Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/d_GxW2d1XGEYH2UR9fC88UUW3QY.roa
File: d_GxW2d1XGEYH2UR9fC88UUW3QY.roa (raw, json)
Hash identifier: uor8f2a3ITsSo8ZIn5M2P4KmPLaok++1jFjqHJFf6Ko=
Subject key identifier: 77:F1:B1:5B:67:75:5C:61:18:1F:65:11:F5:F0:BC:F1:45:16:DD:06
Certificate issuer: /CN=5d7f63401407c1cc797b17034e813d2254f9773e
Certificate serial: 019421B22C1C0F2C8878C83D7E9312B2A684
Authority key identifier: 5D:7F:63:40:14:07:C1:CC:79:7B:17:03:4E:81:3D:22:54:F9:77:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XX9jQBQHwcx5excDToE9IlT5dz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/d_GxW2d1XGEYH2UR9fC88UUW3QY.roa
Signing time: Wed 01 Jan 2025 11:48:32 +0000
ROA not before: Wed 01 Jan 2025 11:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59895
IP address blocks: 185.65.204.0/24 maxlen: 24
185.65.205.0/24 maxlen: 24
185.65.206.0/24 maxlen: 24
185.65.207.0/24 maxlen: 24
194.26.222.0/24 maxlen: 24
2a05:300::/48 maxlen: 48
2a05:300:1::/48 maxlen: 48
2a05:300:2::/48 maxlen: 48
2a05:300:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/XX9jQBQHwcx5excDToE9IlT5dz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/XX9jQBQHwcx5excDToE9IlT5dz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/XX9jQBQHwcx5excDToE9IlT5dz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:2c:1c:0f:2c:88:78:c8:3d:7e:93:12:b2:a6:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d7f63401407c1cc797b17034e813d2254f9773e
Validity
Not Before: Jan 1 11:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77f1b15b67755c61181f6511f5f0bcf14516dd06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:1c:8f:4a:48:a6:0a:0b:21:a0:fa:ca:42:8f:
85:eb:6a:f4:b8:4c:7f:ce:1b:05:2e:24:f5:ea:c3:
ee:9c:e9:d6:e8:cc:e2:48:e4:ab:9d:57:5c:b8:75:
cd:22:f3:e2:55:03:1a:80:39:ec:aa:b1:a6:f2:0f:
57:46:f3:cd:22:99:4f:dc:fd:0f:e2:e8:2d:1a:98:
d6:cd:6b:fb:ef:0d:66:f9:36:bb:ea:c6:40:ae:c7:
60:a5:f7:3a:50:78:98:a2:13:15:7a:73:6f:2e:04:
97:a3:c3:f7:db:6e:53:13:38:f5:d1:4a:ff:3c:c5:
bc:84:a7:14:3f:2a:53:ea:78:e1:a3:db:ea:02:0f:
8d:03:51:b7:87:68:5f:86:a8:43:82:04:ac:c4:40:
dc:19:06:77:90:f5:f7:54:70:09:5f:ef:bd:99:88:
68:33:2d:ec:64:89:6b:ab:48:bc:f8:60:b7:8b:81:
9f:5f:b2:a7:dd:67:88:2f:1e:a7:7d:e1:aa:3c:28:
63:00:96:fc:f9:66:14:fd:85:da:03:ae:1f:e7:f8:
c4:34:c4:9f:79:89:39:9b:a3:e1:00:f0:a5:5a:c6:
ae:f4:40:d6:b5:e2:7d:be:e7:41:38:78:ac:ab:f0:
65:06:e1:27:66:0a:95:05:2c:71:39:0b:90:76:b6:
72:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:F1:B1:5B:67:75:5C:61:18:1F:65:11:F5:F0:BC:F1:45:16:DD:06
X509v3 Authority Key Identifier:
keyid:5D:7F:63:40:14:07:C1:CC:79:7B:17:03:4E:81:3D:22:54:F9:77:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XX9jQBQHwcx5excDToE9IlT5dz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/d_GxW2d1XGEYH2UR9fC88UUW3QY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/XX9jQBQHwcx5excDToE9IlT5dz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.204.0/22
194.26.222.0/24
IPv6:
2a05:300::/46
Signature Algorithm: sha256WithRSAEncryption
44:fd:88:a6:5c:ba:a9:f9:9b:3d:62:28:06:71:44:26:00:d6:
36:74:d5:f9:f3:6e:f8:a9:11:dd:27:13:df:4b:c0:ce:0c:dc:
ab:9c:24:3a:41:99:8f:54:1f:86:d8:3f:03:2a:44:6f:b2:93:
cb:b9:83:f3:00:1c:0d:e1:64:72:de:0b:e8:5e:bf:0e:ce:39:
ea:a0:18:93:42:e2:1a:18:67:6c:84:d9:db:13:cf:0a:c9:45:
ee:4e:a2:76:a9:6c:96:b2:79:c5:a5:20:e3:2c:4a:20:f3:1e:
fc:2f:90:e8:b7:41:ba:0d:a3:9a:3b:f6:4f:2a:0d:15:6c:33:
3b:2a:06:ab:12:f4:eb:a6:f0:a7:2f:ae:57:d7:68:dd:6f:5d:
8e:51:26:e1:cd:78:6a:de:23:84:25:6c:2f:ac:00:e4:23:3c:
34:8e:8e:34:fe:6d:05:12:0b:ae:15:11:b3:0c:79:49:69:40:
c2:e8:03:03:24:85:e8:c5:6b:c1:06:ba:f8:74:df:1d:d4:a1:
9a:6c:94:1c:60:7f:4c:a0:64:e2:24:33:05:8f:d3:7a:9b:3d:
76:91:d1:af:18:d7:07:79:5d:c6:c0:b5:34:71:da:b1:f1:83:
ec:6f:1a:18:f7:9b:c4:cd:f1:72:33:5b:49:04:04:ef:c2:85:
b9:70:dd:dc
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQhsiwcDyyIeMg9fpMSsqaEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkN2Y2MzQwMTQwN2MxY2M3OTdiMTcwMzRlODEzZDIyNTRm
OTc3M2UwHhcNMjUwMTAxMTE0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2YxYjE1YjY3NzU1YzYxMTgxZjY1MTFmNWYwYmNmMTQ1MTZkZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5hyPSkimCgshoPrKQo+F62r0uEx/
zhsFLiT16sPunOnW6MziSOSrnVdcuHXNIvPiVQMagDnsqrGm8g9XRvPNIplP3P0P
4ugtGpjWzWv77w1m+Ta76sZArsdgpfc6UHiYohMVenNvLgSXo8P3225TEzj10Ur/
PMW8hKcUPypT6njho9vqAg+NA1G3h2hfhqhDggSsxEDcGQZ3kPX3VHAJX++9mYho
My3sZIlrq0i8+GC3i4GfX7Kn3WeILx6nfeGqPChjAJb8+WYU/YXaA64f5/jENMSf
eYk5m6PhAPClWsau9EDWteJ9vudBOHisq/BlBuEnZgqVBSxxOQuQdrZy9QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHfxsVtndVxhGB9lEfXwvPFFFt0GMB8GA1UdIwQY
MBaAFF1/Y0AUB8HMeXsXA06BPSJU+Xc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFg5alFCUUh3Y3g1ZXhjRFRvRTlJbFQ1ZHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC81NTAwMDQtZTFhNi00NTY5LWFlNjMt
MzNmYjE0NTJiYjBhLzEvZF9HeFcyZDFYR0VZSDJVUjlmQzg4VVVXM1FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC81NTAwMDQtZTFhNi00NTY5LWFlNjMtMzNmYjE0NTJiYjBh
LzEvWFg5alFCUUh3Y3g1ZXhjRFRvRTlJbFQ1ZHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuUHMAwQA
whreMA8EAgACMAkDBwIqBQMAAAAwDQYJKoZIhvcNAQELBQADggEBAET9iKZcuqn5
mz1iKAZxRCYA1jZ01fnzbvipEd0nE99LwM4M3KucJDpBmY9UH4bYPwMqRG+yk8u5
g/MAHA3hZHLeC+hevw7OOeqgGJNC4hoYZ2yE2dsTzwrJRe5OonapbJayecWlIOMs
SiDzHvwvkOi3QboNo5o79k8qDRVsMzsqBqsS9Oum8KcvrlfXaN1vXY5RJuHNeGre
I4QlbC+sAOQjPDSOjjT+bQUSC64VEbMMeUlpQMLoAwMkhejFa8EGuvh03x3UoZps
lBxgf0ygZOIkMwWP03qbPXaR0a8Y1wd5XcbAtTRx2rHxg+xvGhj3m8TN8XIzW0kE
BO/Chblw3dw=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:25 2025 by rpki-client