Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/DcoOphnBv0Z-r0DRs1Wzn6GO5g8.roa
File: DcoOphnBv0Z-r0DRs1Wzn6GO5g8.roa (raw, json)
Hash identifier: /C9jr7QH16ykeDGqHdZ0LLAVK74Wkvu3hj1t3uV43yA=
Subject key identifier: 0D:CA:0E:A6:19:C1:BF:46:7E:AF:40:D1:B3:55:B3:9F:A1:8E:E6:0F
Certificate issuer: /CN=ab6f6a36ec2960d4d05f3d9dcb187b9b904ea59b
Certificate serial: 0194266BED90145568B11AF6D8E85F123558
Authority key identifier: AB:6F:6A:36:EC:29:60:D4:D0:5F:3D:9D:CB:18:7B:9B:90:4E:A5:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q29qNuwpYNTQXz2dyxh7m5BOpZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/DcoOphnBv0Z-r0DRs1Wzn6GO5g8.roa
Signing time: Thu 02 Jan 2025 09:49:54 +0000
ROA not before: Thu 02 Jan 2025 09:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21277
IP address blocks: 31.25.142.0/23 maxlen: 23
159.255.165.0/24 maxlen: 24
159.255.166.0/23 maxlen: 23
185.14.251.0/24 maxlen: 24
185.184.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/q29qNuwpYNTQXz2dyxh7m5BOpZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/q29qNuwpYNTQXz2dyxh7m5BOpZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/q29qNuwpYNTQXz2dyxh7m5BOpZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:ed:90:14:55:68:b1:1a:f6:d8:e8:5f:12:35:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab6f6a36ec2960d4d05f3d9dcb187b9b904ea59b
Validity
Not Before: Jan 2 09:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0dca0ea619c1bf467eaf40d1b355b39fa18ee60f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:7c:5b:b1:16:22:1e:b9:00:97:b5:4a:76:f7:
1e:63:ca:98:0a:9d:0f:71:91:14:a8:ac:ed:6c:1e:
0a:ab:5e:d7:97:29:46:6e:30:1d:7d:0f:d8:88:4a:
11:96:1c:4d:70:04:91:c5:97:d1:d4:fb:c9:2a:7c:
ea:76:a8:81:c2:0e:d9:c9:45:74:ce:fb:da:7c:5e:
fa:aa:21:e8:78:af:27:45:fb:1e:60:b1:e5:04:b9:
5f:66:ac:49:ac:06:4a:72:20:38:3b:16:ef:7a:14:
62:b2:c9:a8:ee:91:be:ed:63:eb:f4:45:a8:9e:bf:
e0:24:d0:7e:0c:4c:f8:8a:0f:79:47:f5:39:1b:09:
b2:62:f2:03:c5:b2:6a:e7:ef:46:be:b4:03:ed:8a:
67:02:a1:90:64:0c:3a:7e:be:cb:f6:12:0d:de:fb:
4b:28:aa:89:c1:50:3a:5c:e9:17:84:8b:26:06:48:
b7:ff:42:fe:2e:63:c4:43:f4:35:49:0f:e9:e3:9d:
78:93:b5:b9:19:89:f2:df:d0:10:28:32:19:14:ed:
f0:70:11:75:ac:70:8b:85:88:33:42:90:1d:02:83:
52:a1:b6:91:ad:3b:e2:15:5c:43:23:82:d0:ff:8b:
51:05:41:b2:e1:2a:3a:83:d9:99:2a:cd:f9:16:38:
ff:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:CA:0E:A6:19:C1:BF:46:7E:AF:40:D1:B3:55:B3:9F:A1:8E:E6:0F
X509v3 Authority Key Identifier:
keyid:AB:6F:6A:36:EC:29:60:D4:D0:5F:3D:9D:CB:18:7B:9B:90:4E:A5:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q29qNuwpYNTQXz2dyxh7m5BOpZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/DcoOphnBv0Z-r0DRs1Wzn6GO5g8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/q29qNuwpYNTQXz2dyxh7m5BOpZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.142.0/23
159.255.165.0-159.255.167.255
185.14.251.0/24
185.184.197.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:5d:3f:8b:cb:33:02:57:36:13:62:8b:9c:b9:a2:82:a0:55:
8b:1d:d0:f4:c3:43:c3:46:04:3e:88:a5:7c:dc:f7:67:83:a6:
35:c6:ab:24:a9:19:75:1b:8f:8c:c8:92:14:5c:23:83:93:5f:
81:b7:4a:11:82:3b:0d:4b:ee:6d:f7:ef:97:76:9f:00:0c:0a:
47:f9:17:2c:88:3b:03:3c:d4:f2:31:a4:25:ec:29:b0:88:c2:
33:e9:24:cc:7f:b5:6e:12:e7:84:78:ad:70:68:07:86:42:5b:
fa:e5:3a:f9:f5:41:c4:ab:57:05:97:09:e4:5a:c8:f5:3b:13:
f8:63:47:5a:5c:eb:92:79:74:38:d2:6e:ff:e8:aa:e3:f5:2d:
47:71:72:eb:a6:82:5f:4f:89:13:ec:0b:c7:7a:d9:b7:4f:60:
09:51:89:36:c7:88:00:c9:a0:2b:29:f9:35:08:e9:6f:80:e6:
0d:b5:9c:34:79:1b:0b:2f:ff:b8:e0:a3:28:59:eb:9d:f4:fa:
f3:14:fe:93:06:38:25:3e:53:a6:19:17:4f:5d:89:16:3c:5a:
47:50:f7:13:e6:83:31:44:e4:b5:cb:db:27:bb:39:62:69:93:
61:dc:d1:15:de:c2:28:90:e1:23:c9:e0:8b:b3:c9:77:19:b4:
d4:72:1c:80
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQma+2QFFVosRr22OhfEjVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNmY2YTM2ZWMyOTYwZDRkMDVmM2Q5ZGNiMTg3YjliOTA0
ZWE1OWIwHhcNMjUwMTAyMDk0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGNhMGVhNjE5YzFiZjQ2N2VhZjQwZDFiMzU1YjM5ZmExOGVlNjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nxbsRYiHrkAl7VKdvceY8qYCp0P
cZEUqKztbB4Kq17XlylGbjAdfQ/YiEoRlhxNcASRxZfR1PvJKnzqdqiBwg7ZyUV0
zvvafF76qiHoeK8nRfseYLHlBLlfZqxJrAZKciA4OxbvehRissmo7pG+7WPr9EWo
nr/gJNB+DEz4ig95R/U5GwmyYvIDxbJq5+9GvrQD7YpnAqGQZAw6fr7L9hIN3vtL
KKqJwVA6XOkXhIsmBki3/0L+LmPEQ/Q1SQ/p4514k7W5GYny39AQKDIZFO3wcBF1
rHCLhYgzQpAdAoNSobaRrTviFVxDI4LQ/4tRBUGy4So6g9mZKs35Fjj/5QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFA3KDqYZwb9Gfq9A0bNVs5+hjuYPMB8GA1UdIwQY
MBaAFKtvajbsKWDU0F89ncsYe5uQTqWbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTI5cU51d3BZTlRRWHoyZHl4aDdtNUJPcFpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80ZDliYWQtZDJhYy00MTc5LTg5NDUt
OTRiYjgzYTIwMDI5LzEvRGNvT3BobkJ2MFotcjBEUnMxV3puNkdPNWc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80ZDliYWQtZDJhYy00MTc5LTg5NDUtOTRiYjgzYTIwMDI5
LzEvcTI5cU51d3BZTlRRWHoyZHl4aDdtNUJPcFpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBHxmOMAwD
BACf/6UDBAOf/6ADBAC5DvsDBAC5uMUwDQYJKoZIhvcNAQELBQADggEBAKldP4vL
MwJXNhNii5y5ooKgVYsd0PTDQ8NGBD6IpXzc92eDpjXGqySpGXUbj4zIkhRcI4OT
X4G3ShGCOw1L7m3375d2nwAMCkf5FyyIOwM81PIxpCXsKbCIwjPpJMx/tW4S54R4
rXBoB4ZCW/rlOvn1QcSrVwWXCeRayPU7E/hjR1pc65J5dDjSbv/oquP1LUdxcuum
gl9PiRPsC8d62bdPYAlRiTbHiADJoCsp+TUI6W+A5g21nDR5Gwsv/7jgoyhZ6530
+vMU/pMGOCU+U6YZF09diRY8WkdQ9xPmgzFE5LXL2ye7OWJpk2Hc0RXewiiQ4SPJ
4IuzyXcZtNRyHIA=
-----END CERTIFICATE-----
Generated at Wed Apr 16 00:47:49 2025 by rpki-client