Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/9IgQeewcmfQZ2of_HORQ6vbbFA8.roa
File: 9IgQeewcmfQZ2of_HORQ6vbbFA8.roa (raw, json)
Hash identifier: sNpLBHfgEi3gbYovfnENOUMmh30fF1DezNwtozBcHSM=
Subject key identifier: F4:88:10:79:EC:1C:99:F4:19:DA:87:FF:1C:E4:50:EA:F6:DB:14:0F
Certificate issuer: /CN=5975d519de239cf164cb94a6660c2530ceaef254
Certificate serial: 0194F4DCDE2BED8436D95BCCD6F3CF4F17D1
Authority key identifier: 59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/9IgQeewcmfQZ2of_HORQ6vbbFA8.roa
Signing time: Tue 11 Feb 2025 11:55:02 +0000
ROA not before: Tue 11 Feb 2025 11:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25147
IP address blocks: 85.11.144.0/24 maxlen: 24
85.11.145.0/24 maxlen: 24
85.11.146.0/24 maxlen: 24
85.11.147.0/24 maxlen: 24
85.11.148.0/24 maxlen: 24
85.11.149.0/24 maxlen: 24
85.11.150.0/24 maxlen: 24
85.11.151.0/24 maxlen: 24
85.11.156.0/24 maxlen: 24
85.11.157.0/24 maxlen: 24
85.11.158.0/24 maxlen: 24
85.11.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f4:dc:de:2b:ed:84:36:d9:5b:cc:d6:f3:cf:4f:17:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5975d519de239cf164cb94a6660c2530ceaef254
Validity
Not Before: Feb 11 11:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4881079ec1c99f419da87ff1ce450eaf6db140f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fb:33:dc:34:14:08:a1:7c:59:75:37:ce:64:
7c:ff:e5:32:26:6c:37:d3:6d:7b:42:1d:57:6a:04:
3f:4e:e4:24:8f:c4:f3:bf:42:16:5a:a8:12:15:08:
83:7e:5a:86:e2:b0:f4:d5:47:07:d0:99:3a:70:50:
af:d6:ed:fa:b4:cd:a2:90:c6:db:32:4b:f8:48:d1:
e4:27:73:5b:07:42:43:4a:d5:0c:3c:28:16:ce:d5:
39:8e:46:40:a2:32:df:77:5a:0a:29:8b:94:8f:97:
a1:f9:c4:eb:79:a3:db:ed:60:1c:ca:ab:b3:0c:f6:
2f:0b:38:78:1c:fb:c6:f0:de:07:3d:fb:4e:0d:ea:
8d:13:96:4c:5b:67:bf:e2:e2:67:34:9d:bd:f4:36:
e6:d7:10:8e:93:bb:1e:a3:9e:ab:89:8a:5b:20:c7:
aa:90:5b:ca:50:c7:8a:cd:22:46:05:6a:cd:57:8a:
66:ea:4c:d8:12:8e:c0:54:7d:53:93:70:1d:5d:e7:
4a:1d:6a:22:1d:24:af:41:94:d9:c9:51:71:a2:8e:
3b:c1:45:e3:09:b6:33:ae:c4:c9:c3:3f:19:ad:10:
ee:a4:6e:e3:c2:86:6f:c8:06:7c:d4:1c:5f:e6:44:
94:be:6c:9f:dd:db:84:47:bf:0a:30:50:c9:ad:bf:
90:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:88:10:79:EC:1C:99:F4:19:DA:87:FF:1C:E4:50:EA:F6:DB:14:0F
X509v3 Authority Key Identifier:
keyid:59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/9IgQeewcmfQZ2of_HORQ6vbbFA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.11.144.0/21
85.11.156.0/22
Signature Algorithm: sha256WithRSAEncryption
69:3d:60:1f:16:38:34:ab:43:6b:42:29:44:b3:fd:53:78:a1:
bf:3b:3b:3c:7b:04:6c:83:f9:1a:38:e7:f6:b1:c8:ac:f0:42:
bb:e1:b4:d8:a6:26:fe:cd:ac:f3:ac:7c:5f:3c:8c:56:64:6a:
dc:d1:53:60:35:72:bd:d0:6f:d0:34:e5:07:10:51:ca:fa:53:
80:85:8b:d3:db:88:0f:bc:93:82:51:f8:f6:06:0b:2a:bb:2e:
91:8a:8f:ce:d4:ce:4e:2d:99:44:1e:4b:6f:ff:bf:62:60:2b:
0e:c2:63:39:9e:8a:26:78:68:01:99:f0:e5:e0:dd:3f:a8:61:
aa:df:6e:1d:9e:16:30:ef:66:36:16:e6:e7:f7:0d:d1:18:e4:
4a:39:4e:0e:20:b5:e9:e1:7b:d4:a0:af:20:c0:f7:f3:15:ba:
22:fb:58:f7:b8:65:7d:1a:0c:1e:13:cb:1d:6e:99:98:3d:c6:
28:0d:c3:b2:98:8f:6c:25:9c:fc:19:20:d1:e4:3b:7c:37:34:
15:22:2d:61:d4:b2:9b:ab:66:f4:b2:e3:d3:98:a9:ce:3a:bf:
ec:b2:e8:db:ee:fc:22:73:eb:b3:da:10:6d:ca:8b:29:4d:ed:
2b:66:00:b1:67:71:98:32:b2:41:44:19:06:de:59:a5:54:90:
be:fd:4a:be
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZT03N4r7YQ22VvM1vPPTxfRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NzVkNTE5ZGUyMzljZjE2NGNiOTRhNjY2MGMyNTMwY2Vh
ZWYyNTQwHhcNMjUwMjExMTE1NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDg4MTA3OWVjMWM5OWY0MTlkYTg3ZmYxY2U0NTBlYWY2ZGIxNDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvsz3DQUCKF8WXU3zmR8/+UyJmw3
0217Qh1XagQ/TuQkj8Tzv0IWWqgSFQiDflqG4rD01UcH0Jk6cFCv1u36tM2ikMbb
Mkv4SNHkJ3NbB0JDStUMPCgWztU5jkZAojLfd1oKKYuUj5eh+cTreaPb7WAcyquz
DPYvCzh4HPvG8N4HPftODeqNE5ZMW2e/4uJnNJ299Dbm1xCOk7seo56riYpbIMeq
kFvKUMeKzSJGBWrNV4pm6kzYEo7AVH1Tk3AdXedKHWoiHSSvQZTZyVFxoo47wUXj
CbYzrsTJwz8ZrRDupG7jwoZvyAZ81Bxf5kSUvmyf3duER78KMFDJrb+QswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPSIEHnsHJn0GdqH/xzkUOr22xQPMB8GA1UdIwQY
MBaAFFl11RneI5zxZMuUpmYMJTDOrvJUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUt
MmNjNjc1NzI2OTc1LzEvOUlnUWVld2NtZlFaMm9mX0hPUlE2dmJiRkE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUtMmNjNjc1NzI2OTc1
LzEvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVQuQAwQC
VQucMA0GCSqGSIb3DQEBCwUAA4IBAQBpPWAfFjg0q0NrQilEs/1TeKG/Ozs8ewRs
g/kaOOf2scis8EK74bTYpib+zazzrHxfPIxWZGrc0VNgNXK90G/QNOUHEFHK+lOA
hYvT24gPvJOCUfj2Bgsquy6Rio/O1M5OLZlEHktv/79iYCsOwmM5noomeGgBmfDl
4N0/qGGq324dnhYw72Y2Fubn9w3RGORKOU4OILXp4XvUoK8gwPfzFboi+1j3uGV9
GgweE8sdbpmYPcYoDcOymI9sJZz8GSDR5Dt8NzQVIi1h1LKbq2b0suPTmKnOOr/s
sujb7vwic+uz2hBtyospTe0rZgCxZ3GYMrJBRBkG3lmlVJC+/Uq+
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:40:50 2025 by rpki-client