Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/0de683-7316-40c2-b89c-b2c0dfa8a0e1/1/RHZBo8Pr6Q-AwsJ6UMblKavesaU.roa
File: RHZBo8Pr6Q-AwsJ6UMblKavesaU.roa (raw, json)
Hash identifier: 0vFm3yhvgBy4kgPfdSeT0wbY5J6zHgZ0B78QJ9Nt4MM=
Subject key identifier: 44:76:41:A3:C3:EB:E9:0F:80:C2:C2:7A:50:C6:E5:29:AB:DE:B1:A5
Certificate issuer: /CN=c5a968edb72c15f5f9567fd34267b87485ef36d1
Certificate serial: 0194266BA24D197B1A67E657F95525346811
Authority key identifier: C5:A9:68:ED:B7:2C:15:F5:F9:56:7F:D3:42:67:B8:74:85:EF:36:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xalo7bcsFfX5Vn_TQme4dIXvNtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/0de683-7316-40c2-b89c-b2c0dfa8a0e1/1/RHZBo8Pr6Q-AwsJ6UMblKavesaU.roa
Signing time: Thu 02 Jan 2025 09:49:35 +0000
ROA not before: Thu 02 Jan 2025 09:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12941
IP address blocks: 185.101.132.0/22 maxlen: 24
185.101.184.0/22 maxlen: 22
213.135.0.0/19 maxlen: 19
2a02:430::/32 maxlen: 32
2a06:1e40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/0de683-7316-40c2-b89c-b2c0dfa8a0e1/1/xalo7bcsFfX5Vn_TQme4dIXvNtE.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/0de683-7316-40c2-b89c-b2c0dfa8a0e1/1/xalo7bcsFfX5Vn_TQme4dIXvNtE.mft
rsync://rpki.ripe.net/repository/DEFAULT/xalo7bcsFfX5Vn_TQme4dIXvNtE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 06:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:a2:4d:19:7b:1a:67:e6:57:f9:55:25:34:68:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a968edb72c15f5f9567fd34267b87485ef36d1
Validity
Not Before: Jan 2 09:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=447641a3c3ebe90f80c2c27a50c6e529abdeb1a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:14:c3:b4:78:14:73:72:22:fd:42:03:03:0d:
98:d9:dd:3b:1d:d3:0f:bc:0e:1b:43:a8:6d:6b:16:
96:51:63:e0:93:3c:0b:56:5f:cb:33:b2:a7:dd:c9:
b3:3b:6e:71:f0:94:4d:98:09:53:89:d4:a8:c4:bc:
c3:d4:d0:27:e2:e4:f2:17:af:f9:cd:93:e7:1d:30:
86:41:6e:2a:88:22:cd:4d:99:79:d1:c7:0c:41:63:
e0:a3:db:77:b4:f3:9f:af:1b:e0:2c:85:5d:09:a8:
25:8f:19:86:79:d4:08:5a:89:5e:9a:16:b6:78:bd:
35:fb:c1:0b:da:23:de:1d:ae:d0:3c:0f:a3:b9:d6:
5a:91:60:07:ed:e3:91:19:5b:12:23:0f:f9:b1:ce:
8b:14:8d:af:7f:82:b2:e7:33:6d:52:11:b4:53:13:
10:f0:be:9c:30:08:c0:26:48:06:df:3c:28:f9:d9:
ec:3c:43:cf:58:1c:3b:16:08:92:5b:ae:8a:9d:50:
72:ad:ab:4e:f0:2c:df:3a:27:b7:74:8e:67:1a:78:
25:d3:b3:26:08:22:e6:2b:96:5d:04:e3:f3:7f:83:
b5:24:33:d3:de:7c:aa:7b:41:f4:ec:86:a9:e9:6c:
70:24:af:ca:02:b1:2a:d1:da:b8:10:bd:b6:7e:52:
75:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:76:41:A3:C3:EB:E9:0F:80:C2:C2:7A:50:C6:E5:29:AB:DE:B1:A5
X509v3 Authority Key Identifier:
keyid:C5:A9:68:ED:B7:2C:15:F5:F9:56:7F:D3:42:67:B8:74:85:EF:36:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xalo7bcsFfX5Vn_TQme4dIXvNtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0de683-7316-40c2-b89c-b2c0dfa8a0e1/1/RHZBo8Pr6Q-AwsJ6UMblKavesaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0de683-7316-40c2-b89c-b2c0dfa8a0e1/1/xalo7bcsFfX5Vn_TQme4dIXvNtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.132.0/22
185.101.184.0/22
213.135.0.0/19
IPv6:
2a02:430::/32
2a06:1e40::/29
Signature Algorithm: sha256WithRSAEncryption
17:e4:45:76:35:50:c1:39:72:dd:37:23:4b:64:74:b1:06:17:
da:12:51:79:7d:10:b5:74:64:a5:00:4e:fb:3f:e0:0a:49:e5:
31:ca:4a:f9:53:be:83:99:ca:f1:b3:8c:57:1d:d5:31:d5:cb:
85:38:bc:55:91:fd:7a:7d:10:60:34:11:f9:42:23:8f:a1:c7:
7c:a2:50:65:54:78:2c:2f:4f:7a:91:b4:bd:1e:37:f6:cd:37:
79:e1:e6:ff:cc:57:0f:7b:be:07:63:81:8f:65:10:6e:fe:79:
81:db:ac:18:31:ec:b8:49:3d:e2:38:0e:ba:19:8b:9a:24:82:
89:0d:b6:8a:c8:eb:d0:6e:eb:56:41:47:41:2a:91:6d:c5:65:
66:e5:e7:86:2d:87:9f:9d:be:45:c5:dd:44:cc:8e:a8:50:46:
ff:6b:e7:0b:16:f5:30:39:04:72:aa:99:e8:70:24:fe:ae:3b:
34:80:6e:e7:6a:9a:4f:55:d6:7a:17:60:a8:40:23:42:e1:d5:
03:0c:e4:93:7d:5e:fd:1f:4c:b6:63:52:b5:fc:92:20:f1:66:
0d:db:ec:61:9c:d2:f2:80:49:2d:ee:b3:af:94:4e:09:99:72:
55:67:4f:0a:40:cf:7c:94:ef:6e:9b:03:9c:53:96:e9:08:08:
60:84:1a:16
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQma6JNGXsaZ+ZX+VUlNGgRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTk2OGVkYjcyYzE1ZjVmOTU2N2ZkMzQyNjdiODc0ODVl
ZjM2ZDEwHhcNMjUwMTAyMDk0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDc2NDFhM2MzZWJlOTBmODBjMmMyN2E1MGM2ZTUyOWFiZGViMWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRTDtHgUc3Ii/UIDAw2Y2d07HdMP
vA4bQ6htaxaWUWPgkzwLVl/LM7Kn3cmzO25x8JRNmAlTidSoxLzD1NAn4uTyF6/5
zZPnHTCGQW4qiCLNTZl50ccMQWPgo9t3tPOfrxvgLIVdCagljxmGedQIWolemha2
eL01+8EL2iPeHa7QPA+judZakWAH7eORGVsSIw/5sc6LFI2vf4Ky5zNtUhG0UxMQ
8L6cMAjAJkgG3zwo+dnsPEPPWBw7FgiSW66KnVByratO8CzfOie3dI5nGngl07Mm
CCLmK5ZdBOPzf4O1JDPT3nyqe0H07Iap6WxwJK/KArEq0dq4EL22flJ1VQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFER2QaPD6+kPgMLCelDG5Smr3rGlMB8GA1UdIwQY
MBaAFMWpaO23LBX1+VZ/00JnuHSF7zbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFsbzdiY3NGZlg1Vm5fVFFtZTRkSVh2TnRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8wZGU2ODMtNzMxNi00MGMyLWI4OWMt
YjJjMGRmYThhMGUxLzEvUkhaQm84UHI2US1Bd3NKNlVNYmxLYXZlc2FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8wZGU2ODMtNzMxNi00MGMyLWI4OWMtYjJjMGRmYThhMGUx
LzEveGFsbzdiY3NGZlg1Vm5fVFFtZTRkSVh2TnRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuWWEAwQC
uWW4AwQF1YcAMBQEAgACMA4DBQAqAgQwAwUDKgYeQDANBgkqhkiG9w0BAQsFAAOC
AQEAF+RFdjVQwTly3TcjS2R0sQYX2hJReX0QtXRkpQBO+z/gCknlMcpK+VO+g5nK
8bOMVx3VMdXLhTi8VZH9en0QYDQR+UIjj6HHfKJQZVR4LC9PepG0vR439s03eeHm
/8xXD3u+B2OBj2UQbv55gdusGDHsuEk94jgOuhmLmiSCiQ22isjr0G7rVkFHQSqR
bcVlZuXnhi2Hn52+RcXdRMyOqFBG/2vnCxb1MDkEcqqZ6HAk/q47NIBu52qaT1XW
ehdgqEAjQuHVAwzkk31e/R9MtmNStfySIPFmDdvsYZzS8oBJLe6zr5ROCZlyVWdP
CkDPfJTvbpsDnFOW6QgIYIQaFg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 14:00:32 2025 by rpki-client