Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/4nMnvp2ZB-ImGV_NyuJptQX_s-M.roa
File: 4nMnvp2ZB-ImGV_NyuJptQX_s-M.roa (raw, json)
Hash identifier: Jozll95TUYI/7k+2ywrLfwC0XpMxyQSMxXrX5jLQvuI=
Subject key identifier: E2:73:27:BE:9D:99:07:E2:26:19:5F:CD:CA:E2:69:B5:05:FF:B3:E3
Certificate issuer: /CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Certificate serial: 01942522108CAB9337E486210651B9456B52
Authority key identifier: 79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/4nMnvp2ZB-ImGV_NyuJptQX_s-M.roa
Signing time: Thu 02 Jan 2025 03:49:36 +0000
ROA not before: Thu 02 Jan 2025 03:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208006
IP address blocks: 185.204.168.0/22 maxlen: 24
185.215.232.0/22 maxlen: 24
185.215.234.0/24 maxlen: 24
185.215.235.0/24 maxlen: 24
2a0d:4ac0::/48 maxlen: 48
2a0d:4ac0:1::/48 maxlen: 48
2a0d:4ac0:2::/48 maxlen: 48
2a0d:4ac0:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/edVl-Z_14P-1vfmZXteoCNQUBuU.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/edVl-Z_14P-1vfmZXteoCNQUBuU.mft
rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 07:26:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:10:8c:ab:93:37:e4:86:21:06:51:b9:45:6b:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Validity
Not Before: Jan 2 03:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e27327be9d9907e226195fcdcae269b505ffb3e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ea:be:59:4a:32:af:eb:d2:ad:bd:d6:4d:21:
76:26:3e:64:43:84:ad:4e:da:5c:9e:70:05:7c:20:
9d:e7:b3:6f:33:75:11:ec:c5:51:bc:22:72:f7:c2:
85:5e:b9:db:a5:a1:06:4d:a6:62:98:eb:ed:1e:49:
4f:52:72:08:53:a4:4c:2c:ae:ad:f4:ac:11:94:fb:
25:ab:82:ad:34:c3:50:0f:32:d5:23:20:2c:c7:6f:
24:db:16:39:9c:f1:07:1e:37:35:72:f4:c0:95:22:
42:92:4d:5a:c5:88:01:b2:65:fa:70:72:81:52:ea:
34:57:12:50:b9:4d:b4:8c:63:6b:d7:1b:22:05:71:
cc:81:4f:fc:95:d5:05:07:bc:d4:2e:57:0d:0a:f9:
0f:2b:21:5c:49:c0:25:d6:62:5a:64:c8:ea:f8:87:
ec:99:00:3b:cc:70:0a:3e:4d:df:be:47:49:cd:f7:
e6:40:15:49:fd:87:1e:6c:e2:4c:73:d1:76:ae:9f:
9d:b1:75:f3:25:97:2a:33:5d:2d:9c:c2:ae:1f:31:
e5:6a:b5:94:42:a1:87:48:16:7c:72:96:1a:e2:75:
6a:8a:1b:64:d0:0d:a0:24:ca:67:48:ea:ab:6a:6e:
a7:98:9f:9b:d5:a4:a0:38:a3:02:38:0c:83:ea:9e:
4d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:73:27:BE:9D:99:07:E2:26:19:5F:CD:CA:E2:69:B5:05:FF:B3:E3
X509v3 Authority Key Identifier:
keyid:79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/4nMnvp2ZB-ImGV_NyuJptQX_s-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/edVl-Z_14P-1vfmZXteoCNQUBuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.168.0/22
185.215.232.0/22
IPv6:
2a0d:4ac0::/46
Signature Algorithm: sha256WithRSAEncryption
29:45:7d:f3:a6:77:7f:ae:8a:31:04:2b:1f:e2:05:7f:67:90:
0a:cf:95:9d:33:e3:93:de:1b:b6:23:f6:db:a1:6d:bd:f7:d2:
ec:94:e8:04:a3:c5:98:e9:fd:2d:8a:36:aa:f0:3a:71:2f:eb:
5a:08:f7:27:c8:a7:05:48:55:c0:0a:f9:f9:b0:33:4c:23:10:
73:ad:95:58:00:49:38:15:bc:00:14:6a:77:e5:ef:a9:79:42:
49:d2:03:22:86:bb:af:4f:d7:47:ab:ea:86:a0:12:7f:f9:14:
33:13:f3:52:1d:c8:1f:89:27:fe:9a:30:44:6c:0b:b3:50:5d:
2f:ac:8c:43:f3:85:1c:4c:77:19:d5:9c:51:56:9b:81:5f:80:
67:1d:f5:f7:8f:4a:b1:dc:fc:7b:b8:98:d3:0f:0f:11:a3:75:
54:75:eb:ef:2a:52:cc:89:52:e7:c6:ed:88:17:1e:e6:03:ab:
3b:5d:4d:7f:2c:fc:93:5f:5e:1f:0d:76:0b:da:11:23:90:76:
c3:24:f7:f8:d7:87:45:4a:b6:c2:7e:a0:12:64:3e:2b:42:31:
b9:85:31:43:51:f6:09:f2:26:77:aa:06:e2:8e:01:52:a1:4d:
01:15:59:5b:1d:79:44:9e:b5:e2:2b:3e:a1:cc:56:80:4d:ac:
57:8c:9b:b5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQlIhCMq5M35IYhBlG5RWtSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZDU2NWY5OWZmNWUwZmZiNWJkZjk5OTVlZDdhODA4ZDQx
NDA2ZTUwHhcNMjUwMTAyMDM0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjczMjdiZTlkOTkwN2UyMjYxOTVmY2RjYWUyNjliNTA1ZmZiM2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAheq+WUoyr+vSrb3WTSF2Jj5kQ4St
TtpcnnAFfCCd57NvM3UR7MVRvCJy98KFXrnbpaEGTaZimOvtHklPUnIIU6RMLK6t
9KwRlPslq4KtNMNQDzLVIyAsx28k2xY5nPEHHjc1cvTAlSJCkk1axYgBsmX6cHKB
Uuo0VxJQuU20jGNr1xsiBXHMgU/8ldUFB7zULlcNCvkPKyFcScAl1mJaZMjq+Ifs
mQA7zHAKPk3fvkdJzffmQBVJ/YcebOJMc9F2rp+dsXXzJZcqM10tnMKuHzHlarWU
QqGHSBZ8cpYa4nVqihtk0A2gJMpnSOqram6nmJ+b1aSgOKMCOAyD6p5NDwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOJzJ76dmQfiJhlfzcriabUF/7PjMB8GA1UdIwQY
MBaAFHnVZfmf9eD/tb35mV7XqAjUFAblMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQt
NmMzYjg3NDQzZTA2LzEvNG5NbnZwMlpCLUltR1ZfTnl1SnB0UVhfcy1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQtNmMzYjg3NDQzZTA2
LzEvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCucyoAwQC
udfoMA8EAgACMAkDBwIqDUrAAAAwDQYJKoZIhvcNAQELBQADggEBAClFffOmd3+u
ijEEKx/iBX9nkArPlZ0z45PeG7Yj9tuhbb330uyU6ASjxZjp/S2KNqrwOnEv61oI
9yfIpwVIVcAK+fmwM0wjEHOtlVgASTgVvAAUanfl76l5QknSAyKGu69P10er6oag
En/5FDMT81IdyB+JJ/6aMERsC7NQXS+sjEPzhRxMdxnVnFFWm4FfgGcd9fePSrHc
/Hu4mNMPDxGjdVR16+8qUsyJUufG7YgXHuYDqztdTX8s/JNfXh8NdgvaESOQdsMk
9/jXh0VKtsJ+oBJkPitCMbmFMUNR9gnyJneqBuKOAVKhTQEVWVsdeUSeteIrPqHM
VoBNrFeMm7U=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:24:45 2025 by rpki-client