Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/36703a-122b-4116-b317-ca5fccbf7a8c/1/K4x7WnCPM92IfHKWVCrULIlUaVA.roa
File: K4x7WnCPM92IfHKWVCrULIlUaVA.roa (raw, json)
Hash identifier: KVnqPoeOrxHfk6WulHu6MwITd97JNsKLMzaXFdfZRTU=
Subject key identifier: 2B:8C:7B:5A:70:8F:33:DD:88:7C:72:96:54:2A:D4:2C:89:54:69:50
Certificate issuer: /CN=193743467b4da41c6295e9351153309586ba2399
Certificate serial: 01941FFAB168590E2F39BBFC8ECF16110ACF
Authority key identifier: 19:37:43:46:7B:4D:A4:1C:62:95:E9:35:11:53:30:95:86:BA:23:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GTdDRntNpBxilek1EVMwlYa6I5k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/36703a-122b-4116-b317-ca5fccbf7a8c/1/K4x7WnCPM92IfHKWVCrULIlUaVA.roa
Signing time: Wed 01 Jan 2025 03:48:30 +0000
ROA not before: Wed 01 Jan 2025 03:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42293
IP address blocks: 185.253.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/36703a-122b-4116-b317-ca5fccbf7a8c/1/GTdDRntNpBxilek1EVMwlYa6I5k.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/36703a-122b-4116-b317-ca5fccbf7a8c/1/GTdDRntNpBxilek1EVMwlYa6I5k.mft
rsync://rpki.ripe.net/repository/DEFAULT/GTdDRntNpBxilek1EVMwlYa6I5k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:b1:68:59:0e:2f:39:bb:fc:8e:cf:16:11:0a:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=193743467b4da41c6295e9351153309586ba2399
Validity
Not Before: Jan 1 03:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b8c7b5a708f33dd887c7296542ad42c89546950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:58:2e:28:91:f2:54:97:38:51:9b:70:33:0a:
2e:ed:e5:63:cf:d3:02:36:84:f1:6f:01:61:aa:6f:
89:2d:bc:01:11:4e:f2:9c:69:f3:04:cb:a8:9b:c9:
30:c2:7f:d3:b9:9b:49:c3:40:19:9d:e4:a2:c5:01:
be:73:8c:c3:3d:e8:ef:31:4a:a9:0c:21:5e:62:d9:
37:e9:c2:57:bd:04:8d:7c:f4:ff:9d:5d:76:d8:60:
2f:43:bd:5d:31:3b:66:8c:0f:ce:41:97:38:2a:2a:
a0:7f:a7:46:88:e3:7e:0d:3c:17:30:c6:cd:cd:e3:
88:49:5d:9d:8a:f7:42:c2:4b:73:05:c6:1f:13:a1:
16:61:12:7d:50:af:8a:21:a2:cf:75:cc:54:49:9b:
cd:db:32:c4:61:bc:8a:62:d2:57:a3:71:68:39:4f:
f6:cb:cc:fa:b0:3b:ba:e5:69:0a:28:2e:2b:33:44:
df:92:3f:2c:ef:d1:c3:22:cc:d2:f3:26:b9:e7:23:
7d:5c:00:29:c0:be:1e:ee:f7:a5:a6:1a:02:f1:58:
85:11:8e:21:ea:be:b9:0e:1f:59:61:db:d3:de:5c:
93:e5:f0:dc:d5:13:e2:aa:fa:b3:54:30:b6:a1:98:
35:25:33:6c:c5:54:10:7f:30:ae:03:08:68:a9:ee:
36:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:8C:7B:5A:70:8F:33:DD:88:7C:72:96:54:2A:D4:2C:89:54:69:50
X509v3 Authority Key Identifier:
keyid:19:37:43:46:7B:4D:A4:1C:62:95:E9:35:11:53:30:95:86:BA:23:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GTdDRntNpBxilek1EVMwlYa6I5k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/36703a-122b-4116-b317-ca5fccbf7a8c/1/K4x7WnCPM92IfHKWVCrULIlUaVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/36703a-122b-4116-b317-ca5fccbf7a8c/1/GTdDRntNpBxilek1EVMwlYa6I5k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.159.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:15:da:64:40:59:81:be:d1:4d:b1:dc:45:60:af:4e:c6:12:
08:f2:b9:0b:d5:d4:bd:c1:38:05:4a:a5:45:60:de:42:bb:56:
a2:25:d7:93:6d:11:66:1a:d3:14:56:ec:b1:e0:01:63:1c:95:
e9:d1:6c:22:fd:1d:8f:f3:29:d6:3a:81:19:e5:32:27:5c:d4:
1e:b0:51:f2:6a:96:12:43:1a:e1:bc:7f:e5:b5:08:c3:c6:b5:
c6:ae:3c:36:c8:3a:10:6a:f2:a4:06:d4:55:f3:43:4a:3a:ca:
2d:6d:bd:b7:94:35:65:52:13:20:c7:68:67:fb:fc:4e:d1:6b:
a1:54:38:94:6e:47:03:78:ee:b2:9d:65:d1:b8:40:b0:f4:72:
0a:46:02:ba:c4:eb:61:5d:f3:99:39:de:58:49:ad:76:7c:a8:
48:9c:76:55:93:04:2e:ca:db:dc:2d:1e:38:07:11:9a:a6:05:
86:16:be:c7:47:32:77:9b:dd:d6:b8:7d:22:3f:7a:c6:86:00:
0a:22:51:9a:34:bc:ac:78:7a:54:cc:d0:a1:e2:5e:db:31:2f:
b9:ec:b7:a4:ec:3a:e6:1b:b3:13:fe:c5:95:ff:8b:5d:db:63:
97:65:94:79:0d:31:15:8f:00:d2:59:65:52:a4:d2:86:ea:70:
8d:9c:62:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+rFoWQ4vObv8js8WEQrPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5Mzc0MzQ2N2I0ZGE0MWM2Mjk1ZTkzNTExNTMzMDk1ODZi
YTIzOTkwHhcNMjUwMTAxMDM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjhjN2I1YTcwOGYzM2RkODg3YzcyOTY1NDJhZDQyYzg5NTQ2OTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1guKJHyVJc4UZtwMwou7eVjz9MC
NoTxbwFhqm+JLbwBEU7ynGnzBMuom8kwwn/TuZtJw0AZneSixQG+c4zDPejvMUqp
DCFeYtk36cJXvQSNfPT/nV122GAvQ71dMTtmjA/OQZc4Kiqgf6dGiON+DTwXMMbN
zeOISV2divdCwktzBcYfE6EWYRJ9UK+KIaLPdcxUSZvN2zLEYbyKYtJXo3FoOU/2
y8z6sDu65WkKKC4rM0Tfkj8s79HDIszS8ya55yN9XAApwL4e7velphoC8ViFEY4h
6r65Dh9ZYdvT3lyT5fDc1RPiqvqzVDC2oZg1JTNsxVQQfzCuAwhoqe42dQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCuMe1pwjzPdiHxyllQq1CyJVGlQMB8GA1UdIwQY
MBaAFBk3Q0Z7TaQcYpXpNRFTMJWGuiOZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1RkRFJudE5wQnhpbGVrMUVWTXdsWWE2STVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNjcwM2EtMTIyYi00MTE2LWIzMTct
Y2E1ZmNjYmY3YThjLzEvSzR4N1duQ1BNOTJJZkhLV1ZDclVMSWxVYVZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zNjcwM2EtMTIyYi00MTE2LWIzMTctY2E1ZmNjYmY3YThj
LzEvR1RkRFJudE5wQnhpbGVrMUVWTXdsWWE2STVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf2fMA0G
CSqGSIb3DQEBCwUAA4IBAQC9FdpkQFmBvtFNsdxFYK9OxhII8rkL1dS9wTgFSqVF
YN5Cu1aiJdeTbRFmGtMUVuyx4AFjHJXp0Wwi/R2P8ynWOoEZ5TInXNQesFHyapYS
QxrhvH/ltQjDxrXGrjw2yDoQavKkBtRV80NKOsotbb23lDVlUhMgx2hn+/xO0Wuh
VDiUbkcDeO6ynWXRuECw9HIKRgK6xOthXfOZOd5YSa12fKhInHZVkwQuytvcLR44
BxGapgWGFr7HRzJ3m93WuH0iP3rGhgAKIlGaNLyseHpUzNCh4l7bMS+57Lek7Drm
G7MT/sWV/4td22OXZZR5DTEVjwDSWWVSpNKG6nCNnGKG
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:12:26 2025 by rpki-client