Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1defca-e125-4b00-9252-9fe86dea862a/1/1-FQBZTT5afKyG6FIAOC0DP_Gyes.roa
File: 1-FQBZTT5afKyG6FIAOC0DP_Gyes.roa (raw, json)
Hash identifier: QUXwHR9U/j2PM2tc+oqu+jlOONy/4+OVBz6LYmOZ3uc=
Subject key identifier: F8:54:01:65:34:F9:69:F2:B2:1B:A1:48:00:E0:B4:0C:FF:C6:C9:EB
Certificate issuer: /CN=5b456c9f7f79b987196c468402396a187c156d7c
Certificate serial: 019420D63361EE697DBF0B635DD4052127B4
Authority key identifier: 5B:45:6C:9F:7F:79:B9:87:19:6C:46:84:02:39:6A:18:7C:15:6D:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W0Vsn395uYcZbEaEAjlqGHwVbXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1defca-e125-4b00-9252-9fe86dea862a/1/1-FQBZTT5afKyG6FIAOC0DP_Gyes.roa
Signing time: Wed 01 Jan 2025 07:48:16 +0000
ROA not before: Wed 01 Jan 2025 07:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60855
IP address blocks: 185.24.184.0/23 maxlen: 23
185.24.184.0/24 maxlen: 24
185.24.185.0/24 maxlen: 24
185.24.186.0/23 maxlen: 23
185.24.186.0/24 maxlen: 24
185.24.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1defca-e125-4b00-9252-9fe86dea862a/1/W0Vsn395uYcZbEaEAjlqGHwVbXw.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1defca-e125-4b00-9252-9fe86dea862a/1/W0Vsn395uYcZbEaEAjlqGHwVbXw.mft
rsync://rpki.ripe.net/repository/DEFAULT/W0Vsn395uYcZbEaEAjlqGHwVbXw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:33:61:ee:69:7d:bf:0b:63:5d:d4:05:21:27:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b456c9f7f79b987196c468402396a187c156d7c
Validity
Not Before: Jan 1 07:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f854016534f969f2b21ba14800e0b40cffc6c9eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:47:cb:2b:40:8e:ac:90:ab:3c:fc:f0:67:9b:
8d:ee:6a:ed:41:66:b6:6a:32:36:9c:cd:3b:e7:fd:
eb:c3:85:c5:cd:38:e7:0e:8e:4e:9f:91:a5:ff:8e:
f1:b7:61:11:e6:ad:a5:02:50:b9:10:1b:04:8c:63:
45:32:c1:23:51:53:3b:27:a1:4e:38:a3:90:4d:a6:
c6:b1:26:9a:72:eb:b6:38:45:e1:c2:cd:57:ca:0c:
7e:65:6c:32:83:c6:97:51:5f:a2:c0:3e:85:83:66:
66:59:72:55:cf:b0:f1:99:ee:59:09:cc:f6:21:0c:
38:52:8a:34:20:c2:cb:e4:b8:98:73:99:5c:d8:d9:
18:0c:eb:f1:57:a6:b8:23:60:81:a0:ce:31:97:32:
32:91:a2:41:e9:cf:8d:58:62:56:18:ad:3a:8b:1a:
2c:67:a1:a6:f8:be:1a:0a:93:f8:11:8b:2d:d6:b0:
a9:a2:60:70:61:74:d5:e0:8d:72:74:a4:29:90:4c:
27:71:8f:14:ac:63:64:54:29:0f:cf:61:8b:d8:b1:
c7:7e:85:ae:82:63:a1:54:a5:05:93:33:0e:d2:c4:
15:42:53:b1:04:9b:e7:ee:93:8f:42:3c:95:29:60:
43:98:8a:74:de:1a:42:d7:ad:37:8c:56:b8:98:86:
05:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:54:01:65:34:F9:69:F2:B2:1B:A1:48:00:E0:B4:0C:FF:C6:C9:EB
X509v3 Authority Key Identifier:
keyid:5B:45:6C:9F:7F:79:B9:87:19:6C:46:84:02:39:6A:18:7C:15:6D:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W0Vsn395uYcZbEaEAjlqGHwVbXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1defca-e125-4b00-9252-9fe86dea862a/1/1-FQBZTT5afKyG6FIAOC0DP_Gyes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1defca-e125-4b00-9252-9fe86dea862a/1/W0Vsn395uYcZbEaEAjlqGHwVbXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.184.0/22
Signature Algorithm: sha256WithRSAEncryption
23:d4:fa:62:98:3e:c3:70:c1:26:fd:7b:3f:2e:ab:f3:e3:14:
5e:6b:e1:ce:2a:9e:17:85:2c:7a:ef:86:1f:be:d4:08:fb:70:
85:8d:51:85:d1:2d:90:48:0a:6d:ba:07:7f:37:40:41:3e:d9:
e9:14:de:cc:cc:b8:4f:37:b1:b5:1c:9b:52:db:59:e8:4d:fc:
b2:c9:6f:c7:e4:8b:10:e6:46:5f:15:10:95:65:25:e4:19:f7:
a6:4a:31:c0:66:77:08:55:3b:9b:9c:1a:81:57:21:1a:ff:01:
d5:a7:bf:c8:5b:63:8d:82:60:5e:74:8f:52:3e:64:2d:a7:10:
63:51:31:8b:84:ab:f4:4d:d8:1a:aa:8f:60:48:fd:4d:e5:0f:
8d:36:62:1c:de:1c:2f:55:bc:5d:d8:e2:3b:db:d8:86:c2:c0:
c3:38:00:6d:9a:69:1a:16:c5:6a:05:20:7e:08:75:4e:05:a8:
8c:39:48:57:4d:6b:52:dc:6a:98:a3:41:22:5e:f4:f0:56:cc:
d7:24:26:14:98:80:27:e8:cc:5f:6a:de:3b:b9:89:cf:20:0a:
f7:ba:02:c3:90:06:93:3a:2c:41:e5:bb:2b:ea:2d:0d:2e:41:
fc:c1:b1:a1:35:82:91:2d:da:14:40:69:94:55:1b:4c:1b:40:
6f:62:9e:81
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQg1jNh7ml9vwtjXdQFISe0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNDU2YzlmN2Y3OWI5ODcxOTZjNDY4NDAyMzk2YTE4N2Mx
NTZkN2MwHhcNMjUwMTAxMDc0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODU0MDE2NTM0Zjk2OWYyYjIxYmExNDgwMGUwYjQwY2ZmYzZjOWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkfLK0COrJCrPPzwZ5uN7mrtQWa2
ajI2nM075/3rw4XFzTjnDo5On5Gl/47xt2ER5q2lAlC5EBsEjGNFMsEjUVM7J6FO
OKOQTabGsSaacuu2OEXhws1Xygx+ZWwyg8aXUV+iwD6Fg2ZmWXJVz7Dxme5ZCcz2
IQw4Uoo0IMLL5LiYc5lc2NkYDOvxV6a4I2CBoM4xlzIykaJB6c+NWGJWGK06ixos
Z6Gm+L4aCpP4EYst1rCpomBwYXTV4I1ydKQpkEwncY8UrGNkVCkPz2GL2LHHfoWu
gmOhVKUFkzMO0sQVQlOxBJvn7pOPQjyVKWBDmIp03hpC1603jFa4mIYFsQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPhUAWU0+WnyshuhSADgtAz/xsnrMB8GA1UdIwQY
MBaAFFtFbJ9/ebmHGWxGhAI5ahh8FW18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzBWc24zOTV1WWNaYkVhRUFqbHFHSHdWYlh3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xZGVmY2EtZTEyNS00YjAwLTkyNTIt
OWZlODZkZWE4NjJhLzEvMS1GUUJaVFQ1YWZLeUc2RklBT0MwRFBfR3llcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGQvMWRlZmNhLWUxMjUtNGIwMC05MjUyLTlmZTg2ZGVhODYy
YS8xL1cwVnNuMzk1dVljWmJFYUVBamxxR0h3VmJYdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkYuDAN
BgkqhkiG9w0BAQsFAAOCAQEAI9T6Ypg+w3DBJv17Py6r8+MUXmvhziqeF4Useu+G
H77UCPtwhY1RhdEtkEgKbboHfzdAQT7Z6RTezMy4TzextRybUttZ6E38sslvx+SL
EOZGXxUQlWUl5Bn3pkoxwGZ3CFU7m5wagVchGv8B1ae/yFtjjYJgXnSPUj5kLacQ
Y1Exi4Sr9E3YGqqPYEj9TeUPjTZiHN4cL1W8XdjiO9vYhsLAwzgAbZppGhbFagUg
fgh1TgWojDlIV01rUtxqmKNBIl708FbM1yQmFJiAJ+jMX2reO7mJzyAK97oCw5AG
kzosQeW7K+otDS5B/MGxoTWCkS3aFEBplFUbTBtAb2KegQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:14:16 2025 by rpki-client