Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/DCocrInE23WH5yhpx0FXxrNY7_Y.roa
File: DCocrInE23WH5yhpx0FXxrNY7_Y.roa (raw, json)
Hash identifier: O6VU1JCrRAIS6a+yNeHmYk7E8wYytQ8Lu8b/Fc+fOqI=
Subject key identifier: 0C:2A:1C:AC:89:C4:DB:75:87:E7:28:69:C7:41:57:C6:B3:58:EF:F6
Certificate issuer: /CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Certificate serial: 01942444A5673743C3FB27F4D555AF2F4D33
Authority key identifier: 1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/DCocrInE23WH5yhpx0FXxrNY7_Y.roa
Signing time: Wed 01 Jan 2025 23:47:45 +0000
ROA not before: Wed 01 Jan 2025 23:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33932
IP address blocks: 185.228.172.0/24 maxlen: 24
185.228.173.0/24 maxlen: 24
185.228.174.0/24 maxlen: 24
185.228.175.0/24 maxlen: 24
217.150.208.0/20 maxlen: 24
217.150.208.0/24 maxlen: 24
217.150.209.0/24 maxlen: 24
217.150.210.0/24 maxlen: 24
217.150.211.0/24 maxlen: 24
217.150.212.0/24 maxlen: 24
217.150.213.0/24 maxlen: 24
217.150.214.0/24 maxlen: 24
217.150.223.0/24 maxlen: 24
2a0d:2e00::/29 maxlen: 48
2a0d:2e00:1000::/36 maxlen: 36
2a0d:2e00:1000::/48 maxlen: 48
2a0d:2e00:2000::/36 maxlen: 36
2a0d:2e00:2000::/48 maxlen: 48
2a0d:2e00:3000::/36 maxlen: 36
2a0d:2e00:3000::/48 maxlen: 48
2a0d:2e00:4000::/36 maxlen: 36
2a0d:2e00:4000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/HYYmdJy_hLz0Lrsphbht7oMOXBQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/HYYmdJy_hLz0Lrsphbht7oMOXBQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:a5:67:37:43:c3:fb:27:f4:d5:55:af:2f:4d:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Validity
Not Before: Jan 1 23:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c2a1cac89c4db7587e72869c74157c6b358eff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c6:5e:df:76:b4:44:ac:9f:4f:8d:6f:1d:e7:
20:a6:61:e9:9b:b3:fb:9b:72:ea:b9:84:a0:9a:e6:
c5:81:6e:a0:0f:b4:be:98:57:33:6f:6d:9f:90:e3:
8c:7d:a3:44:95:1e:63:f9:63:8b:be:9e:af:6f:e0:
68:2f:99:b7:d7:b8:35:5f:b7:55:57:5c:43:00:bf:
d9:b0:54:ad:ad:2d:77:a4:ee:15:a7:ff:a6:e1:bf:
d9:6f:ba:e9:8d:cb:9d:8a:50:2d:57:4f:5b:ff:a0:
51:4b:d6:e3:9e:3f:71:76:77:a7:34:71:8d:c8:03:
b1:2e:45:0e:21:d5:6c:60:84:4b:de:27:6a:8d:8a:
65:f7:6c:ce:df:51:fb:d6:ff:de:d3:5d:07:90:46:
0d:ce:5c:40:80:25:02:df:c7:24:3d:c2:92:ab:bd:
46:4e:70:9b:9e:d8:aa:0f:aa:19:79:29:8d:93:e2:
b7:7b:76:64:9f:52:89:7d:6f:b7:e6:18:1b:43:53:
1d:68:1c:ef:52:9e:b6:44:71:02:20:c4:b8:ae:9f:
be:5d:61:55:04:ac:21:65:09:89:2e:ef:40:8f:73:
f2:57:33:3f:76:5a:01:11:d6:b7:48:06:f6:c2:6d:
21:a5:88:b5:c2:33:1c:d5:c6:1e:3a:72:72:02:4c:
51:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:2A:1C:AC:89:C4:DB:75:87:E7:28:69:C7:41:57:C6:B3:58:EF:F6
X509v3 Authority Key Identifier:
keyid:1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/DCocrInE23WH5yhpx0FXxrNY7_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/HYYmdJy_hLz0Lrsphbht7oMOXBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.172.0/22
217.150.208.0/20
IPv6:
2a0d:2e00::/29
Signature Algorithm: sha256WithRSAEncryption
36:61:e6:5f:1d:cb:23:d5:82:11:ad:31:c2:08:29:6f:b3:17:
36:67:39:e1:d6:1d:c3:8b:28:8b:6c:02:1f:cd:c5:09:36:1f:
38:27:93:bf:0a:72:9e:76:bc:dc:68:8b:00:c6:4f:d8:a3:a9:
2e:ae:48:4e:e5:a6:00:55:45:c9:7f:24:ad:81:25:a4:3a:2c:
ae:58:d3:d7:d7:bf:e4:58:d5:00:2e:cf:88:d5:15:9f:7f:9a:
cf:82:65:7b:6a:d3:08:82:96:16:e2:67:08:26:2a:73:d5:de:
87:dd:54:67:75:bd:76:de:d0:90:78:29:b6:9f:4d:11:4d:ca:
c2:55:74:5a:65:8b:02:fa:56:37:f2:8b:fc:f4:dd:fd:4c:2a:
8a:51:a3:b0:87:70:b4:89:86:f5:62:a1:a1:72:05:8b:a4:45:
e1:86:a6:8d:bc:10:76:4c:8f:ed:3c:68:01:b5:45:50:2b:04:
d8:cd:d3:29:77:e9:2e:ec:2b:df:fe:9c:b9:c7:f0:47:b3:cd:
0e:44:be:3e:de:08:44:1a:84:97:a0:c2:0e:18:92:be:c4:93:
7c:1e:f1:24:b7:c5:50:4c:d1:3b:f1:80:a1:99:48:57:b0:e4:
91:58:67:99:4e:a0:bd:7a:89:06:f5:90:1a:16:01:da:0e:b6:
5f:fe:3f:cc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQkRKVnN0PD+yf01VWvL00zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODYyNjc0OWNiZjg0YmNmNDJlYmIyOTg1Yjg2ZGVlODMw
ZTVjMTQwHhcNMjUwMTAxMjM0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzJhMWNhYzg5YzRkYjc1ODdlNzI4NjljNzQxNTdjNmIzNThlZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMZe33a0RKyfT41vHecgpmHpm7P7
m3LquYSgmubFgW6gD7S+mFczb22fkOOMfaNElR5j+WOLvp6vb+BoL5m317g1X7dV
V1xDAL/ZsFStrS13pO4Vp/+m4b/Zb7rpjcudilAtV09b/6BRS9bjnj9xdnenNHGN
yAOxLkUOIdVsYIRL3idqjYpl92zO31H71v/e010HkEYNzlxAgCUC38ckPcKSq71G
TnCbntiqD6oZeSmNk+K3e3Zkn1KJfW+35hgbQ1MdaBzvUp62RHECIMS4rp++XWFV
BKwhZQmJLu9Aj3PyVzM/dloBEda3SAb2wm0hpYi1wjMc1cYeOnJyAkxRVwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAwqHKyJxNt1h+coacdBV8azWO/2MB8GA1UdIwQY
MBaAFB2GJnScv4S89C67KYW4be6DDlwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYt
MGJmYmFkNDg0OWNkLzEvRENvY3JJbkUyM1dINXlocHgwRlh4ck5ZN19ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYtMGJmYmFkNDg0OWNk
LzEvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCueSsAwQE
2ZbQMA0EAgACMAcDBQMqDS4AMA0GCSqGSIb3DQEBCwUAA4IBAQA2YeZfHcsj1YIR
rTHCCClvsxc2Zznh1h3DiyiLbAIfzcUJNh84J5O/CnKedrzcaIsAxk/Yo6kurkhO
5aYAVUXJfyStgSWkOiyuWNPX17/kWNUALs+I1RWff5rPgmV7atMIgpYW4mcIJipz
1d6H3VRndb123tCQeCm2n00RTcrCVXRaZYsC+lY38ov89N39TCqKUaOwh3C0iYb1
YqGhcgWLpEXhhqaNvBB2TI/tPGgBtUVQKwTYzdMpd+ku7Cvf/py5x/BHs80ORL4+
3ghEGoSXoMIOGJK+xJN8HvEkt8VQTNE78YChmUhXsOSRWGeZTqC9eokG9ZAaFgHa
DrZf/j/M
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:00:15 2025 by rpki-client