Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/1-F_rMoDUma_dGOHiDlIC303wzZM.roa
File: 1-F_rMoDUma_dGOHiDlIC303wzZM.roa (raw, json)
Hash identifier: tZlwSl0wJhxzJHG6ytyE3Qp+PsLiMjHX0zpV56LqD4U=
Subject key identifier: F8:5F:EB:32:80:D4:99:AF:DD:18:E1:E2:0E:52:02:DF:4D:F0:CD:93
Certificate issuer: /CN=123c3de61011de07101e14dc0727395171cb03ab
Certificate serial: 0196E2C20DCC1996DC4D5B855848C632C09A
Authority key identifier: 12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/1-F_rMoDUma_dGOHiDlIC303wzZM.roa
Signing time: Sun 18 May 2025 09:38:10 +0000
ROA not before: Sun 18 May 2025 09:38:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204798
IP address blocks: 185.122.252.0/24 maxlen: 24
185.122.255.0/24 maxlen: 24
185.133.224.0/24 maxlen: 24
185.133.225.0/24 maxlen: 24
185.133.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/Ejw95hAR3gcQHhTcByc5UXHLA6s.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/Ejw95hAR3gcQHhTcByc5UXHLA6s.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 02:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e2:c2:0d:cc:19:96:dc:4d:5b:85:58:48:c6:32:c0:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=123c3de61011de07101e14dc0727395171cb03ab
Validity
Not Before: May 18 09:38:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f85feb3280d499afdd18e1e20e5202df4df0cd93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:43:43:b8:de:32:03:68:75:fa:a1:04:5a:7b:
38:a8:e5:ca:e5:3d:6d:44:61:3c:b6:ae:02:36:c8:
c7:b1:e5:3f:13:20:ea:34:aa:88:5c:1b:ba:17:2a:
f3:83:99:ae:0c:8a:00:5d:40:e3:79:ef:f4:c2:b4:
42:3f:1f:d1:de:bb:57:9d:ef:e8:86:16:88:9a:60:
0b:89:2e:76:68:a8:e4:25:47:3a:ae:06:2f:7e:51:
7c:05:c3:5d:b5:53:ec:7e:ba:f6:41:f7:72:94:ad:
2e:a5:ec:bb:66:51:ac:4e:fa:e1:39:1b:6e:10:4f:
a2:34:3f:f5:b9:f7:5d:e5:ea:ea:ab:5a:12:66:21:
b5:41:90:38:45:42:86:00:5d:e9:1d:25:1a:d5:46:
42:60:6f:64:0b:07:16:74:58:1e:36:e5:ff:62:42:
e6:a6:2a:2e:61:d0:4e:9a:8f:50:f1:5b:d1:5e:8a:
0c:ae:af:9a:a0:74:04:69:23:58:01:fe:ce:45:68:
fd:9c:fc:e6:4d:06:32:fc:aa:ed:30:cf:e4:68:fe:
73:ad:2d:84:52:f6:66:6e:5f:59:c2:13:d3:52:2d:
10:dc:6e:04:15:d2:a0:24:0e:e6:e1:6e:42:17:95:
80:6b:6c:9e:c8:b0:f1:bf:d6:f8:1b:09:1b:90:9a:
55:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:5F:EB:32:80:D4:99:AF:DD:18:E1:E2:0E:52:02:DF:4D:F0:CD:93
X509v3 Authority Key Identifier:
keyid:12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/1-F_rMoDUma_dGOHiDlIC303wzZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/Ejw95hAR3gcQHhTcByc5UXHLA6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.252.0/24
185.122.255.0/24
185.133.224.0/23
185.133.227.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:41:bd:5a:ab:0c:08:96:05:56:c5:12:4d:c6:c3:3a:de:03:
db:5e:6e:87:7e:17:79:95:92:aa:2d:14:48:a2:dc:a3:fb:fb:
57:56:00:e0:ef:76:34:df:05:33:82:e4:ce:fb:db:a6:d0:5c:
ef:89:29:e4:a5:f6:0c:fe:8e:b6:7c:73:cf:ac:52:ad:ed:fe:
1c:85:42:f5:e8:c6:d6:54:e0:f1:74:3d:cc:75:51:4c:62:63:
36:d1:f9:97:97:55:79:1e:9d:7e:d8:c7:86:80:06:1a:e6:f0:
87:6f:8c:41:42:88:65:31:24:39:bf:57:bc:0c:c6:c5:91:65:
bf:3f:40:2f:98:af:9f:8c:bc:06:8e:86:ac:fc:d7:27:f9:dd:
88:8e:66:bd:10:4a:41:67:41:f2:5d:da:51:e2:f6:27:6b:8f:
36:2d:dc:91:73:5e:ae:f8:18:00:ef:77:46:6f:a4:cb:8d:6b:
11:a4:3c:8d:6f:9d:cc:11:92:e8:36:fb:5a:b2:b3:3c:c6:95:
66:3f:30:71:f2:fc:e6:a1:3a:e1:d6:70:60:1a:09:a8:8c:39:
71:c4:02:63:20:18:57:f9:05:cb:be:50:a7:c4:a4:2e:65:ec:
99:33:0a:af:e6:dd:92:3b:e1:45:d5:e2:dd:8c:8a:64:76:f2:
b8:a1:86:14
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZbiwg3MGZbcTVuFWEjGMsCaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyM2MzZGU2MTAxMWRlMDcxMDFlMTRkYzA3MjczOTUxNzFj
YjAzYWIwHhcNMjUwNTE4MDkzODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODVmZWIzMjgwZDQ5OWFmZGQxOGUxZTIwZTUyMDJkZjRkZjBjZDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0NDuN4yA2h1+qEEWns4qOXK5T1t
RGE8tq4CNsjHseU/EyDqNKqIXBu6Fyrzg5muDIoAXUDjee/0wrRCPx/R3rtXne/o
hhaImmALiS52aKjkJUc6rgYvflF8BcNdtVPsfrr2QfdylK0upey7ZlGsTvrhORtu
EE+iND/1ufdd5erqq1oSZiG1QZA4RUKGAF3pHSUa1UZCYG9kCwcWdFgeNuX/YkLm
piouYdBOmo9Q8VvRXooMrq+aoHQEaSNYAf7ORWj9nPzmTQYy/KrtMM/kaP5zrS2E
UvZmbl9ZwhPTUi0Q3G4EFdKgJA7m4W5CF5WAa2yeyLDxv9b4GwkbkJpVXwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPhf6zKA1Jmv3Rjh4g5SAt9N8M2TMB8GA1UdIwQY
MBaAFBI8PeYQEd4HEB4U3AcnOVFxywOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUt
YjUwNGM5YWU5YmJjLzEvMS1GX3JNb0RVbWFfZEdPSGlEbElDMzAzd3paTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmIvMjI5NjUwLThhMDEtNDM3MC05OTFlLWI1MDRjOWFlOWJi
Yy8xL0Vqdzk1aEFSM2djUUhoVGNCeWM1VVhITEE2cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEALl6/AME
ALl6/wMEAbmF4AMEALmF4zANBgkqhkiG9w0BAQsFAAOCAQEAz0G9WqsMCJYFVsUS
TcbDOt4D215uh34XeZWSqi0USKLco/v7V1YA4O92NN8FM4LkzvvbptBc74kp5KX2
DP6Otnxzz6xSre3+HIVC9ejG1lTg8XQ9zHVRTGJjNtH5l5dVeR6dftjHhoAGGubw
h2+MQUKIZTEkOb9XvAzGxZFlvz9AL5ivn4y8Bo6GrPzXJ/ndiI5mvRBKQWdB8l3a
UeL2J2uPNi3ckXNervgYAO93Rm+ky41rEaQ8jW+dzBGS6Db7WrKzPMaVZj8wcfL8
5qE64dZwYBoJqIw5ccQCYyAYV/kFy75Qp8SkLmXsmTMKr+bdkjvhRdXi3YyKZHby
uKGGFA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:13:50 2025 by rpki-client