Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/fb42e6-cc51-4d2b-8637-a243cbfaaef3/1/I46JWrJ0wkgqhhjcXFEe1Gwyho8.roa
File: I46JWrJ0wkgqhhjcXFEe1Gwyho8.roa (raw, json)
Hash identifier: DdJIf3u90dazdq9CZo2Xm0G5puQXvhN9Fr/LhJUcUXI=
Subject key identifier: 23:8E:89:5A:B2:74:C2:48:2A:86:18:DC:5C:51:1E:D4:6C:32:86:8F
Certificate issuer: /CN=986ce5249635e4e2964d374493dcc37a875d0539
Certificate serial: 0194236A1FEE9E6868E735E90DD05728D840
Authority key identifier: 98:6C:E5:24:96:35:E4:E2:96:4D:37:44:93:DC:C3:7A:87:5D:05:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mGzlJJY15OKWTTdEk9zDeoddBTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/fb42e6-cc51-4d2b-8637-a243cbfaaef3/1/I46JWrJ0wkgqhhjcXFEe1Gwyho8.roa
Signing time: Wed 01 Jan 2025 19:49:05 +0000
ROA not before: Wed 01 Jan 2025 19:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198024
IP address blocks: 185.124.92.0/22 maxlen: 22
193.142.176.0/21 maxlen: 21
193.142.184.0/22 maxlen: 22
2a06:b100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/fb42e6-cc51-4d2b-8637-a243cbfaaef3/1/mGzlJJY15OKWTTdEk9zDeoddBTk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/fb42e6-cc51-4d2b-8637-a243cbfaaef3/1/mGzlJJY15OKWTTdEk9zDeoddBTk.mft
rsync://rpki.ripe.net/repository/DEFAULT/mGzlJJY15OKWTTdEk9zDeoddBTk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:1f:ee:9e:68:68:e7:35:e9:0d:d0:57:28:d8:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=986ce5249635e4e2964d374493dcc37a875d0539
Validity
Not Before: Jan 1 19:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=238e895ab274c2482a8618dc5c511ed46c32868f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:55:a3:cd:eb:7f:6f:2c:20:fe:78:28:75:e6:
e1:83:c7:64:64:e9:92:e4:1a:14:d8:e8:8e:e9:32:
61:fd:c4:ff:6c:20:28:25:43:6d:c5:11:42:e4:0b:
5d:27:d8:a4:06:9e:d8:82:02:73:89:ea:9b:38:db:
d0:1c:fe:b5:1f:5b:dd:41:b5:c8:30:80:67:7a:72:
ea:41:b9:bc:5c:77:fb:e8:88:a2:9d:8a:ab:37:1a:
e1:58:2d:63:f7:ae:d4:1a:da:9e:48:1e:aa:bb:86:
2e:5b:0e:e5:28:76:37:15:b0:e3:75:65:92:a4:f5:
8c:84:f2:09:96:e1:32:a6:a7:ab:18:a3:d1:59:5d:
8a:ac:29:a6:6e:99:15:5e:b5:f1:31:67:59:e2:6d:
d8:b7:79:10:eb:a4:70:6d:bb:73:a2:81:d9:d1:d2:
4f:7f:c5:31:b9:16:11:2c:c5:11:ee:dd:2b:6f:16:
65:bb:83:28:65:c3:2c:a5:ae:93:47:07:91:54:8f:
7a:e6:ad:fd:b9:e1:4b:ab:04:c2:42:60:1f:b2:46:
d4:dc:a8:93:55:54:6b:a5:16:e0:1e:d7:e5:bd:7a:
b9:dc:07:a2:ea:96:80:1b:d5:82:56:7b:4d:fa:75:
ce:76:d0:79:58:0c:c8:66:37:0f:97:0e:97:e6:9f:
15:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:8E:89:5A:B2:74:C2:48:2A:86:18:DC:5C:51:1E:D4:6C:32:86:8F
X509v3 Authority Key Identifier:
keyid:98:6C:E5:24:96:35:E4:E2:96:4D:37:44:93:DC:C3:7A:87:5D:05:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mGzlJJY15OKWTTdEk9zDeoddBTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/fb42e6-cc51-4d2b-8637-a243cbfaaef3/1/I46JWrJ0wkgqhhjcXFEe1Gwyho8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/fb42e6-cc51-4d2b-8637-a243cbfaaef3/1/mGzlJJY15OKWTTdEk9zDeoddBTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.92.0/22
193.142.176.0-193.142.187.255
IPv6:
2a06:b100::/29
Signature Algorithm: sha256WithRSAEncryption
26:91:e4:75:a3:58:1f:03:37:e6:7b:6e:86:c2:f1:9e:40:d7:
05:72:de:5d:40:ea:e5:f1:d9:16:8b:93:c5:33:92:20:3c:dd:
22:15:00:00:19:a4:b9:17:89:52:24:36:ba:25:1e:4b:45:e3:
73:71:e5:5c:db:74:40:a4:3c:43:df:02:a6:e7:09:6e:2f:e7:
0f:7c:8e:b8:84:2b:a2:67:91:04:b7:a1:e1:c1:09:2e:7f:de:
16:7c:33:70:7d:08:7f:76:c5:7e:cb:4c:16:f0:cc:50:7f:c0:
c2:cc:b9:60:8b:15:8f:b0:8a:49:df:5a:f2:58:e5:fc:70:51:
81:8a:99:41:53:e7:27:c0:4d:f8:02:a3:c7:ba:fb:47:b2:13:
e7:61:7c:d7:58:b0:11:1d:96:32:63:8d:72:60:18:2f:f7:29:
62:47:04:18:e7:1b:98:e1:e1:b9:3f:1d:f2:44:35:bb:12:9d:
f4:95:65:d6:3f:49:4e:f4:e1:93:2c:4a:76:fc:5d:70:c1:32:
0c:2a:38:4f:77:32:6c:66:c9:5f:cb:cf:d9:24:ce:96:2b:40:
72:72:10:1a:db:a9:aa:a2:20:72:4d:eb:84:2c:b6:da:42:fc:
0c:fb:b1:c6:4d:59:e5:f1:8a:cd:cc:fe:59:de:bf:9d:8f:a3:
b9:af:88:b1
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQjah/unmho5zXpDdBXKNhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NmNlNTI0OTYzNWU0ZTI5NjRkMzc0NDkzZGNjMzdhODc1
ZDA1MzkwHhcNMjUwMTAxMTk0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzhlODk1YWIyNzRjMjQ4MmE4NjE4ZGM1YzUxMWVkNDZjMzI4NjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlWjzet/bywg/ngodebhg8dkZOmS
5BoU2OiO6TJh/cT/bCAoJUNtxRFC5AtdJ9ikBp7YggJzieqbONvQHP61H1vdQbXI
MIBnenLqQbm8XHf76IiinYqrNxrhWC1j967UGtqeSB6qu4YuWw7lKHY3FbDjdWWS
pPWMhPIJluEypqerGKPRWV2KrCmmbpkVXrXxMWdZ4m3Yt3kQ66RwbbtzooHZ0dJP
f8UxuRYRLMUR7t0rbxZlu4MoZcMspa6TRweRVI965q39ueFLqwTCQmAfskbU3KiT
VVRrpRbgHtflvXq53Aei6paAG9WCVntN+nXOdtB5WAzIZjcPlw6X5p8V2QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFCOOiVqydMJIKoYY3FxRHtRsMoaPMB8GA1UdIwQY
MBaAFJhs5SSWNeTilk03RJPcw3qHXQU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUd6bEpKWTE1T0tXVFRkRWs5ekRlb2RkQlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9mYjQyZTYtY2M1MS00ZDJiLTg2Mzct
YTI0M2NiZmFhZWYzLzEvSTQ2SldySjB3a2dxaGhqY1hGRWUxR3d5aG84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9mYjQyZTYtY2M1MS00ZDJiLTg2MzctYTI0M2NiZmFhZWYz
LzEvbUd6bEpKWTE1T0tXVFRkRWs5ekRlb2RkQlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCuXxcMAwD
BATBjrADBALBjrgwDQQCAAIwBwMFAyoGsQAwDQYJKoZIhvcNAQELBQADggEBACaR
5HWjWB8DN+Z7bobC8Z5A1wVy3l1A6uXx2RaLk8UzkiA83SIVAAAZpLkXiVIkNrol
HktF43Nx5VzbdECkPEPfAqbnCW4v5w98jriEK6JnkQS3oeHBCS5/3hZ8M3B9CH92
xX7LTBbwzFB/wMLMuWCLFY+wiknfWvJY5fxwUYGKmUFT5yfATfgCo8e6+0eyE+dh
fNdYsBEdljJjjXJgGC/3KWJHBBjnG5jh4bk/HfJENbsSnfSVZdY/SU704ZMsSnb8
XXDBMgwqOE93MmxmyV/Lz9kkzpYrQHJyEBrbqaqiIHJN64QsttpC/Az7scZNWeXx
is3M/lnev52Po7mviLE=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:49:18 2025 by rpki-client