Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/maJ8CmpVji7iExXaEzUUxHgibH8.roa
File: maJ8CmpVji7iExXaEzUUxHgibH8.roa (raw, json)
Hash identifier: JObe+le+P4uoJGOeOZ+4H+wfXfvsZKVWkXVTp6TQq5U=
Subject key identifier: 99:A2:7C:0A:6A:55:8E:2E:E2:13:15:DA:13:35:14:C4:78:22:6C:7F
Certificate issuer: /CN=8636a4e14a71ddd510164b8631ad99bbfc75953a
Certificate serial: 0194228DF132F3C04E9949AFF8792603C852
Authority key identifier: 86:36:A4:E1:4A:71:DD:D5:10:16:4B:86:31:AD:99:BB:FC:75:95:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hjak4Upx3dUQFkuGMa2Zu_x1lTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/maJ8CmpVji7iExXaEzUUxHgibH8.roa
Signing time: Wed 01 Jan 2025 15:48:35 +0000
ROA not before: Wed 01 Jan 2025 15:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12577
IP address blocks: 185.148.92.0/22 maxlen: 22
199.255.112.0/22 maxlen: 22
206.225.20.0/22 maxlen: 22
212.24.116.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/hjak4Upx3dUQFkuGMa2Zu_x1lTo.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/hjak4Upx3dUQFkuGMa2Zu_x1lTo.mft
rsync://rpki.ripe.net/repository/DEFAULT/hjak4Upx3dUQFkuGMa2Zu_x1lTo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:f1:32:f3:c0:4e:99:49:af:f8:79:26:03:c8:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8636a4e14a71ddd510164b8631ad99bbfc75953a
Validity
Not Before: Jan 1 15:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99a27c0a6a558e2ee21315da133514c478226c7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:57:2d:36:da:cb:df:bb:37:6c:13:4c:64:d2:
99:93:68:34:12:15:dc:5f:0c:6c:a9:c3:c6:2e:a8:
81:45:f3:7e:0c:e0:1e:be:e1:ca:cb:54:f3:8e:b0:
fb:d1:13:d8:d1:e2:69:7a:fc:f6:87:8f:a6:32:19:
d1:2a:9a:98:c1:b8:86:8e:dc:60:9a:6b:0b:5e:7b:
b8:4e:29:38:9a:3f:f3:7b:b3:00:20:93:1a:a9:c7:
6d:c7:45:a1:60:96:fd:9d:17:58:e0:a5:b6:d1:30:
44:e9:18:28:7d:b4:a3:e5:17:17:73:36:2f:b3:7b:
62:72:be:0b:05:2f:3d:7f:bd:28:ee:12:e3:0e:81:
57:21:5e:e2:11:11:c0:0f:f0:be:94:d7:b4:f3:83:
27:a7:06:c0:fa:d7:c8:c1:ff:68:2d:5a:d4:d6:29:
6e:79:a5:9f:27:d7:0f:bb:7c:36:3e:ce:ba:ff:88:
fe:5f:69:5d:25:6c:05:2f:58:30:40:d0:5f:08:d6:
b4:b2:4d:ae:ea:ce:57:d0:1b:8c:78:f0:6f:0b:e2:
41:74:c1:c1:a1:38:52:70:f5:ca:a3:00:3d:3c:62:
c3:1e:4b:54:ef:e1:08:76:57:8d:0f:fa:fc:79:27:
22:fa:3c:66:d5:a8:3a:88:82:48:4e:ca:31:31:3c:
e6:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:A2:7C:0A:6A:55:8E:2E:E2:13:15:DA:13:35:14:C4:78:22:6C:7F
X509v3 Authority Key Identifier:
keyid:86:36:A4:E1:4A:71:DD:D5:10:16:4B:86:31:AD:99:BB:FC:75:95:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hjak4Upx3dUQFkuGMa2Zu_x1lTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/maJ8CmpVji7iExXaEzUUxHgibH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/hjak4Upx3dUQFkuGMa2Zu_x1lTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.92.0/22
199.255.112.0/22
206.225.20.0/22
212.24.116.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:93:03:e4:65:76:ab:69:f8:69:e0:21:5c:65:1b:7c:1a:cc:
ce:87:2d:16:c3:fd:82:09:eb:d1:db:46:1e:f9:bf:13:88:20:
50:f5:74:8b:54:4a:9b:58:7c:c1:c3:6c:d4:c2:87:d4:a3:b3:
42:4c:0c:18:9a:e3:8c:bb:0f:a0:ba:b9:83:e3:eb:7a:8b:a5:
e2:f3:df:3a:2f:20:44:11:65:2f:f6:76:c4:b2:92:a4:94:c9:
9e:e5:e6:e2:60:88:a9:0f:7a:13:44:d0:b6:55:78:ba:71:5d:
b2:15:79:17:8b:44:ec:40:0f:58:89:bb:3c:ec:50:df:8b:98:
4b:d6:4a:08:09:3e:98:2b:2e:c1:ae:d0:04:95:6b:d3:a7:bd:
09:b3:6f:63:a8:ae:3d:94:05:22:a4:6c:a5:75:da:95:b4:a9:
07:c0:eb:b3:7c:b6:fd:67:e9:83:81:a4:0c:c4:a6:79:1b:1b:
38:34:26:30:0b:df:c8:93:8e:32:ec:1d:53:83:09:e7:eb:95:
7f:e3:4e:38:71:97:0c:92:ea:b1:61:7b:db:c7:f7:3d:f9:32:
32:7c:43:c6:83:3d:86:54:2f:f4:cf:79:30:94:e6:81:70:3f:
c4:4c:b4:48:07:19:a1:7f:ea:d1:2a:3f:ff:29:d7:b1:48:70:
43:58:85:aa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQijfEy88BOmUmv+HkmA8hSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MzZhNGUxNGE3MWRkZDUxMDE2NGI4NjMxYWQ5OWJiZmM3
NTk1M2EwHhcNMjUwMTAxMTU0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWEyN2MwYTZhNTU4ZTJlZTIxMzE1ZGExMzM1MTRjNDc4MjI2YzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1ctNtrL37s3bBNMZNKZk2g0EhXc
XwxsqcPGLqiBRfN+DOAevuHKy1TzjrD70RPY0eJpevz2h4+mMhnRKpqYwbiGjtxg
mmsLXnu4Tik4mj/ze7MAIJMaqcdtx0WhYJb9nRdY4KW20TBE6RgofbSj5RcXczYv
s3ticr4LBS89f70o7hLjDoFXIV7iERHAD/C+lNe084MnpwbA+tfIwf9oLVrU1ilu
eaWfJ9cPu3w2Ps66/4j+X2ldJWwFL1gwQNBfCNa0sk2u6s5X0BuMePBvC+JBdMHB
oThScPXKowA9PGLDHktU7+EIdleND/r8eSci+jxm1ag6iIJITsoxMTzmawIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJmifApqVY4u4hMV2hM1FMR4Imx/MB8GA1UdIwQY
MBaAFIY2pOFKcd3VEBZLhjGtmbv8dZU6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGphazRVcHgzZFVRRmt1R01hMlp1X3gxbFRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jZGVjYTMtNGVmMS00NWFkLTg5MjIt
MmY3Y2Y4NDQ2YTMxLzEvbWFKOENtcFZqaTdpRXhYYUV6VVV4SGdpYkg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jZGVjYTMtNGVmMS00NWFkLTg5MjItMmY3Y2Y4NDQ2YTMx
LzEvaGphazRVcHgzZFVRRmt1R01hMlp1X3gxbFRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuZRcAwQC
x/9wAwQCzuEUAwQC1Bh0MA0GCSqGSIb3DQEBCwUAA4IBAQBPkwPkZXarafhp4CFc
ZRt8GszOhy0Ww/2CCevR20Ye+b8TiCBQ9XSLVEqbWHzBw2zUwofUo7NCTAwYmuOM
uw+gurmD4+t6i6Xi8986LyBEEWUv9nbEspKklMme5ebiYIipD3oTRNC2VXi6cV2y
FXkXi0TsQA9Yibs87FDfi5hL1koICT6YKy7BrtAElWvTp70Js29jqK49lAUipGyl
ddqVtKkHwOuzfLb9Z+mDgaQMxKZ5Gxs4NCYwC9/Ik44y7B1Tgwnn65V/4044cZcM
kuqxYXvbx/c9+TIyfEPGgz2GVC/0z3kwlOaBcD/ETLRIBxmhf+rRKj//KdexSHBD
WIWq
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:07:52 2025 by rpki-client