Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/OikZGL2LEHpl7dY7zmLA3J5GOEE.roa
File: OikZGL2LEHpl7dY7zmLA3J5GOEE.roa (raw, json)
Hash identifier: M6ctsVmPoPZhMMxHtbO6g9MMFqbmRKFOMWh5oVa/f94=
Subject key identifier: 3A:29:19:18:BD:8B:10:7A:65:ED:D6:3B:CE:62:C0:DC:9E:46:38:41
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 019422FB6B141162021A22C1E0EA6AC6DC10
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/OikZGL2LEHpl7dY7zmLA3J5GOEE.roa
Signing time: Wed 01 Jan 2025 17:48:09 +0000
ROA not before: Wed 01 Jan 2025 17:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206686
IP address blocks: 185.127.140.0/24 maxlen: 24
185.127.141.0/24 maxlen: 24
185.127.142.0/24 maxlen: 24
185.127.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 17:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:6b:14:11:62:02:1a:22:c1:e0:ea:6a:c6:dc:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Jan 1 17:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a291918bd8b107a65edd63bce62c0dc9e463841
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4e:c4:a3:02:a5:eb:e2:0c:38:77:39:4f:6e:
7c:a3:cb:c1:73:8c:b2:67:74:4a:c3:dd:9f:45:a0:
8a:f2:7c:05:20:76:23:85:41:8a:de:d4:1c:d3:86:
8a:f3:20:b1:47:0c:20:a2:2c:e3:a7:c5:f1:35:d2:
62:32:21:c7:00:8a:90:8d:2b:bd:bb:d3:47:3c:87:
a7:38:fb:fc:8a:97:12:26:e4:d2:14:b1:f5:1a:9e:
f3:ca:d7:31:06:e4:e7:e1:36:02:56:e4:e8:23:d3:
1b:8d:7d:09:9d:c3:dd:4f:dc:ff:55:33:7b:b3:a6:
50:c0:ec:64:4b:ee:d0:6c:5d:52:ca:90:b1:d6:b1:
b5:66:8f:e6:f0:da:c4:c8:67:62:30:b7:38:97:f5:
f8:6d:80:b1:a9:48:a5:de:aa:82:f7:01:07:a0:88:
59:7e:bb:af:24:45:63:67:ea:e8:0c:f2:f1:88:b3:
a5:26:a4:02:3d:dc:e4:3f:3a:07:bc:d8:a8:80:14:
b9:dd:32:15:b5:11:82:99:f1:96:ef:4d:19:72:e1:
bd:1c:e6:53:0a:d3:84:39:3e:db:41:80:d0:0a:c6:
2f:da:46:96:34:86:65:08:1f:a0:68:ab:5f:82:d1:
dd:f5:67:f5:19:31:78:55:d8:38:44:24:b6:48:6a:
0c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:29:19:18:BD:8B:10:7A:65:ED:D6:3B:CE:62:C0:DC:9E:46:38:41
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/OikZGL2LEHpl7dY7zmLA3J5GOEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.140.0/22
Signature Algorithm: sha256WithRSAEncryption
90:77:29:18:20:f9:cc:a1:15:16:9a:81:23:7a:06:4e:ae:07:
99:22:f8:00:fc:b4:80:6d:bb:11:93:a7:5c:7b:b5:81:83:3d:
a0:ac:2c:b3:1c:d1:35:3e:dd:d0:42:07:0f:93:0c:15:d9:b9:
09:c5:bd:9e:3d:d2:19:dc:e9:79:c2:1f:77:95:24:06:9f:e9:
69:f3:f8:0d:b7:1e:50:88:4b:0e:d6:10:5f:d2:2b:95:ac:0f:
a5:b1:a4:c3:08:76:99:8d:f7:1e:41:d8:ad:a8:4a:5e:64:5e:
1c:9a:b1:f9:c5:3a:c4:ba:3e:c7:84:88:fe:e9:af:0c:eb:4d:
4c:ef:d0:2e:d3:bb:9a:44:55:cb:86:fe:78:ce:a9:10:98:36:
56:11:c5:7f:87:01:4c:0b:0e:93:55:98:83:96:56:91:fe:0a:
e0:7f:eb:e5:2a:a9:a5:02:6b:91:1c:c1:83:68:9a:b1:87:1f:
13:72:37:f7:c5:e5:45:51:95:fd:08:2a:f3:39:48:88:b3:8f:
4c:ef:01:83:42:ad:ba:c3:bf:86:e4:d7:2f:1e:8d:d9:ee:c0:
4b:69:bf:dc:16:c3:91:4e:2e:5c:d2:d9:36:6a:f6:36:c3:76:
33:7b:e8:5f:f4:c4:86:90:9e:45:94:85:c1:09:f4:24:a9:b2:
42:d3:a2:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+2sUEWICGiLB4OpqxtwQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjUwMTAxMTc0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTI5MTkxOGJkOGIxMDdhNjVlZGQ2M2JjZTYyYzBkYzllNDYzODQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzk7EowKl6+IMOHc5T258o8vBc4yy
Z3RKw92fRaCK8nwFIHYjhUGK3tQc04aK8yCxRwwgoizjp8XxNdJiMiHHAIqQjSu9
u9NHPIenOPv8ipcSJuTSFLH1Gp7zytcxBuTn4TYCVuToI9MbjX0JncPdT9z/VTN7
s6ZQwOxkS+7QbF1SypCx1rG1Zo/m8NrEyGdiMLc4l/X4bYCxqUil3qqC9wEHoIhZ
fruvJEVjZ+roDPLxiLOlJqQCPdzkPzoHvNiogBS53TIVtRGCmfGW700ZcuG9HOZT
CtOEOT7bQYDQCsYv2kaWNIZlCB+gaKtfgtHd9Wf1GTF4Vdg4RCS2SGoM8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDopGRi9ixB6Ze3WO85iwNyeRjhBMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvT2lrWkdMMkxFSHBsN2RZN3ptTEEzSjVHT0VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuX+MMA0G
CSqGSIb3DQEBCwUAA4IBAQCQdykYIPnMoRUWmoEjegZOrgeZIvgA/LSAbbsRk6dc
e7WBgz2grCyzHNE1Pt3QQgcPkwwV2bkJxb2ePdIZ3Ol5wh93lSQGn+lp8/gNtx5Q
iEsO1hBf0iuVrA+lsaTDCHaZjfceQditqEpeZF4cmrH5xTrEuj7HhIj+6a8M601M
79Au07uaRFXLhv54zqkQmDZWEcV/hwFMCw6TVZiDllaR/grgf+vlKqmlAmuRHMGD
aJqxhx8Tcjf3xeVFUZX9CCrzOUiIs49M7wGDQq26w7+G5NcvHo3Z7sBLab/cFsOR
Ti5c0tk2avY2w3Yze+hf9MSGkJ5FlIXBCfQkqbJC06Lz
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:15:27 2025 by rpki-client