Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/q8IlRbnDa7-lnFAs-hO2WPcOwLk.roa
File: q8IlRbnDa7-lnFAs-hO2WPcOwLk.roa (raw, json)
Hash identifier: hbIKEj6KOMWmptm4f819IMKKqrXG2uGf4j2uozA9qks=
Subject key identifier: AB:C2:25:45:B9:C3:6B:BF:A5:9C:50:2C:FA:13:B6:58:F7:0E:C0:B9
Certificate issuer: /CN=61b866e323382caea961e7d2423e53cab5099131
Certificate serial: 0194221F9D8B94286CD9DA3D7DFFEBD35914
Authority key identifier: 61:B8:66:E3:23:38:2C:AE:A9:61:E7:D2:42:3E:53:CA:B5:09:91:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ybhm4yM4LK6pYefSQj5TyrUJkTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/q8IlRbnDa7-lnFAs-hO2WPcOwLk.roa
Signing time: Wed 01 Jan 2025 13:48:04 +0000
ROA not before: Wed 01 Jan 2025 13:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20986
IP address blocks: 185.111.52.0/22 maxlen: 22
185.111.56.0/22 maxlen: 22
185.112.16.0/22 maxlen: 22
2a06:5940::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/Ybhm4yM4LK6pYefSQj5TyrUJkTE.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/Ybhm4yM4LK6pYefSQj5TyrUJkTE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ybhm4yM4LK6pYefSQj5TyrUJkTE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:9d:8b:94:28:6c:d9:da:3d:7d:ff:eb:d3:59:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b866e323382caea961e7d2423e53cab5099131
Validity
Not Before: Jan 1 13:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=abc22545b9c36bbfa59c502cfa13b658f70ec0b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a8:5b:7e:b6:e7:d9:42:33:35:23:aa:40:bc:
e7:ce:40:35:d1:69:e0:05:62:cc:5d:d2:f1:10:8c:
e2:2c:b4:cc:64:40:6e:8a:97:27:50:e0:29:f8:4a:
c4:1f:c9:86:1e:66:05:8f:bd:7e:ae:d5:80:35:a4:
a1:34:28:51:48:df:6f:ae:49:2f:05:f3:64:a5:77:
11:b9:09:39:89:fe:97:fe:1d:a9:8a:0f:92:9d:5a:
8e:f2:4f:86:3a:60:00:0c:ff:95:6b:ef:db:94:1a:
92:43:e9:7e:26:59:1e:86:cb:2c:94:e0:a8:7e:82:
b3:58:a1:96:25:7a:a3:2d:81:12:b1:62:2b:98:66:
eb:b8:f0:1e:21:33:ec:9c:68:c9:89:34:bd:58:49:
00:6f:a6:96:3e:52:f4:5f:4a:8d:fa:1b:5b:94:75:
a6:6c:37:16:04:cc:1d:ed:0b:e6:e4:c2:f9:5d:d3:
c6:12:1b:c2:b3:49:48:9b:21:b6:e0:71:3d:43:5c:
ce:99:5c:99:cc:96:8d:d8:10:58:9b:73:2e:ff:80:
88:e1:05:d8:bd:e7:6a:c7:a2:cb:ee:85:58:29:49:
e4:1a:b0:74:52:01:80:92:ec:5c:72:30:42:9d:3e:
4e:c5:a9:ff:7d:bc:b8:13:12:e4:13:dc:4d:9a:51:
10:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:C2:25:45:B9:C3:6B:BF:A5:9C:50:2C:FA:13:B6:58:F7:0E:C0:B9
X509v3 Authority Key Identifier:
keyid:61:B8:66:E3:23:38:2C:AE:A9:61:E7:D2:42:3E:53:CA:B5:09:91:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ybhm4yM4LK6pYefSQj5TyrUJkTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/q8IlRbnDa7-lnFAs-hO2WPcOwLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/Ybhm4yM4LK6pYefSQj5TyrUJkTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.52.0-185.111.59.255
185.112.16.0/22
IPv6:
2a06:5940::/29
Signature Algorithm: sha256WithRSAEncryption
06:dc:39:71:10:91:5a:a0:5c:f1:f0:7a:b7:5a:43:0d:89:ea:
15:c1:e5:7c:5c:99:9f:83:ff:c9:4c:2b:dd:5c:6b:bd:fd:64:
db:39:0e:36:fb:c1:44:9a:c5:99:f9:a4:53:e7:cd:13:ee:87:
ce:87:d4:9f:53:20:60:19:59:3b:2f:ec:f0:40:19:48:4a:42:
18:3c:e8:0b:2c:d7:42:c2:c0:71:8e:aa:15:52:d4:d7:29:89:
3c:26:7f:8e:92:35:4b:9f:14:8f:91:e6:c7:38:83:67:57:c7:
04:2d:56:05:04:e6:d7:20:cd:88:76:95:c2:aa:a0:e8:0c:88:
9a:6c:7f:66:4d:51:23:53:ff:2b:6f:83:03:6e:5a:10:22:57:
0e:bb:78:93:56:1d:e3:9d:ea:e8:37:cb:9b:1b:3a:73:2f:a4:
8b:cd:ed:14:1c:2b:ad:a6:0f:65:87:e3:b8:2e:ee:5b:a1:26:
a5:7a:c3:63:b9:1b:91:7a:4f:55:04:90:1c:59:c4:d2:73:bc:
ff:b9:85:7a:e5:6d:6c:9e:81:2f:97:ae:8e:8e:fa:de:ab:22:
8e:56:ae:84:a7:6b:ce:81:9a:d9:1c:05:bc:2b:25:9b:ec:7e:
e0:cd:f3:9d:31:04:69:88:42:40:f7:97:7b:94:e7:f7:b0:07:
f2:8a:e6:cb
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQiH52LlChs2do9ff/r01kUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjg2NmUzMjMzODJjYWVhOTYxZTdkMjQyM2U1M2NhYjUw
OTkxMzEwHhcNMjUwMTAxMTM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmMyMjU0NWI5YzM2YmJmYTU5YzUwMmNmYTEzYjY1OGY3MGVjMGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqhbfrbn2UIzNSOqQLznzkA10Wng
BWLMXdLxEIziLLTMZEBuipcnUOAp+ErEH8mGHmYFj71+rtWANaShNChRSN9vrkkv
BfNkpXcRuQk5if6X/h2pig+SnVqO8k+GOmAADP+Va+/blBqSQ+l+JlkehssslOCo
foKzWKGWJXqjLYESsWIrmGbruPAeITPsnGjJiTS9WEkAb6aWPlL0X0qN+htblHWm
bDcWBMwd7Qvm5ML5XdPGEhvCs0lImyG24HE9Q1zOmVyZzJaN2BBYm3Mu/4CI4QXY
vedqx6LL7oVYKUnkGrB0UgGAkuxccjBCnT5Oxan/fby4ExLkE9xNmlEQqQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKvCJUW5w2u/pZxQLPoTtlj3DsC5MB8GA1UdIwQY
MBaAFGG4ZuMjOCyuqWHn0kI+U8q1CZExMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJobTR5TTRMSzZwWWVmU1FqNVR5clVKa1RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS80ZWY0YTktNmQ5Ni00OTg5LTljODEt
ZDkyZTY4ZGZmZmU0LzEvcThJbFJibkRhNy1sbkZBcy1oTzJXUGNPd0xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS80ZWY0YTktNmQ5Ni00OTg5LTljODEtZDkyZTY4ZGZmZmU0
LzEvWWJobTR5TTRMSzZwWWVmU1FqNVR5clVKa1RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAK5bzQD
BAK5bzgDBAK5cBAwDQQCAAIwBwMFAyoGWUAwDQYJKoZIhvcNAQELBQADggEBAAbc
OXEQkVqgXPHwerdaQw2J6hXB5XxcmZ+D/8lMK91ca739ZNs5Djb7wUSaxZn5pFPn
zRPuh86H1J9TIGAZWTsv7PBAGUhKQhg86Ass10LCwHGOqhVS1NcpiTwmf46SNUuf
FI+R5sc4g2dXxwQtVgUE5tcgzYh2lcKqoOgMiJpsf2ZNUSNT/ytvgwNuWhAiVw67
eJNWHeOd6ug3y5sbOnMvpIvN7RQcK62mD2WH47gu7luhJqV6w2O5G5F6T1UEkBxZ
xNJzvP+5hXrlbWyegS+Xro6O+t6rIo5WroSna86BmtkcBbwrJZvsfuDN850xBGmI
QkD3l3uU5/ewB/KK5ss=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:18 2025 by rpki-client