Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/JI9t4kgrMBA_tBUhI-9kJ9oaDjM.roa
File: JI9t4kgrMBA_tBUhI-9kJ9oaDjM.roa (raw, json)
Hash identifier: pXV1riHvzMfds44OsVlFwePE1iGGGsCCdHxPBZ6lGtc=
Subject key identifier: 24:8F:6D:E2:48:2B:30:10:3F:B4:15:21:23:EF:64:27:DA:1A:0E:33
Certificate issuer: /CN=5a939b0ced38d75cc63ed50d6e5ce72bbb5b4b10
Certificate serial: 01951D2F70AC8E3408A082079374188BE53F
Authority key identifier: 5A:93:9B:0C:ED:38:D7:5C:C6:3E:D5:0D:6E:5C:E7:2B:BB:5B:4B:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/JI9t4kgrMBA_tBUhI-9kJ9oaDjM.roa
Signing time: Wed 19 Feb 2025 07:50:03 +0000
ROA not before: Wed 19 Feb 2025 07:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203709
IP address blocks: 185.123.56.0/24 maxlen: 24
185.123.57.0/24 maxlen: 24
185.123.58.0/24 maxlen: 24
185.123.59.0/24 maxlen: 24
185.214.138.0/24 maxlen: 24
193.56.164.0/24 maxlen: 24
193.56.165.0/24 maxlen: 24
193.56.166.0/24 maxlen: 24
193.56.167.0/24 maxlen: 24
212.119.52.0/22 maxlen: 22
212.119.52.0/24 maxlen: 24
212.119.53.0/24 maxlen: 24
212.119.54.0/24 maxlen: 24
212.119.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.mft
rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1d:2f:70:ac:8e:34:08:a0:82:07:93:74:18:8b:e5:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a939b0ced38d75cc63ed50d6e5ce72bbb5b4b10
Validity
Not Before: Feb 19 07:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=248f6de2482b30103fb4152123ef6427da1a0e33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c2:ef:9a:bc:e4:cb:8e:9f:f5:c2:fb:54:0b:
0b:b0:ae:4c:83:3e:d6:c5:b4:39:90:76:a4:e9:62:
e1:e0:d8:cb:9b:81:07:2e:62:52:b3:8e:06:16:8e:
29:67:e7:46:2c:7d:e5:d5:4d:6c:bc:c9:64:b7:10:
b9:e1:e6:69:17:d1:36:b8:b3:9c:10:cc:f5:f4:78:
e4:56:d4:fd:79:f9:4c:71:b6:77:f2:1f:42:d5:bc:
61:89:cc:12:04:0b:a7:cd:6e:9e:0f:8e:61:46:0b:
4a:63:59:62:9a:ca:fe:6a:a1:03:86:96:5b:60:92:
8d:18:0b:40:a1:8e:45:88:fb:79:f2:5d:27:4b:0e:
ec:b3:b3:fb:e8:ab:26:88:4e:92:c6:e8:fc:54:44:
06:e0:cd:f7:61:5d:66:7f:08:21:c8:df:63:c9:f7:
d7:68:a2:3e:01:d3:10:05:17:44:60:54:88:2c:4c:
0a:bc:26:5a:4b:d0:d3:df:f6:fa:37:30:73:ea:1e:
4b:8a:9d:24:f9:01:5e:e1:b4:c5:ec:3e:2c:ad:45:
7e:e8:4c:b6:a6:d5:e2:65:27:1f:23:26:38:f7:8e:
ee:b4:63:b1:3d:85:a9:9b:15:e8:8d:f0:ee:b8:b3:
6a:f7:a8:a4:5e:a9:d9:a1:23:e9:9f:5d:e0:9c:7d:
14:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:8F:6D:E2:48:2B:30:10:3F:B4:15:21:23:EF:64:27:DA:1A:0E:33
X509v3 Authority Key Identifier:
keyid:5A:93:9B:0C:ED:38:D7:5C:C6:3E:D5:0D:6E:5C:E7:2B:BB:5B:4B:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/JI9t4kgrMBA_tBUhI-9kJ9oaDjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.56.0/22
185.214.138.0/24
193.56.164.0/22
212.119.52.0/22
Signature Algorithm: sha256WithRSAEncryption
56:25:d5:0a:c7:4c:0d:a1:dc:a9:6b:c6:32:f7:a8:08:92:84:
a3:e7:cf:97:74:b9:97:c2:00:e9:ac:b6:12:65:e0:98:b1:ba:
e3:5d:b0:3f:bd:2f:94:cb:0e:f1:48:12:47:1b:99:79:dd:ba:
2b:c4:35:81:39:17:fe:cb:ac:32:1a:2e:d6:0f:32:c3:dc:76:
f1:4a:d4:04:aa:49:25:ea:6f:ef:8f:a4:d4:e0:51:5e:5f:ff:
64:3d:d8:cb:cf:96:ba:8e:8b:25:53:fc:c6:5f:c4:bc:30:3b:
d2:02:a1:34:aa:67:52:69:62:b5:7d:7c:15:64:5e:3d:97:ee:
7b:10:fd:b1:32:c0:98:29:24:15:bc:fd:ef:86:80:99:88:da:
36:68:2d:c9:df:5d:70:f9:77:6f:d9:26:16:ed:15:06:60:9f:
91:fc:93:2b:ab:9b:3c:d4:fa:45:72:8b:03:5f:ef:60:a3:de:
9f:5d:d3:54:bf:b3:7f:60:ae:64:8e:03:f3:5c:45:4f:29:4d:
7d:42:83:2a:07:0e:de:20:37:43:54:56:3a:17:30:92:b7:f3:
d2:75:fe:3b:c1:a6:21:1c:53:7c:df:ff:83:bc:a8:48:60:82:
1f:f7:3a:57:cb:18:85:02:eb:31:f6:f9:d9:39:f9:cc:f6:c1:
21:3d:13:83
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZUdL3CsjjQIoIIHk3QYi+U/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhOTM5YjBjZWQzOGQ3NWNjNjNlZDUwZDZlNWNlNzJiYmI1
YjRiMTAwHhcNMjUwMjE5MDc1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDhmNmRlMjQ4MmIzMDEwM2ZiNDE1MjEyM2VmNjQyN2RhMWEwZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMLvmrzky46f9cL7VAsLsK5Mgz7W
xbQ5kHak6WLh4NjLm4EHLmJSs44GFo4pZ+dGLH3l1U1svMlktxC54eZpF9E2uLOc
EMz19HjkVtT9eflMcbZ38h9C1bxhicwSBAunzW6eD45hRgtKY1limsr+aqEDhpZb
YJKNGAtAoY5FiPt58l0nSw7ss7P76KsmiE6Sxuj8VEQG4M33YV1mfwghyN9jyffX
aKI+AdMQBRdEYFSILEwKvCZaS9DT3/b6NzBz6h5Lip0k+QFe4bTF7D4srUV+6Ey2
ptXiZScfIyY4947utGOxPYWpmxXojfDuuLNq96ikXqnZoSPpn13gnH0UbQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCSPbeJIKzAQP7QVISPvZCfaGg4zMB8GA1UdIwQY
MBaAFFqTmwztONdcxj7VDW5c5yu7W0sQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3BPYkRPMDQxMXpHUHRVTmJsem5LN3RiU3hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9iZWExNGEtMGQzMi00YWE3LWI4OTgt
ZDYwYjNiNmNjYTZlLzEvSkk5dDRrZ3JNQkFfdEJVaEktOWtKOW9hRGpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9iZWExNGEtMGQzMi00YWE3LWI4OTgtZDYwYjNiNmNjYTZl
LzEvV3BPYkRPMDQxMXpHUHRVTmJsem5LN3RiU3hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuXs4AwQA
udaKAwQCwTikAwQC1Hc0MA0GCSqGSIb3DQEBCwUAA4IBAQBWJdUKx0wNodypa8Yy
96gIkoSj58+XdLmXwgDprLYSZeCYsbrjXbA/vS+Uyw7xSBJHG5l53borxDWBORf+
y6wyGi7WDzLD3HbxStQEqkkl6m/vj6TU4FFeX/9kPdjLz5a6joslU/zGX8S8MDvS
AqE0qmdSaWK1fXwVZF49l+57EP2xMsCYKSQVvP3vhoCZiNo2aC3J311w+Xdv2SYW
7RUGYJ+R/JMrq5s81PpFcosDX+9go96fXdNUv7N/YK5kjgPzXEVPKU19QoMqBw7e
IDdDVFY6FzCSt/PSdf47waYhHFN83/+DvKhIYIIf9zpXyxiFAusx9vnZOfnM9sEh
PROD
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:50:55 2025 by rpki-client