Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/IhsNkpEObyOhrdScw0XLGeqSfjU.roa
File: IhsNkpEObyOhrdScw0XLGeqSfjU.roa (raw, json)
Hash identifier: cYBkSPS8A7jki3ADlXunYLfb3jaAdvC2BeR0D6SyyQw=
Subject key identifier: 22:1B:0D:92:91:0E:6F:23:A1:AD:D4:9C:C3:45:CB:19:EA:92:7E:35
Certificate issuer: /CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Certificate serial: 0194222039E81C08E3BDD72A513B265B5B05
Authority key identifier: 4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/IhsNkpEObyOhrdScw0XLGeqSfjU.roa
Signing time: Wed 01 Jan 2025 13:48:44 +0000
ROA not before: Wed 01 Jan 2025 13:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206119
IP address blocks: 185.78.87.0/24 maxlen: 24
185.174.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.mft
rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:39:e8:1c:08:e3:bd:d7:2a:51:3b:26:5b:5b:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Validity
Not Before: Jan 1 13:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=221b0d92910e6f23a1add49cc345cb19ea927e35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:9d:01:00:26:f5:8c:f6:d9:ff:4d:80:64:44:
8b:f8:6d:ed:1f:46:b9:99:04:3d:c1:80:2f:5e:dd:
73:ac:ad:6c:84:6c:ee:b2:d4:c0:c5:b2:0a:0b:d4:
3a:73:c3:e0:b0:e3:af:a7:c8:54:54:ad:b2:6f:fc:
de:95:a3:60:a9:36:61:3f:f7:ad:13:b6:7d:f8:a3:
00:57:e8:a8:f3:09:58:1c:0f:88:db:28:fa:84:39:
6c:ff:81:ae:17:22:88:7d:7d:0f:c8:c0:23:95:e3:
f6:c3:e4:b7:5e:b7:ed:9f:35:b3:e3:f6:d4:f0:5b:
05:65:3b:0b:b3:67:00:b8:31:18:b9:9d:70:ef:a2:
04:7d:2e:26:d4:eb:5e:39:4d:4d:7b:02:a1:da:d6:
bc:56:2e:04:04:d1:29:a7:a2:b4:dc:df:24:6f:7a:
ff:e9:c3:8d:8a:a5:5d:15:d7:40:80:4f:b6:15:91:
37:3e:ae:12:4d:68:dc:34:8d:88:0e:2e:91:a6:bb:
d8:2a:73:2e:bf:6f:39:cb:e6:7f:49:4c:c1:c6:d3:
1e:00:da:65:e0:bb:e8:47:b0:49:22:b2:24:fd:9f:
bb:fe:d4:fa:20:49:1a:fa:0d:be:92:5e:8d:fe:87:
6f:db:5a:f7:7d:02:e6:ae:2b:ca:46:e3:de:ac:68:
a5:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:1B:0D:92:91:0E:6F:23:A1:AD:D4:9C:C3:45:CB:19:EA:92:7E:35
X509v3 Authority Key Identifier:
keyid:4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/IhsNkpEObyOhrdScw0XLGeqSfjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.87.0/24
185.174.71.0/24
Signature Algorithm: sha256WithRSAEncryption
01:67:3a:d0:63:d7:fd:06:9c:ca:81:28:c9:d3:89:63:eb:4c:
72:1c:1a:42:98:62:c8:09:a8:8e:5d:a3:b4:64:a0:74:59:6b:
8e:8c:7a:3d:70:4c:f1:84:22:df:e1:1f:47:63:87:a9:ee:4a:
a1:84:52:00:5c:bf:5d:b0:0e:e8:5c:57:a8:cb:03:b5:45:2e:
99:57:b0:93:f9:2c:30:47:52:a2:16:fe:3d:26:f7:fb:49:3e:
9a:b2:80:f4:42:fc:51:99:56:3e:a0:ed:19:54:c7:36:1d:1e:
b5:5f:7b:e4:cc:0e:59:34:a9:14:a4:6e:25:ec:fe:83:8f:ec:
00:d2:fb:98:58:41:51:4c:68:18:9c:68:bc:cf:e7:26:d2:94:
f5:f5:73:76:d1:70:da:49:df:c8:d5:95:be:c7:11:f1:2d:99:
95:db:cc:65:fb:0e:1b:f3:6c:1c:20:a1:9b:de:ba:a7:e4:ad:
a9:b1:67:af:c0:17:a9:ae:9d:5e:c7:1e:fa:9a:59:2e:60:2a:
53:93:c6:e4:3f:fb:cf:0e:9e:26:8c:61:6e:3d:73:de:28:8e:
ff:25:f3:43:5b:56:f3:80:af:b2:c8:0d:2d:7a:d6:9a:0b:95:
de:39:80:5c:7a:a0:e1:b6:6e:3b:7e:22:60:26:c0:d2:3b:32:
86:30:d0:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiIDnoHAjjvdcqUTsmW1sFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTg0ZDI0N2NlMzdjZGNjZjA2ZTE1NzFkMjI2YTJiODU2
NzdiY2QwHhcNMjUwMTAxMTM0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjFiMGQ5MjkxMGU2ZjIzYTFhZGQ0OWNjMzQ1Y2IxOWVhOTI3ZTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Z0BACb1jPbZ/02AZESL+G3tH0a5
mQQ9wYAvXt1zrK1shGzustTAxbIKC9Q6c8PgsOOvp8hUVK2yb/zelaNgqTZhP/et
E7Z9+KMAV+io8wlYHA+I2yj6hDls/4GuFyKIfX0PyMAjleP2w+S3XrftnzWz4/bU
8FsFZTsLs2cAuDEYuZ1w76IEfS4m1OteOU1NewKh2ta8Vi4EBNEpp6K03N8kb3r/
6cONiqVdFddAgE+2FZE3Pq4STWjcNI2IDi6RprvYKnMuv285y+Z/SUzBxtMeANpl
4LvoR7BJIrIk/Z+7/tT6IEka+g2+kl6N/odv21r3fQLmrivKRuPerGilrQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCIbDZKRDm8joa3UnMNFyxnqkn41MB8GA1UdIwQY
MBaAFE2oTSR843zczwbhVx0iaiuFZ3vNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGIt
NTU1OGE4YjUzZTNkLzEvSWhzTmtwRU9ieU9ocmRTY3cwWExHZXFTZmpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGItNTU1OGE4YjUzZTNk
LzEvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuU5XAwQA
ua5HMA0GCSqGSIb3DQEBCwUAA4IBAQABZzrQY9f9BpzKgSjJ04lj60xyHBpCmGLI
CaiOXaO0ZKB0WWuOjHo9cEzxhCLf4R9HY4ep7kqhhFIAXL9dsA7oXFeoywO1RS6Z
V7CT+SwwR1KiFv49Jvf7ST6asoD0QvxRmVY+oO0ZVMc2HR61X3vkzA5ZNKkUpG4l
7P6Dj+wA0vuYWEFRTGgYnGi8z+cm0pT19XN20XDaSd/I1ZW+xxHxLZmV28xl+w4b
82wcIKGb3rqn5K2psWevwBeprp1exx76mlkuYCpTk8bkP/vPDp4mjGFuPXPeKI7/
JfNDW1bzgK+yyA0tetaaC5XeOYBceqDhtm47fiJgJsDSOzKGMNAJ
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:19:01 2025 by rpki-client