Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/DDQIJxH2b58VmcYYvk8QaV3dTZs.roa
File: DDQIJxH2b58VmcYYvk8QaV3dTZs.roa (raw, json)
Hash identifier: 0ls+tmpY6MrdlYFsq9WP/IA6QXpmNxNjMV8MGQI0rqA=
Subject key identifier: 0C:34:08:27:11:F6:6F:9F:15:99:C6:18:BE:4F:10:69:5D:DD:4D:9B
Certificate issuer: /CN=ac7cc334f51d2b6eb4e27d6d56b9bce3e85560cc
Certificate serial: 0194214418FF5DF984788CE7F73CAC4895F4
Authority key identifier: AC:7C:C3:34:F5:1D:2B:6E:B4:E2:7D:6D:56:B9:BC:E3:E8:55:60:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rHzDNPUdK2604n1tVrm84-hVYMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/DDQIJxH2b58VmcYYvk8QaV3dTZs.roa
Signing time: Wed 01 Jan 2025 09:48:18 +0000
ROA not before: Wed 01 Jan 2025 09:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50316
IP address blocks: 92.245.184.0/24 maxlen: 24
92.245.185.0/24 maxlen: 24
92.245.186.0/24 maxlen: 24
92.245.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/rHzDNPUdK2604n1tVrm84-hVYMw.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/rHzDNPUdK2604n1tVrm84-hVYMw.mft
rsync://rpki.ripe.net/repository/DEFAULT/rHzDNPUdK2604n1tVrm84-hVYMw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:18:ff:5d:f9:84:78:8c:e7:f7:3c:ac:48:95:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac7cc334f51d2b6eb4e27d6d56b9bce3e85560cc
Validity
Not Before: Jan 1 09:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c34082711f66f9f1599c618be4f10695ddd4d9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0e:17:e5:01:0b:e0:89:cc:14:a2:8a:ed:1b:
f1:a9:92:fe:a0:81:aa:83:3c:5a:42:c6:e0:67:89:
9f:c6:4e:6e:b6:b1:a8:e4:f1:89:24:8a:fb:22:8d:
4b:6a:1c:fe:32:a9:1b:ca:c2:70:01:fe:df:d6:23:
c3:b0:14:87:07:db:57:a4:76:90:93:c5:7a:3d:f7:
22:40:1e:5f:0f:af:74:62:29:b0:28:72:c8:15:e7:
0f:2f:d2:13:99:82:c2:c2:37:3f:19:28:6b:c0:27:
bc:b9:5a:b4:7d:9e:01:c8:38:ca:2b:77:5d:52:77:
0e:78:8a:b4:dc:11:16:51:8c:db:ee:59:1d:83:72:
e0:dc:aa:b6:4a:2a:c1:f3:c6:66:62:fb:9f:2a:42:
1b:c3:c7:85:8b:a3:13:40:9d:2e:22:5e:ff:d8:bc:
46:cc:6a:c6:76:52:ab:81:51:34:0f:9b:96:af:6b:
14:81:b0:1e:41:22:4d:6f:74:49:e6:63:d3:8f:3a:
51:24:19:06:df:e0:94:4e:ee:30:13:a9:f5:76:ed:
f5:98:b4:4f:e8:e8:b7:e4:01:ec:97:61:9a:4d:26:
93:fd:24:fd:3e:5c:f4:4c:e0:bf:0a:51:37:30:74:
09:c0:58:31:a0:45:b7:66:a2:fd:12:af:42:c9:cf:
0a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:34:08:27:11:F6:6F:9F:15:99:C6:18:BE:4F:10:69:5D:DD:4D:9B
X509v3 Authority Key Identifier:
keyid:AC:7C:C3:34:F5:1D:2B:6E:B4:E2:7D:6D:56:B9:BC:E3:E8:55:60:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHzDNPUdK2604n1tVrm84-hVYMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/DDQIJxH2b58VmcYYvk8QaV3dTZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/rHzDNPUdK2604n1tVrm84-hVYMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.245.184.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:b4:5b:a1:c7:28:53:08:12:98:3c:b5:ce:71:68:2c:62:ec:
a3:3b:aa:6d:65:b4:40:39:c3:74:69:77:95:2c:da:ba:f1:51:
cd:96:af:49:41:f4:77:93:ac:ad:a2:38:b5:7a:91:dc:5e:af:
5b:70:24:08:8e:9b:a9:d4:00:50:a9:62:52:51:93:c4:69:5c:
71:99:70:90:87:87:e9:38:8b:83:e6:39:ff:bf:18:c6:af:81:
a7:98:ae:f4:9b:bf:f5:cf:b1:59:b6:0f:ba:f9:44:16:dd:d2:
7a:d7:03:37:96:de:1c:ee:fb:af:70:02:eb:d3:86:4c:a1:ea:
eb:ac:de:a7:8c:61:42:ff:f8:e0:9c:4b:73:81:47:d0:7e:dd:
7b:e4:c2:99:3d:f6:1d:12:b8:3e:1d:d8:34:af:04:cc:da:f5:
bb:03:d8:b6:a1:1a:06:0e:36:3f:52:21:eb:8c:6e:e6:ec:12:
88:16:40:d0:db:80:24:3a:a1:39:bd:29:ce:8a:9f:45:b8:08:
b8:0e:c0:a8:ef:1b:40:d4:80:9e:1a:70:15:a2:12:d2:3a:78:
44:b7:73:07:aa:d0:15:2d:63:10:a6:19:c9:f8:8f:f1:00:29:
c4:53:e9:de:27:d5:21:29:14:22:e1:41:16:9d:4f:cb:49:42:
a6:ce:07:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRBj/XfmEeIzn9zysSJX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjN2NjMzM0ZjUxZDJiNmViNGUyN2Q2ZDU2YjliY2UzZTg1
NTYwY2MwHhcNMjUwMTAxMDk0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzM0MDgyNzExZjY2ZjlmMTU5OWM2MThiZTRmMTA2OTVkZGQ0ZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjg4X5QEL4InMFKKK7RvxqZL+oIGq
gzxaQsbgZ4mfxk5utrGo5PGJJIr7Io1Lahz+MqkbysJwAf7f1iPDsBSHB9tXpHaQ
k8V6PfciQB5fD690YimwKHLIFecPL9ITmYLCwjc/GShrwCe8uVq0fZ4ByDjKK3dd
UncOeIq03BEWUYzb7lkdg3Lg3Kq2SirB88ZmYvufKkIbw8eFi6MTQJ0uIl7/2LxG
zGrGdlKrgVE0D5uWr2sUgbAeQSJNb3RJ5mPTjzpRJBkG3+CUTu4wE6n1du31mLRP
6Oi35AHsl2GaTSaT/ST9Plz0TOC/ClE3MHQJwFgxoEW3ZqL9Eq9Cyc8KaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAw0CCcR9m+fFZnGGL5PEGld3U2bMB8GA1UdIwQY
MBaAFKx8wzT1HStutOJ9bVa5vOPoVWDMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckh6RE5QVWRLMjYwNG4xdFZybTg0LWhWWU13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9kZDU1ZTgtZmViZC00OWQwLWE1YTct
MWNmMTViMmJhN2JlLzEvRERRSUp4SDJiNThWbWNZWXZrOFFhVjNkVFpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9kZDU1ZTgtZmViZC00OWQwLWE1YTctMWNmMTViMmJhN2Jl
LzEvckh6RE5QVWRLMjYwNG4xdFZybTg0LWhWWU13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXPW4MA0G
CSqGSIb3DQEBCwUAA4IBAQBftFuhxyhTCBKYPLXOcWgsYuyjO6ptZbRAOcN0aXeV
LNq68VHNlq9JQfR3k6ytoji1epHcXq9bcCQIjpup1ABQqWJSUZPEaVxxmXCQh4fp
OIuD5jn/vxjGr4GnmK70m7/1z7FZtg+6+UQW3dJ61wM3lt4c7vuvcALr04ZMoerr
rN6njGFC//jgnEtzgUfQft175MKZPfYdErg+Hdg0rwTM2vW7A9i2oRoGDjY/UiHr
jG7m7BKIFkDQ24AkOqE5vSnOip9FuAi4DsCo7xtA1ICeGnAVohLSOnhEt3MHqtAV
LWMQphnJ+I/xACnEU+neJ9UhKRQi4UEWnU/LSUKmzgd5
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:28 2025 by rpki-client