Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/27S3B5bkAeUPZSviGFBqae_GVrs.roa
File: 27S3B5bkAeUPZSviGFBqae_GVrs.roa (raw, json)
Hash identifier: FtgrK78yXbLaYRYFQW7eCsdPhCoXPRCor2OEixezj40=
Subject key identifier: DB:B4:B7:07:96:E4:01:E5:0F:65:2B:E2:18:50:6A:69:EF:C6:56:BB
Certificate issuer: /CN=d833bfa014b9192f2700acaf6f279dbef8a0aff2
Certificate serial: 01942143E3C1B1F9E8D603310D1467CC9984
Authority key identifier: D8:33:BF:A0:14:B9:19:2F:27:00:AC:AF:6F:27:9D:BE:F8:A0:AF:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DO_oBS5GS8nAKyvbyedvvigr_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/27S3B5bkAeUPZSviGFBqae_GVrs.roa
Signing time: Wed 01 Jan 2025 09:48:04 +0000
ROA not before: Wed 01 Jan 2025 09:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8943
IP address blocks: 185.73.44.0/22 maxlen: 22
194.33.11.0/24 maxlen: 24
194.153.169.0/24 maxlen: 24
212.13.192.0/19 maxlen: 19
2001:ba8::/32 maxlen: 32
2001:baa::/32 maxlen: 32
2001:baf::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/2DO_oBS5GS8nAKyvbyedvvigr_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/2DO_oBS5GS8nAKyvbyedvvigr_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/2DO_oBS5GS8nAKyvbyedvvigr_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:e3:c1:b1:f9:e8:d6:03:31:0d:14:67:cc:99:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d833bfa014b9192f2700acaf6f279dbef8a0aff2
Validity
Not Before: Jan 1 09:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dbb4b70796e401e50f652be218506a69efc656bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:50:5e:f7:16:c9:83:58:2b:1e:f0:97:30:72:
d8:ad:5a:6f:77:b5:f7:f7:9d:89:80:10:03:ef:08:
9e:38:26:05:d2:7a:05:0c:12:45:1e:06:6e:b1:b3:
ff:d9:6f:dc:b8:fe:f7:99:53:df:2b:30:1c:6c:36:
e5:c9:d8:78:ff:16:94:66:b4:93:01:48:53:d0:3b:
72:57:7d:7e:da:56:94:98:f4:03:98:ed:2b:34:94:
85:0f:28:85:f4:2d:c3:40:84:ef:50:64:a0:43:94:
41:54:29:77:38:6a:14:d3:b6:3f:7e:38:81:9b:cd:
99:83:52:48:6a:26:35:d8:89:39:4d:94:3e:b8:5a:
11:7f:af:8a:20:37:ea:c7:92:fa:f4:d3:45:3d:66:
1e:7e:1f:7b:b2:f5:bf:c1:51:3a:db:f4:72:10:5e:
ca:d1:6e:ab:5a:0e:06:99:34:a1:76:dc:f2:d0:c9:
0a:53:1e:f0:5a:af:39:58:6e:2d:6b:a6:77:b2:9c:
f5:4a:61:51:fd:58:ee:ac:13:e6:7f:24:b7:a3:9e:
12:a9:2e:db:fa:c6:1d:5d:23:55:89:f6:d8:b5:60:
02:18:2c:c1:64:1d:85:d3:99:74:c6:40:ab:f6:9e:
4e:dc:24:8f:9b:b5:e7:c2:70:7c:15:5e:be:03:a9:
43:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:B4:B7:07:96:E4:01:E5:0F:65:2B:E2:18:50:6A:69:EF:C6:56:BB
X509v3 Authority Key Identifier:
keyid:D8:33:BF:A0:14:B9:19:2F:27:00:AC:AF:6F:27:9D:BE:F8:A0:AF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DO_oBS5GS8nAKyvbyedvvigr_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/27S3B5bkAeUPZSviGFBqae_GVrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/2DO_oBS5GS8nAKyvbyedvvigr_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.44.0/22
194.33.11.0/24
194.153.169.0/24
212.13.192.0/19
IPv6:
2001:ba8::/32
2001:baa::/32
2001:baf::/32
Signature Algorithm: sha256WithRSAEncryption
a0:4a:5d:12:9c:6f:30:96:2c:e4:35:64:0c:ee:df:ef:bb:b9:
13:54:25:07:9d:32:37:40:c4:85:04:21:f8:44:a9:51:c4:c3:
45:df:12:7e:a8:aa:c3:ac:73:9c:e0:64:73:ad:5c:f6:02:7a:
3f:56:b1:1b:0a:f0:75:32:e3:b3:99:18:8e:41:8f:90:ee:f5:
a5:c9:e9:98:d8:7c:ec:82:a5:08:af:5c:8a:b3:81:fe:61:5b:
a7:c0:9e:a1:d6:e6:62:21:fb:b6:f8:0e:98:3c:b6:6a:ad:6a:
f9:a0:08:12:28:90:e6:30:73:f3:4f:98:60:79:89:9f:49:cb:
d1:9c:66:9a:75:d6:51:c5:62:4b:42:8d:12:8f:6a:90:c9:2f:
28:7c:7f:c2:3d:75:c9:1b:56:fa:2d:7a:ac:c8:47:87:da:cc:
93:b6:0a:a1:91:e6:31:cb:c8:37:29:71:63:a4:04:54:a9:19:
8e:0d:4a:91:83:2c:07:6b:9c:a5:47:82:97:be:50:dd:fc:6c:
cc:f2:b5:f9:ef:c9:b8:13:b4:a4:a4:62:c5:40:87:28:75:b6:
4e:43:b2:97:e0:a5:62:41:d9:0b:5c:72:b3:82:34:65:2d:73:
e5:c4:c2:49:df:82:d5:ca:8f:f2:8b:e1:a3:8b:d9:3c:35:d5:
43:a6:1d:a6
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQhQ+PBsfno1gMxDRRnzJmEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzNiZmEwMTRiOTE5MmYyNzAwYWNhZjZmMjc5ZGJlZjhh
MGFmZjIwHhcNMjUwMTAxMDk0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmI0YjcwNzk2ZTQwMWU1MGY2NTJiZTIxODUwNmE2OWVmYzY1NmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlBe9xbJg1grHvCXMHLYrVpvd7X3
952JgBAD7wieOCYF0noFDBJFHgZusbP/2W/cuP73mVPfKzAcbDblydh4/xaUZrST
AUhT0DtyV31+2laUmPQDmO0rNJSFDyiF9C3DQITvUGSgQ5RBVCl3OGoU07Y/fjiB
m82Zg1JIaiY12Ik5TZQ+uFoRf6+KIDfqx5L69NNFPWYefh97svW/wVE62/RyEF7K
0W6rWg4GmTShdtzy0MkKUx7wWq85WG4ta6Z3spz1SmFR/VjurBPmfyS3o54SqS7b
+sYdXSNVifbYtWACGCzBZB2F05l0xkCr9p5O3CSPm7XnwnB8FV6+A6lDiQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFNu0tweW5AHlD2Ur4hhQamnvxla7MB8GA1UdIwQY
MBaAFNgzv6AUuRkvJwCsr28nnb74oK/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRPX29CUzVHUzhuQUt5dmJ5ZWR2dmlncl9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi80MTE2OTYtOTNiZS00NmJhLThlOTEt
NWMwMTdiZDQzNjYzLzEvMjdTM0I1YmtBZVVQWlN2aUdGQnFhZV9HVnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi80MTE2OTYtOTNiZS00NmJhLThlOTEtNWMwMTdiZDQzNjYz
LzEvMkRPX29CUzVHUzhuQUt5dmJ5ZWR2dmlncl9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQCuUksAwQA
wiELAwQAwpmpAwQF1A3AMBsEAgACMBUDBQAgAQuoAwUAIAELqgMFACABC68wDQYJ
KoZIhvcNAQELBQADggEBAKBKXRKcbzCWLOQ1ZAzu3++7uRNUJQedMjdAxIUEIfhE
qVHEw0XfEn6oqsOsc5zgZHOtXPYCej9WsRsK8HUy47OZGI5Bj5Du9aXJ6ZjYfOyC
pQivXIqzgf5hW6fAnqHW5mIh+7b4Dpg8tmqtavmgCBIokOYwc/NPmGB5iZ9Jy9Gc
Zpp11lHFYktCjRKPapDJLyh8f8I9dckbVvoteqzIR4fazJO2CqGR5jHLyDcpcWOk
BFSpGY4NSpGDLAdrnKVHgpe+UN38bMzytfnvybgTtKSkYsVAhyh1tk5DspfgpWJB
2QtccrOCNGUtc+XEwknfgtXKj/KL4aOL2Tw11UOmHaY=
-----END CERTIFICATE-----
Generated at Sat Apr 12 15:40:13 2025 by rpki-client