Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/9cfee8-9446-4f5e-ad1e-0554311d87b5/1/Rxqhs05VJgswf5IagYYVduWK4dw.roa
File: Rxqhs05VJgswf5IagYYVduWK4dw.roa (raw, json)
Hash identifier: 9jWiYjM3BCeOeN51O2+mgMeypqqwXkFllajBFOOYBzI=
Subject key identifier: 47:1A:A1:B3:4E:55:26:0B:30:7F:92:1A:81:86:15:76:E5:8A:E1:DC
Certificate issuer: /CN=fbbe33c8d18e53bfd24822098dc748640550c504
Certificate serial: 019428267A4D7EDA979CD779029ECC9DF18C
Authority key identifier: FB:BE:33:C8:D1:8E:53:BF:D2:48:22:09:8D:C7:48:64:05:50:C5:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-74zyNGOU7_SSCIJjcdIZAVQxQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/9cfee8-9446-4f5e-ad1e-0554311d87b5/1/Rxqhs05VJgswf5IagYYVduWK4dw.roa
Signing time: Thu 02 Jan 2025 17:53:17 +0000
ROA not before: Thu 02 Jan 2025 17:53:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 185.118.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/9cfee8-9446-4f5e-ad1e-0554311d87b5/1/1-74zyNGOU7_SSCIJjcdIZAVQxQQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/9cfee8-9446-4f5e-ad1e-0554311d87b5/1/1-74zyNGOU7_SSCIJjcdIZAVQxQQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-74zyNGOU7_SSCIJjcdIZAVQxQQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 02:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:7a:4d:7e:da:97:9c:d7:79:02:9e:cc:9d:f1:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbbe33c8d18e53bfd24822098dc748640550c504
Validity
Not Before: Jan 2 17:53:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=471aa1b34e55260b307f921a81861576e58ae1dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b9:be:3b:e5:85:b1:04:2b:8c:58:93:a6:29:
4f:0a:f6:a4:8e:b9:45:48:04:88:88:5f:1a:d4:27:
52:30:1a:3e:59:ba:cd:73:82:ed:da:65:e0:2b:44:
20:ab:39:a9:62:22:67:d3:0f:1c:2d:9f:3a:07:ee:
ca:33:12:72:67:94:8d:82:3b:60:05:85:3d:35:41:
68:f9:12:15:4b:cb:ac:4d:d0:8e:46:cd:9b:43:93:
43:84:65:6e:00:59:68:c3:bd:c0:79:27:68:e0:77:
bd:36:7c:e8:b3:b0:21:f3:3b:bb:c3:0d:f8:cf:5c:
55:86:70:6a:17:40:24:38:ea:37:9b:81:48:a5:ba:
8e:8b:1c:61:f2:d6:f2:a4:fd:dc:25:85:56:69:72:
5f:8c:73:0f:fc:b2:01:84:a4:5c:f8:db:be:c0:a0:
a7:1b:a8:e0:25:aa:c5:d6:ea:d9:0f:f9:2f:ee:33:
eb:da:35:79:d0:f0:dd:58:04:39:ea:7e:d9:d8:64:
5f:31:21:e6:df:98:c8:fa:83:d6:0a:ad:2a:3f:53:
14:83:6d:c6:c4:87:79:91:05:8f:6f:1c:de:57:93:
95:06:97:64:62:7e:1a:2c:a0:cd:52:b3:22:83:f0:
b1:76:14:17:7e:6b:3c:69:eb:ce:59:dd:d1:02:3f:
4e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:1A:A1:B3:4E:55:26:0B:30:7F:92:1A:81:86:15:76:E5:8A:E1:DC
X509v3 Authority Key Identifier:
keyid:FB:BE:33:C8:D1:8E:53:BF:D2:48:22:09:8D:C7:48:64:05:50:C5:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-74zyNGOU7_SSCIJjcdIZAVQxQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/9cfee8-9446-4f5e-ad1e-0554311d87b5/1/Rxqhs05VJgswf5IagYYVduWK4dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/9cfee8-9446-4f5e-ad1e-0554311d87b5/1/1-74zyNGOU7_SSCIJjcdIZAVQxQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.105.0/24
Signature Algorithm: sha256WithRSAEncryption
64:ab:80:b8:f7:1a:f1:2f:cf:f0:bb:2b:f0:30:ae:20:af:87:
28:e8:9b:b0:c2:e7:d9:2e:02:d7:5e:f9:94:40:21:70:71:45:
47:19:54:c4:51:21:b8:e0:4d:e8:7e:d6:ee:ee:28:d5:29:1e:
21:10:ae:18:d0:5f:bf:fd:df:aa:68:32:2c:f5:19:5b:49:bd:
fb:22:1c:59:59:f7:bf:4b:39:1e:03:aa:03:18:21:8c:28:7d:
f1:cb:7a:84:67:c4:9b:15:b3:4b:9a:f3:c0:ea:e9:8f:32:d1:
4d:e2:10:f7:87:2c:5a:74:76:2c:d2:ef:27:2d:ae:36:0f:bb:
f2:30:69:4d:8a:97:e9:f4:de:f4:25:f0:99:b5:3a:9a:64:56:
c9:a9:b9:14:82:1d:d3:c1:d7:cc:05:7d:7f:29:2d:50:85:7b:
6f:44:dd:4a:3b:37:bf:83:ae:24:7e:c5:29:51:4c:d9:38:ca:
3f:52:9f:f5:7b:c4:a3:6f:2e:99:c2:30:17:bb:c5:3a:fa:56:
1f:87:be:fb:90:dc:88:4a:34:8a:a3:f7:ac:e6:ae:6b:97:d2:
fb:7b:f9:26:5a:3a:69:6f:7a:2b:c9:a0:aa:bd:22:9e:20:cb:
78:8c:31:42:ff:72:6b:d9:e8:2d:1f:69:0f:48:55:fb:c3:fd:
95:a4:22:29
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQoJnpNftqXnNd5Ap7MnfGMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiYmUzM2M4ZDE4ZTUzYmZkMjQ4MjIwOThkYzc0ODY0MDU1
MGM1MDQwHhcNMjUwMTAyMTc1MzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzFhYTFiMzRlNTUyNjBiMzA3ZjkyMWE4MTg2MTU3NmU1OGFlMWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7m+O+WFsQQrjFiTpilPCvakjrlF
SASIiF8a1CdSMBo+WbrNc4Lt2mXgK0QgqzmpYiJn0w8cLZ86B+7KMxJyZ5SNgjtg
BYU9NUFo+RIVS8usTdCORs2bQ5NDhGVuAFlow73AeSdo4He9Nnzos7Ah8zu7ww34
z1xVhnBqF0AkOOo3m4FIpbqOixxh8tbypP3cJYVWaXJfjHMP/LIBhKRc+Nu+wKCn
G6jgJarF1urZD/kv7jPr2jV50PDdWAQ56n7Z2GRfMSHm35jI+oPWCq0qP1MUg23G
xId5kQWPbxzeV5OVBpdkYn4aLKDNUrMig/CxdhQXfms8aevOWd3RAj9OjwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFEcaobNOVSYLMH+SGoGGFXbliuHcMB8GA1UdIwQY
MBaAFPu+M8jRjlO/0kgiCY3HSGQFUMUEMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS03NHp5TkdPVTdfU1NDSUpqY2RJWkFWUXhRUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAvOWNmZWU4LTk0NDYtNGY1ZS1hZDFl
LTA1NTQzMTFkODdiNS8xL1J4cWhzMDVWSmdzd2Y1SWFnWVlWZHVXSzRkdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzAvOWNmZWU4LTk0NDYtNGY1ZS1hZDFlLTA1NTQzMTFkODdi
NS8xLzEtNzR6eU5HT1U3X1NTQ0lKamNkSVpBVlF4UVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5dmkw
DQYJKoZIhvcNAQELBQADggEBAGSrgLj3GvEvz/C7K/AwriCvhyjom7DC59kuAtde
+ZRAIXBxRUcZVMRRIbjgTeh+1u7uKNUpHiEQrhjQX7/936poMiz1GVtJvfsiHFlZ
979LOR4DqgMYIYwoffHLeoRnxJsVs0ua88Dq6Y8y0U3iEPeHLFp0dizS7yctrjYP
u/IwaU2Kl+n03vQl8Jm1OppkVsmpuRSCHdPB18wFfX8pLVCFe29E3Uo7N7+DriR+
xSlRTNk4yj9Sn/V7xKNvLpnCMBe7xTr6Vh+HvvuQ3IhKNIqj96zmrmuX0vt7+SZa
OmlveivJoKq9Ip4gy3iMMUL/cmvZ6C0faQ9IVfvD/ZWkIik=
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:54:36 2025 by rpki-client