Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/eI4nGLFKQMif8ALIzDhdkmhDV0E.roa
File: eI4nGLFKQMif8ALIzDhdkmhDV0E.roa (raw, json)
Hash identifier: df6kkNJrgjFd0DQlTWP9w+DoRyo6W194IJI/OIQe5a0=
Subject key identifier: 78:8E:27:18:B1:4A:40:C8:9F:F0:02:C8:CC:38:5D:92:68:43:57:41
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019420D5DFA027242A4C747BFBA69E3399C0
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/eI4nGLFKQMif8ALIzDhdkmhDV0E.roa
Signing time: Wed 01 Jan 2025 07:47:54 +0000
ROA not before: Wed 01 Jan 2025 07:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215074
IP address blocks: 85.8.184.0/24 maxlen: 24
85.202.164.0/24 maxlen: 24
91.191.180.0/24 maxlen: 24
185.147.36.0/24 maxlen: 24
185.189.252.0/24 maxlen: 24
185.189.253.0/24 maxlen: 24
185.193.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:df:a0:27:24:2a:4c:74:7b:fb:a6:9e:33:99:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 07:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=788e2718b14a40c89ff002c8cc385d9268435741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8a:8e:9b:39:8c:5c:ba:9e:f8:0b:78:c9:2b:
d9:16:f9:a0:df:4a:1b:b3:42:aa:ff:a9:b2:27:1f:
ca:11:49:96:11:9b:95:5d:62:9b:81:86:ad:1c:fa:
d4:69:94:85:65:a1:05:0d:0e:97:34:14:11:ac:79:
75:8e:8d:12:c7:69:d5:6b:2f:89:83:99:91:1d:94:
94:49:98:dc:49:04:7d:7c:40:0e:fe:31:8a:3c:6c:
03:42:45:3f:62:10:ec:ba:59:6e:69:9a:68:f5:6f:
b0:f4:96:c2:35:44:32:f8:41:bf:ff:ee:97:cc:fe:
84:a7:b5:b3:ae:21:22:af:b9:09:40:c6:34:93:54:
23:19:ed:c4:56:a3:89:0a:a1:2e:a8:9a:88:7f:e3:
e4:0e:83:15:28:e6:2d:f0:e2:99:03:69:5f:5d:a8:
c8:45:52:10:00:4d:19:56:f9:bf:e1:19:4a:fc:fd:
70:84:0d:cc:56:fb:12:78:8d:7f:78:5a:81:4d:a7:
2e:a6:bb:dd:2a:95:2e:82:f9:5b:1c:71:48:81:ad:
09:dc:b8:1c:98:31:84:be:16:89:15:a2:9c:a1:01:
54:5f:13:de:18:c5:df:d1:9e:69:9a:34:2a:71:88:
02:42:ee:2c:6c:21:3a:59:1c:e7:bd:66:74:e5:a1:
22:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:8E:27:18:B1:4A:40:C8:9F:F0:02:C8:CC:38:5D:92:68:43:57:41
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/eI4nGLFKQMif8ALIzDhdkmhDV0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.184.0/24
85.202.164.0/24
91.191.180.0/24
185.147.36.0/24
185.189.252.0/23
185.193.140.0/24
Signature Algorithm: sha256WithRSAEncryption
01:2a:f3:b0:8c:0e:cc:08:67:6f:47:55:8c:3d:7c:de:a6:33:
72:cf:fd:30:ab:32:29:69:53:98:70:23:e7:42:64:16:71:c8:
50:3e:e8:c5:03:c4:9b:d5:7e:0e:98:c4:94:d4:db:54:a1:f3:
93:3f:75:ef:a9:5d:2f:1c:8c:0f:ff:91:e4:8b:ba:d6:3f:4f:
0e:bd:b9:30:05:36:5a:0b:35:75:f1:74:4b:0e:0b:70:69:49:
57:83:2d:d4:ed:2c:a9:e4:1f:90:9d:9b:2d:81:75:1b:6e:90:
64:91:f6:36:5f:cc:f1:43:f2:45:5e:85:19:c6:fc:d3:a2:db:
33:5a:35:6c:f8:1a:08:34:06:99:0d:1c:01:8e:f8:c5:b9:78:
d8:37:61:8c:9d:d8:6d:46:b8:f9:1c:a4:5c:5f:2f:b5:27:db:
c1:57:79:dc:f6:1c:5b:57:ec:57:2b:eb:b3:94:0b:b7:09:f3:
45:a1:d7:11:1b:a7:f7:ae:75:ce:a6:e4:87:1f:93:a2:a0:cf:
29:2f:25:1a:e4:66:75:90:f0:6e:fe:ec:fc:65:95:95:13:73:
b9:9d:d4:76:5b:4c:9e:ce:1f:79:ed:4e:04:0a:15:81:4f:50:
66:6c:97:c3:6a:47:8b:59:5b:03:9a:a0:38:c2:91:d5:5f:a6:
50:00:f1:8f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQg1d+gJyQqTHR7+6aeM5nAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwMTAxMDc0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODhlMjcxOGIxNGE0MGM4OWZmMDAyYzhjYzM4NWQ5MjY4NDM1NzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIqOmzmMXLqe+At4ySvZFvmg30ob
s0Kq/6myJx/KEUmWEZuVXWKbgYatHPrUaZSFZaEFDQ6XNBQRrHl1jo0Sx2nVay+J
g5mRHZSUSZjcSQR9fEAO/jGKPGwDQkU/YhDsulluaZpo9W+w9JbCNUQy+EG//+6X
zP6Ep7WzriEir7kJQMY0k1QjGe3EVqOJCqEuqJqIf+PkDoMVKOYt8OKZA2lfXajI
RVIQAE0ZVvm/4RlK/P1whA3MVvsSeI1/eFqBTacuprvdKpUugvlbHHFIga0J3Lgc
mDGEvhaJFaKcoQFUXxPeGMXf0Z5pmjQqcYgCQu4sbCE6WRznvWZ05aEivwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHiOJxixSkDIn/ACyMw4XZJoQ1dBMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvZUk0bkdMRktRTWlmOEFMSXpEaGRrbWhEVjBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVQi4AwQA
VcqkAwQAW7+0AwQAuZMkAwQBub38AwQAucGMMA0GCSqGSIb3DQEBCwUAA4IBAQAB
KvOwjA7MCGdvR1WMPXzepjNyz/0wqzIpaVOYcCPnQmQWcchQPujFA8Sb1X4OmMSU
1NtUofOTP3XvqV0vHIwP/5Hki7rWP08OvbkwBTZaCzV18XRLDgtwaUlXgy3U7Syp
5B+QnZstgXUbbpBkkfY2X8zxQ/JFXoUZxvzTotszWjVs+BoINAaZDRwBjvjFuXjY
N2GMndhtRrj5HKRcXy+1J9vBV3nc9hxbV+xXK+uzlAu3CfNFodcRG6f3rnXOpuSH
H5OioM8pLyUa5GZ1kPBu/uz8ZZWVE3O5ndR2W0yezh957U4EChWBT1BmbJfDakeL
WVsDmqA4wpHVX6ZQAPGP
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:58:09 2025 by rpki-client