Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c0d463-a174-4f5d-b4ee-96967fcd42e9/1/J1qh-XLlSb83Cvw0tPyOs7lbFV8.roa
File: J1qh-XLlSb83Cvw0tPyOs7lbFV8.roa (raw, json)
Hash identifier: UbADxFQd1kOQt6qZzcUh4NVaCiaCa54WExVcxjT3EEU=
Subject key identifier: 27:5A:A1:F9:72:E5:49:BF:37:0A:FC:34:B4:FC:8E:B3:B9:5B:15:5F
Certificate issuer: /CN=e6fc17bea555b6d38321f94028e515fba4fa74dc
Certificate serial: 019420D5CBE689165CB23B398E39E1411770
Authority key identifier: E6:FC:17:BE:A5:55:B6:D3:83:21:F9:40:28:E5:15:FB:A4:FA:74:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5vwXvqVVttODIflAKOUV-6T6dNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c0d463-a174-4f5d-b4ee-96967fcd42e9/1/J1qh-XLlSb83Cvw0tPyOs7lbFV8.roa
Signing time: Wed 01 Jan 2025 07:47:49 +0000
ROA not before: Wed 01 Jan 2025 07:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203409
IP address blocks: 185.135.68.0/24 maxlen: 24
185.135.69.0/24 maxlen: 24
185.135.70.0/24 maxlen: 24
185.135.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/c0d463-a174-4f5d-b4ee-96967fcd42e9/1/5vwXvqVVttODIflAKOUV-6T6dNw.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/c0d463-a174-4f5d-b4ee-96967fcd42e9/1/5vwXvqVVttODIflAKOUV-6T6dNw.mft
rsync://rpki.ripe.net/repository/DEFAULT/5vwXvqVVttODIflAKOUV-6T6dNw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Mar 2025 14:41:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:cb:e6:89:16:5c:b2:3b:39:8e:39:e1:41:17:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6fc17bea555b6d38321f94028e515fba4fa74dc
Validity
Not Before: Jan 1 07:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=275aa1f972e549bf370afc34b4fc8eb3b95b155f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:21:77:e0:be:a4:96:81:f3:2f:e2:e4:4d:51:
3c:8d:32:6d:ce:67:c5:49:5b:33:34:ea:8b:52:39:
fe:08:ca:96:09:3c:ed:87:72:a3:6b:de:b6:bc:31:
e2:b4:e3:bf:a4:e8:48:3c:65:8d:3d:ab:2d:53:bf:
51:ab:a8:d4:d1:52:80:fc:06:19:44:39:2b:9b:8d:
c3:a5:7a:2e:48:6d:63:e9:31:ea:2c:21:27:92:65:
d3:e2:04:e6:8f:36:0e:1d:4e:aa:c1:10:21:e8:15:
56:63:7f:f2:c8:0a:32:61:88:53:b1:40:51:b5:8b:
57:88:d1:b9:ba:ab:53:bc:44:75:cf:39:b7:28:6a:
c7:11:8e:d2:1b:1f:85:c5:a1:0a:6f:81:de:20:2b:
6d:af:03:2c:ed:f4:77:90:16:a9:bb:47:0b:70:d2:
6e:23:81:5f:19:7d:6c:f0:1e:1d:bb:ea:18:b4:63:
b5:9f:e0:89:85:30:cd:5f:25:98:1f:92:80:98:4d:
f3:11:ae:97:e0:80:ae:31:29:64:9c:17:eb:6a:6a:
97:67:f0:7b:55:9e:f0:ec:ed:76:95:11:e6:06:cc:
91:48:c8:ad:12:1a:a7:a0:5c:09:d2:bb:d9:69:aa:
dc:b6:4c:ae:9f:54:0a:5a:94:7e:7e:8b:06:be:86:
c2:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:5A:A1:F9:72:E5:49:BF:37:0A:FC:34:B4:FC:8E:B3:B9:5B:15:5F
X509v3 Authority Key Identifier:
keyid:E6:FC:17:BE:A5:55:B6:D3:83:21:F9:40:28:E5:15:FB:A4:FA:74:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5vwXvqVVttODIflAKOUV-6T6dNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c0d463-a174-4f5d-b4ee-96967fcd42e9/1/J1qh-XLlSb83Cvw0tPyOs7lbFV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c0d463-a174-4f5d-b4ee-96967fcd42e9/1/5vwXvqVVttODIflAKOUV-6T6dNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.68.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:40:fc:8c:e6:13:53:ff:34:88:d1:6b:d5:b1:93:23:3a:4a:
ca:76:31:53:ac:bf:f5:de:f2:75:2a:7c:0f:fe:ad:29:7b:65:
df:88:bd:35:6c:87:a6:04:41:46:19:9f:ca:18:6a:22:8f:0d:
3a:43:10:4e:aa:8c:47:c0:1e:0a:cf:58:0e:ba:54:0f:08:a7:
63:81:c4:19:07:35:df:22:02:c9:9b:2f:a8:b6:2c:bc:bb:60:
8c:9f:de:bc:25:a8:b9:03:2c:d9:59:c0:d0:88:ab:37:ae:cd:
ee:49:5b:c9:61:3d:3b:2f:49:02:37:7f:17:c8:e1:a9:74:fc:
85:42:c2:7b:f0:26:d0:26:73:e3:d4:c0:4a:b4:8f:6f:11:2a:
87:4e:08:46:20:4d:73:09:73:9d:6d:4d:b7:6f:29:9d:36:9e:
9a:79:d8:a0:ce:4e:52:a4:22:68:35:1c:45:0c:96:86:b5:ce:
d8:9e:73:d5:13:91:55:1f:10:22:1e:17:a1:af:50:3d:6b:a2:
d0:0c:74:db:6c:a6:ff:5e:28:9f:37:49:b7:f5:08:e2:91:e0:
8b:21:24:b5:45:30:88:1c:cc:06:5b:12:74:70:b6:68:d0:9b:
b1:68:60:0b:c0:33:88:4f:db:42:c5:b2:47:a1:c9:c5:9b:b8:
ae:77:93:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1cvmiRZcsjs5jjnhQRdwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ZmMxN2JlYTU1NWI2ZDM4MzIxZjk0MDI4ZTUxNWZiYTRm
YTc0ZGMwHhcNMjUwMTAxMDc0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzVhYTFmOTcyZTU0OWJmMzcwYWZjMzRiNGZjOGViM2I5NWIxNTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yF34L6kloHzL+LkTVE8jTJtzmfF
SVszNOqLUjn+CMqWCTzth3Kja962vDHitOO/pOhIPGWNPastU79Rq6jU0VKA/AYZ
RDkrm43DpXouSG1j6THqLCEnkmXT4gTmjzYOHU6qwRAh6BVWY3/yyAoyYYhTsUBR
tYtXiNG5uqtTvER1zzm3KGrHEY7SGx+FxaEKb4HeICttrwMs7fR3kBapu0cLcNJu
I4FfGX1s8B4du+oYtGO1n+CJhTDNXyWYH5KAmE3zEa6X4ICuMSlknBframqXZ/B7
VZ7w7O12lRHmBsyRSMitEhqnoFwJ0rvZaarctkyun1QKWpR+fosGvobCgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCdaofly5Um/Nwr8NLT8jrO5WxVfMB8GA1UdIwQY
MBaAFOb8F76lVbbTgyH5QCjlFfuk+nTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXZ3WHZxVlZ0dE9ESWZsQUtPVVYtNlQ2ZE53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMGQ0NjMtYTE3NC00ZjVkLWI0ZWUt
OTY5NjdmY2Q0MmU5LzEvSjFxaC1YTGxTYjgzQ3Z3MHRQeU9zN2xiRlY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMGQ0NjMtYTE3NC00ZjVkLWI0ZWUtOTY5NjdmY2Q0MmU5
LzEvNXZ3WHZxVlZ0dE9ESWZsQUtPVVYtNlQ2ZE53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYdEMA0G
CSqGSIb3DQEBCwUAA4IBAQB9QPyM5hNT/zSI0WvVsZMjOkrKdjFTrL/13vJ1KnwP
/q0pe2XfiL01bIemBEFGGZ/KGGoijw06QxBOqoxHwB4Kz1gOulQPCKdjgcQZBzXf
IgLJmy+otiy8u2CMn968Jai5AyzZWcDQiKs3rs3uSVvJYT07L0kCN38XyOGpdPyF
QsJ78CbQJnPj1MBKtI9vESqHTghGIE1zCXOdbU23bymdNp6aedigzk5SpCJoNRxF
DJaGtc7YnnPVE5FVHxAiHhehr1A9a6LQDHTbbKb/XiifN0m39QjikeCLISS1RTCI
HMwGWxJ0cLZo0JuxaGALwDOIT9tCxbJHocnFm7iud5N/
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:19:16 2025 by rpki-client