Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/b91d05-6a03-40ed-a983-bd809d9dedb9/1/tars8J2v-8N6JtB2suJ6nsAGhgI.roa
File: tars8J2v-8N6JtB2suJ6nsAGhgI.roa (raw, json)
Hash identifier: VKSpLn3FB2L/sDLR9l5iJR3MIMweqN1CpStbR7qOoA0=
Subject key identifier: B5:AA:EC:F0:9D:AF:FB:C3:7A:26:D0:76:B2:E2:7A:9E:C0:06:86:02
Certificate issuer: /CN=5e399fba9aae9d2d6ffe52ae8c74ae38fc6c1af1
Certificate serial: 019422FBAF8E3BE15E5E99A24FD186C14616
Authority key identifier: 5E:39:9F:BA:9A:AE:9D:2D:6F:FE:52:AE:8C:74:AE:38:FC:6C:1A:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XjmfupqunS1v_lKujHSuOPxsGvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/b91d05-6a03-40ed-a983-bd809d9dedb9/1/tars8J2v-8N6JtB2suJ6nsAGhgI.roa
Signing time: Wed 01 Jan 2025 17:48:27 +0000
ROA not before: Wed 01 Jan 2025 17:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211083
IP address blocks: 185.198.70.0/24 maxlen: 24
2a11:6c0::/29 maxlen: 32
2a11:6c0::/32 maxlen: 48
2a11:6c0:1::/48 maxlen: 64
2a11:6c0:2::/48 maxlen: 64
2a11:6c0:3::/48 maxlen: 64
2a11:6c0:4::/48 maxlen: 64
2a11:6c0:5::/48 maxlen: 64
2a11:6c0:6::/48 maxlen: 64
2a11:6c0:7::/48 maxlen: 64
2a11:6c0:8::/48 maxlen: 64
2a11:6c0:9::/48 maxlen: 64
2a11:6c0:cafe::/48 maxlen: 64
2a11:6c1::/32 maxlen: 48
2a11:6c2::/32 maxlen: 48
2a11:6c3::/32 maxlen: 48
2a11:6c4::/32 maxlen: 48
2a11:6c5::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/b91d05-6a03-40ed-a983-bd809d9dedb9/1/XjmfupqunS1v_lKujHSuOPxsGvE.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/b91d05-6a03-40ed-a983-bd809d9dedb9/1/XjmfupqunS1v_lKujHSuOPxsGvE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XjmfupqunS1v_lKujHSuOPxsGvE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 05:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:af:8e:3b:e1:5e:5e:99:a2:4f:d1:86:c1:46:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e399fba9aae9d2d6ffe52ae8c74ae38fc6c1af1
Validity
Not Before: Jan 1 17:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5aaecf09daffbc37a26d076b2e27a9ec0068602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:10:bc:2c:72:04:65:e3:ce:b7:c0:ff:cf:3f:
bc:fe:6f:22:7e:77:0d:a0:98:5e:c8:00:fb:9d:8d:
4f:02:e1:1c:96:f8:f9:53:e6:91:da:70:51:20:46:
86:cf:3a:8a:c0:2c:97:c4:cb:0b:e4:aa:97:c3:26:
b2:d5:23:cc:b9:9b:bf:4b:48:dc:82:4a:3c:4b:c3:
70:e8:3a:fb:ff:95:60:2c:54:55:d6:1e:5a:b5:1b:
85:9b:7d:6a:8c:d8:8b:00:46:04:ec:9b:25:4e:3e:
f6:86:25:ea:88:de:64:42:1a:ae:d7:db:92:c8:d9:
f4:f2:4f:e3:b4:0e:2d:d9:50:23:05:43:0f:b4:87:
a5:b9:69:22:db:8d:d7:39:03:c9:7d:b7:38:5c:5b:
2a:c2:21:71:9c:ac:d8:df:b2:ee:fc:38:e4:7a:1e:
55:56:15:02:f2:36:cc:6e:a3:d9:f8:17:35:82:36:
78:bc:1d:90:0e:4b:6d:1c:8a:60:72:b4:68:de:0e:
65:3a:da:d4:75:74:0e:62:72:4b:3f:a7:bf:29:12:
37:ef:4e:94:e1:72:37:37:05:77:3e:ee:4b:ab:88:
86:4b:03:a0:1a:33:a2:e0:32:db:ea:a4:92:30:19:
0d:5b:e9:85:1e:3c:5e:c4:94:bb:6f:30:37:3c:d0:
76:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:AA:EC:F0:9D:AF:FB:C3:7A:26:D0:76:B2:E2:7A:9E:C0:06:86:02
X509v3 Authority Key Identifier:
keyid:5E:39:9F:BA:9A:AE:9D:2D:6F:FE:52:AE:8C:74:AE:38:FC:6C:1A:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XjmfupqunS1v_lKujHSuOPxsGvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/b91d05-6a03-40ed-a983-bd809d9dedb9/1/tars8J2v-8N6JtB2suJ6nsAGhgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/b91d05-6a03-40ed-a983-bd809d9dedb9/1/XjmfupqunS1v_lKujHSuOPxsGvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.70.0/24
IPv6:
2a11:6c0::/29
Signature Algorithm: sha256WithRSAEncryption
0c:53:e5:16:be:5f:1e:d7:ad:e5:0b:1c:11:1c:22:59:ea:10:
2b:0e:70:bf:45:3f:05:e0:b2:b6:86:f7:01:4e:24:7d:23:ff:
36:67:db:34:6b:d1:95:33:4c:07:3d:84:f8:3c:95:a8:c9:06:
62:07:51:a1:98:9b:7a:f5:04:03:0b:18:c8:8b:77:01:45:ae:
9c:45:ee:75:cd:51:c8:e0:77:db:17:46:66:fb:d9:47:0f:a7:
67:4c:a1:b0:4d:6b:94:b7:bd:0d:f3:a4:42:79:99:17:01:3f:
84:72:45:63:66:91:a5:29:2a:73:cb:d3:22:34:ad:4c:6e:32:
fa:7b:44:36:0f:0b:af:08:f2:3d:4e:89:1c:8e:ea:e3:c8:c9:
62:44:65:01:16:0b:d0:bd:17:f3:bd:c0:ba:cc:5c:f9:80:74:
12:d1:e7:e3:0c:37:21:b9:45:24:93:a3:14:5f:5f:b4:ea:55:
3d:95:4c:3c:fb:c2:0c:ca:bf:75:3a:e2:a6:92:72:ee:c7:b0:
82:05:3b:ce:ca:64:a4:e6:b9:d7:3e:d5:ed:17:ee:97:f9:0a:
86:ac:f4:06:90:67:f3:03:8f:51:30:f0:72:7f:fb:9c:45:f6:
1a:dc:1d:9d:94:57:d7:2e:25:8b:7c:b2:11:75:5b:0f:95:7f:
e0:5f:cc:e5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi+6+OO+FeXpmiT9GGwUYWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMzk5ZmJhOWFhZTlkMmQ2ZmZlNTJhZThjNzRhZTM4ZmM2
YzFhZjEwHhcNMjUwMTAxMTc0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWFhZWNmMDlkYWZmYmMzN2EyNmQwNzZiMmUyN2E5ZWMwMDY4NjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRC8LHIEZePOt8D/zz+8/m8ifncN
oJheyAD7nY1PAuEclvj5U+aR2nBRIEaGzzqKwCyXxMsL5KqXwyay1SPMuZu/S0jc
gko8S8Nw6Dr7/5VgLFRV1h5atRuFm31qjNiLAEYE7JslTj72hiXqiN5kQhqu19uS
yNn08k/jtA4t2VAjBUMPtIeluWki243XOQPJfbc4XFsqwiFxnKzY37Lu/Djkeh5V
VhUC8jbMbqPZ+Bc1gjZ4vB2QDkttHIpgcrRo3g5lOtrUdXQOYnJLP6e/KRI3706U
4XI3NwV3Pu5Lq4iGSwOgGjOi4DLb6qSSMBkNW+mFHjxexJS7bzA3PNB2XQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLWq7PCdr/vDeibQdrLiep7ABoYCMB8GA1UdIwQY
MBaAFF45n7qarp0tb/5Srox0rjj8bBrxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGptZnVwcXVuUzF2X2xLdWpIU3VPUHhzR3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9iOTFkMDUtNmEwMy00MGVkLWE5ODMt
YmQ4MDlkOWRlZGI5LzEvdGFyczhKMnYtOE42SnRCMnN1SjZuc0FHaGdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9iOTFkMDUtNmEwMy00MGVkLWE5ODMtYmQ4MDlkOWRlZGI5
LzEvWGptZnVwcXVuUzF2X2xLdWpIU3VPUHhzR3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAucZGMA0E
AgACMAcDBQMqEQbAMA0GCSqGSIb3DQEBCwUAA4IBAQAMU+UWvl8e163lCxwRHCJZ
6hArDnC/RT8F4LK2hvcBTiR9I/82Z9s0a9GVM0wHPYT4PJWoyQZiB1GhmJt69QQD
CxjIi3cBRa6cRe51zVHI4HfbF0Zm+9lHD6dnTKGwTWuUt70N86RCeZkXAT+EckVj
ZpGlKSpzy9MiNK1MbjL6e0Q2DwuvCPI9TokcjurjyMliRGUBFgvQvRfzvcC6zFz5
gHQS0efjDDchuUUkk6MUX1+06lU9lUw8+8IMyr91OuKmknLux7CCBTvOymSk5rnX
PtXtF+6X+QqGrPQGkGfzA49RMPByf/ucRfYa3B2dlFfXLiWLfLIRdVsPlX/gX8zl
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:35:28 2025 by rpki-client