Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e80231-53b8-4225-8523-947de3868cd5/1/YI8wZlD-HEfeT6xqGwFmZ1QdD6k.roa
File: YI8wZlD-HEfeT6xqGwFmZ1QdD6k.roa (raw, json)
Hash identifier: w7eB/hHlmGKQgAjYLk+eJl1NQTaGD79bb/QVrN64Cf4=
Subject key identifier: 60:8F:30:66:50:FE:1C:47:DE:4F:AC:6A:1B:01:66:67:54:1D:0F:A9
Certificate issuer: /CN=d78ac174e852b71c31163ec1d8649fff6b07ba79
Certificate serial: 0194258EF8BBBBCFB6E8E7379BB846CFE8FB
Authority key identifier: D7:8A:C1:74:E8:52:B7:1C:31:16:3E:C1:D8:64:9F:FF:6B:07:BA:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/14rBdOhStxwxFj7B2GSf_2sHunk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e80231-53b8-4225-8523-947de3868cd5/1/YI8wZlD-HEfeT6xqGwFmZ1QdD6k.roa
Signing time: Thu 02 Jan 2025 05:48:34 +0000
ROA not before: Thu 02 Jan 2025 05:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8822
IP address blocks: 185.104.117.0/24 maxlen: 24
195.182.224.0/19 maxlen: 19
195.182.224.0/24 maxlen: 24
195.182.225.0/24 maxlen: 24
195.182.226.0/24 maxlen: 24
2a0f:4c00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/e80231-53b8-4225-8523-947de3868cd5/1/14rBdOhStxwxFj7B2GSf_2sHunk.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/e80231-53b8-4225-8523-947de3868cd5/1/14rBdOhStxwxFj7B2GSf_2sHunk.mft
rsync://rpki.ripe.net/repository/DEFAULT/14rBdOhStxwxFj7B2GSf_2sHunk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:f8:bb:bb:cf:b6:e8:e7:37:9b:b8:46:cf:e8:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d78ac174e852b71c31163ec1d8649fff6b07ba79
Validity
Not Before: Jan 2 05:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=608f306650fe1c47de4fac6a1b016667541d0fa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:03:25:5f:56:5e:1b:cc:27:73:41:c7:dc:ac:
f0:25:fb:4d:7c:a5:38:5d:ee:20:6a:9f:82:93:5a:
91:b1:74:66:07:62:24:f6:45:f1:f3:50:54:ed:2a:
36:99:12:2a:f0:7a:2b:22:d5:c2:e1:90:98:4d:3e:
f2:55:2d:73:ba:3b:55:d8:de:cd:42:17:54:00:36:
7c:fe:85:22:4a:52:2d:9e:3d:ab:1c:db:2a:77:51:
83:23:c3:fe:55:3e:bb:e4:d1:ac:89:9f:95:d3:10:
1d:2d:67:83:d9:03:af:cc:de:2a:df:c8:c5:38:a3:
17:ee:a3:8e:d2:bd:80:6b:ba:c8:d1:84:f5:65:40:
87:1e:93:0a:c3:99:c1:29:40:80:7d:e4:a3:a1:a4:
05:96:b9:7e:75:9a:e6:c3:b8:67:8a:bc:2f:22:b8:
f4:58:70:47:e2:0f:90:79:6d:88:4e:42:10:21:2b:
d0:80:79:a8:d6:8a:c2:e5:a8:26:7a:06:5c:4f:c5:
0c:d0:f8:ac:46:bd:55:73:d4:c4:b4:d4:06:a1:d3:
e2:78:61:4b:f4:f0:17:6b:7e:48:69:25:a8:e7:8d:
94:e8:01:d5:d7:c2:98:2a:44:4d:d4:c7:60:e5:4c:
10:e0:59:e1:e6:7c:be:7c:c9:ef:c4:a2:b0:2e:cf:
de:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:8F:30:66:50:FE:1C:47:DE:4F:AC:6A:1B:01:66:67:54:1D:0F:A9
X509v3 Authority Key Identifier:
keyid:D7:8A:C1:74:E8:52:B7:1C:31:16:3E:C1:D8:64:9F:FF:6B:07:BA:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/14rBdOhStxwxFj7B2GSf_2sHunk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e80231-53b8-4225-8523-947de3868cd5/1/YI8wZlD-HEfeT6xqGwFmZ1QdD6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e80231-53b8-4225-8523-947de3868cd5/1/14rBdOhStxwxFj7B2GSf_2sHunk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.117.0/24
195.182.224.0/19
IPv6:
2a0f:4c00::/29
Signature Algorithm: sha256WithRSAEncryption
69:a4:fc:e0:21:a9:79:33:7d:d3:2d:b8:70:0b:91:b9:12:7f:
cd:06:34:cd:33:46:29:a5:a1:76:c7:a2:a6:4d:f1:f9:87:ee:
68:32:f1:5d:1a:9d:ad:74:21:17:cf:f6:2d:f4:3d:73:cc:53:
67:d5:73:67:40:66:87:83:c6:4d:99:26:71:b2:74:5a:0b:d0:
83:4d:26:6c:fc:df:50:43:4e:86:00:12:b8:55:e1:d1:2c:1e:
fd:1a:a0:68:84:90:c2:3e:f5:55:5c:36:6d:a9:b9:4b:5a:4e:
c0:c8:fc:6e:87:2e:a0:a2:a7:d4:e2:ed:87:cc:bf:2b:56:b5:
2d:a4:75:e4:88:a7:4c:4d:04:3e:80:0e:44:3a:00:14:39:9d:
02:d6:f3:3d:30:93:8e:40:36:25:04:cf:81:0c:a4:ad:e4:2f:
f9:ca:7b:48:9e:69:33:a7:6c:c7:80:fe:bc:7c:e9:65:e3:47:
16:4b:0e:e3:8d:9f:62:b4:4c:c5:73:70:96:93:52:96:79:29:
14:9a:24:0a:ea:aa:6b:4c:2e:c9:54:0c:d0:8a:3c:ec:cb:37:
04:a5:62:1c:ac:a0:b7:b7:f2:db:7e:1a:a6:d4:d3:36:24:21:
4f:ee:90:0b:ac:3d:99:ee:f8:27:40:78:9d:8e:39:4f:04:e0:
d1:dd:36:1e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQljvi7u8+26Oc3m7hGz+j7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OGFjMTc0ZTg1MmI3MWMzMTE2M2VjMWQ4NjQ5ZmZmNmIw
N2JhNzkwHhcNMjUwMTAyMDU0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDhmMzA2NjUwZmUxYzQ3ZGU0ZmFjNmExYjAxNjY2NzU0MWQwZmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AMlX1ZeG8wnc0HH3KzwJftNfKU4
Xe4gap+Ck1qRsXRmB2Ik9kXx81BU7So2mRIq8HorItXC4ZCYTT7yVS1zujtV2N7N
QhdUADZ8/oUiSlItnj2rHNsqd1GDI8P+VT675NGsiZ+V0xAdLWeD2QOvzN4q38jF
OKMX7qOO0r2Aa7rI0YT1ZUCHHpMKw5nBKUCAfeSjoaQFlrl+dZrmw7hnirwvIrj0
WHBH4g+QeW2ITkIQISvQgHmo1orC5agmegZcT8UM0PisRr1Vc9TEtNQGodPieGFL
9PAXa35IaSWo542U6AHV18KYKkRN1Mdg5UwQ4Fnh5ny+fMnvxKKwLs/egQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGCPMGZQ/hxH3k+sahsBZmdUHQ+pMB8GA1UdIwQY
MBaAFNeKwXToUrccMRY+wdhkn/9rB7p5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTRyQmRPaFN0eHd4Rmo3QjJHU2ZfMnNIdW5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lODAyMzEtNTNiOC00MjI1LTg1MjMt
OTQ3ZGUzODY4Y2Q1LzEvWUk4d1psRC1IRWZlVDZ4cUd3Rm1aMVFkRDZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lODAyMzEtNTNiOC00MjI1LTg1MjMtOTQ3ZGUzODY4Y2Q1
LzEvMTRyQmRPaFN0eHd4Rmo3QjJHU2ZfMnNIdW5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuWh1AwQF
w7bgMA0EAgACMAcDBQMqD0wAMA0GCSqGSIb3DQEBCwUAA4IBAQBppPzgIal5M33T
LbhwC5G5En/NBjTNM0YppaF2x6KmTfH5h+5oMvFdGp2tdCEXz/Yt9D1zzFNn1XNn
QGaHg8ZNmSZxsnRaC9CDTSZs/N9QQ06GABK4VeHRLB79GqBohJDCPvVVXDZtqblL
Wk7AyPxuhy6goqfU4u2HzL8rVrUtpHXkiKdMTQQ+gA5EOgAUOZ0C1vM9MJOOQDYl
BM+BDKSt5C/5yntInmkzp2zHgP68fOll40cWSw7jjZ9itEzFc3CWk1KWeSkUmiQK
6qprTC7JVAzQijzsyzcEpWIcrKC3t/Lbfhqm1NM2JCFP7pALrD2Z7vgnQHidjjlP
BODR3TYe
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:13:15 2025 by rpki-client