Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/58394a-8cf6-4b11-becb-3ba69131458b/1/sZ85FeVfKS3RqKqG5NUDvn--qlo.roa
File: sZ85FeVfKS3RqKqG5NUDvn--qlo.roa (raw, json)
Hash identifier: gTaYc3X+G3Jkjg5kUdF0n9TPsOguK/WjYif95eZGzOU=
Subject key identifier: B1:9F:39:15:E5:5F:29:2D:D1:A8:AA:86:E4:D5:03:BE:7F:BE:AA:5A
Certificate issuer: /CN=92ec295476ca1d934db04d00244fc5079b9c9748
Certificate serial: 01942444D3F9C95B4DC00BD872DBF7796011
Authority key identifier: 92:EC:29:54:76:CA:1D:93:4D:B0:4D:00:24:4F:C5:07:9B:9C:97:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kuwpVHbKHZNNsE0AJE_FB5ucl0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/58394a-8cf6-4b11-becb-3ba69131458b/1/sZ85FeVfKS3RqKqG5NUDvn--qlo.roa
Signing time: Wed 01 Jan 2025 23:47:57 +0000
ROA not before: Wed 01 Jan 2025 23:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211997
IP address blocks: 185.233.32.0/24 maxlen: 24
2a10:d780::/32 maxlen: 32
2a10:d780::/48 maxlen: 48
2a10:d780:1::/48 maxlen: 48
2a10:d780:2::/48 maxlen: 48
2a10:d780:3::/48 maxlen: 48
2a10:d780:cccc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/58394a-8cf6-4b11-becb-3ba69131458b/1/kuwpVHbKHZNNsE0AJE_FB5ucl0g.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/58394a-8cf6-4b11-becb-3ba69131458b/1/kuwpVHbKHZNNsE0AJE_FB5ucl0g.mft
rsync://rpki.ripe.net/repository/DEFAULT/kuwpVHbKHZNNsE0AJE_FB5ucl0g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:d3:f9:c9:5b:4d:c0:0b:d8:72:db:f7:79:60:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92ec295476ca1d934db04d00244fc5079b9c9748
Validity
Not Before: Jan 1 23:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b19f3915e55f292dd1a8aa86e4d503be7fbeaa5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:52:25:65:0f:ad:4e:19:ac:c0:e0:3b:8e:5a:
75:82:64:8f:3b:cf:56:f2:80:b6:4d:9e:b7:fb:62:
b3:e1:68:ee:22:0a:28:89:0d:e6:57:45:da:ca:ab:
e4:33:76:1e:dd:08:3b:cc:a8:56:07:8e:bb:b7:bb:
7e:2d:18:fa:0c:55:9a:55:ac:f7:a4:e2:8e:ef:19:
0d:36:02:03:a2:8b:0a:96:c0:e6:b1:97:56:98:42:
82:4c:7a:7a:6c:ca:a0:91:34:44:38:90:46:41:f9:
e7:7e:53:f2:2b:7f:42:6f:af:7f:37:d4:f4:13:49:
65:6a:60:8a:83:85:d2:39:cd:85:65:be:4d:41:e3:
b5:4c:3e:1f:80:57:c7:5d:1e:bf:8d:44:51:62:70:
48:cc:fc:5c:76:82:d1:9a:c2:4d:c6:aa:47:16:53:
a5:21:86:4a:17:9a:90:2c:a3:ee:43:fe:8a:5e:16:
ec:d0:d3:83:3a:91:65:c6:05:90:69:f5:5e:90:fd:
00:34:48:82:c2:4c:f9:12:72:71:82:de:3f:ae:e0:
91:3d:aa:81:fb:c0:dc:a2:87:19:a9:5d:6c:26:f8:
5d:9b:84:72:c8:00:05:f5:88:84:1f:42:66:63:b5:
0d:7c:93:dc:b3:16:22:e7:71:26:ac:e1:1f:04:b9:
6c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:9F:39:15:E5:5F:29:2D:D1:A8:AA:86:E4:D5:03:BE:7F:BE:AA:5A
X509v3 Authority Key Identifier:
keyid:92:EC:29:54:76:CA:1D:93:4D:B0:4D:00:24:4F:C5:07:9B:9C:97:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kuwpVHbKHZNNsE0AJE_FB5ucl0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/58394a-8cf6-4b11-becb-3ba69131458b/1/sZ85FeVfKS3RqKqG5NUDvn--qlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/58394a-8cf6-4b11-becb-3ba69131458b/1/kuwpVHbKHZNNsE0AJE_FB5ucl0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.32.0/24
IPv6:
2a10:d780::/32
Signature Algorithm: sha256WithRSAEncryption
16:11:47:ba:45:61:5e:55:17:e3:c1:ec:9e:43:fc:21:01:d8:
5a:fb:58:3e:db:3f:39:b7:bb:ac:e4:54:f9:b2:36:6f:6b:d2:
01:c1:6a:48:9c:25:d7:90:23:05:92:27:ea:97:36:97:32:ea:
de:a3:f4:70:84:06:a0:57:69:a5:e1:05:d8:58:b4:d7:cc:c4:
63:4c:44:ca:fa:e4:87:1b:8c:39:63:79:16:f7:07:d4:00:62:
d9:27:d4:b3:07:91:49:2b:50:a3:2e:9e:53:77:4f:91:57:68:
db:82:a9:d7:51:1b:b5:ef:c2:5b:d9:d5:75:e4:d2:ee:fe:62:
be:a1:62:76:e9:a0:f1:33:a7:57:61:23:a8:50:47:47:49:41:
c0:03:47:b0:d8:0e:80:6e:74:6a:3c:59:40:b7:4e:3c:b4:23:
45:d0:5d:6b:b5:ce:59:98:29:da:18:d6:fa:01:ca:01:51:79:
0c:79:94:fd:15:71:51:23:ab:5f:6d:77:e8:b4:f0:51:15:af:
2f:d7:89:d8:5b:fd:a6:98:a0:59:be:16:aa:7c:f6:58:24:91:
39:78:e7:f0:33:8b:4c:12:a1:3a:fd:72:30:29:ac:16:c6:89:
19:93:d9:c4:a4:36:64:ea:07:73:32:8c:6f:b5:7c:71:80:7a:
aa:a4:ce:dd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRNP5yVtNwAvYctv3eWARMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZWMyOTU0NzZjYTFkOTM0ZGIwNGQwMDI0NGZjNTA3OWI5
Yzk3NDgwHhcNMjUwMTAxMjM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTlmMzkxNWU1NWYyOTJkZDFhOGFhODZlNGQ1MDNiZTdmYmVhYTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFIlZQ+tThmswOA7jlp1gmSPO89W
8oC2TZ63+2Kz4WjuIgooiQ3mV0XayqvkM3Ye3Qg7zKhWB467t7t+LRj6DFWaVaz3
pOKO7xkNNgIDoosKlsDmsZdWmEKCTHp6bMqgkTREOJBGQfnnflPyK39Cb69/N9T0
E0llamCKg4XSOc2FZb5NQeO1TD4fgFfHXR6/jURRYnBIzPxcdoLRmsJNxqpHFlOl
IYZKF5qQLKPuQ/6KXhbs0NODOpFlxgWQafVekP0ANEiCwkz5EnJxgt4/ruCRPaqB
+8DcoocZqV1sJvhdm4RyyAAF9YiEH0JmY7UNfJPcsxYi53EmrOEfBLlslQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLGfORXlXykt0aiqhuTVA75/vqpaMB8GA1UdIwQY
MBaAFJLsKVR2yh2TTbBNACRPxQebnJdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3V3cFZIYktIWk5Oc0UwQUpFX0ZCNXVjbDBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy81ODM5NGEtOGNmNi00YjExLWJlY2It
M2JhNjkxMzE0NThiLzEvc1o4NUZlVmZLUzNScUtxRzVOVUR2bi0tcWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy81ODM5NGEtOGNmNi00YjExLWJlY2ItM2JhNjkxMzE0NThi
LzEva3V3cFZIYktIWk5Oc0UwQUpFX0ZCNXVjbDBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuekgMA0E
AgACMAcDBQAqENeAMA0GCSqGSIb3DQEBCwUAA4IBAQAWEUe6RWFeVRfjweyeQ/wh
Adha+1g+2z85t7us5FT5sjZva9IBwWpInCXXkCMFkifqlzaXMureo/RwhAagV2ml
4QXYWLTXzMRjTETK+uSHG4w5Y3kW9wfUAGLZJ9SzB5FJK1CjLp5Td0+RV2jbgqnX
URu178Jb2dV15NLu/mK+oWJ26aDxM6dXYSOoUEdHSUHAA0ew2A6AbnRqPFlAt048
tCNF0F1rtc5ZmCnaGNb6AcoBUXkMeZT9FXFRI6tfbXfotPBRFa8v14nYW/2mmKBZ
vhaqfPZYJJE5eOfwM4tMEqE6/XIwKawWxokZk9nEpDZk6gdzMoxvtXxxgHqqpM7d
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:11:25 2025 by rpki-client