Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/dadb4b-14f3-42fa-95b7-f85cc5747fbf/1/A7rB6GvieHic3egdiMZfNGfq2m0.roa
File: A7rB6GvieHic3egdiMZfNGfq2m0.roa (raw, json)
Hash identifier: HS3mNdYCRI3MKIsdLKnGS/MBr6fXeWlgGEcIpC1Xugc=
Subject key identifier: 03:BA:C1:E8:6B:E2:78:78:9C:DD:E8:1D:88:C6:5F:34:67:EA:DA:6D
Certificate issuer: /CN=cb4fba09190b76849fff3d26d580790e54fac2e3
Certificate serial: 019423D7DA50EF719521E10868C53A91EFE3
Authority key identifier: CB:4F:BA:09:19:0B:76:84:9F:FF:3D:26:D5:80:79:0E:54:FA:C2:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y0-6CRkLdoSf_z0m1YB5DlT6wuM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/dadb4b-14f3-42fa-95b7-f85cc5747fbf/1/A7rB6GvieHic3egdiMZfNGfq2m0.roa
Signing time: Wed 01 Jan 2025 21:48:56 +0000
ROA not before: Wed 01 Jan 2025 21:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62163
IP address blocks: 5.157.64.0/21 maxlen: 21
185.113.68.0/22 maxlen: 22
185.113.80.0/22 maxlen: 22
185.249.212.0/22 maxlen: 22
193.37.80.0/22 maxlen: 22
2a06:3f00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/dadb4b-14f3-42fa-95b7-f85cc5747fbf/1/y0-6CRkLdoSf_z0m1YB5DlT6wuM.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/dadb4b-14f3-42fa-95b7-f85cc5747fbf/1/y0-6CRkLdoSf_z0m1YB5DlT6wuM.mft
rsync://rpki.ripe.net/repository/DEFAULT/y0-6CRkLdoSf_z0m1YB5DlT6wuM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:da:50:ef:71:95:21:e1:08:68:c5:3a:91:ef:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb4fba09190b76849fff3d26d580790e54fac2e3
Validity
Not Before: Jan 1 21:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03bac1e86be278789cdde81d88c65f3467eada6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c0:fe:2b:b1:f1:6d:44:b4:12:e5:8f:14:2a:
46:39:4e:c3:f0:0e:91:61:82:21:8a:0d:93:20:5f:
b5:7b:46:ef:23:ca:a2:fb:4c:0c:8d:21:55:35:dd:
ca:cd:ed:d2:2e:0e:e7:81:89:36:ee:aa:74:14:dc:
4a:bc:cf:46:f3:26:1a:e9:1d:e3:4f:2f:b8:d3:c0:
95:75:10:d2:0c:06:b8:03:86:2f:0e:a0:7e:f9:57:
7b:e0:68:9e:8e:df:5c:94:1d:53:28:be:b8:5a:09:
49:87:0b:ae:37:b0:a2:eb:85:8b:90:be:d6:1d:e5:
68:64:01:5a:27:6f:54:5c:06:85:88:ac:23:cd:9b:
b5:c0:dd:b9:b9:69:2d:ed:49:77:03:dd:62:c1:51:
ae:7b:3c:b0:c8:ad:eb:af:e8:4b:a0:7e:76:ec:08:
d0:26:bb:65:ba:de:2a:39:dc:ad:c4:d8:8e:7a:18:
12:30:e9:1d:bf:fa:45:32:d8:69:90:e8:b3:5c:29:
2d:fc:07:1a:04:3d:d7:77:59:db:3d:f8:b9:be:03:
ea:ff:38:1a:01:c2:36:ab:7c:60:2e:c0:a4:60:54:
89:63:ff:8d:81:d6:65:91:64:10:b5:4c:3c:2e:42:
d2:5d:71:2a:08:d8:29:f2:22:41:91:37:8f:4f:72:
0c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:BA:C1:E8:6B:E2:78:78:9C:DD:E8:1D:88:C6:5F:34:67:EA:DA:6D
X509v3 Authority Key Identifier:
keyid:CB:4F:BA:09:19:0B:76:84:9F:FF:3D:26:D5:80:79:0E:54:FA:C2:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y0-6CRkLdoSf_z0m1YB5DlT6wuM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/dadb4b-14f3-42fa-95b7-f85cc5747fbf/1/A7rB6GvieHic3egdiMZfNGfq2m0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/dadb4b-14f3-42fa-95b7-f85cc5747fbf/1/y0-6CRkLdoSf_z0m1YB5DlT6wuM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.64.0/21
185.113.68.0/22
185.113.80.0/22
185.249.212.0/22
193.37.80.0/22
IPv6:
2a06:3f00::/29
Signature Algorithm: sha256WithRSAEncryption
39:a1:e4:d3:ac:e4:ff:dc:f0:ea:b6:3f:5e:60:94:b4:7d:d3:
93:29:1a:c8:80:15:13:0b:7b:d7:10:fc:6b:53:f2:a8:d4:5f:
96:c2:41:5e:91:dd:bd:19:20:50:f9:2a:d5:d0:a2:2f:d8:b5:
f9:4a:96:a6:dc:30:fc:71:fe:0c:ab:56:91:ce:ed:bc:e6:23:
d2:30:45:42:93:e6:f3:3f:d5:97:fd:1d:a5:45:23:76:82:ce:
bd:7e:50:62:e9:de:2e:bd:cd:56:b8:9e:cb:d3:96:83:c5:23:
8a:2d:3d:1c:32:44:0e:f3:46:ce:e3:14:be:56:25:0a:41:29:
43:db:b9:c3:21:63:d1:52:b1:e5:84:19:a5:d0:23:9d:36:5c:
d3:52:be:a3:42:bd:2e:9d:62:c6:69:c2:bb:59:c5:90:8c:7e:
8d:cf:ab:f4:3d:db:f2:1c:fc:45:02:40:11:36:3c:27:cb:27:
fe:33:41:82:53:89:0b:90:9e:e3:0c:9f:f1:8a:b7:c0:e4:ae:
b9:3f:43:41:39:a7:ce:86:07:4a:86:f0:cc:be:0a:96:9e:c0:
ff:19:03:bd:7d:29:76:77:70:8e:d9:38:bd:90:ef:07:03:46:
5d:db:0c:e5:de:65:a3:c8:6f:39:4e:39:16:2f:e7:ab:b6:bc:
3b:14:cf:8b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQj19pQ73GVIeEIaMU6ke/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNGZiYTA5MTkwYjc2ODQ5ZmZmM2QyNmQ1ODA3OTBlNTRm
YWMyZTMwHhcNMjUwMTAxMjE0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2JhYzFlODZiZTI3ODc4OWNkZGU4MWQ4OGM2NWYzNDY3ZWFkYTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8D+K7HxbUS0EuWPFCpGOU7D8A6R
YYIhig2TIF+1e0bvI8qi+0wMjSFVNd3Kze3SLg7ngYk27qp0FNxKvM9G8yYa6R3j
Ty+408CVdRDSDAa4A4YvDqB++Vd74Giejt9clB1TKL64WglJhwuuN7Ci64WLkL7W
HeVoZAFaJ29UXAaFiKwjzZu1wN25uWkt7Ul3A91iwVGuezywyK3rr+hLoH527AjQ
Jrtlut4qOdytxNiOehgSMOkdv/pFMthpkOizXCkt/AcaBD3Xd1nbPfi5vgPq/zga
AcI2q3xgLsCkYFSJY/+NgdZlkWQQtUw8LkLSXXEqCNgp8iJBkTePT3IMUwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFAO6wehr4nh4nN3oHYjGXzRn6tptMB8GA1UdIwQY
MBaAFMtPugkZC3aEn/89JtWAeQ5U+sLjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTAtNkNSa0xkb1NmX3owbTFZQjVEbFQ2d3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9kYWRiNGItMTRmMy00MmZhLTk1Yjct
Zjg1Y2M1NzQ3ZmJmLzEvQTdyQjZHdmllSGljM2VnZGlNWmZOR2ZxMm0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9kYWRiNGItMTRmMy00MmZhLTk1YjctZjg1Y2M1NzQ3ZmJm
LzEveTAtNkNSa0xkb1NmX3owbTFZQjVEbFQ2d3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBZ1AAwQC
uXFEAwQCuXFQAwQCufnUAwQCwSVQMA0EAgACMAcDBQMqBj8AMA0GCSqGSIb3DQEB
CwUAA4IBAQA5oeTTrOT/3PDqtj9eYJS0fdOTKRrIgBUTC3vXEPxrU/Ko1F+WwkFe
kd29GSBQ+SrV0KIv2LX5Spam3DD8cf4Mq1aRzu285iPSMEVCk+bzP9WX/R2lRSN2
gs69flBi6d4uvc1WuJ7L05aDxSOKLT0cMkQO80bO4xS+ViUKQSlD27nDIWPRUrHl
hBml0COdNlzTUr6jQr0unWLGacK7WcWQjH6Nz6v0PdvyHPxFAkARNjwnyyf+M0GC
U4kLkJ7jDJ/xirfA5K65P0NBOafOhgdKhvDMvgqWnsD/GQO9fSl2d3CO2Ti9kO8H
A0Zd2wzl3mWjyG85TjkWL+ertrw7FM+L
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:07 2025 by rpki-client