Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/28e9cb-8ef3-482a-8ed1-2f50708ac57f/1/oAvccpdYptAzS_BGXpnm48hNKj0.roa
File: oAvccpdYptAzS_BGXpnm48hNKj0.roa (raw, json)
Hash identifier: UcqHCV81R5HjZRazwae448gGQvQVwy5vVk7J2zutre4=
Subject key identifier: A0:0B:DC:72:97:58:A6:D0:33:4B:F0:46:5E:99:E6:E3:C8:4D:2A:3D
Certificate issuer: /CN=08175e0a36c789d31420b33303fbc7324c7c574b
Certificate serial: 0194252157FD41C2AF47B05801DA184FC0D7
Authority key identifier: 08:17:5E:0A:36:C7:89:D3:14:20:B3:33:03:FB:C7:32:4C:7C:57:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBdeCjbHidMUILMzA_vHMkx8V0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/28e9cb-8ef3-482a-8ed1-2f50708ac57f/1/oAvccpdYptAzS_BGXpnm48hNKj0.roa
Signing time: Thu 02 Jan 2025 03:48:49 +0000
ROA not before: Thu 02 Jan 2025 03:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62248
IP address blocks: 185.42.168.0/24 maxlen: 24
185.42.169.0/24 maxlen: 24
185.42.170.0/24 maxlen: 24
185.42.171.0/24 maxlen: 24
185.73.132.0/24 maxlen: 24
185.73.134.0/24 maxlen: 24
185.73.135.0/24 maxlen: 24
2a01:6560::/32 maxlen: 48
2a05:4280::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/28e9cb-8ef3-482a-8ed1-2f50708ac57f/1/CBdeCjbHidMUILMzA_vHMkx8V0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/28e9cb-8ef3-482a-8ed1-2f50708ac57f/1/CBdeCjbHidMUILMzA_vHMkx8V0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/CBdeCjbHidMUILMzA_vHMkx8V0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:57:fd:41:c2:af:47:b0:58:01:da:18:4f:c0:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08175e0a36c789d31420b33303fbc7324c7c574b
Validity
Not Before: Jan 2 03:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a00bdc729758a6d0334bf0465e99e6e3c84d2a3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:11:9a:79:3d:c3:e6:40:3f:b7:5e:e9:48:5e:
af:88:05:d6:0c:2c:01:77:8c:8c:34:1f:02:9d:0e:
bd:63:be:b7:40:1f:2b:ef:e8:6c:1f:b0:34:a6:9e:
ac:01:5b:1e:69:1c:5f:52:c3:20:4a:8c:80:e1:b8:
c1:f4:a4:2a:1e:91:31:89:d4:1f:7e:b7:dd:28:66:
2e:00:d5:44:6c:d0:87:35:c3:29:19:7f:d5:9b:ad:
41:26:14:10:6a:fa:67:d1:2a:08:ce:3e:43:a4:55:
e5:b2:74:d6:3b:a6:7c:74:b1:cb:cd:ab:8a:ea:7d:
1c:86:c6:fe:d2:b2:90:45:32:61:c4:bd:ed:54:ed:
26:58:c1:28:e3:21:ea:ab:00:58:ee:11:8a:83:f1:
a6:9f:ca:c7:a3:e9:58:bc:0a:fe:f5:4e:d7:9a:50:
c7:9e:29:87:e8:da:b3:46:3b:ee:6b:85:f9:15:a6:
25:e7:e1:55:c0:8a:41:e9:f1:e1:64:7a:b8:75:4a:
ae:d1:2b:cb:27:35:26:9f:8b:ac:01:c7:73:12:46:
37:8e:cf:ae:d3:d1:39:f3:c2:c0:aa:03:46:da:7e:
4a:8d:81:9e:e9:85:ee:3b:d3:e2:87:ab:8d:91:76:
03:46:0a:43:a2:dc:2a:3d:9f:b2:9b:36:ad:39:75:
94:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:0B:DC:72:97:58:A6:D0:33:4B:F0:46:5E:99:E6:E3:C8:4D:2A:3D
X509v3 Authority Key Identifier:
keyid:08:17:5E:0A:36:C7:89:D3:14:20:B3:33:03:FB:C7:32:4C:7C:57:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBdeCjbHidMUILMzA_vHMkx8V0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/28e9cb-8ef3-482a-8ed1-2f50708ac57f/1/oAvccpdYptAzS_BGXpnm48hNKj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/28e9cb-8ef3-482a-8ed1-2f50708ac57f/1/CBdeCjbHidMUILMzA_vHMkx8V0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.168.0/22
185.73.132.0/24
185.73.134.0/23
IPv6:
2a01:6560::/32
2a05:4280::/29
Signature Algorithm: sha256WithRSAEncryption
8e:a2:fe:0d:70:e5:aa:38:aa:7c:66:39:3c:37:92:96:1e:1c:
2b:94:3f:59:a6:e9:4d:30:fb:0c:4e:85:d5:b9:b3:29:6b:de:
db:5b:3d:dd:f0:cb:2d:f6:5d:93:60:9b:c1:50:8a:60:3d:2c:
0e:3b:22:6b:23:6a:df:c1:43:f4:16:42:08:5e:20:9d:c5:1f:
ea:2f:51:04:d3:20:3f:ae:40:c7:42:37:80:f3:5f:97:02:5e:
07:f5:38:92:c7:58:64:a3:5c:28:6f:a5:a9:06:eb:1b:c3:e3:
12:3d:a1:5b:6f:4b:37:bf:4a:fb:74:cb:34:42:a8:04:90:bf:
56:ca:81:4f:a1:ea:e7:0e:86:1b:b9:13:2f:fe:07:5d:f0:69:
f1:15:66:37:7b:ab:a0:e7:76:b4:4c:e6:80:ec:5f:45:e5:27:
8b:50:5b:59:e1:2f:dd:36:4b:32:90:f1:86:0c:79:c7:4d:56:
35:5e:4d:2c:58:88:72:14:e4:f7:d9:17:e8:e8:0e:8f:28:11:
a2:9f:59:91:4e:0d:79:fc:73:5c:ac:93:31:22:9d:2b:84:72:
09:26:5a:54:94:7c:c8:bd:8b:12:36:94:e1:9c:58:2d:82:c6:
22:24:90:56:41:d5:92:6b:d7:55:ed:e0:40:5e:96:76:66:f0:
64:a5:c2:a9
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQlIVf9QcKvR7BYAdoYT8DXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MTc1ZTBhMzZjNzg5ZDMxNDIwYjMzMzAzZmJjNzMyNGM3
YzU3NGIwHhcNMjUwMTAyMDM0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDBiZGM3Mjk3NThhNmQwMzM0YmYwNDY1ZTk5ZTZlM2M4NGQyYTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhGaeT3D5kA/t17pSF6viAXWDCwB
d4yMNB8CnQ69Y763QB8r7+hsH7A0pp6sAVseaRxfUsMgSoyA4bjB9KQqHpExidQf
frfdKGYuANVEbNCHNcMpGX/Vm61BJhQQavpn0SoIzj5DpFXlsnTWO6Z8dLHLzauK
6n0chsb+0rKQRTJhxL3tVO0mWMEo4yHqqwBY7hGKg/Gmn8rHo+lYvAr+9U7XmlDH
nimH6NqzRjvua4X5FaYl5+FVwIpB6fHhZHq4dUqu0SvLJzUmn4usAcdzEkY3js+u
09E588LAqgNG2n5KjYGe6YXuO9Pih6uNkXYDRgpDotwqPZ+ymzatOXWUjwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFKAL3HKXWKbQM0vwRl6Z5uPITSo9MB8GA1UdIwQY
MBaAFAgXXgo2x4nTFCCzMwP7xzJMfFdLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0JkZUNqYkhpZE1VSUxNekFfdkhNa3g4VjBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8yOGU5Y2ItOGVmMy00ODJhLThlZDEt
MmY1MDcwOGFjNTdmLzEvb0F2Y2NwZFlwdEF6U19CR1hwbm00OGhOS2owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8yOGU5Y2ItOGVmMy00ODJhLThlZDEtMmY1MDcwOGFjNTdm
LzEvQ0JkZUNqYkhpZE1VSUxNekFfdkhNa3g4VjBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuSqoAwQA
uUmEAwQBuUmGMBQEAgACMA4DBQAqAWVgAwUDKgVCgDANBgkqhkiG9w0BAQsFAAOC
AQEAjqL+DXDlqjiqfGY5PDeSlh4cK5Q/WabpTTD7DE6F1bmzKWve21s93fDLLfZd
k2CbwVCKYD0sDjsiayNq38FD9BZCCF4gncUf6i9RBNMgP65Ax0I3gPNflwJeB/U4
ksdYZKNcKG+lqQbrG8PjEj2hW29LN79K+3TLNEKoBJC/VsqBT6Hq5w6GG7kTL/4H
XfBp8RVmN3uroOd2tEzmgOxfReUni1BbWeEv3TZLMpDxhgx5x01WNV5NLFiIchTk
99kX6OgOjygRop9ZkU4NefxzXKyTMSKdK4RyCSZaVJR8yL2LEjaU4ZxYLYLGIiSQ
VkHVkmvXVe3gQF6WdmbwZKXCqQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:51 2025 by rpki-client