Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/71d52f-7e07-49d1-b99b-f70d5ef875c3/1/XVHW13An0H4R0lwafXi_5n-GjRQ.roa
File: XVHW13An0H4R0lwafXi_5n-GjRQ.roa (raw, json)
Hash identifier: avC9Et5bzaaQctHEh7eFVRP1BlhGCdMVJW4eggq0SuY=
Subject key identifier: 5D:51:D6:D7:70:27:D0:7E:11:D2:5C:1A:7D:78:BF:E6:7F:86:8D:14
Certificate issuer: /CN=745b6c3c9abdedb96eb1ef3f7f7fa70057522c7f
Certificate serial: 019427B5B424325B13527A2A0DF1077BAD5D
Authority key identifier: 74:5B:6C:3C:9A:BD:ED:B9:6E:B1:EF:3F:7F:7F:A7:00:57:52:2C:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dFtsPJq97bluse8_f3-nAFdSLH8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/71d52f-7e07-49d1-b99b-f70d5ef875c3/1/XVHW13An0H4R0lwafXi_5n-GjRQ.roa
Signing time: Thu 02 Jan 2025 15:50:07 +0000
ROA not before: Thu 02 Jan 2025 15:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62217
IP address blocks: 185.184.156.0/22 maxlen: 22
185.184.156.0/24 maxlen: 24
185.184.157.0/24 maxlen: 24
185.184.158.0/24 maxlen: 24
185.184.159.0/24 maxlen: 24
2a0b:3880::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/71d52f-7e07-49d1-b99b-f70d5ef875c3/1/dFtsPJq97bluse8_f3-nAFdSLH8.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/71d52f-7e07-49d1-b99b-f70d5ef875c3/1/dFtsPJq97bluse8_f3-nAFdSLH8.mft
rsync://rpki.ripe.net/repository/DEFAULT/dFtsPJq97bluse8_f3-nAFdSLH8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:b4:24:32:5b:13:52:7a:2a:0d:f1:07:7b:ad:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=745b6c3c9abdedb96eb1ef3f7f7fa70057522c7f
Validity
Not Before: Jan 2 15:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d51d6d77027d07e11d25c1a7d78bfe67f868d14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:66:ba:3e:99:43:cb:c0:b0:a6:51:be:ae:f0:
d4:c2:e2:58:da:cd:29:42:5e:24:05:53:99:9c:77:
87:d2:a0:82:82:2e:ee:5e:af:11:73:8f:89:19:69:
79:33:a1:e9:3a:96:11:f1:72:32:80:2e:e0:dc:75:
d6:54:c2:8d:2b:4c:26:b7:50:5e:d5:81:f6:73:00:
94:4e:37:1d:a9:26:57:d0:ad:d5:96:cf:37:c9:36:
c3:47:ab:6d:8c:75:fd:48:19:b4:7d:5e:6a:5f:3b:
ea:5b:29:c9:7f:3d:ee:2e:b9:3b:07:f0:b5:1c:96:
20:e0:7b:d8:df:d5:dd:f0:6a:e8:a8:32:fd:ee:b4:
52:e0:91:00:bb:58:8e:c9:ec:14:f4:35:fd:c6:9e:
54:49:e9:6e:bd:ca:50:a4:34:ed:e2:4b:1c:75:56:
61:c0:48:5b:a4:a9:50:08:46:4b:67:03:ef:e5:28:
c2:1e:f1:0d:d0:13:ff:df:f3:5e:03:1b:79:a8:dc:
f0:19:44:8a:99:5b:95:e6:bf:19:1d:4d:81:a0:bb:
7e:3a:94:ee:f9:27:98:0e:ba:c3:0e:69:a3:de:68:
60:58:be:9d:bd:1e:4e:2d:33:8e:30:89:9f:f4:82:
70:a6:c1:48:30:82:59:c2:99:3d:82:28:05:13:68:
6e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:51:D6:D7:70:27:D0:7E:11:D2:5C:1A:7D:78:BF:E6:7F:86:8D:14
X509v3 Authority Key Identifier:
keyid:74:5B:6C:3C:9A:BD:ED:B9:6E:B1:EF:3F:7F:7F:A7:00:57:52:2C:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dFtsPJq97bluse8_f3-nAFdSLH8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/71d52f-7e07-49d1-b99b-f70d5ef875c3/1/XVHW13An0H4R0lwafXi_5n-GjRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/71d52f-7e07-49d1-b99b-f70d5ef875c3/1/dFtsPJq97bluse8_f3-nAFdSLH8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.156.0/22
IPv6:
2a0b:3880::/32
Signature Algorithm: sha256WithRSAEncryption
55:d4:49:36:2b:8a:6e:83:e2:f5:0e:11:c8:06:f2:fe:fe:01:
58:13:c3:06:67:62:09:eb:e5:df:a4:6f:e8:66:0f:e3:c1:27:
e2:e9:61:e9:40:3d:27:4c:a5:c9:5a:4a:af:63:77:f3:3c:ba:
18:b4:27:92:13:69:6e:ff:34:fe:e5:aa:87:c5:ad:15:07:32:
44:c8:0b:9a:40:a4:fb:db:f1:ae:e3:dd:38:a7:70:7a:89:f0:
48:7e:43:2a:98:23:c0:5c:9f:9f:88:ba:1e:a7:52:33:00:02:
51:70:83:ab:14:da:a2:95:bc:22:93:ad:e3:d8:3e:b8:b5:37:
af:57:fe:62:ff:f5:4d:4e:34:9e:bb:38:8a:f9:50:cf:79:e4:
d2:6a:21:5c:d8:a7:71:f8:ff:65:52:bc:b1:88:dd:68:2f:2f:
bf:09:78:ae:2d:f4:f6:c7:73:96:a6:ae:75:b3:4c:0e:1a:13:
fc:30:f1:5e:a9:a9:98:46:48:ea:99:74:50:77:24:3c:03:2c:
e3:a8:41:7b:ec:c2:43:6d:72:39:d2:db:e8:fb:69:ae:6f:c9:
22:cd:9d:c0:8b:62:58:be:ea:10:9c:26:b2:61:cd:06:be:33:
26:20:8e:45:33:23:a3:09:fd:47:8c:16:7c:ac:ac:36:6e:5c:
4b:73:94:61
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntbQkMlsTUnoqDfEHe61dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NWI2YzNjOWFiZGVkYjk2ZWIxZWYzZjdmN2ZhNzAwNTc1
MjJjN2YwHhcNMjUwMTAyMTU1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDUxZDZkNzcwMjdkMDdlMTFkMjVjMWE3ZDc4YmZlNjdmODY4ZDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGa6PplDy8CwplG+rvDUwuJY2s0p
Ql4kBVOZnHeH0qCCgi7uXq8Rc4+JGWl5M6HpOpYR8XIygC7g3HXWVMKNK0wmt1Be
1YH2cwCUTjcdqSZX0K3Vls83yTbDR6ttjHX9SBm0fV5qXzvqWynJfz3uLrk7B/C1
HJYg4HvY39Xd8GroqDL97rRS4JEAu1iOyewU9DX9xp5USeluvcpQpDTt4kscdVZh
wEhbpKlQCEZLZwPv5SjCHvEN0BP/3/NeAxt5qNzwGUSKmVuV5r8ZHU2BoLt+OpTu
+SeYDrrDDmmj3mhgWL6dvR5OLTOOMImf9IJwpsFIMIJZwpk9gigFE2huJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF1R1tdwJ9B+EdJcGn14v+Z/ho0UMB8GA1UdIwQY
MBaAFHRbbDyave25brHvP39/pwBXUix/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEZ0c1BKcTk3Ymx1c2U4X2YzLW5BRmRTTEg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83MWQ1MmYtN2UwNy00OWQxLWI5OWIt
ZjcwZDVlZjg3NWMzLzEvWFZIVzEzQW4wSDRSMGx3YWZYaV81bi1HalJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC83MWQ1MmYtN2UwNy00OWQxLWI5OWItZjcwZDVlZjg3NWMz
LzEvZEZ0c1BKcTk3Ymx1c2U4X2YzLW5BRmRTTEg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubicMA0E
AgACMAcDBQAqCziAMA0GCSqGSIb3DQEBCwUAA4IBAQBV1Ek2K4pug+L1DhHIBvL+
/gFYE8MGZ2IJ6+XfpG/oZg/jwSfi6WHpQD0nTKXJWkqvY3fzPLoYtCeSE2lu/zT+
5aqHxa0VBzJEyAuaQKT72/Gu4904p3B6ifBIfkMqmCPAXJ+fiLoep1IzAAJRcIOr
FNqilbwik63j2D64tTevV/5i//VNTjSeuziK+VDPeeTSaiFc2Kdx+P9lUryxiN1o
Ly+/CXiuLfT2x3OWpq51s0wOGhP8MPFeqamYRkjqmXRQdyQ8AyzjqEF77MJDbXI5
0tvo+2mub8kizZ3Ai2JYvuoQnCayYc0GvjMmII5FMyOjCf1HjBZ8rKw2blxLc5Rh
-----END CERTIFICATE-----
Generated at Wed Apr 9 19:23:13 2025 by rpki-client