Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/kS02S7ip8j2u2CZeGLzOHHL59kM.roa
File: kS02S7ip8j2u2CZeGLzOHHL59kM.roa (raw, json)
Hash identifier: 2jk1V8A0mEt1rNAN366+0eQ/9s8tc4AYb6Gn/kTOhTA=
Subject key identifier: 91:2D:36:4B:B8:A9:F2:3D:AE:D8:26:5E:18:BC:CE:1C:72:F9:F6:43
Certificate issuer: /CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Certificate serial: 019425FD6A92B2EDD89B59B3111DD10BCD00
Authority key identifier: DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/kS02S7ip8j2u2CZeGLzOHHL59kM.roa
Signing time: Thu 02 Jan 2025 07:49:12 +0000
ROA not before: Thu 02 Jan 2025 07:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201021
IP address blocks: 185.28.60.0/24 maxlen: 24
185.28.61.0/24 maxlen: 24
185.28.62.0/24 maxlen: 24
185.28.63.0/24 maxlen: 24
185.103.196.0/24 maxlen: 24
185.103.197.0/24 maxlen: 24
185.103.198.0/24 maxlen: 24
185.103.199.0/24 maxlen: 24
185.106.20.0/24 maxlen: 24
185.106.21.0/24 maxlen: 24
185.106.22.0/24 maxlen: 24
185.106.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.mft
rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:43:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:6a:92:b2:ed:d8:9b:59:b3:11:1d:d1:0b:cd:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Validity
Not Before: Jan 2 07:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=912d364bb8a9f23daed8265e18bcce1c72f9f643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c2:4e:77:b4:61:d8:82:3b:b5:73:35:8c:90:
69:75:cd:71:aa:60:99:0c:ed:ce:a3:f7:f2:1b:ee:
24:a8:94:4d:ba:0e:d0:bd:c0:5b:89:25:f1:96:6f:
48:1a:d1:19:85:21:94:b9:76:46:fe:24:c3:d2:37:
d2:da:e6:ae:0e:89:d8:34:9e:1f:d7:51:cb:34:fd:
b4:f9:c4:03:ce:9f:a0:7b:38:14:f7:dd:d0:63:75:
cb:de:6c:d2:d0:42:ae:d1:6a:29:d4:38:70:39:cc:
3d:8c:0b:2d:5d:59:20:13:c8:ef:5f:34:67:62:fd:
94:95:ee:13:89:d9:3e:e8:19:fb:9d:ff:64:13:e0:
5e:37:13:f3:be:47:6a:2c:4a:46:e0:c6:0f:4a:57:
e7:10:51:55:b8:c8:4e:8a:02:38:6e:71:da:ce:7a:
52:52:8e:09:fb:de:bb:de:b4:15:32:58:d0:fb:db:
6a:2c:f0:0c:20:6f:cf:18:da:7d:02:02:93:20:0b:
f8:61:fa:c6:d2:f8:df:b0:ba:89:a4:c8:7f:80:a2:
e7:6f:39:70:15:7d:b3:fc:01:6d:c3:3c:96:f9:25:
a2:ac:cb:0e:55:16:92:8d:b6:05:6d:0f:c8:41:10:
e8:80:eb:da:13:87:53:d7:d2:3d:db:c1:db:1d:34:
45:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:2D:36:4B:B8:A9:F2:3D:AE:D8:26:5E:18:BC:CE:1C:72:F9:F6:43
X509v3 Authority Key Identifier:
keyid:DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/kS02S7ip8j2u2CZeGLzOHHL59kM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.60.0/22
185.103.196.0/22
185.106.20.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:ba:08:62:76:1c:81:22:e5:c1:06:30:9f:a4:5f:ea:16:94:
5e:8a:93:bf:d9:a7:c9:fd:29:a8:d9:af:af:18:28:d9:15:f1:
cd:84:c8:07:e2:28:29:11:21:ec:22:f6:81:73:97:3e:79:42:
66:b5:72:77:2a:7f:99:59:13:90:00:d0:ce:30:0e:3e:cd:1e:
16:92:a1:ad:da:78:6e:3e:e7:a7:c4:42:2b:18:55:f4:e6:d5:
ad:45:fd:b1:07:b7:fa:41:7c:60:02:c0:14:15:33:61:34:be:
c1:98:a0:7a:ae:6d:b8:24:30:cd:fc:c4:c5:05:12:50:dc:12:
f6:06:0b:bb:4c:59:a4:41:5f:8a:fd:be:ef:f4:ef:9d:45:7f:
0f:78:ec:2a:b9:df:51:e1:d4:a0:63:95:e9:dd:6a:a1:45:58:
67:28:e3:fa:8b:0a:5b:f5:8a:9a:bc:69:3e:21:f5:f2:0a:93:
fa:4f:65:65:2c:1d:f9:cf:b8:81:06:a8:90:85:b6:8e:45:73:
e5:db:28:ff:af:ad:fa:83:7f:49:ae:95:09:2a:86:83:e5:81:
62:b1:26:ab:86:0f:1f:56:e0:48:41:2f:a1:24:5f:19:37:9a:
25:f3:0c:b9:6a:a7:72:1e:82:5f:21:3d:14:3c:e3:48:be:03:
b9:b3:5a:ec
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQl/WqSsu3Ym1mzER3RC80AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDUyNGEwNWQ0NzdiODJmYmNhOTNlN2E1MDRhYTMxYTNh
ZDY4NjMwHhcNMjUwMTAyMDc0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTJkMzY0YmI4YTlmMjNkYWVkODI2NWUxOGJjY2UxYzcyZjlmNjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcJOd7Rh2II7tXM1jJBpdc1xqmCZ
DO3Oo/fyG+4kqJRNug7QvcBbiSXxlm9IGtEZhSGUuXZG/iTD0jfS2uauDonYNJ4f
11HLNP20+cQDzp+gezgU993QY3XL3mzS0EKu0Wop1DhwOcw9jAstXVkgE8jvXzRn
Yv2Ule4Tidk+6Bn7nf9kE+BeNxPzvkdqLEpG4MYPSlfnEFFVuMhOigI4bnHaznpS
Uo4J+9673rQVMljQ+9tqLPAMIG/PGNp9AgKTIAv4YfrG0vjfsLqJpMh/gKLnbzlw
FX2z/AFtwzyW+SWirMsOVRaSjbYFbQ/IQRDogOvaE4dT19I928HbHTRFvwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJEtNku4qfI9rtgmXhi8zhxy+fZDMB8GA1UdIwQY
MBaAFN/VJKBdR3uC+8qT56UEqjGjrWhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQt
NDY3ZjRmN2Y1ZGVkLzEva1MwMlM3aXA4ajJ1MkNaZUdMek9ISEw1OWtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQtNDY3ZjRmN2Y1ZGVk
LzEvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuRw8AwQC
uWfEAwQCuWoUMA0GCSqGSIb3DQEBCwUAA4IBAQBvughidhyBIuXBBjCfpF/qFpRe
ipO/2afJ/Smo2a+vGCjZFfHNhMgH4igpESHsIvaBc5c+eUJmtXJ3Kn+ZWROQANDO
MA4+zR4WkqGt2nhuPuenxEIrGFX05tWtRf2xB7f6QXxgAsAUFTNhNL7BmKB6rm24
JDDN/MTFBRJQ3BL2Bgu7TFmkQV+K/b7v9O+dRX8PeOwqud9R4dSgY5Xp3WqhRVhn
KOP6iwpb9YqavGk+IfXyCpP6T2VlLB35z7iBBqiQhbaORXPl2yj/r636g39JrpUJ
KoaD5YFisSarhg8fVuBIQS+hJF8ZN5ol8wy5aqdyHoJfIT0UPONIvgO5s1rs
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:40:44 2025 by rpki-client