Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/XPixcvd-VZdDwp01qDyS6l8HyGk.roa
File: XPixcvd-VZdDwp01qDyS6l8HyGk.roa (raw, json)
Hash identifier: nEM6mcnfwNKM+CYw9oKK1seFIgWAcWfoaoBK4ckQSSQ=
Subject key identifier: 5C:F8:B1:72:F7:7E:55:97:43:C2:9D:35:A8:3C:92:EA:5F:07:C8:69
Certificate issuer: /CN=0b8d1bb72791c878550d1b9d8fef564ac3919368
Certificate serial: 019427B62357882A64D2A4C03C11839AAD42
Authority key identifier: 0B:8D:1B:B7:27:91:C8:78:55:0D:1B:9D:8F:EF:56:4A:C3:91:93:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C40btyeRyHhVDRudj-9WSsORk2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/XPixcvd-VZdDwp01qDyS6l8HyGk.roa
Signing time: Thu 02 Jan 2025 15:50:35 +0000
ROA not before: Thu 02 Jan 2025 15:50:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48147
IP address blocks: 185.142.156.0/22 maxlen: 22
185.142.156.0/24 maxlen: 24
185.142.157.0/24 maxlen: 24
185.142.158.0/24 maxlen: 24
185.142.159.0/24 maxlen: 24
185.208.180.0/22 maxlen: 22
185.208.180.0/24 maxlen: 24
185.208.181.0/24 maxlen: 24
185.208.182.0/24 maxlen: 24
185.208.183.0/24 maxlen: 24
185.213.10.0/24 maxlen: 24
2a07:4280::/29 maxlen: 29
2a07:4280::/32 maxlen: 32
2a07:4281::/32 maxlen: 32
2a07:4282::/32 maxlen: 32
2a07:4283::/32 maxlen: 32
2a07:4284::/32 maxlen: 32
2a07:4285::/32 maxlen: 32
2a07:4286::/32 maxlen: 32
2a07:4287::/32 maxlen: 32
2a0b:3cc0::/29 maxlen: 29
2a0b:3cc0::/32 maxlen: 32
2a0b:3cc1::/32 maxlen: 32
2a0b:3cc2::/32 maxlen: 32
2a0b:3cc3::/32 maxlen: 32
2a0b:3cc4::/32 maxlen: 32
2a0b:3cc5::/32 maxlen: 32
2a0b:3cc6::/32 maxlen: 32
2a0b:3cc7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/C40btyeRyHhVDRudj-9WSsORk2g.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/C40btyeRyHhVDRudj-9WSsORk2g.mft
rsync://rpki.ripe.net/repository/DEFAULT/C40btyeRyHhVDRudj-9WSsORk2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:23:57:88:2a:64:d2:a4:c0:3c:11:83:9a:ad:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b8d1bb72791c878550d1b9d8fef564ac3919368
Validity
Not Before: Jan 2 15:50:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cf8b172f77e559743c29d35a83c92ea5f07c869
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8c:cc:93:83:6f:0a:f9:40:33:d2:76:c8:cd:
32:bd:2b:56:9b:53:72:7c:e5:b3:e5:00:68:16:23:
54:99:21:d8:f3:9b:cb:94:2a:bd:6b:e1:95:bb:b6:
29:81:83:0b:26:d8:de:b8:ee:27:15:dd:ff:30:b2:
f0:86:56:a8:92:8e:7b:2f:fb:1b:a4:94:ef:dc:bb:
b7:59:df:89:4f:30:62:89:74:b6:1a:e9:a8:9e:6e:
70:c7:58:6a:75:2a:db:8d:ac:77:af:1d:81:29:dd:
25:cd:0e:f6:73:83:99:ec:df:b5:ab:14:a3:75:35:
07:93:b5:c6:5c:ea:d2:2d:01:e5:c0:39:d0:11:b7:
04:2b:a9:3c:d0:2e:e8:58:8e:bd:2c:31:a3:52:2a:
ce:75:52:da:a9:bf:c4:7a:8a:e9:30:a0:65:15:bf:
74:5b:35:0b:53:f8:2a:8d:b4:2c:f9:92:a3:45:fb:
1e:94:d6:6c:10:06:3d:ae:46:f6:51:84:4e:ee:fb:
8c:cb:82:b3:44:8d:9f:86:38:66:63:16:05:da:f9:
38:11:01:d5:ba:0a:29:37:8c:44:14:95:80:b6:30:
18:3d:b7:9b:ac:cf:c8:0c:3b:3f:3f:76:a3:2b:08:
4c:e2:aa:9c:95:f3:5c:ed:48:f2:66:10:64:06:42:
a5:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F8:B1:72:F7:7E:55:97:43:C2:9D:35:A8:3C:92:EA:5F:07:C8:69
X509v3 Authority Key Identifier:
keyid:0B:8D:1B:B7:27:91:C8:78:55:0D:1B:9D:8F:EF:56:4A:C3:91:93:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C40btyeRyHhVDRudj-9WSsORk2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/XPixcvd-VZdDwp01qDyS6l8HyGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/C40btyeRyHhVDRudj-9WSsORk2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.142.156.0/22
185.208.180.0/22
185.213.10.0/24
IPv6:
2a07:4280::/29
2a0b:3cc0::/29
Signature Algorithm: sha256WithRSAEncryption
25:be:8c:2f:43:26:63:9d:dd:70:96:b7:6b:95:21:49:9b:5e:
9f:e4:06:52:c9:1b:a1:74:6e:d8:36:35:5d:b4:73:e1:9a:0e:
c1:a5:94:4c:b8:2e:73:5f:c9:14:2f:7f:3a:92:7e:f4:7d:6a:
d1:4d:f2:dc:0d:e4:19:30:2a:4a:c1:ce:4b:ec:ae:ba:2f:9b:
78:f0:d0:0f:06:e6:be:9f:8d:ba:6a:85:02:34:ce:2c:ca:ed:
5c:e2:54:11:f2:8a:7a:73:54:8a:d2:fc:d3:89:10:38:e4:a8:
ed:22:65:d5:cd:2c:14:02:96:f6:e8:fc:c3:5e:92:7c:08:8b:
8c:c3:fd:c3:ef:2e:3f:7c:fe:b9:e3:1d:81:fc:0b:41:cc:7c:
3b:cd:a0:98:60:99:d1:29:c0:9d:6b:25:3d:b2:29:21:f2:d1:
6c:be:09:66:7a:1b:50:8e:f1:66:43:c6:3c:19:5d:eb:6b:df:
c7:d8:ff:84:92:1e:cd:bd:b1:f5:24:01:1d:41:db:26:9f:73:
c5:b2:39:9a:94:7a:6f:47:ca:a7:f4:6e:a6:f4:92:5a:c8:bb:
1b:03:47:94:ce:88:60:72:cc:f6:f5:8b:46:0a:74:9a:8b:82:
3c:04:ec:e7:25:47:cc:92:b8:55:e3:51:96:19:97:8a:ee:d6:
0e:09:76:54
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQntiNXiCpk0qTAPBGDmq1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiOGQxYmI3Mjc5MWM4Nzg1NTBkMWI5ZDhmZWY1NjRhYzM5
MTkzNjgwHhcNMjUwMTAyMTU1MDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2Y4YjE3MmY3N2U1NTk3NDNjMjlkMzVhODNjOTJlYTVmMDdjODY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIzMk4NvCvlAM9J2yM0yvStWm1Ny
fOWz5QBoFiNUmSHY85vLlCq9a+GVu7YpgYMLJtjeuO4nFd3/MLLwhlaoko57L/sb
pJTv3Lu3Wd+JTzBiiXS2Gumonm5wx1hqdSrbjax3rx2BKd0lzQ72c4OZ7N+1qxSj
dTUHk7XGXOrSLQHlwDnQEbcEK6k80C7oWI69LDGjUirOdVLaqb/EeorpMKBlFb90
WzULU/gqjbQs+ZKjRfselNZsEAY9rkb2UYRO7vuMy4KzRI2fhjhmYxYF2vk4EQHV
ugopN4xEFJWAtjAYPbebrM/IDDs/P3ajKwhM4qqclfNc7UjyZhBkBkKlXwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFFz4sXL3flWXQ8KdNag8kupfB8hpMB8GA1UdIwQY
MBaAFAuNG7cnkch4VQ0bnY/vVkrDkZNoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzQwYnR5ZVJ5SGhWRFJ1ZGotOVdTc09SazJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8wMzY3ZDAtZmE4NS00NTQ2LWI4NGMt
MDI3OGM1ZGMxNDkxLzEvWFBpeGN2ZC1WWmREd3AwMXFEeVM2bDhIeUdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8wMzY3ZDAtZmE4NS00NTQ2LWI4NGMtMDI3OGM1ZGMxNDkx
LzEvQzQwYnR5ZVJ5SGhWRFJ1ZGotOVdTc09SazJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuY6cAwQC
udC0AwQAudUKMBQEAgACMA4DBQMqB0KAAwUDKgs8wDANBgkqhkiG9w0BAQsFAAOC
AQEAJb6ML0MmY53dcJa3a5UhSZten+QGUskboXRu2DY1XbRz4ZoOwaWUTLguc1/J
FC9/OpJ+9H1q0U3y3A3kGTAqSsHOS+yuui+bePDQDwbmvp+NumqFAjTOLMrtXOJU
EfKKenNUitL804kQOOSo7SJl1c0sFAKW9uj8w16SfAiLjMP9w+8uP3z+ueMdgfwL
Qcx8O82gmGCZ0SnAnWslPbIpIfLRbL4JZnobUI7xZkPGPBld62vfx9j/hJIezb2x
9SQBHUHbJp9zxbI5mpR6b0fKp/RupvSSWsi7GwNHlM6IYHLM9vWLRgp0mouCPATs
5yVHzJK4VeNRlhmXiu7WDgl2VA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:14 2025 by rpki-client