Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/cd410f-9de4-4d82-8091-59e792fe14cc/1/P4Ok1kDh3dB-OfcpRjQxiOoay-8.roa
File: P4Ok1kDh3dB-OfcpRjQxiOoay-8.roa (raw, json)
Hash identifier: KIn/EsS9ND9RtV2Bj6/EsO8jeh9wAaPztupLYU69+Mk=
Subject key identifier: 3F:83:A4:D6:40:E1:DD:D0:7E:39:F7:29:46:34:31:88:EA:1A:CB:EF
Certificate issuer: /CN=334b09743ed2afd6afb47c58360ee3112a95cd34
Certificate serial: 01941F8C5A904905DD66F9A0FE75121E599C
Authority key identifier: 33:4B:09:74:3E:D2:AF:D6:AF:B4:7C:58:36:0E:E3:11:2A:95:CD:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M0sJdD7Sr9avtHxYNg7jESqVzTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/cd410f-9de4-4d82-8091-59e792fe14cc/1/P4Ok1kDh3dB-OfcpRjQxiOoay-8.roa
Signing time: Wed 01 Jan 2025 01:47:59 +0000
ROA not before: Wed 01 Jan 2025 01:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205053
IP address blocks: 185.226.64.0/22 maxlen: 22
185.226.64.0/24 maxlen: 24
185.226.65.0/24 maxlen: 24
185.226.66.0/24 maxlen: 24
185.226.67.0/24 maxlen: 24
213.134.5.0/24 maxlen: 24
2a0c:5e00::/32 maxlen: 32
2a0c:5e00::/48 maxlen: 48
2a0c:5e00::/64 maxlen: 64
2a0c:5e00:8::/48 maxlen: 48
2a0c:5e00:8::/64 maxlen: 64
2a0c:5e00:8:100::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/cd410f-9de4-4d82-8091-59e792fe14cc/1/M0sJdD7Sr9avtHxYNg7jESqVzTQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/cd410f-9de4-4d82-8091-59e792fe14cc/1/M0sJdD7Sr9avtHxYNg7jESqVzTQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/M0sJdD7Sr9avtHxYNg7jESqVzTQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 13:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:5a:90:49:05:dd:66:f9:a0:fe:75:12:1e:59:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=334b09743ed2afd6afb47c58360ee3112a95cd34
Validity
Not Before: Jan 1 01:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f83a4d640e1ddd07e39f72946343188ea1acbef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:89:78:d8:2b:93:a1:55:02:30:9c:94:b1:82:
7a:e8:7d:43:45:99:17:16:2a:f8:de:b3:99:73:c0:
73:dd:8b:15:b4:ce:46:17:32:bb:06:63:20:69:fa:
d2:7d:9a:87:c6:49:b0:a5:cf:d8:69:e1:dc:9e:ea:
1f:5e:0b:b9:7b:c1:88:17:9b:0e:1e:52:25:e3:fc:
03:87:7d:7e:5e:8c:23:c7:bb:1f:73:42:94:b0:61:
09:42:44:70:32:6e:c5:0e:87:e0:3b:e8:e4:95:63:
13:64:6f:f0:a5:00:49:b2:67:1a:30:85:5d:b7:48:
a2:25:35:40:ec:d3:5c:fd:4f:97:15:48:0d:38:39:
8f:4f:1f:c8:da:8e:d2:cf:5d:71:9a:58:fb:07:c5:
f1:1b:5d:c0:e2:2a:22:79:6c:c9:8f:79:51:57:90:
2e:80:99:65:d0:ab:9d:c8:34:bd:84:d6:e5:84:f9:
75:03:c5:f2:89:a3:2a:b7:ac:0d:33:28:34:02:db:
dc:6f:23:f9:e4:80:c2:da:db:5c:28:af:ef:07:8c:
72:d4:19:3e:1a:22:f2:67:9a:23:e0:b3:40:fb:56:
88:d1:7e:42:9e:31:7a:71:3d:95:26:d5:d3:b5:32:
98:ce:c2:14:b8:ac:f3:90:b3:d9:d4:77:5a:ef:e3:
de:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:83:A4:D6:40:E1:DD:D0:7E:39:F7:29:46:34:31:88:EA:1A:CB:EF
X509v3 Authority Key Identifier:
keyid:33:4B:09:74:3E:D2:AF:D6:AF:B4:7C:58:36:0E:E3:11:2A:95:CD:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M0sJdD7Sr9avtHxYNg7jESqVzTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cd410f-9de4-4d82-8091-59e792fe14cc/1/P4Ok1kDh3dB-OfcpRjQxiOoay-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cd410f-9de4-4d82-8091-59e792fe14cc/1/M0sJdD7Sr9avtHxYNg7jESqVzTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.64.0/22
213.134.5.0/24
IPv6:
2a0c:5e00::/32
Signature Algorithm: sha256WithRSAEncryption
38:34:b4:be:fb:b5:c4:d0:02:a8:3d:a9:d0:bc:12:b0:cc:9b:
cc:7c:ae:c2:e7:c9:73:ec:db:dd:8c:51:31:41:05:2d:20:9e:
66:61:d9:7b:10:ea:20:a1:b7:f8:8d:13:b4:48:16:dd:a3:c3:
13:93:11:cd:85:0e:bc:48:18:aa:5b:bc:ba:f3:e8:bb:98:44:
4f:ab:e3:e5:b3:5c:00:7a:25:76:8e:e6:ff:ef:a1:b8:19:c7:
55:fe:a5:de:e5:58:92:8f:a7:dd:7f:75:0f:5d:26:29:21:88:
d0:4c:a8:15:e4:2b:21:86:6e:59:42:b1:2e:20:33:f0:36:90:
29:8f:65:bf:ec:03:22:08:d5:b6:21:06:32:77:2f:6b:72:2e:
00:d3:b4:65:f8:c1:eb:8f:1a:c3:07:c6:9e:65:23:3d:d0:9e:
f4:18:c1:8e:16:bc:b9:4e:95:d8:4c:47:5d:64:ec:d7:89:ba:
74:9d:f3:46:2f:34:e1:36:7c:4b:96:35:e8:15:8c:87:c0:ad:
59:ea:5b:0b:b6:27:ec:d0:6e:1d:87:69:63:57:44:e1:ab:dd:
1e:a1:e7:e3:1b:d4:0e:a3:a7:c6:9b:44:20:d7:fa:da:1e:fa:
8a:e8:e7:d0:ca:db:60:63:fd:89:75:6c:18:85:5e:60:63:b4:
9e:cf:20:20
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQfjFqQSQXdZvmg/nUSHlmcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNGIwOTc0M2VkMmFmZDZhZmI0N2M1ODM2MGVlMzExMmE5
NWNkMzQwHhcNMjUwMTAxMDE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjgzYTRkNjQwZTFkZGQwN2UzOWY3Mjk0NjM0MzE4OGVhMWFjYmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ol42CuToVUCMJyUsYJ66H1DRZkX
Fir43rOZc8Bz3YsVtM5GFzK7BmMgafrSfZqHxkmwpc/YaeHcnuofXgu5e8GIF5sO
HlIl4/wDh31+Xowjx7sfc0KUsGEJQkRwMm7FDofgO+jklWMTZG/wpQBJsmcaMIVd
t0iiJTVA7NNc/U+XFUgNODmPTx/I2o7Sz11xmlj7B8XxG13A4ioieWzJj3lRV5Au
gJll0KudyDS9hNblhPl1A8XyiaMqt6wNMyg0AtvcbyP55IDC2ttcKK/vB4xy1Bk+
GiLyZ5oj4LNA+1aI0X5CnjF6cT2VJtXTtTKYzsIUuKzzkLPZ1Hda7+PexQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD+DpNZA4d3Qfjn3KUY0MYjqGsvvMB8GA1UdIwQY
MBaAFDNLCXQ+0q/Wr7R8WDYO4xEqlc00MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTBzSmREN1NyOWF2dEh4WU5nN2pFU3FWelRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9jZDQxMGYtOWRlNC00ZDgyLTgwOTEt
NTllNzkyZmUxNGNjLzEvUDRPazFrRGgzZEItT2ZjcFJqUXhpT29heS04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9jZDQxMGYtOWRlNC00ZDgyLTgwOTEtNTllNzkyZmUxNGNj
LzEvTTBzSmREN1NyOWF2dEh4WU5nN2pFU3FWelRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCueJAAwQA
1YYFMA0EAgACMAcDBQAqDF4AMA0GCSqGSIb3DQEBCwUAA4IBAQA4NLS++7XE0AKo
PanQvBKwzJvMfK7C58lz7NvdjFExQQUtIJ5mYdl7EOogobf4jRO0SBbdo8MTkxHN
hQ68SBiqW7y68+i7mERPq+Pls1wAeiV2jub/76G4GcdV/qXe5ViSj6fdf3UPXSYp
IYjQTKgV5Cshhm5ZQrEuIDPwNpApj2W/7AMiCNW2IQYydy9rci4A07Rl+MHrjxrD
B8aeZSM90J70GMGOFry5TpXYTEddZOzXibp0nfNGLzThNnxLljXoFYyHwK1Z6lsL
tifs0G4dh2ljV0Thq90eoefjG9QOo6fGm0Qg1/raHvqK6OfQyttgY/2JdWwYhV5g
Y7SezyAg
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:27 2025 by rpki-client