Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/oYs8paRk9JPLOaUCIoa9pxPnmCs.roa
File: oYs8paRk9JPLOaUCIoa9pxPnmCs.roa (raw, json)
Hash identifier: kBYq1h4wg3W+NuRYMWAaTbphy585KIiOSln9Rszwvtw=
Subject key identifier: A1:8B:3C:A5:A4:64:F4:93:CB:39:A5:02:22:86:BD:A7:13:E7:98:2B
Certificate issuer: /CN=340bea3fcc3cbcedc82919cf57c74108baea369e
Certificate serial: 019425FBF442F5F49E48C72959C57E88D87F
Authority key identifier: 34:0B:EA:3F:CC:3C:BC:ED:C8:29:19:CF:57:C7:41:08:BA:EA:36:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAvqP8w8vO3IKRnPV8dBCLrqNp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/oYs8paRk9JPLOaUCIoa9pxPnmCs.roa
Signing time: Thu 02 Jan 2025 07:47:36 +0000
ROA not before: Thu 02 Jan 2025 07:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6762
IP address blocks: 5.178.40.0/21 maxlen: 24
79.140.80.0/20 maxlen: 24
89.221.32.0/20 maxlen: 20
93.186.128.0/21 maxlen: 24
93.186.136.0/22 maxlen: 22
149.3.176.0/21 maxlen: 21
176.115.184.0/22 maxlen: 22
185.70.200.0/22 maxlen: 22
185.100.112.0/22 maxlen: 22
195.22.192.0/19 maxlen: 24
213.144.160.0/19 maxlen: 19
2001:41a8::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/NAvqP8w8vO3IKRnPV8dBCLrqNp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/NAvqP8w8vO3IKRnPV8dBCLrqNp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/NAvqP8w8vO3IKRnPV8dBCLrqNp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 16:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fb:f4:42:f5:f4:9e:48:c7:29:59:c5:7e:88:d8:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=340bea3fcc3cbcedc82919cf57c74108baea369e
Validity
Not Before: Jan 2 07:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a18b3ca5a464f493cb39a5022286bda713e7982b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:fd:ec:1a:05:32:b0:44:f3:b5:24:ab:58:21:
a4:19:7c:8f:cf:09:5b:23:a2:12:fc:74:8c:ff:52:
07:14:00:7a:c1:b2:30:13:d3:21:4c:08:97:b5:45:
61:f6:8d:6f:be:99:18:36:0b:a2:02:15:be:9e:43:
80:cc:de:95:eb:85:be:20:64:a5:8d:02:b9:58:00:
66:1b:37:e6:5b:4a:04:f0:74:eb:a8:0e:7c:4d:d5:
38:ca:20:a7:06:71:c7:96:4f:12:ce:25:eb:c4:d2:
51:28:a1:74:72:a1:18:ae:3d:7b:ec:e7:02:7d:cc:
81:19:73:ea:cb:7c:27:3e:fa:10:bc:28:ed:11:44:
4e:08:ba:d9:7e:00:6e:b7:8f:a1:37:1b:fa:5f:9b:
34:f4:fc:db:d4:27:ec:06:49:01:59:45:4d:9b:3b:
4f:75:02:d2:8f:2d:c1:0f:ba:3a:e7:6b:a4:d8:a8:
92:99:e7:ea:f2:1c:2b:65:73:4b:64:32:60:70:b4:
2c:6f:b9:d4:8d:e7:59:38:44:14:7b:ea:e4:3c:66:
62:d2:5d:e6:c9:2d:e0:2d:7a:24:e9:10:f0:29:ff:
57:d7:9d:9d:70:a9:9e:77:2b:a7:4f:f9:42:d7:e8:
89:94:3c:b3:83:31:53:91:2d:f2:6b:d7:73:2f:46:
7f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:8B:3C:A5:A4:64:F4:93:CB:39:A5:02:22:86:BD:A7:13:E7:98:2B
X509v3 Authority Key Identifier:
keyid:34:0B:EA:3F:CC:3C:BC:ED:C8:29:19:CF:57:C7:41:08:BA:EA:36:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAvqP8w8vO3IKRnPV8dBCLrqNp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/oYs8paRk9JPLOaUCIoa9pxPnmCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/NAvqP8w8vO3IKRnPV8dBCLrqNp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.40.0/21
79.140.80.0/20
89.221.32.0/20
93.186.128.0-93.186.139.255
149.3.176.0/21
176.115.184.0/22
185.70.200.0/22
185.100.112.0/22
195.22.192.0/19
213.144.160.0/19
IPv6:
2001:41a8::/32
Signature Algorithm: sha256WithRSAEncryption
8c:fc:dc:6c:26:56:40:5f:86:07:cb:58:5c:fb:79:c1:d6:20:
1f:ff:6d:95:a9:ef:b5:54:ac:1c:d8:89:9a:4a:ee:6c:20:3a:
ee:9f:a4:8c:e7:e9:7a:3b:32:3c:3a:dc:73:dd:2a:ef:a4:8c:
d3:ca:a8:7b:2f:0b:e9:d3:7f:20:13:ce:74:a6:0a:bb:bc:f2:
95:47:2c:a2:27:22:40:0c:20:e1:c9:70:b7:44:b0:4a:5f:c3:
52:dc:34:3b:5c:40:26:26:f3:f9:f3:24:cb:ee:a5:b3:81:f4:
f2:58:d3:70:20:90:02:cd:d3:35:c1:9e:ec:a4:dc:8b:bb:b9:
1c:f4:e6:ba:34:b1:ec:b3:3f:f0:46:32:49:a9:6e:5f:1a:bd:
a1:d3:6a:6d:d0:95:67:68:e0:2e:70:67:a9:ca:0b:8d:ef:c7:
1d:0c:a0:f0:90:de:cd:5c:47:87:9a:53:29:a2:72:82:23:90:
7c:ef:84:7b:86:ec:3b:f7:5d:33:bc:59:b5:f2:60:71:63:2e:
75:55:24:98:4f:c9:ff:15:d2:8e:5d:38:4e:72:fe:d9:c1:4d:
39:a4:ea:cc:e3:70:2c:3b:5e:44:bc:81:d7:da:9b:08:8d:09:
46:47:25:23:15:bf:16:51:50:db:75:04:f0:c2:19:79:f3:db:
9a:5b:88:cd
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZQl+/RC9fSeSMcpWcV+iNh/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MGJlYTNmY2MzY2JjZWRjODI5MTljZjU3Yzc0MTA4YmFl
YTM2OWUwHhcNMjUwMTAyMDc0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMThiM2NhNWE0NjRmNDkzY2IzOWE1MDIyMjg2YmRhNzEzZTc5ODJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxP3sGgUysETztSSrWCGkGXyPzwlb
I6IS/HSM/1IHFAB6wbIwE9MhTAiXtUVh9o1vvpkYNguiAhW+nkOAzN6V64W+IGSl
jQK5WABmGzfmW0oE8HTrqA58TdU4yiCnBnHHlk8SziXrxNJRKKF0cqEYrj177OcC
fcyBGXPqy3wnPvoQvCjtEUROCLrZfgBut4+hNxv6X5s09Pzb1CfsBkkBWUVNmztP
dQLSjy3BD7o652uk2KiSmefq8hwrZXNLZDJgcLQsb7nUjedZOEQUe+rkPGZi0l3m
yS3gLXok6RDwKf9X152dcKmedyunT/lC1+iJlDyzgzFTkS3ya9dzL0Z/dwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFKGLPKWkZPSTyzmlAiKGvacT55grMB8GA1UdIwQY
MBaAFDQL6j/MPLztyCkZz1fHQQi66jaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkF2cVA4dzh2TzNJS1JuUFY4ZEJDTHJxTnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9lY2RhM2QtYTJkYi00OTA4LTg2MmYt
MTExMDU2MzY5YTIzLzEvb1lzOHBhUms5SlBMT2FVQ0lvYTlweFBubUNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9lY2RhM2QtYTJkYi00OTA4LTg2MmYtMTExMDU2MzY5YTIz
LzEvTkF2cVA4dzh2TzNJS1JuUFY4ZEJDTHJxTnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQDBbIoAwQE
T4xQAwQEWd0gMAwDBAdduoADBAJduogDBAOVA7ADBAKwc7gDBAK5RsgDBAK5ZHAD
BAXDFsADBAXVkKAwDQQCAAIwBwMFACABQagwDQYJKoZIhvcNAQELBQADggEBAIz8
3GwmVkBfhgfLWFz7ecHWIB//bZWp77VUrBzYiZpK7mwgOu6fpIzn6Xo7Mjw63HPd
Ku+kjNPKqHsvC+nTfyATznSmCru88pVHLKInIkAMIOHJcLdEsEpfw1LcNDtcQCYm
8/nzJMvupbOB9PJY03AgkALN0zXBnuyk3Iu7uRz05ro0seyzP/BGMkmpbl8avaHT
am3QlWdo4C5wZ6nKC43vxx0MoPCQ3s1cR4eaUymicoIjkHzvhHuG7Dv3XTO8WbXy
YHFjLnVVJJhPyf8V0o5dOE5y/tnBTTmk6szjcCw7XkS8gdfamwiNCUZHJSMVvxZR
UNt1BPDCGXnz25pbiM0=
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:05:04 2025 by rpki-client