Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/CNx16XPAZx-QHVANkd2qjppUy-M.roa
File: CNx16XPAZx-QHVANkd2qjppUy-M.roa (raw, json)
Hash identifier: tg4m4urbGkAxgg6JgxNQ4p4V5XeLVLobwIMo7jTTB2U=
Subject key identifier: 08:DC:75:E9:73:C0:67:1F:90:1D:50:0D:91:DD:AA:8E:9A:54:CB:E3
Certificate issuer: /CN=09d1a634bbb7aefad87d121a5fe545648738c8c5
Certificate serial: 01941FFA152AA8F61792127126704408B008
Authority key identifier: 09:D1:A6:34:BB:B7:AE:FA:D8:7D:12:1A:5F:E5:45:64:87:38:C8:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CdGmNLu3rvrYfRIaX-VFZIc4yMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/CNx16XPAZx-QHVANkd2qjppUy-M.roa
Signing time: Wed 01 Jan 2025 03:47:50 +0000
ROA not before: Wed 01 Jan 2025 03:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 185.40.184.0/24 maxlen: 24
185.40.185.0/24 maxlen: 24
185.40.186.0/24 maxlen: 24
185.40.187.0/24 maxlen: 24
185.118.118.0/24 maxlen: 24
185.121.28.0/24 maxlen: 24
185.121.29.0/24 maxlen: 24
185.121.30.0/24 maxlen: 24
185.121.31.0/24 maxlen: 24
185.254.132.0/24 maxlen: 24
185.254.133.0/24 maxlen: 24
185.254.134.0/24 maxlen: 24
185.254.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/CdGmNLu3rvrYfRIaX-VFZIc4yMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/CdGmNLu3rvrYfRIaX-VFZIc4yMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CdGmNLu3rvrYfRIaX-VFZIc4yMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:15:2a:a8:f6:17:92:12:71:26:70:44:08:b0:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09d1a634bbb7aefad87d121a5fe545648738c8c5
Validity
Not Before: Jan 1 03:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08dc75e973c0671f901d500d91ddaa8e9a54cbe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4b:4a:27:e0:ee:14:2a:e1:ab:84:4e:73:08:
6c:b6:9e:88:85:48:ac:bc:09:d8:20:d4:67:b9:b8:
07:c0:27:a3:ac:29:ac:20:e0:24:44:a4:b9:4d:c9:
40:bf:f2:2d:87:f2:1d:99:5a:cc:14:2c:63:5e:52:
65:61:98:44:ec:87:8f:c1:3c:e7:88:0c:83:77:74:
be:81:3a:ae:be:04:08:dc:c4:58:b1:54:c3:32:d4:
ab:30:7b:37:64:a3:85:65:f4:35:5a:05:c1:de:29:
a4:7d:63:22:1d:60:e5:30:a6:bf:fa:c9:73:67:93:
04:9b:80:79:93:33:2f:6a:17:f9:07:0b:30:26:d2:
2a:92:40:f9:68:a3:db:d2:04:b6:1d:ce:86:69:93:
d3:d2:5c:83:14:ad:ce:f3:42:57:55:ca:4f:00:54:
c8:5a:2c:5b:0e:a9:d2:1b:6e:1b:a4:ae:37:6c:df:
1a:b2:d0:3b:16:2e:c8:e1:7e:32:02:54:b7:ce:b2:
3b:b2:40:7e:ec:05:06:74:d8:32:4c:15:df:d2:d3:
87:6a:be:50:6b:2d:28:9e:22:7b:ce:87:e0:80:b4:
ee:db:9c:37:f0:7e:68:c1:2d:50:52:2d:1a:5b:3e:
5f:23:e1:56:dc:aa:9b:80:ba:b6:93:93:d9:5a:15:
7c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:DC:75:E9:73:C0:67:1F:90:1D:50:0D:91:DD:AA:8E:9A:54:CB:E3
X509v3 Authority Key Identifier:
keyid:09:D1:A6:34:BB:B7:AE:FA:D8:7D:12:1A:5F:E5:45:64:87:38:C8:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CdGmNLu3rvrYfRIaX-VFZIc4yMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/CNx16XPAZx-QHVANkd2qjppUy-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/CdGmNLu3rvrYfRIaX-VFZIc4yMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.184.0/22
185.118.118.0/24
185.121.28.0/22
185.254.132.0/22
Signature Algorithm: sha256WithRSAEncryption
83:ce:bf:cd:62:86:f7:72:00:89:4b:e5:de:79:9c:2a:3a:03:
43:8a:33:70:8b:f4:75:cc:a9:9b:d7:e8:c6:e4:01:34:fa:8a:
33:fd:95:3c:ba:04:9b:98:b5:4f:ad:9e:00:c4:55:d5:62:fb:
e0:75:d9:9c:83:b5:ad:6e:00:e2:da:a0:3b:5a:45:cd:b7:ea:
14:21:c4:80:d9:31:bf:58:13:e7:71:e5:01:58:a1:f7:74:36:
34:20:2e:3a:cc:98:55:db:5c:03:dc:92:e4:28:88:95:11:8b:
14:81:a1:c1:bf:92:16:8b:06:be:fe:f2:1c:48:44:f1:40:e2:
42:44:5d:52:c7:81:a3:c6:d4:cb:7a:17:e0:cf:c2:99:33:32:
d1:96:1c:fb:3d:0b:8b:0d:d6:5f:eb:99:5f:77:91:c0:0e:4e:
f4:5b:45:a6:df:31:18:4e:e3:c2:1a:bd:4b:21:62:90:20:e7:
c7:5f:d7:43:b4:79:fc:a3:23:67:5d:12:dc:ee:15:81:98:23:
7d:5a:54:3f:e3:96:a8:2c:ff:a5:37:57:63:e0:36:d8:32:47:
2d:a0:51:8b:09:6c:47:b0:6c:ca:3f:af:b5:f8:61:fd:38:1f:
b8:35:c1:36:6b:5f:54:05:25:97:18:0d:2f:81:00:0f:61:e6:
42:49:8a:ab
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQf+hUqqPYXkhJxJnBECLAIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZDFhNjM0YmJiN2FlZmFkODdkMTIxYTVmZTU0NTY0ODcz
OGM4YzUwHhcNMjUwMTAxMDM0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGRjNzVlOTczYzA2NzFmOTAxZDUwMGQ5MWRkYWE4ZTlhNTRjYmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxktKJ+DuFCrhq4ROcwhstp6IhUis
vAnYINRnubgHwCejrCmsIOAkRKS5TclAv/Ith/IdmVrMFCxjXlJlYZhE7IePwTzn
iAyDd3S+gTquvgQI3MRYsVTDMtSrMHs3ZKOFZfQ1WgXB3imkfWMiHWDlMKa/+slz
Z5MEm4B5kzMvahf5BwswJtIqkkD5aKPb0gS2Hc6GaZPT0lyDFK3O80JXVcpPAFTI
WixbDqnSG24bpK43bN8astA7Fi7I4X4yAlS3zrI7skB+7AUGdNgyTBXf0tOHar5Q
ay0oniJ7zofggLTu25w38H5owS1QUi0aWz5fI+FW3KqbgLq2k5PZWhV8awIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAjcdelzwGcfkB1QDZHdqo6aVMvjMB8GA1UdIwQY
MBaAFAnRpjS7t6762H0SGl/lRWSHOMjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2RHbU5MdTNydnJZZlJJYVgtVkZaSWM0eU1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yNjQwZGYtYjVkMS00YzAwLWIyZjIt
NWU1YjhiMjgwNTlhLzEvQ054MTZYUEFaeC1RSFZBTmtkMnFqcHBVeS1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yNjQwZGYtYjVkMS00YzAwLWIyZjItNWU1YjhiMjgwNTlh
LzEvQ2RHbU5MdTNydnJZZlJJYVgtVkZaSWM0eU1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuSi4AwQA
uXZ2AwQCuXkcAwQCuf6EMA0GCSqGSIb3DQEBCwUAA4IBAQCDzr/NYob3cgCJS+Xe
eZwqOgNDijNwi/R1zKmb1+jG5AE0+ooz/ZU8ugSbmLVPrZ4AxFXVYvvgddmcg7Wt
bgDi2qA7WkXNt+oUIcSA2TG/WBPnceUBWKH3dDY0IC46zJhV21wD3JLkKIiVEYsU
gaHBv5IWiwa+/vIcSETxQOJCRF1Sx4GjxtTLehfgz8KZMzLRlhz7PQuLDdZf65lf
d5HADk70W0Wm3zEYTuPCGr1LIWKQIOfHX9dDtHn8oyNnXRLc7hWBmCN9WlQ/45ao
LP+lN1dj4DbYMkctoFGLCWxHsGzKP6+1+GH9OB+4NcE2a19UBSWXGA0vgQAPYeZC
SYqr
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:03:19 2025 by rpki-client