Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/120043-1733-4c72-ad47-bc0e511c20ce/1/aqDSlJI6fRe1RN2uayTTFYQxD-s.roa
File: aqDSlJI6fRe1RN2uayTTFYQxD-s.roa (raw, json)
Hash identifier: KcsQCykFuSuY+9QOJB4kYVylQTDKAT5qMJFTxYEhYPg=
Subject key identifier: 6A:A0:D2:94:92:3A:7D:17:B5:44:DD:AE:6B:24:D3:15:84:31:0F:EB
Certificate issuer: /CN=97893182b16718983bc008c8d087f8ddca3d8614
Certificate serial: 019424B3A4EEA319CB28EA8172884FAC4EEA
Authority key identifier: 97:89:31:82:B1:67:18:98:3B:C0:08:C8:D0:87:F8:DD:CA:3D:86:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4kxgrFnGJg7wAjI0If43co9hhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/120043-1733-4c72-ad47-bc0e511c20ce/1/aqDSlJI6fRe1RN2uayTTFYQxD-s.roa
Signing time: Thu 02 Jan 2025 01:49:00 +0000
ROA not before: Thu 02 Jan 2025 01:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198018
IP address blocks: 185.177.129.0/24 maxlen: 24
185.177.131.0/24 maxlen: 24
194.153.186.0/24 maxlen: 24
2a0b:1300::/34 maxlen: 34
2a0b:1300:8000::/48 maxlen: 48
2a0b:1301::/34 maxlen: 34
2a0b:1301:4000::/34 maxlen: 34
2a0b:1301:8000::/48 maxlen: 48
2a0b:1301:8001::/48 maxlen: 48
2a0b:1306::/48 maxlen: 48
2a0b:1306:1::/48 maxlen: 48
2a0b:1306:2::/48 maxlen: 48
2a0b:1306:4::/48 maxlen: 48
2a0b:1306:6::/48 maxlen: 48
2a0b:1306:7::/48 maxlen: 48
2a0b:1306:8::/48 maxlen: 48
2a0b:1306:c::/48 maxlen: 48
2a0b:1306:400::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/120043-1733-4c72-ad47-bc0e511c20ce/1/l4kxgrFnGJg7wAjI0If43co9hhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/120043-1733-4c72-ad47-bc0e511c20ce/1/l4kxgrFnGJg7wAjI0If43co9hhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/l4kxgrFnGJg7wAjI0If43co9hhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:a4:ee:a3:19:cb:28:ea:81:72:88:4f:ac:4e:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97893182b16718983bc008c8d087f8ddca3d8614
Validity
Not Before: Jan 2 01:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6aa0d294923a7d17b544ddae6b24d31584310feb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:65:92:2d:8d:c2:26:ab:ef:60:91:21:58:c6:
ed:02:d5:ef:ed:1b:0c:74:26:17:71:97:dd:dd:5c:
f6:57:72:c5:68:12:da:e8:41:e8:90:ca:73:1a:6d:
ec:fc:bd:11:ea:da:b7:69:c9:61:ff:d4:fb:dc:8a:
ed:d3:c3:c8:08:05:aa:45:08:0e:37:8d:b5:97:43:
97:8d:df:d7:45:d8:96:2d:42:96:95:72:c3:34:27:
25:2e:70:3f:19:34:4f:32:b2:8a:bf:2f:a1:cb:db:
d1:d8:d6:ce:77:59:7d:3b:d7:cd:62:31:b1:9c:7a:
54:ad:2c:ca:a1:8d:be:aa:15:6a:ad:ba:66:4f:ef:
ec:07:1a:9f:0a:ee:c5:9c:32:7f:a7:57:30:d3:f2:
54:1a:3c:f4:a2:26:36:60:bf:65:38:31:8a:98:80:
c5:be:fc:ed:3e:f2:65:68:de:41:e9:9a:d2:d7:c5:
11:17:aa:3d:fa:99:48:3e:5f:6a:1f:8a:26:6f:6b:
40:78:0a:f2:b8:5c:12:c3:55:b8:85:95:00:ed:b9:
29:60:b9:64:87:3a:b1:33:fb:8e:c8:59:99:66:0f:
79:6c:2f:56:6f:f4:66:31:c9:98:7e:e7:e2:49:8e:
0b:9e:c8:77:14:f3:b6:17:e9:f1:4b:df:53:76:56:
a5:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:A0:D2:94:92:3A:7D:17:B5:44:DD:AE:6B:24:D3:15:84:31:0F:EB
X509v3 Authority Key Identifier:
keyid:97:89:31:82:B1:67:18:98:3B:C0:08:C8:D0:87:F8:DD:CA:3D:86:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4kxgrFnGJg7wAjI0If43co9hhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/120043-1733-4c72-ad47-bc0e511c20ce/1/aqDSlJI6fRe1RN2uayTTFYQxD-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/120043-1733-4c72-ad47-bc0e511c20ce/1/l4kxgrFnGJg7wAjI0If43co9hhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.129.0/24
185.177.131.0/24
194.153.186.0/24
IPv6:
2a0b:1300::/34
2a0b:1300:8000::/48
2a0b:1301::-2a0b:1301:8001:ffff:ffff:ffff:ffff:ffff
2a0b:1306::-2a0b:1306:2:ffff:ffff:ffff:ffff:ffff
2a0b:1306:4::/48
2a0b:1306:6::-2a0b:1306:8:ffff:ffff:ffff:ffff:ffff
2a0b:1306:c::/48
2a0b:1306:400::/48
Signature Algorithm: sha256WithRSAEncryption
1a:93:25:4e:39:74:19:54:d6:9f:a3:51:62:3f:f9:d4:74:e6:
1d:31:6c:6c:56:fc:05:9b:2a:66:81:1c:be:05:a2:91:67:6d:
5c:22:64:f0:8b:0e:fe:0d:64:1a:b6:2e:ee:4e:d3:f1:d7:3d:
c4:55:66:e4:a4:15:38:8a:03:5a:23:bc:c8:af:54:e7:cd:6c:
b9:e9:7b:0b:99:7d:15:3c:17:9a:49:48:97:78:46:f3:05:85:
8f:79:ee:fc:11:00:da:a7:4a:9e:96:53:bc:6e:09:e4:0b:2b:
3c:c6:24:ae:99:b7:db:c6:a7:d1:d2:67:7e:2c:1c:01:cc:30:
b3:04:e9:b4:a0:de:b5:ce:e1:da:f9:3d:53:8d:f4:0b:a9:d8:
da:88:2a:46:ab:e5:a7:f0:1b:5f:90:53:37:34:e4:54:a3:1a:
dc:46:d9:c7:1b:8b:14:66:5c:d1:e7:a5:08:23:ab:d5:1e:7a:
8e:fc:5b:3c:94:26:b1:cc:17:e2:6b:d5:76:50:82:fb:8f:e1:
0c:b3:5b:3d:72:37:27:3b:2b:11:13:c3:62:34:fe:67:cd:36:
23:52:d6:44:81:28:4c:0d:2c:43:af:4c:79:8d:5c:6d:fb:c2:
7e:3c:a3:49:36:77:a2:dd:d5:58:64:73:19:ec:21:43:a4:67:
a3:c0:12:5e
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZQks6TuoxnLKOqBcohPrE7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODkzMTgyYjE2NzE4OTgzYmMwMDhjOGQwODdmOGRkY2Ez
ZDg2MTQwHhcNMjUwMTAyMDE0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWEwZDI5NDkyM2E3ZDE3YjU0NGRkYWU2YjI0ZDMxNTg0MzEwZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA62WSLY3CJqvvYJEhWMbtAtXv7RsM
dCYXcZfd3Vz2V3LFaBLa6EHokMpzGm3s/L0R6tq3aclh/9T73Irt08PICAWqRQgO
N421l0OXjd/XRdiWLUKWlXLDNCclLnA/GTRPMrKKvy+hy9vR2NbOd1l9O9fNYjGx
nHpUrSzKoY2+qhVqrbpmT+/sBxqfCu7FnDJ/p1cw0/JUGjz0oiY2YL9lODGKmIDF
vvztPvJlaN5B6ZrS18URF6o9+plIPl9qH4omb2tAeAryuFwSw1W4hZUA7bkpYLlk
hzqxM/uOyFmZZg95bC9Wb/RmMcmYfufiSY4Lnsh3FPO2F+nxS99Tdlal9QIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFGqg0pSSOn0XtUTdrmsk0xWEMQ/rMB8GA1UdIwQY
MBaAFJeJMYKxZxiYO8AIyNCH+N3KPYYUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRreGdyRm5HSmc3d0FqSTBJZjQzY285aGhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8xMjAwNDMtMTczMy00YzcyLWFkNDct
YmMwZTUxMWMyMGNlLzEvYXFEU2xKSTZmUmUxUk4ydWF5VFRGWVF4RC1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8xMjAwNDMtMTczMy00YzcyLWFkNDctYmMwZTUxMWMyMGNl
LzEvbDRreGdyRm5HSmc3d0FqSTBJZjQzY285aGhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjAYBAIAATASAwQAubGB
AwQAubGDAwQAwpm6MGoEAgACMGQDBgYqCxMAAAMHACoLEwCAADAQAwUAKgsTAQMH
ASoLEwGAADAQAwUBKgsTBgMHACoLEwYAAgMHACoLEwYABDASAwcBKgsTBgAGAwcA
KgsTBgAIAwcAKgsTBgAMAwcAKgsTBgQAMA0GCSqGSIb3DQEBCwUAA4IBAQAakyVO
OXQZVNafo1FiP/nUdOYdMWxsVvwFmypmgRy+BaKRZ21cImTwiw7+DWQati7uTtPx
1z3EVWbkpBU4igNaI7zIr1TnzWy56XsLmX0VPBeaSUiXeEbzBYWPee78EQDap0qe
llO8bgnkCys8xiSumbfbxqfR0md+LBwBzDCzBOm0oN61zuHa+T1TjfQLqdjaiCpG
q+Wn8BtfkFM3NORUoxrcRtnHG4sUZlzR56UII6vVHnqO/Fs8lCaxzBfia9V2UIL7
j+EMs1s9cjcnOysRE8NiNP5nzTYjUtZEgShMDSxDr0x5jVxt+8J+PKNJNnei3dVY
ZHMZ7CFDpGejwBJe
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:56:25 2025 by rpki-client