Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/8e6e5a-aec0-40ad-a628-dab3a9f030dc/1/B254PCc3PRUmXT9tMIpAl8XNBm8.roa
File: B254PCc3PRUmXT9tMIpAl8XNBm8.roa (raw, json)
Hash identifier: DpvsWvC8Sgiw0PT2yPQOf/12fRPoJTcquOU/HLYaUhc=
Subject key identifier: 07:6E:78:3C:27:37:3D:15:26:5D:3F:6D:30:8A:40:97:C5:CD:06:6F
Certificate issuer: /CN=62f4b147ab0efebf3e46e6dea985d751877cbb4e
Certificate serial: 019421B24C89403940DEFACD378B14FB9B87
Authority key identifier: 62:F4:B1:47:AB:0E:FE:BF:3E:46:E6:DE:A9:85:D7:51:87:7C:BB:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvSxR6sO_r8-RubeqYXXUYd8u04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/8e6e5a-aec0-40ad-a628-dab3a9f030dc/1/B254PCc3PRUmXT9tMIpAl8XNBm8.roa
Signing time: Wed 01 Jan 2025 11:48:40 +0000
ROA not before: Wed 01 Jan 2025 11:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206163
IP address blocks: 185.194.172.0/24 maxlen: 24
185.194.173.0/24 maxlen: 24
185.194.174.0/24 maxlen: 24
185.194.175.0/24 maxlen: 24
194.156.236.0/24 maxlen: 24
194.156.237.0/24 maxlen: 24
194.156.238.0/24 maxlen: 24
194.156.239.0/24 maxlen: 24
2a0a:86c0::/48 maxlen: 48
2a0a:86c0:1::/48 maxlen: 48
2a0a:86c0:2::/48 maxlen: 48
2a0a:86c0:3::/48 maxlen: 48
2a0a:86c0:4::/48 maxlen: 48
2a0a:86c0:5::/48 maxlen: 48
2a0a:86c0:6::/48 maxlen: 48
2a0a:86c0:7::/48 maxlen: 48
2a0a:86c0:8::/48 maxlen: 48
2a0a:86c0:9::/48 maxlen: 48
2a0a:86c0:10::/48 maxlen: 48
2a0a:86c0:1000::/48 maxlen: 48
2a0a:86c0:1001::/48 maxlen: 48
2a0a:86c0:1002::/48 maxlen: 48
2a0a:86c0:1003::/48 maxlen: 48
2a0a:86c0:1004::/48 maxlen: 48
2a0a:86c0:1005::/48 maxlen: 48
2a0a:86c0:1006::/48 maxlen: 48
2a0a:86c0:1007::/48 maxlen: 48
2a0a:86c0:1008::/48 maxlen: 48
2a0a:86c0:1009::/48 maxlen: 48
2a0a:86c0:1010::/48 maxlen: 48
2a0a:86c0:1011::/48 maxlen: 48
2a0a:86c0:1012::/48 maxlen: 48
2a0a:86c0:1013::/48 maxlen: 48
2a0a:86c0:1014::/48 maxlen: 48
2a0a:86c0:1015::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/8e6e5a-aec0-40ad-a628-dab3a9f030dc/1/YvSxR6sO_r8-RubeqYXXUYd8u04.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/8e6e5a-aec0-40ad-a628-dab3a9f030dc/1/YvSxR6sO_r8-RubeqYXXUYd8u04.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvSxR6sO_r8-RubeqYXXUYd8u04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 14:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:4c:89:40:39:40:de:fa:cd:37:8b:14:fb:9b:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62f4b147ab0efebf3e46e6dea985d751877cbb4e
Validity
Not Before: Jan 1 11:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=076e783c27373d15265d3f6d308a4097c5cd066f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:24:40:e1:a7:01:ed:65:06:e4:08:23:3b:b1:
9e:5b:6c:69:f0:1e:bb:1e:c4:6e:5f:29:31:24:58:
37:12:99:ce:8a:be:98:50:50:f3:34:48:a7:8b:08:
fd:d2:39:32:e2:89:5a:71:52:13:11:8f:ee:9f:ee:
62:28:38:4c:d8:67:ac:de:cf:a9:85:93:21:20:ed:
aa:d2:97:68:87:33:c1:4c:51:a7:26:28:f5:39:01:
88:72:51:76:32:20:bb:32:2b:6a:19:94:9a:95:19:
8f:cf:25:53:e0:f7:1a:d3:93:9a:09:86:ad:08:5f:
3f:18:26:ec:ff:e0:bb:d0:4e:37:af:94:42:9a:0b:
47:19:1e:59:6b:e5:c1:8a:25:47:f0:34:1f:34:c3:
c5:26:45:a6:cf:ff:d1:dd:61:42:39:e4:73:77:e1:
eb:2d:89:69:cc:5a:9c:01:f0:0f:75:33:9d:ce:66:
2d:4f:43:dc:d5:c3:cf:e0:c2:83:a0:59:40:37:6a:
66:99:ae:0c:e4:7a:ec:5d:28:11:ba:c8:4b:03:bd:
95:7d:a1:f3:27:a4:26:72:87:10:77:b6:23:8f:3d:
74:c9:26:53:79:bc:3e:a7:eb:08:f0:24:37:35:5d:
4c:a6:f9:88:69:f7:91:41:19:c5:d7:7a:91:e3:bc:
ca:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:6E:78:3C:27:37:3D:15:26:5D:3F:6D:30:8A:40:97:C5:CD:06:6F
X509v3 Authority Key Identifier:
keyid:62:F4:B1:47:AB:0E:FE:BF:3E:46:E6:DE:A9:85:D7:51:87:7C:BB:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvSxR6sO_r8-RubeqYXXUYd8u04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8e6e5a-aec0-40ad-a628-dab3a9f030dc/1/B254PCc3PRUmXT9tMIpAl8XNBm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8e6e5a-aec0-40ad-a628-dab3a9f030dc/1/YvSxR6sO_r8-RubeqYXXUYd8u04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.172.0/22
194.156.236.0/22
IPv6:
2a0a:86c0::-2a0a:86c0:9:ffff:ffff:ffff:ffff:ffff
2a0a:86c0:10::/48
2a0a:86c0:1000::-2a0a:86c0:1009:ffff:ffff:ffff:ffff:ffff
2a0a:86c0:1010::-2a0a:86c0:1015:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8b:0e:9f:4f:15:0e:d0:ff:6c:8a:55:78:3a:b5:79:0a:55:84:
50:b9:59:38:e2:be:73:8f:fe:5f:8f:ac:8f:be:da:1a:30:9e:
72:91:ed:74:d2:72:74:20:c8:a3:b0:ff:0f:9d:f0:38:7e:8c:
8b:dc:9c:e3:e8:a6:7f:a4:68:22:62:03:d3:cb:01:32:96:3b:
1a:2b:87:86:c6:53:f1:d6:fe:7e:11:ca:9d:97:b4:b6:59:b3:
88:58:d5:09:04:c5:5a:fb:d7:d5:b1:17:de:4f:2f:06:4c:5e:
21:c4:dd:b7:62:cc:32:a5:79:15:79:cf:25:f3:59:9c:e5:40:
06:84:ca:c6:7a:ec:83:4c:f5:d7:bc:5a:e5:30:c2:38:11:56:
c4:72:10:7d:13:59:e6:2e:70:e7:5d:48:4e:c2:36:51:41:b9:
cd:cb:79:eb:ff:de:a0:97:f3:c8:0a:ae:f2:e6:06:87:9b:70:
62:74:18:f3:ab:65:1d:3a:a7:90:ca:7d:1d:3c:0f:52:00:dd:
b1:e8:3a:9e:86:dc:98:a5:e2:1b:28:67:18:b1:17:31:6e:ca:
85:04:8c:18:28:39:65:20:21:e8:a3:8d:d5:d6:33:e4:c5:00:
64:07:3e:c4:d8:6f:12:6d:df:ad:72:76:83:67:18:91:e7:4d:
b4:e3:71:08
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZQhskyJQDlA3vrNN4sU+5uHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZjRiMTQ3YWIwZWZlYmYzZTQ2ZTZkZWE5ODVkNzUxODc3
Y2JiNGUwHhcNMjUwMTAxMTE0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzZlNzgzYzI3MzczZDE1MjY1ZDNmNmQzMDhhNDA5N2M1Y2QwNjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyRA4acB7WUG5AgjO7GeW2xp8B67
HsRuXykxJFg3EpnOir6YUFDzNEiniwj90jky4olacVITEY/un+5iKDhM2Ges3s+p
hZMhIO2q0pdohzPBTFGnJij1OQGIclF2MiC7MitqGZSalRmPzyVT4Pca05OaCYat
CF8/GCbs/+C70E43r5RCmgtHGR5Za+XBiiVH8DQfNMPFJkWmz//R3WFCOeRzd+Hr
LYlpzFqcAfAPdTOdzmYtT0Pc1cPP4MKDoFlAN2pmma4M5HrsXSgRushLA72VfaHz
J6QmcocQd7Yjjz10ySZTebw+p+sI8CQ3NV1MpvmIafeRQRnF13qR47zKDQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFAdueDwnNz0VJl0/bTCKQJfFzQZvMB8GA1UdIwQY
MBaAFGL0sUerDv6/Pkbm3qmF11GHfLtOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXZTeFI2c09fcjgtUnViZXFZWFhVWWQ4dTA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy84ZTZlNWEtYWVjMC00MGFkLWE2Mjgt
ZGFiM2E5ZjAzMGRjLzEvQjI1NFBDYzNQUlVtWFQ5dE1JcEFsOFhOQm04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy84ZTZlNWEtYWVjMC00MGFkLWE2MjgtZGFiM2E5ZjAzMGRj
LzEvWXZTeFI2c09fcjgtUnViZXFZWFhVWWQ4dTA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjASBAIAATAMAwQCucKsAwQC
wpzsMEgEAgACMEIwEAMFBioKhsADBwEqCobAAAgDBwAqCobAABAwEQMGBCoKhsAQ
AwcBKgqGwBAIMBIDBwQqCobAEBADBwEqCobAEBQwDQYJKoZIhvcNAQELBQADggEB
AIsOn08VDtD/bIpVeDq1eQpVhFC5WTjivnOP/l+PrI++2hownnKR7XTScnQgyKOw
/w+d8Dh+jIvcnOPopn+kaCJiA9PLATKWOxorh4bGU/HW/n4Ryp2XtLZZs4hY1QkE
xVr719WxF95PLwZMXiHE3bdizDKleRV5zyXzWZzlQAaEysZ67INM9de8WuUwwjgR
VsRyEH0TWeYucOddSE7CNlFBuc3Leev/3qCX88gKrvLmBoebcGJ0GPOrZR06p5DK
fR08D1IA3bHoOp6G3Jil4hsoZxixFzFuyoUEjBgoOWUgIeijjdXWM+TFAGQHPsTY
bxJt361ydoNnGJHnTbTjcQg=
-----END CERTIFICATE-----
Generated at Sun Mar 9 19:14:14 2025 by rpki-client