Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86c539-621e-4460-a067-e0dc18e88229/1/cmFf7QvULhq8J2_sBWj-Wxk8m-o.roa
File: cmFf7QvULhq8J2_sBWj-Wxk8m-o.roa (raw, json)
Hash identifier: Q776SgfagJw9iDbsqcPtWbsqUozG92JlD6wff17ia8w=
Subject key identifier: 72:61:5F:ED:0B:D4:2E:1A:BC:27:6F:EC:05:68:FE:5B:19:3C:9B:EA
Certificate issuer: /CN=a2916527fd91e9b3cf8e062bce06df5cbd4c4b1a
Certificate serial: 019426D9316BC0F3A20D5E8A5C70B21A67BA
Authority key identifier: A2:91:65:27:FD:91:E9:B3:CF:8E:06:2B:CE:06:DF:5C:BD:4C:4B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/opFlJ_2R6bPPjgYrzgbfXL1MSxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/86c539-621e-4460-a067-e0dc18e88229/1/cmFf7QvULhq8J2_sBWj-Wxk8m-o.roa
Signing time: Thu 02 Jan 2025 11:49:15 +0000
ROA not before: Thu 02 Jan 2025 11:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 37002
IP address blocks: 185.165.32.0/22 maxlen: 24
185.165.32.0/24 maxlen: 24
185.165.33.0/24 maxlen: 24
185.165.34.0/24 maxlen: 24
185.165.35.0/24 maxlen: 24
2a0b:dc00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/86c539-621e-4460-a067-e0dc18e88229/1/opFlJ_2R6bPPjgYrzgbfXL1MSxo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/86c539-621e-4460-a067-e0dc18e88229/1/opFlJ_2R6bPPjgYrzgbfXL1MSxo.mft
rsync://rpki.ripe.net/repository/DEFAULT/opFlJ_2R6bPPjgYrzgbfXL1MSxo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 05:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:31:6b:c0:f3:a2:0d:5e:8a:5c:70:b2:1a:67:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2916527fd91e9b3cf8e062bce06df5cbd4c4b1a
Validity
Not Before: Jan 2 11:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72615fed0bd42e1abc276fec0568fe5b193c9bea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:48:62:67:fb:ab:5c:4b:7b:70:89:78:27:9b:
e1:64:39:d6:21:2b:fd:81:94:13:6c:3c:d7:73:33:
a8:e0:d8:bc:64:3b:43:f8:d7:c0:94:1f:ca:a8:f3:
a7:82:26:ab:fb:35:54:b4:2d:91:c9:3e:ad:cd:e1:
45:c7:63:86:64:73:68:86:55:f7:ce:29:84:6f:04:
51:2d:1a:18:0e:b2:00:40:cb:88:10:60:1d:1c:0b:
c1:6c:54:14:83:be:3e:7f:ad:55:de:b0:fe:9c:33:
ae:5f:5f:36:36:c7:16:dc:39:e4:6f:9c:ce:f6:67:
72:e5:6b:05:7f:0c:0c:09:20:a3:5e:3e:5c:5d:5b:
86:d2:d3:fa:1d:fa:66:74:62:79:e2:fb:e8:3d:1a:
23:01:c7:33:84:94:55:88:73:64:88:37:2c:f1:a4:
b5:34:08:d5:88:42:68:7e:64:50:20:db:e7:ec:e6:
89:1b:be:14:80:d4:84:06:10:7b:10:af:f6:0f:67:
5a:52:35:2d:25:53:48:bc:52:cf:d0:9b:66:0e:92:
24:c5:6b:f3:e6:74:ed:d3:77:f6:d0:f0:d4:bc:7a:
d5:be:e2:5f:a6:5d:35:cc:2f:4d:72:42:5d:60:37:
bd:73:42:9b:ab:22:13:8d:e3:a8:fe:35:f9:ca:42:
fa:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:61:5F:ED:0B:D4:2E:1A:BC:27:6F:EC:05:68:FE:5B:19:3C:9B:EA
X509v3 Authority Key Identifier:
keyid:A2:91:65:27:FD:91:E9:B3:CF:8E:06:2B:CE:06:DF:5C:BD:4C:4B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/opFlJ_2R6bPPjgYrzgbfXL1MSxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86c539-621e-4460-a067-e0dc18e88229/1/cmFf7QvULhq8J2_sBWj-Wxk8m-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86c539-621e-4460-a067-e0dc18e88229/1/opFlJ_2R6bPPjgYrzgbfXL1MSxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.32.0/22
IPv6:
2a0b:dc00::/29
Signature Algorithm: sha256WithRSAEncryption
23:d7:78:31:05:b6:56:35:30:3c:dd:8d:0f:05:4a:2c:68:c8:
1a:90:dc:c7:ca:27:a4:78:b7:1c:dd:fa:47:d1:11:42:30:3b:
c0:19:14:58:38:fc:af:4a:98:1a:d3:7d:0d:dc:ae:75:28:93:
71:d2:25:d0:d7:55:df:03:64:b6:2c:7f:d5:7e:15:25:a6:25:
c3:cf:aa:fb:7a:2a:f2:27:a2:17:13:66:73:70:26:19:9f:25:
85:03:31:c8:1b:26:65:48:33:c1:0e:bd:ae:fd:b8:a8:cd:a0:
93:24:20:da:b7:60:28:59:62:3b:e3:a7:34:d1:fc:66:ac:2e:
fd:4c:4e:dc:d8:6f:4d:f9:17:81:92:51:bd:4e:90:c6:20:76:
b9:68:6d:44:91:eb:5d:4f:a3:f3:07:94:cc:e2:25:a9:fa:f1:
a9:86:0b:aa:d6:18:03:72:61:ce:b7:d0:af:c0:b6:71:10:68:
30:66:26:b6:2f:db:95:8f:f6:d3:1f:80:77:da:60:ec:1f:f9:
64:0d:68:43:e6:2d:e4:d5:cd:9b:f9:8a:37:46:09:25:53:57:
e4:8a:77:84:d5:b1:22:25:4c:36:bc:b1:c1:b1:3f:d9:09:fc:
2f:82:2a:f1:58:4b:06:b9:3b:34:50:94:f4:73:6e:0f:3c:18:
06:0f:4d:ed
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2TFrwPOiDV6KXHCyGme6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyOTE2NTI3ZmQ5MWU5YjNjZjhlMDYyYmNlMDZkZjVjYmQ0
YzRiMWEwHhcNMjUwMTAyMTE0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjYxNWZlZDBiZDQyZTFhYmMyNzZmZWMwNTY4ZmU1YjE5M2M5YmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7EhiZ/urXEt7cIl4J5vhZDnWISv9
gZQTbDzXczOo4Ni8ZDtD+NfAlB/KqPOngiar+zVUtC2RyT6tzeFFx2OGZHNohlX3
zimEbwRRLRoYDrIAQMuIEGAdHAvBbFQUg74+f61V3rD+nDOuX182NscW3Dnkb5zO
9mdy5WsFfwwMCSCjXj5cXVuG0tP6HfpmdGJ54vvoPRojAcczhJRViHNkiDcs8aS1
NAjViEJofmRQINvn7OaJG74UgNSEBhB7EK/2D2daUjUtJVNIvFLP0JtmDpIkxWvz
5nTt03f20PDUvHrVvuJfpl01zC9NckJdYDe9c0KbqyITjeOo/jX5ykL64wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHJhX+0L1C4avCdv7AVo/lsZPJvqMB8GA1UdIwQY
MBaAFKKRZSf9kemzz44GK84G31y9TEsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3BGbEpfMlI2YlBQamdZcnpnYmZYTDFNU3hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmM1MzktNjIxZS00NDYwLWEwNjct
ZTBkYzE4ZTg4MjI5LzEvY21GZjdRdlVMaHE4SjJfc0JXai1XeGs4bS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmM1MzktNjIxZS00NDYwLWEwNjctZTBkYzE4ZTg4MjI5
LzEvb3BGbEpfMlI2YlBQamdZcnpnYmZYTDFNU3hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaUgMA0E
AgACMAcDBQMqC9wAMA0GCSqGSIb3DQEBCwUAA4IBAQAj13gxBbZWNTA83Y0PBUos
aMgakNzHyiekeLcc3fpH0RFCMDvAGRRYOPyvSpga030N3K51KJNx0iXQ11XfA2S2
LH/VfhUlpiXDz6r7eiryJ6IXE2ZzcCYZnyWFAzHIGyZlSDPBDr2u/biozaCTJCDa
t2AoWWI746c00fxmrC79TE7c2G9N+ReBklG9TpDGIHa5aG1EketdT6PzB5TM4iWp
+vGphguq1hgDcmHOt9CvwLZxEGgwZia2L9uVj/bTH4B32mDsH/lkDWhD5i3k1c2b
+Yo3RgklU1fkineE1bEiJUw2vLHBsT/ZCfwvgirxWEsGuTs0UJT0c24PPBgGD03t
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:36:31 2025 by rpki-client