Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/jKTi0IFy2Gsl-io5IjP67e8YnpY.roa
File: jKTi0IFy2Gsl-io5IjP67e8YnpY.roa (raw, json)
Hash identifier: zmbRyxceh2NVjEHPxC/G8V+VaBl1rJ3CnIcL4cBiYPg=
Subject key identifier: 8C:A4:E2:D0:81:72:D8:6B:25:FA:2A:39:22:33:FA:ED:EF:18:9E:96
Certificate issuer: /CN=7e65dab23940cb394f9aaa664fea4d6f8f42e318
Certificate serial: 0194206828606A8EDE521AD1C44E3C2D6395
Authority key identifier: 7E:65:DA:B2:39:40:CB:39:4F:9A:AA:66:4F:EA:4D:6F:8F:42:E3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fmXasjlAyzlPmqpmT-pNb49C4xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/jKTi0IFy2Gsl-io5IjP67e8YnpY.roa
Signing time: Wed 01 Jan 2025 05:48:04 +0000
ROA not before: Wed 01 Jan 2025 05:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51025
IP address blocks: 185.115.0.0/22 maxlen: 22
185.115.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/fmXasjlAyzlPmqpmT-pNb49C4xg.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/fmXasjlAyzlPmqpmT-pNb49C4xg.mft
rsync://rpki.ripe.net/repository/DEFAULT/fmXasjlAyzlPmqpmT-pNb49C4xg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:28:60:6a:8e:de:52:1a:d1:c4:4e:3c:2d:63:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e65dab23940cb394f9aaa664fea4d6f8f42e318
Validity
Not Before: Jan 1 05:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ca4e2d08172d86b25fa2a392233faedef189e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:17:fc:82:24:f9:36:e8:ee:dd:90:a2:7f:c3:
76:ff:b1:69:51:80:40:75:58:c8:82:d7:70:fb:09:
67:5b:99:95:37:75:28:5a:66:1b:24:f5:21:44:cd:
66:53:74:6a:36:4c:8d:c9:c6:f5:95:43:f5:19:9e:
89:61:54:01:f3:aa:d0:b7:cd:61:7e:64:a5:43:f5:
d5:98:69:b6:20:33:92:42:30:52:6d:17:e5:34:67:
eb:5d:0c:a5:85:f7:bb:85:d6:87:1b:f9:aa:53:08:
af:da:22:cd:17:fa:c9:04:71:f4:63:1c:d8:6a:7b:
c6:d6:25:3e:93:a4:e6:96:fd:bb:8d:6e:f7:1f:ab:
63:b7:00:f2:6f:b9:ed:33:2d:71:26:bf:a1:47:4b:
c5:30:07:fb:3c:8d:00:2c:30:1e:78:03:c0:73:aa:
27:69:59:3f:f6:c3:93:14:b8:fc:38:f0:46:5b:1f:
b8:a1:4a:57:46:4d:55:31:d7:26:d5:a3:35:80:62:
3a:06:1a:1a:4a:bd:a0:88:06:d5:06:b3:40:d0:bd:
d8:be:0b:3a:a4:7a:8f:fe:e1:bf:83:65:f7:3b:99:
cc:bf:09:89:eb:68:22:41:dc:7d:77:87:7d:46:7b:
82:8d:af:95:59:ab:83:66:2a:9f:15:9e:0b:6f:87:
94:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:A4:E2:D0:81:72:D8:6B:25:FA:2A:39:22:33:FA:ED:EF:18:9E:96
X509v3 Authority Key Identifier:
keyid:7E:65:DA:B2:39:40:CB:39:4F:9A:AA:66:4F:EA:4D:6F:8F:42:E3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fmXasjlAyzlPmqpmT-pNb49C4xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/jKTi0IFy2Gsl-io5IjP67e8YnpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/fmXasjlAyzlPmqpmT-pNb49C4xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.0.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:62:ba:ea:77:08:49:6d:58:aa:b7:7b:6e:e0:97:81:6f:85:
73:48:d9:06:2e:a4:cf:9f:ae:18:c3:e8:aa:4e:80:d4:e9:76:
eb:1f:0c:c2:ef:ab:96:5b:c5:5a:f1:27:17:12:43:e2:2b:79:
c0:be:b9:ae:77:99:1b:a4:60:7e:65:00:34:79:eb:2a:fd:d0:
99:34:53:25:af:4d:14:08:74:f8:9d:87:f5:1b:4a:fc:82:9b:
34:32:49:e6:a8:80:b8:b7:a6:0e:60:20:a6:59:69:30:1c:04:
44:fc:ca:34:e3:aa:88:65:75:bf:55:18:c6:97:be:19:c9:6b:
30:91:87:31:bc:cf:b9:13:3d:bb:3e:ee:f3:cf:f4:5a:7f:0b:
3e:72:fe:ae:13:36:3c:ab:68:bf:af:4a:34:92:1f:20:50:a2:
90:86:4b:f7:7e:37:35:05:3d:60:ee:5c:17:e9:a3:b8:47:49:
f8:51:d1:49:11:c9:67:fc:73:87:4b:7f:5c:79:16:dc:d6:f0:
85:00:c8:f5:9b:42:57:26:50:40:17:31:89:2c:15:b7:0d:a2:
cd:b8:88:b6:27:54:fa:6d:55:f9:28:ee:9a:4c:90:ca:36:3a:
39:10:27:4d:20:7b:48:2f:c1:89:cf:42:52:ac:13:ff:b8:64:
c9:01:2d:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaChgao7eUhrRxE48LWOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNjVkYWIyMzk0MGNiMzk0ZjlhYWE2NjRmZWE0ZDZmOGY0
MmUzMTgwHhcNMjUwMTAxMDU0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2E0ZTJkMDgxNzJkODZiMjVmYTJhMzkyMjMzZmFlZGVmMTg5ZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRf8giT5Nuju3ZCif8N2/7FpUYBA
dVjIgtdw+wlnW5mVN3UoWmYbJPUhRM1mU3RqNkyNycb1lUP1GZ6JYVQB86rQt81h
fmSlQ/XVmGm2IDOSQjBSbRflNGfrXQylhfe7hdaHG/mqUwiv2iLNF/rJBHH0YxzY
anvG1iU+k6Tmlv27jW73H6tjtwDyb7ntMy1xJr+hR0vFMAf7PI0ALDAeeAPAc6on
aVk/9sOTFLj8OPBGWx+4oUpXRk1VMdcm1aM1gGI6BhoaSr2giAbVBrNA0L3Yvgs6
pHqP/uG/g2X3O5nMvwmJ62giQdx9d4d9RnuCja+VWauDZiqfFZ4Lb4eUVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIyk4tCBcthrJfoqOSIz+u3vGJ6WMB8GA1UdIwQY
MBaAFH5l2rI5QMs5T5qqZk/qTW+PQuMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZm1YYXNqbEF5emxQbXFwbVQtcE5iNDlDNHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC81OGViYjEtZGJlYy00N2Y5LWJiOTYt
ODQ5Y2ZjYWJiNjU3LzEvaktUaTBJRnkyR3NsLWlvNUlqUDY3ZThZbnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC81OGViYjEtZGJlYy00N2Y5LWJiOTYtODQ5Y2ZjYWJiNjU3
LzEvZm1YYXNqbEF5emxQbXFwbVQtcE5iNDlDNHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXMAMA0G
CSqGSIb3DQEBCwUAA4IBAQALYrrqdwhJbViqt3tu4JeBb4VzSNkGLqTPn64Yw+iq
ToDU6XbrHwzC76uWW8Va8ScXEkPiK3nAvrmud5kbpGB+ZQA0eesq/dCZNFMlr00U
CHT4nYf1G0r8gps0MknmqIC4t6YOYCCmWWkwHARE/Mo046qIZXW/VRjGl74ZyWsw
kYcxvM+5Ez27Pu7zz/Rafws+cv6uEzY8q2i/r0o0kh8gUKKQhkv3fjc1BT1g7lwX
6aO4R0n4UdFJEcln/HOHS39ceRbc1vCFAMj1m0JXJlBAFzGJLBW3DaLNuIi2J1T6
bVX5KO6aTJDKNjo5ECdNIHtIL8GJz0JSrBP/uGTJAS1h
-----END CERTIFICATE-----
Generated at Tue Apr 15 11:37:20 2025 by rpki-client