Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/55d92c-d3e2-4da1-8d53-7e47da1ce406/1/r-_fYxsQeAAnWT8K8BN3aabue4c.roa
File: r-_fYxsQeAAnWT8K8BN3aabue4c.roa (raw, json)
Hash identifier: vX8iAlHxAeCaWnzF37mIFqPFZYMuvvYEyZXEicfJpc8=
Subject key identifier: AF:EF:DF:63:1B:10:78:00:27:59:3F:0A:F0:13:77:69:A6:EE:7B:87
Certificate issuer: /CN=e2a2ab0a275a2d04f1e2635ab2c77eb3ae6038cc
Certificate serial: 019427B61E21F65BA9E9DAE5154A5E4952C0
Authority key identifier: E2:A2:AB:0A:27:5A:2D:04:F1:E2:63:5A:B2:C7:7E:B3:AE:60:38:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4qKrCidaLQTx4mNassd-s65gOMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/55d92c-d3e2-4da1-8d53-7e47da1ce406/1/r-_fYxsQeAAnWT8K8BN3aabue4c.roa
Signing time: Thu 02 Jan 2025 15:50:34 +0000
ROA not before: Thu 02 Jan 2025 15:50:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207065
IP address blocks: 185.166.184.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/55d92c-d3e2-4da1-8d53-7e47da1ce406/1/4qKrCidaLQTx4mNassd-s65gOMw.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/55d92c-d3e2-4da1-8d53-7e47da1ce406/1/4qKrCidaLQTx4mNassd-s65gOMw.mft
rsync://rpki.ripe.net/repository/DEFAULT/4qKrCidaLQTx4mNassd-s65gOMw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:1e:21:f6:5b:a9:e9:da:e5:15:4a:5e:49:52:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2a2ab0a275a2d04f1e2635ab2c77eb3ae6038cc
Validity
Not Before: Jan 2 15:50:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afefdf631b10780027593f0af0137769a6ee7b87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:20:da:ca:78:00:90:5d:ba:35:58:36:19:bd:
c0:30:7f:42:a5:4e:0d:08:05:36:62:da:63:45:b8:
fb:03:6c:cd:f5:76:01:b1:32:57:b2:dd:ef:25:ad:
2a:bc:d7:7d:ba:40:83:1b:94:e3:f8:92:df:d6:2b:
af:28:32:e2:62:2c:7a:f3:8b:8e:fd:49:a1:4f:7b:
c4:82:e5:d6:d5:06:44:af:4e:16:cb:e0:cb:68:2b:
b7:c6:fc:48:21:6f:4e:71:8f:25:06:7d:15:ba:59:
40:bc:b2:d7:d7:28:b8:3d:5b:99:3e:6b:16:20:23:
f3:2f:5f:21:da:7c:92:84:7e:6c:c2:83:d4:19:fa:
c8:c0:53:5c:41:dd:b8:c6:6b:df:62:e5:f8:12:9b:
71:3c:4f:3e:4b:45:c7:16:c1:b8:fe:71:b8:d7:b2:
e0:89:b4:2d:08:29:dd:6a:79:8f:9b:e3:f6:9b:27:
8a:4d:55:e6:35:12:79:5e:63:5d:63:e0:07:da:b1:
2c:e9:39:db:75:64:f2:91:07:20:5c:9d:f2:06:bc:
11:11:4c:18:53:2e:df:81:f9:82:8b:f7:4f:15:8b:
12:89:4a:8c:3f:e2:18:9e:0d:e7:3b:ab:03:b5:81:
80:82:e7:73:79:15:34:ae:c9:b4:1f:01:1d:96:87:
94:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:EF:DF:63:1B:10:78:00:27:59:3F:0A:F0:13:77:69:A6:EE:7B:87
X509v3 Authority Key Identifier:
keyid:E2:A2:AB:0A:27:5A:2D:04:F1:E2:63:5A:B2:C7:7E:B3:AE:60:38:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4qKrCidaLQTx4mNassd-s65gOMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/55d92c-d3e2-4da1-8d53-7e47da1ce406/1/r-_fYxsQeAAnWT8K8BN3aabue4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/55d92c-d3e2-4da1-8d53-7e47da1ce406/1/4qKrCidaLQTx4mNassd-s65gOMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.184.0/22
Signature Algorithm: sha256WithRSAEncryption
89:fe:03:1a:df:15:29:8f:2a:d7:c8:0d:5e:72:9d:26:f5:01:
85:1c:72:8a:3d:8d:13:c2:70:3f:3f:e8:5c:cd:31:df:da:33:
8c:5e:ec:29:2f:41:f1:1d:fd:ef:23:75:a4:10:da:30:5d:d0:
31:79:36:33:7a:30:47:35:3d:75:3e:c0:8a:d8:25:70:44:2c:
1b:90:4c:06:75:5b:f8:6f:fc:b6:48:31:b7:0a:2d:4a:42:09:
bb:5d:03:65:fb:97:81:1f:9d:e8:b6:b0:c3:2f:fc:e3:fb:e5:
24:5b:64:8c:38:ff:52:13:d7:f6:7c:29:5b:4a:94:86:5a:5d:
ca:ef:90:19:52:76:a0:01:f2:cf:36:42:4e:e7:0e:3e:0b:4f:
01:26:1f:4b:55:a6:cc:e1:45:32:03:df:6b:be:f6:8b:c1:0a:
4d:ff:63:9e:6f:c1:92:92:4f:2d:b6:95:b8:ac:8e:19:8a:aa:
1c:16:8b:ce:1c:cf:39:6b:2a:39:90:a0:61:55:e6:51:b5:0e:
60:23:fd:ee:3c:30:46:28:8a:49:1f:97:82:a5:a8:43:d5:a7:
cf:e1:b0:ee:76:3b:58:e7:5a:74:da:d7:6b:c2:bf:f0:b5:bc:
67:81:5d:ee:b1:3a:02:fe:05:ed:ea:e7:a3:53:67:a2:07:df:
25:eb:e5:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnth4h9lup6drlFUpeSVLAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYTJhYjBhMjc1YTJkMDRmMWUyNjM1YWIyYzc3ZWIzYWU2
MDM4Y2MwHhcNMjUwMTAyMTU1MDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmVmZGY2MzFiMTA3ODAwMjc1OTNmMGFmMDEzNzc2OWE2ZWU3Yjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCDayngAkF26NVg2Gb3AMH9CpU4N
CAU2YtpjRbj7A2zN9XYBsTJXst3vJa0qvNd9ukCDG5Tj+JLf1iuvKDLiYix684uO
/UmhT3vEguXW1QZEr04Wy+DLaCu3xvxIIW9OcY8lBn0VullAvLLX1yi4PVuZPmsW
ICPzL18h2nyShH5swoPUGfrIwFNcQd24xmvfYuX4EptxPE8+S0XHFsG4/nG417Lg
ibQtCCndanmPm+P2myeKTVXmNRJ5XmNdY+AH2rEs6TnbdWTykQcgXJ3yBrwREUwY
Uy7fgfmCi/dPFYsSiUqMP+IYng3nO6sDtYGAgudzeRU0rsm0HwEdloeUvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK/v32MbEHgAJ1k/CvATd2mm7nuHMB8GA1UdIwQY
MBaAFOKiqwonWi0E8eJjWrLHfrOuYDjMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHFLckNpZGFMUVR4NG1OYXNzZC1zNjVnT013LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS81NWQ5MmMtZDNlMi00ZGExLThkNTMt
N2U0N2RhMWNlNDA2LzEvci1fZll4c1FlQUFuV1Q4SzhCTjNhYWJ1ZTRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS81NWQ5MmMtZDNlMi00ZGExLThkNTMtN2U0N2RhMWNlNDA2
LzEvNHFLckNpZGFMUVR4NG1OYXNzZC1zNjVnT013LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaa4MA0G
CSqGSIb3DQEBCwUAA4IBAQCJ/gMa3xUpjyrXyA1ecp0m9QGFHHKKPY0TwnA/P+hc
zTHf2jOMXuwpL0HxHf3vI3WkENowXdAxeTYzejBHNT11PsCK2CVwRCwbkEwGdVv4
b/y2SDG3Ci1KQgm7XQNl+5eBH53otrDDL/zj++UkW2SMOP9SE9f2fClbSpSGWl3K
75AZUnagAfLPNkJO5w4+C08BJh9LVabM4UUyA99rvvaLwQpN/2Oeb8GSkk8ttpW4
rI4ZiqocFovOHM85ayo5kKBhVeZRtQ5gI/3uPDBGKIpJH5eCpahD1afP4bDudjtY
51p02tdrwr/wtbxngV3usToC/gXt6uejU2eiB98l6+XY
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:05 2025 by rpki-client