:dc:f8:44:85:80:
7a:27:d0:b3:59:57:89:2a:88:b6:2e:a6:f9:3b:b1:
c5:b8:40:58:c3:66:92:65:a4:95:b9:5a:e6:8d:22:
de:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:51:E0:77:82:FB:DC:D9:A7:2B:06:CD:65:7E:04:6B:9C:54:A8:D2
X509v3 Authority Key Identifier:
keyid:5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/CFHgd4L73NmnKwbNZX4Ea5xUqNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.96.0/22
IPv6:
2a00:1c3e:96::-2a00:1c3e:99:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
79:34:32:10:80:76:ff:26:2d:f5:d8:42:c4:82:7c:a7:4d:b7:
2a:44:95:60:e9:6f:fb:32:f0:63:3e:6f:61:6a:c5:1a:6f:7c:
2d:27:ee:b8:80:63:da:65:29:09:11:58:1a:39:94:89:26:87:
f6:f0:89:46:43:04:92:d4:d7:39:95:df:fa:6e:9e:88:ab:62:
e8:f5:c3:6a:c9:8b:3d:17:60:df:ea:77:2f:49:40:f7:99:28:
fb:e4:76:a9:88:d5:eb:74:18:e0:1e:9b:25:be:d1:b0:32:2c:
2e:b2:ec:13:6a:da:7a:e3:27:84:92:bc:5f:3a:df:19:75:ba:
ed:dd:0a:20:42:de:db:65:03:4c:58:6a:3e:7d:c8:a5:49:28:
fd:10:02:c2:75:3f:ac:f6:95:68:cf:49:fb:b5:68:50:7a:2b:
7a:9e:0e:ac:c0:d3:22:1e:6d:33:e1:b2:ac:d7:f2:0a:e0:48:
74:f3:3c:fc:97:02:f6:ad:b6:a3:8e:8d:f2:dd:66:b6:6f:cc:
f3:75:74:1e:b5:b0:fd:19:e3:48:e3:46:14:f7:7f:f6:41:43:
c8:e2:1f:44:ce:70:d2:aa:ba:38:be:28:48:51:5a:bb:56:be:
67:89:cb:3c:da:c4:e4:95:2a:0e:67:fd:cd:08:e3:55:84:86:
b9:f7:33:82
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQgaCfXjc1AOcy3lNUL9l3NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTAwNGJlZmE1NTNkZGIzNTU2NGZiNzc2MmIwNWViMjIy
ZWNmOTMwHhcNMjUwMTAxMDU0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODUxZTA3NzgyZmJkY2Q5YTcyYjA2Y2Q2NTdlMDQ2YjljNTRhOGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLu3zbsvzX47RaPFNNapdvbkZlTt
Nk0lMYzp4WXxgh3OYdFdHX9xaDF6etZVCzTzjVCh9Pu3PJ/uvOwXeYKgurZR5KGR
Al1lStEK7Cc1n4ROG9x23D6Wms7bIDI/DB/u2rmiADSLissDCop/vCFtvx39ZTVP
gE6ebrzE+1j+HefcZPmUZIgXQOQQsha8AjRnajGGUOi8GiE/oKImloUHC73Jqlat
/gGo42+CYP/97L/5jSzAdQDFQ4vGJDynCc+F/IYUCa5InPlgHgR2I776mZHBvdpP
YjND6BpB3PhEhYB6J9CzWVeJKoi2Lqb5O7HFuEBYw2aSZaSVuVrmjSLeHQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFAhR4HeC+9zZpysGzWV+BGucVKjSMB8GA1UdIwQY
MBaAFF7gBL76VT3bNVZPt3YrBesiLs+TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjIt
ZTIyOGFhYjQ1MDE0LzEvQ0ZIZ2Q0TDczTm1uS3diTlpYNEVhNXhVcU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjItZTIyOGFhYjQ1MDE0
LzEvWHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuV9gMBoE
AgACMBQwEgMHASoAHD4AlgMHASoAHD4AmDANBgkqhkiG9w0BAQsFAAOCAQEAeTQy
EIB2/yYt9dhCxIJ8p023KkSVYOlv+zLwYz5vYWrFGm98LSfuuIBj2mUpCRFYGjmU
iSaH9vCJRkMEktTXOZXf+m6eiKti6PXDasmLPRdg3+p3L0lA95ko++R2qYjV63QY
4B6bJb7RsDIsLrLsE2raeuMnhJK8XzrfGXW67d0KIELe22UDTFhqPn3IpUko/RAC
wnU/rPaVaM9J+7VoUHorep4OrMDTIh5tM+GyrNfyCuBIdPM8/JcC9q22o46N8t1m
tm/M83V0HrWw/RnjSONGFPd/9kFDyOIfRM5w0qq6OL4oSFFau1a+Z4nLPNrE5JUq
Dmf9zQjjVYSGufczgg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:42:07 2025 by rpki-client