Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/a7c811-de55-4417-bb31-10fced5fd4ee/1/8rOJtiLxYHoU0BtAFzn-91ivD_s.roa
File: 8rOJtiLxYHoU0BtAFzn-91ivD_s.roa (raw, json)
Hash identifier: Ru+2TW06RDS2clsfzv8MubQ+2olZEzQWBQuJZ31W9Q0=
Subject key identifier: F2:B3:89:B6:22:F1:60:7A:14:D0:1B:40:17:39:FE:F7:58:AF:0F:FB
Certificate issuer: /CN=edc3988a84f9fbb4185ea4ac5b721845ca28037e
Certificate serial: 019426D9AF3E1221390A70F461D9D4243757
Authority key identifier: ED:C3:98:8A:84:F9:FB:B4:18:5E:A4:AC:5B:72:18:45:CA:28:03:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7cOYioT5-7QYXqSsW3IYRcooA34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/a7c811-de55-4417-bb31-10fced5fd4ee/1/8rOJtiLxYHoU0BtAFzn-91ivD_s.roa
Signing time: Thu 02 Jan 2025 11:49:47 +0000
ROA not before: Thu 02 Jan 2025 11:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198398
IP address blocks: 95.156.216.0/22 maxlen: 22
185.184.20.0/22 maxlen: 22
185.184.20.0/23 maxlen: 23
185.184.22.0/23 maxlen: 23
194.110.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/a7c811-de55-4417-bb31-10fced5fd4ee/1/7cOYioT5-7QYXqSsW3IYRcooA34.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/a7c811-de55-4417-bb31-10fced5fd4ee/1/7cOYioT5-7QYXqSsW3IYRcooA34.mft
rsync://rpki.ripe.net/repository/DEFAULT/7cOYioT5-7QYXqSsW3IYRcooA34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:af:3e:12:21:39:0a:70:f4:61:d9:d4:24:37:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edc3988a84f9fbb4185ea4ac5b721845ca28037e
Validity
Not Before: Jan 2 11:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2b389b622f1607a14d01b401739fef758af0ffb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:98:3b:a8:c0:ab:ca:1d:a7:2b:fa:03:fd:ec:
f7:a8:b6:e0:27:d0:a2:f0:dc:99:db:1e:94:78:2c:
a7:37:02:d8:34:1b:1f:e0:a0:6f:be:ed:73:dd:80:
97:01:08:35:73:09:67:f1:d1:bc:08:0e:d6:67:1e:
e5:3d:84:83:ca:22:85:7e:11:6e:43:7e:3a:e9:e2:
7b:61:3e:7a:d1:5f:ef:7b:c2:0b:52:92:3c:61:39:
0b:8a:82:69:63:00:b0:1e:96:cd:db:4f:7a:8b:42:
d8:3f:e7:40:7a:5a:c9:b0:71:96:72:45:b1:8a:f9:
8b:b9:58:f6:4f:91:9b:ce:44:f0:27:b1:36:df:06:
5c:c1:3a:6b:73:d1:ea:a4:b6:be:10:ad:8a:f8:a6:
18:34:24:d7:df:6b:b6:38:34:e4:39:96:91:bb:9c:
0e:da:3c:a0:82:58:f4:3f:af:95:49:0e:9e:7e:1a:
4c:bc:b1:8e:87:36:97:6a:a8:75:0e:d7:a2:b6:d6:
33:60:83:3e:a7:3f:66:69:0a:19:0b:b5:44:96:81:
c6:74:c3:dd:aa:9a:b9:4a:11:1f:08:88:39:c6:e4:
6e:ec:0d:68:7c:b8:63:cb:19:28:fd:17:81:d4:8a:
88:f7:fe:7f:ef:90:93:eb:d9:94:a8:e7:06:b1:93:
76:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:B3:89:B6:22:F1:60:7A:14:D0:1B:40:17:39:FE:F7:58:AF:0F:FB
X509v3 Authority Key Identifier:
keyid:ED:C3:98:8A:84:F9:FB:B4:18:5E:A4:AC:5B:72:18:45:CA:28:03:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7cOYioT5-7QYXqSsW3IYRcooA34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/a7c811-de55-4417-bb31-10fced5fd4ee/1/8rOJtiLxYHoU0BtAFzn-91ivD_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/a7c811-de55-4417-bb31-10fced5fd4ee/1/7cOYioT5-7QYXqSsW3IYRcooA34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.156.216.0/22
185.184.20.0/22
194.110.155.0/24
Signature Algorithm: sha256WithRSAEncryption
99:4c:7e:25:3e:07:47:d1:15:2e:39:25:90:99:7c:16:ac:7f:
e1:8e:af:b7:10:fa:a7:5e:01:4b:d4:ce:05:ba:b4:8a:cc:35:
ac:9f:fb:4a:62:c7:e7:3e:3d:e7:90:24:e8:8f:50:3e:6a:d3:
31:8f:30:7b:82:2a:cd:d4:34:5d:35:93:ab:36:70:e5:24:b0:
e0:67:56:39:03:33:44:9a:28:3e:d3:9a:a3:c2:0a:ec:2c:3e:
45:47:a8:32:a2:7b:92:6c:27:f0:58:d5:b7:d8:cd:0f:2e:9f:
c6:03:03:56:8c:4b:7b:6a:e5:a0:ec:ae:44:97:55:73:e8:40:
4b:a7:8c:1d:24:23:a2:9d:04:d4:0e:77:be:b8:28:69:aa:a3:
29:e5:c9:8f:54:94:fd:29:8d:ed:63:5f:0e:1d:69:b6:bb:0f:
b0:c7:01:a5:a6:17:03:36:34:a6:e0:95:75:7c:a3:dd:76:7c:
d9:f0:95:8d:ca:0a:fe:16:95:c6:e0:99:04:67:a5:44:2f:87:
79:29:97:4d:6c:14:bc:e1:73:b3:45:22:f2:0e:84:29:2e:0e:
f1:c3:56:ed:d4:5e:22:4e:e4:21:d1:d7:d0:0a:ef:78:7a:49:
5c:c5:8d:60:ef:f5:a8:3f:06:9e:3d:b2:40:32:15:d1:93:57:
19:5a:4a:88
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQm2a8+EiE5CnD0YdnUJDdXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYzM5ODhhODRmOWZiYjQxODVlYTRhYzViNzIxODQ1Y2Ey
ODAzN2UwHhcNMjUwMTAyMTE0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmIzODliNjIyZjE2MDdhMTRkMDFiNDAxNzM5ZmVmNzU4YWYwZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/Zg7qMCryh2nK/oD/ez3qLbgJ9Ci
8NyZ2x6UeCynNwLYNBsf4KBvvu1z3YCXAQg1cwln8dG8CA7WZx7lPYSDyiKFfhFu
Q3466eJ7YT560V/ve8ILUpI8YTkLioJpYwCwHpbN2096i0LYP+dAelrJsHGWckWx
ivmLuVj2T5GbzkTwJ7E23wZcwTprc9HqpLa+EK2K+KYYNCTX32u2ODTkOZaRu5wO
2jygglj0P6+VSQ6efhpMvLGOhzaXaqh1DteittYzYIM+pz9maQoZC7VEloHGdMPd
qpq5ShEfCIg5xuRu7A1ofLhjyxko/ReB1IqI9/5/75CT69mUqOcGsZN2hwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPKzibYi8WB6FNAbQBc5/vdYrw/7MB8GA1UdIwQY
MBaAFO3DmIqE+fu0GF6krFtyGEXKKAN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2NPWWlvVDUtN1FZWHFTc1czSVlSY29vQTM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9hN2M4MTEtZGU1NS00NDE3LWJiMzEt
MTBmY2VkNWZkNGVlLzEvOHJPSnRpTHhZSG9VMEJ0QUZ6bi05MWl2RF9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9hN2M4MTEtZGU1NS00NDE3LWJiMzEtMTBmY2VkNWZkNGVl
LzEvN2NPWWlvVDUtN1FZWHFTc1czSVlSY29vQTM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCX5zYAwQC
ubgUAwQAwm6bMA0GCSqGSIb3DQEBCwUAA4IBAQCZTH4lPgdH0RUuOSWQmXwWrH/h
jq+3EPqnXgFL1M4FurSKzDWsn/tKYsfnPj3nkCToj1A+atMxjzB7girN1DRdNZOr
NnDlJLDgZ1Y5AzNEmig+05qjwgrsLD5FR6gyonuSbCfwWNW32M0PLp/GAwNWjEt7
auWg7K5El1Vz6EBLp4wdJCOinQTUDne+uChpqqMp5cmPVJT9KY3tY18OHWm2uw+w
xwGlphcDNjSm4JV1fKPddnzZ8JWNygr+FpXG4JkEZ6VEL4d5KZdNbBS84XOzRSLy
DoQpLg7xw1bt1F4iTuQh0dfQCu94eklcxY1g7/WoPwaePbJAMhXRk1cZWkqI
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:57:50 2025 by rpki-client