Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/1e9958-9ff2-4123-9b5f-a2ef90c9e913/1/skK36GoSOdR0likALCjbuukKSIA.roa
File: skK36GoSOdR0likALCjbuukKSIA.roa (raw, json)
Hash identifier: rM2HKFoUwc02gigzQD8leLnlbHQm3zNCncQ93i9jwp0=
Subject key identifier: B2:42:B7:E8:6A:12:39:D4:74:96:29:00:2C:28:DB:BA:E9:0A:48:80
Certificate issuer: /CN=c355722b4e8a48240acdf5f337838aa206aa02da
Certificate serial: 01942144538795483233FCCD5CA91D2CA8DC
Authority key identifier: C3:55:72:2B:4E:8A:48:24:0A:CD:F5:F3:37:83:8A:A2:06:AA:02:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w1VyK06KSCQKzfXzN4OKogaqAto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/1e9958-9ff2-4123-9b5f-a2ef90c9e913/1/skK36GoSOdR0likALCjbuukKSIA.roa
Signing time: Wed 01 Jan 2025 09:48:33 +0000
ROA not before: Wed 01 Jan 2025 09:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60458
IP address blocks: 185.144.52.0/24 maxlen: 24
185.144.53.0/24 maxlen: 24
185.144.54.0/24 maxlen: 24
185.144.55.0/24 maxlen: 24
185.164.100.0/22 maxlen: 22
185.254.24.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/1e9958-9ff2-4123-9b5f-a2ef90c9e913/1/w1VyK06KSCQKzfXzN4OKogaqAto.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/1e9958-9ff2-4123-9b5f-a2ef90c9e913/1/w1VyK06KSCQKzfXzN4OKogaqAto.mft
rsync://rpki.ripe.net/repository/DEFAULT/w1VyK06KSCQKzfXzN4OKogaqAto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:53:87:95:48:32:33:fc:cd:5c:a9:1d:2c:a8:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c355722b4e8a48240acdf5f337838aa206aa02da
Validity
Not Before: Jan 1 09:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b242b7e86a1239d4749629002c28dbbae90a4880
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8c:e1:fe:99:76:0d:18:2a:ff:cf:18:6e:cc:
61:ef:55:63:1a:3f:55:ba:cb:81:72:64:88:dc:26:
79:d3:62:3d:1a:4a:54:f5:2f:be:9c:66:8f:33:0b:
c2:5d:58:9d:b2:b2:be:8b:2e:74:01:fd:e1:8b:56:
23:fc:b0:f7:2f:a8:fb:d6:6d:ca:e6:33:10:ec:c4:
68:d7:13:53:90:ec:76:87:9d:01:df:7e:bc:c6:51:
92:c8:72:ff:18:4b:c9:6c:c6:3b:0c:c6:fb:83:6e:
8f:89:76:2f:a2:7a:79:b9:07:78:b3:70:be:73:d2:
11:3d:d8:fa:a1:c3:49:32:2b:9e:ee:5e:b2:7c:30:
ea:08:03:1e:96:34:c3:41:30:e4:f7:0b:08:fa:49:
4d:9a:d3:bd:d1:70:b0:b8:f0:31:fb:d6:5c:c7:33:
95:a7:1c:12:70:3f:8c:8b:5d:ae:99:f4:39:5b:17:
d0:40:8f:a4:fb:69:21:e2:95:b3:2e:39:97:13:94:
22:07:95:6b:5e:ea:fe:db:b8:8d:8e:84:f5:b9:19:
40:29:08:9c:69:73:1c:b6:53:0c:96:37:ae:8f:2c:
01:8a:85:02:c4:dc:75:99:1e:c4:d8:f7:76:66:c1:
db:4f:a7:4a:74:40:62:b5:bb:b0:9c:c0:36:65:e4:
ea:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:42:B7:E8:6A:12:39:D4:74:96:29:00:2C:28:DB:BA:E9:0A:48:80
X509v3 Authority Key Identifier:
keyid:C3:55:72:2B:4E:8A:48:24:0A:CD:F5:F3:37:83:8A:A2:06:AA:02:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w1VyK06KSCQKzfXzN4OKogaqAto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/1e9958-9ff2-4123-9b5f-a2ef90c9e913/1/skK36GoSOdR0likALCjbuukKSIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/1e9958-9ff2-4123-9b5f-a2ef90c9e913/1/w1VyK06KSCQKzfXzN4OKogaqAto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.52.0/22
185.164.100.0/22
185.254.24.0/22
Signature Algorithm: sha256WithRSAEncryption
58:a6:01:e9:bb:96:63:68:81:75:ed:71:c7:ff:10:a0:02:a4:
55:e7:f6:03:b1:1a:a3:d6:6a:57:21:76:fc:3b:bc:16:75:1d:
cf:8e:92:2c:f0:65:4d:13:ba:6d:1c:33:8f:eb:fc:ff:29:0d:
2f:c9:93:d6:85:46:62:05:17:ea:77:39:f1:2f:17:59:4a:aa:
37:bf:50:95:72:d5:28:cd:5c:c7:53:97:08:3c:31:ad:70:36:
0a:ed:34:8a:24:d1:1e:0f:c0:a5:81:28:aa:cd:4e:ab:16:fc:
51:cf:c7:74:e4:a9:21:55:39:42:7e:b2:aa:6a:32:db:3c:ad:
f4:e5:88:5d:14:ad:08:71:53:fd:b6:89:e4:92:a4:f0:99:04:
8e:12:70:f4:3a:97:7b:33:ca:35:2d:43:26:93:50:31:d2:5a:
54:3d:4b:8b:17:b1:a7:e8:2e:f6:5a:c8:d8:73:7f:43:1e:f1:
f6:fc:52:0a:c4:49:73:e8:f6:7c:d6:76:53:f9:bd:1c:ca:55:
fc:db:f0:2d:b4:7a:08:51:3f:a8:e6:4f:16:73:c3:5b:8a:ef:
27:10:1b:37:75:5f:7b:df:46:b1:6d:8d:f2:5c:ef:fb:f6:c3:
c6:64:23:bf:0a:11:c4:ed:46:7a:d2:63:88:a0:c2:d6:35:94:
20:eb:55:ee
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhRFOHlUgyM/zNXKkdLKjcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNTU3MjJiNGU4YTQ4MjQwYWNkZjVmMzM3ODM4YWEyMDZh
YTAyZGEwHhcNMjUwMTAxMDk0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjQyYjdlODZhMTIzOWQ0NzQ5NjI5MDAyYzI4ZGJiYWU5MGE0ODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Yzh/pl2DRgq/88Ybsxh71VjGj9V
usuBcmSI3CZ502I9GkpU9S++nGaPMwvCXVidsrK+iy50Af3hi1Yj/LD3L6j71m3K
5jMQ7MRo1xNTkOx2h50B3368xlGSyHL/GEvJbMY7DMb7g26PiXYvonp5uQd4s3C+
c9IRPdj6ocNJMiue7l6yfDDqCAMeljTDQTDk9wsI+klNmtO90XCwuPAx+9ZcxzOV
pxwScD+Mi12umfQ5WxfQQI+k+2kh4pWzLjmXE5QiB5VrXur+27iNjoT1uRlAKQic
aXMctlMMljeujywBioUCxNx1mR7E2Pd2ZsHbT6dKdEBitbuwnMA2ZeTqGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLJCt+hqEjnUdJYpACwo27rpCkiAMB8GA1UdIwQY
MBaAFMNVcitOikgkCs318zeDiqIGqgLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzFWeUswNktTQ1FLemZYek40T0tvZ2FxQXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xZTk5NTgtOWZmMi00MTIzLTliNWYt
YTJlZjkwYzllOTEzLzEvc2tLMzZHb1NPZFIwbGlrQUxDamJ1dWtLU0lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xZTk5NTgtOWZmMi00MTIzLTliNWYtYTJlZjkwYzllOTEz
LzEvdzFWeUswNktTQ1FLemZYek40T0tvZ2FxQXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuZA0AwQC
uaRkAwQCuf4YMA0GCSqGSIb3DQEBCwUAA4IBAQBYpgHpu5ZjaIF17XHH/xCgAqRV
5/YDsRqj1mpXIXb8O7wWdR3PjpIs8GVNE7ptHDOP6/z/KQ0vyZPWhUZiBRfqdznx
LxdZSqo3v1CVctUozVzHU5cIPDGtcDYK7TSKJNEeD8ClgSiqzU6rFvxRz8d05Kkh
VTlCfrKqajLbPK305YhdFK0IcVP9tonkkqTwmQSOEnD0Opd7M8o1LUMmk1Ax0lpU
PUuLF7Gn6C72WsjYc39DHvH2/FIKxElz6PZ81nZT+b0cylX82/AttHoIUT+o5k8W
c8Nbiu8nEBs3dV9730axbY3yXO/79sPGZCO/ChHE7UZ60mOIoMLWNZQg61Xu
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:48 2025 by rpki-client