Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/0SGERXpsIldifCTWUfwaAPLWZj8.roa
File: 0SGERXpsIldifCTWUfwaAPLWZj8.roa (raw, json)
Hash identifier: Wl6639BT2YEzAcDZ1BBEKA7sfTmRzgLCKdjibP72VaE=
Subject key identifier: D1:21:84:45:7A:6C:22:57:62:7C:24:D6:51:FC:1A:00:F2:D6:66:3F
Certificate issuer: /CN=33339e64a58514c9b091e9b2e68e29371e43e3df
Certificate serial: 01942747D42BCF00ED0E5A0F0204E0A595D1
Authority key identifier: 33:33:9E:64:A5:85:14:C9:B0:91:E9:B2:E6:8E:29:37:1E:43:E3:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzOeZKWFFMmwkemy5o4pNx5D498.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/0SGERXpsIldifCTWUfwaAPLWZj8.roa
Signing time: Thu 02 Jan 2025 13:50:06 +0000
ROA not before: Thu 02 Jan 2025 13:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206077
IP address blocks: 185.196.252.0/22 maxlen: 22
185.196.252.0/23 maxlen: 23
185.196.252.0/24 maxlen: 24
185.196.253.0/24 maxlen: 24
185.196.254.0/23 maxlen: 23
185.196.254.0/24 maxlen: 24
185.196.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.mft
rsync://rpki.ripe.net/repository/DEFAULT/MzOeZKWFFMmwkemy5o4pNx5D498.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 10:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:d4:2b:cf:00:ed:0e:5a:0f:02:04:e0:a5:95:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33339e64a58514c9b091e9b2e68e29371e43e3df
Validity
Not Before: Jan 2 13:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d12184457a6c2257627c24d651fc1a00f2d6663f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:74:52:a1:43:8b:e1:c6:2e:72:04:de:31:c1:
2b:5f:1b:a0:32:56:f5:fc:da:04:92:f3:ce:94:af:
f7:66:11:1d:57:e1:07:90:bd:22:48:ec:bd:45:a9:
be:b5:6a:77:f2:6a:4d:aa:67:bc:75:75:a9:f8:0e:
93:fb:bd:9a:78:5b:d3:89:0d:d9:02:ab:69:cf:89:
fd:b6:e3:a8:35:1e:ce:4f:00:34:dd:0c:22:2a:af:
ad:78:62:65:ba:db:b8:e4:fa:96:b4:2c:b8:56:57:
e5:a3:c5:a7:19:84:71:f7:33:b1:1e:ff:4f:4d:98:
dd:0b:fc:bf:3e:58:8a:41:69:15:dc:d5:bc:6c:5b:
46:f4:c8:3c:04:18:f0:f3:52:ef:97:a7:52:d7:18:
b4:66:f8:d1:66:00:e1:7b:99:af:ab:e5:f8:33:c3:
05:47:d1:a4:d3:67:00:ca:1f:f9:80:ec:96:43:52:
0f:41:e5:f1:68:c9:76:9e:0b:78:dd:49:31:78:13:
9e:89:17:60:06:ae:b9:8e:2a:12:ee:e7:12:cd:bf:
42:6f:47:1f:36:31:f5:a2:af:4c:e2:1f:34:47:df:
ca:2c:60:26:bf:0b:3c:fc:6e:ae:14:e2:51:77:19:
1c:20:f6:1e:3b:2b:d9:d5:dd:b0:05:56:a8:54:5e:
5c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:21:84:45:7A:6C:22:57:62:7C:24:D6:51:FC:1A:00:F2:D6:66:3F
X509v3 Authority Key Identifier:
keyid:33:33:9E:64:A5:85:14:C9:B0:91:E9:B2:E6:8E:29:37:1E:43:E3:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzOeZKWFFMmwkemy5o4pNx5D498.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/0SGERXpsIldifCTWUfwaAPLWZj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.252.0/22
Signature Algorithm: sha256WithRSAEncryption
66:ce:9a:49:a8:d9:56:8c:e3:57:af:65:e6:ef:4d:e7:6b:8a:
ac:bf:e5:ac:64:3b:fa:82:b1:a9:36:90:9b:a1:42:b5:e4:1a:
e8:da:bc:42:7a:31:76:e1:65:fb:d5:09:42:3b:81:97:30:cd:
e8:fe:81:61:a2:08:5e:8e:3d:16:7e:5a:5f:35:3d:02:2d:20:
24:14:0e:fd:9b:89:bc:4b:b2:ee:07:91:f3:c4:1e:f4:90:98:
ce:12:d7:bc:19:89:e1:9a:c9:d9:eb:2d:b2:ea:13:ba:13:e1:
84:30:8b:1c:dc:06:52:2b:1e:24:25:5b:04:79:2a:27:bb:18:
85:f8:e2:bb:20:f1:22:1d:2c:ae:35:4f:99:ed:9b:13:c2:7d:
79:65:44:0d:c9:7b:61:fe:bf:c6:e0:27:84:6e:48:55:cc:e3:
62:11:d5:fc:f2:a0:4c:53:54:18:c2:a7:6e:04:b8:9a:bf:2c:
f5:43:16:71:0d:11:c8:e5:4d:47:19:1e:07:25:6c:af:2e:3c:
b7:39:89:48:b4:a7:1c:f7:5d:93:a0:82:80:ea:c5:8c:ba:84:
69:d7:2d:04:bc:a4:8f:15:01:30:fd:64:fc:b2:b5:92:dd:0c:
c7:ec:0a:c9:f4:81:be:ed:58:7c:bc:16:5d:5b:62:e6:49:bc:
be:5b:a4:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR9QrzwDtDloPAgTgpZXRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMzM5ZTY0YTU4NTE0YzliMDkxZTliMmU2OGUyOTM3MWU0
M2UzZGYwHhcNMjUwMTAyMTM1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTIxODQ0NTdhNmMyMjU3NjI3YzI0ZDY1MWZjMWEwMGYyZDY2NjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnRSoUOL4cYucgTeMcErXxugMlb1
/NoEkvPOlK/3ZhEdV+EHkL0iSOy9Ram+tWp38mpNqme8dXWp+A6T+72aeFvTiQ3Z
Aqtpz4n9tuOoNR7OTwA03QwiKq+teGJlutu45PqWtCy4Vlflo8WnGYRx9zOxHv9P
TZjdC/y/PliKQWkV3NW8bFtG9Mg8BBjw81Lvl6dS1xi0ZvjRZgDhe5mvq+X4M8MF
R9Gk02cAyh/5gOyWQ1IPQeXxaMl2ngt43UkxeBOeiRdgBq65jioS7ucSzb9Cb0cf
NjH1oq9M4h80R9/KLGAmvws8/G6uFOJRdxkcIPYeOyvZ1d2wBVaoVF5csQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNEhhEV6bCJXYnwk1lH8GgDy1mY/MB8GA1UdIwQY
MBaAFDMznmSlhRTJsJHpsuaOKTceQ+PfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXpPZVpLV0ZGTW13a2VteTVvNHBOeDVENDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jZDUwNGEtMDE4OS00NTU0LWI1MDEt
NjM5ZGM0ZDVmMzcwLzEvMFNHRVJYcHNJbGRpZkNUV1Vmd2FBUExXWmo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jZDUwNGEtMDE4OS00NTU0LWI1MDEtNjM5ZGM0ZDVmMzcw
LzEvTXpPZVpLV0ZGTW13a2VteTVvNHBOeDVENDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucT8MA0G
CSqGSIb3DQEBCwUAA4IBAQBmzppJqNlWjONXr2Xm703na4qsv+WsZDv6grGpNpCb
oUK15Bro2rxCejF24WX71QlCO4GXMM3o/oFhoghejj0WflpfNT0CLSAkFA79m4m8
S7LuB5HzxB70kJjOEte8GYnhmsnZ6y2y6hO6E+GEMIsc3AZSKx4kJVsEeSonuxiF
+OK7IPEiHSyuNU+Z7ZsTwn15ZUQNyXth/r/G4CeEbkhVzONiEdX88qBMU1QYwqdu
BLiavyz1QxZxDRHI5U1HGR4HJWyvLjy3OYlItKcc912ToIKA6sWMuoRp1y0EvKSP
FQEw/WT8srWS3QzH7ArJ9IG+7Vh8vBZdW2LmSby+W6Sb
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:26:44 2025 by rpki-client