Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/424685-d8a9-4368-8d3c-c2064b0f9ab9/1/8gQzPchz9vCwdjVN_ZBPueH3G6Y.roa
File: 8gQzPchz9vCwdjVN_ZBPueH3G6Y.roa (raw, json)
Hash identifier: Z7w2/N0mbKOYhB3ua7HBgoWG65DoIXePIy8hWS+i+vg=
Subject key identifier: F2:04:33:3D:C8:73:F6:F0:B0:76:35:4D:FD:90:4F:B9:E1:F7:1B:A6
Certificate issuer: /CN=62e25656c50bb254f58077d1b966e474b16347af
Certificate serial: 019426D97097112A5400DDF845721A6846A9
Authority key identifier: 62:E2:56:56:C5:0B:B2:54:F5:80:77:D1:B9:66:E4:74:B1:63:47:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YuJWVsULslT1gHfRuWbkdLFjR68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/424685-d8a9-4368-8d3c-c2064b0f9ab9/1/8gQzPchz9vCwdjVN_ZBPueH3G6Y.roa
Signing time: Thu 02 Jan 2025 11:49:31 +0000
ROA not before: Thu 02 Jan 2025 11:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8657
IP address blocks: 185.96.172.0/22 maxlen: 22
195.8.0.0/19 maxlen: 24
217.168.112.0/21 maxlen: 24
2001:15d8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/424685-d8a9-4368-8d3c-c2064b0f9ab9/1/YuJWVsULslT1gHfRuWbkdLFjR68.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/424685-d8a9-4368-8d3c-c2064b0f9ab9/1/YuJWVsULslT1gHfRuWbkdLFjR68.mft
rsync://rpki.ripe.net/repository/DEFAULT/YuJWVsULslT1gHfRuWbkdLFjR68.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:70:97:11:2a:54:00:dd:f8:45:72:1a:68:46:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62e25656c50bb254f58077d1b966e474b16347af
Validity
Not Before: Jan 2 11:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f204333dc873f6f0b076354dfd904fb9e1f71ba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:5e:c3:4c:d8:e7:af:a5:9a:ad:14:b1:2b:67:
e6:80:d9:ab:36:c3:18:ed:56:f7:16:6f:df:b9:c1:
3f:e5:60:bf:95:e2:ec:68:06:fb:73:10:0f:42:1f:
1c:0b:64:e9:dd:88:58:24:b5:21:c6:ef:13:25:b1:
56:54:4b:37:b9:c9:47:26:12:5e:93:e9:f3:5b:46:
49:e3:be:ab:b2:46:57:96:d9:d4:9a:8e:d9:75:6c:
f7:a3:c7:09:f2:bf:38:b4:96:66:0b:29:64:7e:21:
0c:f6:70:01:27:f1:d5:ee:89:c9:83:5e:87:8b:4f:
d5:de:08:62:69:09:91:d3:6f:d6:a4:54:69:b8:97:
4d:79:c4:7d:18:9f:90:3e:55:07:1e:7e:88:83:b8:
38:5d:e5:be:e5:58:34:8e:7e:e8:ea:ff:02:4f:22:
c9:13:59:ee:bd:e8:31:a4:48:d9:21:b6:9d:31:c5:
34:2f:28:29:2b:f9:ca:c2:2f:c1:fc:35:8e:b2:8f:
ae:57:f8:b0:fe:af:e3:7d:64:9c:9d:63:e6:f7:59:
f5:11:45:b7:98:7a:d6:af:08:9d:33:42:7c:83:1c:
99:20:ea:1d:b0:d6:3c:ff:33:c9:01:f1:b2:6e:83:
c6:d9:f2:75:b9:75:f5:8b:16:31:28:ec:b5:eb:40:
24:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:04:33:3D:C8:73:F6:F0:B0:76:35:4D:FD:90:4F:B9:E1:F7:1B:A6
X509v3 Authority Key Identifier:
keyid:62:E2:56:56:C5:0B:B2:54:F5:80:77:D1:B9:66:E4:74:B1:63:47:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YuJWVsULslT1gHfRuWbkdLFjR68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/424685-d8a9-4368-8d3c-c2064b0f9ab9/1/8gQzPchz9vCwdjVN_ZBPueH3G6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/424685-d8a9-4368-8d3c-c2064b0f9ab9/1/YuJWVsULslT1gHfRuWbkdLFjR68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.172.0/22
195.8.0.0/19
217.168.112.0/21
IPv6:
2001:15d8::/32
Signature Algorithm: sha256WithRSAEncryption
22:e5:d4:b4:ac:f4:22:7f:03:27:0a:bc:c1:8e:ad:13:d9:35:
94:aa:d8:b2:0d:88:33:3c:05:04:db:2a:0d:7b:a8:ab:5c:f4:
fd:ff:cf:29:20:50:53:ff:c0:0b:c0:d8:26:3d:00:4b:3c:59:
86:30:6a:a9:bd:ed:78:8b:0d:60:4b:50:bb:22:39:23:a4:41:
55:a5:65:8b:6e:2d:4d:fe:46:7b:0e:48:64:7d:8a:48:81:00:
73:6d:b2:7c:bb:dd:ea:bd:a4:a5:be:cd:c8:4e:25:18:76:6b:
a7:42:fd:6f:36:9e:42:5e:88:48:cc:ed:18:9b:52:a4:ac:8f:
c6:07:06:1d:31:fd:ff:7a:ca:63:2b:db:78:a7:2d:9c:55:5a:
5b:25:07:88:58:22:ab:8e:c9:07:7a:1a:2f:f6:f3:81:29:15:
d2:6f:c5:0c:a0:f7:73:69:53:1c:73:ba:e7:c2:e7:80:f5:5e:
b4:be:c4:05:8f:c8:92:f2:59:c8:f9:b5:f2:00:32:a8:14:c4:
d6:2e:84:7b:de:62:23:e1:86:05:aa:7c:43:2a:29:4d:d1:ca:
e6:46:fe:46:e9:3a:8d:63:d4:6d:24:7d:99:21:6a:ac:c4:67:
d0:10:19:31:9d:7c:f0:26:b8:0e:b7:2e:c4:e4:9f:81:1a:03:
4e:02:f7:2f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQm2XCXESpUAN34RXIaaEapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZTI1NjU2YzUwYmIyNTRmNTgwNzdkMWI5NjZlNDc0YjE2
MzQ3YWYwHhcNMjUwMTAyMTE0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjA0MzMzZGM4NzNmNmYwYjA3NjM1NGRmZDkwNGZiOWUxZjcxYmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA017DTNjnr6WarRSxK2fmgNmrNsMY
7Vb3Fm/fucE/5WC/leLsaAb7cxAPQh8cC2Tp3YhYJLUhxu8TJbFWVEs3uclHJhJe
k+nzW0ZJ476rskZXltnUmo7ZdWz3o8cJ8r84tJZmCylkfiEM9nABJ/HV7onJg16H
i0/V3ghiaQmR02/WpFRpuJdNecR9GJ+QPlUHHn6Ig7g4XeW+5Vg0jn7o6v8CTyLJ
E1nuvegxpEjZIbadMcU0LygpK/nKwi/B/DWOso+uV/iw/q/jfWScnWPm91n1EUW3
mHrWrwidM0J8gxyZIOodsNY8/zPJAfGyboPG2fJ1uXX1ixYxKOy160AknwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPIEMz3Ic/bwsHY1Tf2QT7nh9xumMB8GA1UdIwQY
MBaAFGLiVlbFC7JU9YB30blm5HSxY0evMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXVKV1ZzVUxzbFQxZ0hmUnVXYmtkTEZqUjY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS80MjQ2ODUtZDhhOS00MzY4LThkM2Mt
YzIwNjRiMGY5YWI5LzEvOGdRelBjaHo5dkN3ZGpWTl9aQlB1ZUgzRzZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS80MjQ2ODUtZDhhOS00MzY4LThkM2MtYzIwNjRiMGY5YWI5
LzEvWXVKV1ZzVUxzbFQxZ0hmUnVXYmtkTEZqUjY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuWCsAwQF
wwgAAwQD2ahwMA0EAgACMAcDBQAgARXYMA0GCSqGSIb3DQEBCwUAA4IBAQAi5dS0
rPQifwMnCrzBjq0T2TWUqtiyDYgzPAUE2yoNe6irXPT9/88pIFBT/8ALwNgmPQBL
PFmGMGqpve14iw1gS1C7IjkjpEFVpWWLbi1N/kZ7DkhkfYpIgQBzbbJ8u93qvaSl
vs3ITiUYdmunQv1vNp5CXohIzO0Ym1KkrI/GBwYdMf3/espjK9t4py2cVVpbJQeI
WCKrjskHehov9vOBKRXSb8UMoPdzaVMcc7rnwueA9V60vsQFj8iS8lnI+bXyADKo
FMTWLoR73mIj4YYFqnxDKilN0crmRv5G6TqNY9RtJH2ZIWqsxGfQEBkxnXzwJrgO
ty7E5J+BGgNOAvcv
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:49:22 2025 by rpki-client