Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/CURhnBTebRtFbuqIF-dFXdwxOsI.roa
File: CURhnBTebRtFbuqIF-dFXdwxOsI.roa (raw, json)
Hash identifier: N2c5XcgW+AQpVpLwLHbjy6S9Vm1RjK7GXpDlAsFZpfk=
Subject key identifier: 09:44:61:9C:14:DE:6D:1B:45:6E:EA:88:17:E7:45:5D:DC:31:3A:C2
Certificate issuer: /CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Certificate serial: 019426D9C8F0B4883A1EAB4D6DBC4953DECB
Authority key identifier: DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/CURhnBTebRtFbuqIF-dFXdwxOsI.roa
Signing time: Thu 02 Jan 2025 11:49:54 +0000
ROA not before: Thu 02 Jan 2025 11:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198605
IP address blocks: 95.142.112.0/24 maxlen: 24
95.142.115.0/24 maxlen: 24
95.142.118.0/24 maxlen: 24
95.142.121.0/24 maxlen: 24
95.142.124.0/24 maxlen: 24
95.142.127.0/24 maxlen: 24
159.242.227.0/24 maxlen: 24
159.242.234.0/24 maxlen: 24
159.242.239.0/24 maxlen: 24
185.54.230.0/24 maxlen: 24
194.99.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.mft
rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 05:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:c8:f0:b4:88:3a:1e:ab:4d:6d:bc:49:53:de:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Validity
Not Before: Jan 2 11:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0944619c14de6d1b456eea8817e7455ddc313ac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:aa:bd:b4:0a:8c:f7:29:f9:46:4c:2e:4f:77:
a3:02:79:25:33:2b:cb:05:50:85:f8:11:0e:5d:e7:
ba:3c:4d:ce:69:a4:d4:3c:95:d5:3b:fd:bc:27:e1:
64:eb:3f:b1:ef:cb:c7:fa:99:7c:27:07:7a:ad:e0:
d3:a2:d6:b7:08:1d:3f:72:ac:af:90:4b:00:05:d5:
89:6b:6a:f5:ad:21:e0:99:8e:97:e5:f9:cd:7e:fa:
2c:26:63:93:68:bf:75:d1:0c:a8:7e:74:4a:a9:f1:
21:8f:0a:f4:67:ce:a1:88:44:6f:74:06:42:f1:6d:
43:98:03:14:4f:68:67:16:c5:36:52:65:e2:51:71:
06:da:41:89:46:7e:31:c2:09:03:9c:22:aa:69:18:
84:9d:69:ad:88:7b:e4:77:a6:46:cf:00:fb:52:19:
ef:42:6f:73:10:91:2a:26:73:7e:3f:27:0d:69:f2:
97:ac:bc:4c:1c:21:2a:26:8b:f3:19:7d:f0:be:ed:
8f:16:95:6f:0d:72:c9:74:74:30:47:33:71:9f:dd:
11:0c:c3:ec:20:ff:47:4f:a8:8c:dc:5d:d2:94:a7:
df:d3:e0:2c:90:96:ec:e2:76:b3:56:08:89:95:ef:
56:a3:b1:c3:82:cf:c4:47:e7:df:33:d8:a3:52:c1:
32:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:44:61:9C:14:DE:6D:1B:45:6E:EA:88:17:E7:45:5D:DC:31:3A:C2
X509v3 Authority Key Identifier:
keyid:DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/CURhnBTebRtFbuqIF-dFXdwxOsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.142.112.0/24
95.142.115.0/24
95.142.118.0/24
95.142.121.0/24
95.142.124.0/24
95.142.127.0/24
159.242.227.0/24
159.242.234.0/24
159.242.239.0/24
185.54.230.0/24
194.99.28.0/22
Signature Algorithm: sha256WithRSAEncryption
29:d8:54:54:9a:da:0b:49:d7:b1:dc:66:e8:35:f9:ab:e7:01:
25:38:0b:4f:65:3b:9f:23:fe:ce:c1:e7:74:7f:df:2e:ba:83:
48:93:47:dc:d5:85:27:cf:64:19:f6:fc:fd:85:1b:03:bc:99:
e2:45:b1:91:d1:fd:cd:e2:15:a5:5c:7f:18:52:a0:6a:5d:5a:
8c:2f:1c:ba:8d:07:c2:6a:19:ab:81:5c:95:a5:e3:92:63:0e:
53:23:68:67:6c:86:b7:57:79:00:29:c7:94:63:c7:cd:6d:ae:
51:37:9d:61:5b:4e:e2:79:67:76:9e:dc:ba:13:71:4a:d9:1a:
37:29:5d:52:e1:79:1b:0a:4a:f0:30:07:d0:1e:47:6c:a9:da:
df:dd:de:e9:bb:8a:92:23:80:ef:31:da:12:30:ae:9a:d4:e0:
a3:ff:63:f3:89:65:d3:b2:1f:98:fc:c5:0e:01:2c:18:c3:e8:
a0:b1:d6:49:da:18:1b:66:d9:64:e2:6b:a1:e4:6c:c4:ab:01:
55:01:c1:04:2d:7b:ca:38:75:cc:77:4d:3c:00:77:55:1e:f5:
c9:fa:4e:1b:9e:b3:d2:48:6b:07:5c:a3:af:90:28:4c:00:e2:
de:e6:e0:e7:ba:db:9d:36:c6:95:8e:a5:b1:37:e8:a4:e8:3c:
ae:1d:bf:46
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZQm2cjwtIg6HqtNbbxJU97LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMGQ5ZDZiNjk3Y2ExYzg2NTcwYzI1Njg2MmU2ODU4YjQ3
OTljODUwHhcNMjUwMTAyMTE0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTQ0NjE5YzE0ZGU2ZDFiNDU2ZWVhODgxN2U3NDU1ZGRjMzEzYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaq9tAqM9yn5RkwuT3ejAnklMyvL
BVCF+BEOXee6PE3OaaTUPJXVO/28J+Fk6z+x78vH+pl8Jwd6reDTota3CB0/cqyv
kEsABdWJa2r1rSHgmY6X5fnNfvosJmOTaL910QyofnRKqfEhjwr0Z86hiERvdAZC
8W1DmAMUT2hnFsU2UmXiUXEG2kGJRn4xwgkDnCKqaRiEnWmtiHvkd6ZGzwD7Uhnv
Qm9zEJEqJnN+PycNafKXrLxMHCEqJovzGX3wvu2PFpVvDXLJdHQwRzNxn90RDMPs
IP9HT6iM3F3SlKff0+AskJbs4nazVgiJle9Wo7HDgs/ER+ffM9ijUsEycwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFAlEYZwU3m0bRW7qiBfnRV3cMTrCMB8GA1UdIwQY
MBaAFN4NnWtpfKHIZXDCVoYuaFi0eZyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYt
MDFjYmZjMGU5NGU3LzEvQ1VSaG5CVGViUnRGYnVxSUYtZEZYZHd4T3NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYtMDFjYmZjMGU5NGU3
LzEvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAX45wAwQA
X45zAwQAX452AwQAX455AwQAX458AwQAX45/AwQAn/LjAwQAn/LqAwQAn/LvAwQA
uTbmAwQCwmMcMA0GCSqGSIb3DQEBCwUAA4IBAQAp2FRUmtoLSdex3GboNfmr5wEl
OAtPZTufI/7Owed0f98uuoNIk0fc1YUnz2QZ9vz9hRsDvJniRbGR0f3N4hWlXH8Y
UqBqXVqMLxy6jQfCahmrgVyVpeOSYw5TI2hnbIa3V3kAKceUY8fNba5RN51hW07i
eWd2nty6E3FK2Ro3KV1S4XkbCkrwMAfQHkdsqdrf3d7pu4qSI4DvMdoSMK6a1OCj
/2PziWXTsh+Y/MUOASwYw+igsdZJ2hgbZtlk4muh5GzEqwFVAcEELXvKOHXMd008
AHdVHvXJ+k4bnrPSSGsHXKOvkChMAOLe5uDnutudNsaVjqWxN+ik6DyuHb9G
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:14:19 2025 by rpki-client