Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/bd3880-fc26-4121-b2e4-e6d6e8aebef8/1/AV_h3jqDqBv8GTowG5NZT83IRVM.roa
File: AV_h3jqDqBv8GTowG5NZT83IRVM.roa (raw, json)
Hash identifier: 7I92tp7yKWv9nRYHQ0pF0g4dedaK+rFfmKLNQHVUe28=
Subject key identifier: 01:5F:E1:DE:3A:83:A8:1B:FC:19:3A:30:1B:93:59:4F:CD:C8:45:53
Certificate issuer: /CN=302d11e852615740076b3281b8aff0fac5ca2f33
Certificate serial: 01941FFA527201DA262F5C4D3F4BF4340074
Authority key identifier: 30:2D:11:E8:52:61:57:40:07:6B:32:81:B8:AF:F0:FA:C5:CA:2F:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MC0R6FJhV0AHazKBuK_w-sXKLzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/bd3880-fc26-4121-b2e4-e6d6e8aebef8/1/AV_h3jqDqBv8GTowG5NZT83IRVM.roa
Signing time: Wed 01 Jan 2025 03:48:06 +0000
ROA not before: Wed 01 Jan 2025 03:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39212
IP address blocks: 185.182.26.0/24 maxlen: 24
2a0a:df80:26::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/bd3880-fc26-4121-b2e4-e6d6e8aebef8/1/MC0R6FJhV0AHazKBuK_w-sXKLzM.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/bd3880-fc26-4121-b2e4-e6d6e8aebef8/1/MC0R6FJhV0AHazKBuK_w-sXKLzM.mft
rsync://rpki.ripe.net/repository/DEFAULT/MC0R6FJhV0AHazKBuK_w-sXKLzM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:52:72:01:da:26:2f:5c:4d:3f:4b:f4:34:00:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=302d11e852615740076b3281b8aff0fac5ca2f33
Validity
Not Before: Jan 1 03:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=015fe1de3a83a81bfc193a301b93594fcdc84553
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e0:d8:cc:cc:7d:2b:1d:41:7b:8c:68:74:e2:
7d:81:1b:16:ea:71:08:cf:57:97:02:aa:29:40:87:
b0:20:38:1a:c7:f9:6a:b7:cd:9b:2b:10:f7:40:b4:
6a:6d:28:4c:2d:6b:a9:b5:f7:49:82:77:2a:99:19:
5f:c8:a7:c3:5a:21:ae:e9:a7:d9:30:a0:15:d0:2d:
eb:92:7a:a6:a9:8c:54:39:eb:a7:be:f3:53:0f:ab:
27:c3:72:63:a7:d9:fb:75:97:1c:15:26:f3:a3:bf:
04:ca:64:9e:4a:ed:8a:cc:43:80:3a:2e:af:ac:86:
c4:87:3c:b6:75:95:6a:99:9d:e8:fe:d7:6c:de:25:
61:56:47:f6:ce:66:0f:f5:cd:45:18:ba:89:72:f1:
28:12:ae:10:32:1f:c3:84:7a:39:42:cf:bf:d4:7c:
19:4b:a5:18:96:ab:ae:f0:a6:f7:81:f2:8b:c2:dc:
71:a7:64:cc:3c:b5:1d:56:c4:71:13:7c:8f:5f:70:
05:c7:8b:41:06:be:f4:a1:74:2d:89:b3:79:28:26:
35:11:d9:e7:4a:be:3e:fb:ef:8f:e9:8a:50:9c:46:
73:4b:9f:55:7f:1e:c9:85:9a:f4:9e:88:c3:2e:03:
d2:15:6e:55:4a:89:bc:76:fd:ac:0a:08:3f:d8:98:
3e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:5F:E1:DE:3A:83:A8:1B:FC:19:3A:30:1B:93:59:4F:CD:C8:45:53
X509v3 Authority Key Identifier:
keyid:30:2D:11:E8:52:61:57:40:07:6B:32:81:B8:AF:F0:FA:C5:CA:2F:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MC0R6FJhV0AHazKBuK_w-sXKLzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/bd3880-fc26-4121-b2e4-e6d6e8aebef8/1/AV_h3jqDqBv8GTowG5NZT83IRVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/bd3880-fc26-4121-b2e4-e6d6e8aebef8/1/MC0R6FJhV0AHazKBuK_w-sXKLzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.182.26.0/24
IPv6:
2a0a:df80:26::/48
Signature Algorithm: sha256WithRSAEncryption
b8:c8:9c:04:86:90:fd:9e:dc:ee:c9:41:13:fd:4b:6c:3e:59:
aa:fc:c6:ab:b2:78:cc:7f:fe:e2:b4:ac:65:ba:a8:04:d0:01:
5f:1f:76:28:1a:aa:d3:be:9f:24:d7:62:4d:df:19:2c:22:a9:
31:e5:8b:94:95:f1:0b:d4:a7:c4:79:7a:bd:7e:12:77:4f:38:
cb:89:bf:1e:95:8f:21:14:12:6c:e4:84:0b:28:46:e0:5b:3b:
14:7e:a8:5c:d2:0c:68:78:c8:85:da:20:1a:8a:05:54:47:d9:
bb:0b:95:e8:3c:1f:4a:fb:a2:d0:59:93:cc:48:98:ae:59:f5:
09:a4:e3:ae:17:8a:8b:92:23:ab:d7:f2:3a:09:50:7b:54:6e:
29:a8:73:58:5f:81:81:e8:c2:5b:17:85:8c:c9:a0:7f:88:b2:
fc:53:b4:50:ca:f1:74:f4:68:4b:9a:aa:97:12:c6:8a:2c:89:
8f:53:0b:23:a8:96:60:21:3f:b6:76:66:a2:85:ee:b8:82:07:
50:54:93:8d:e6:8a:ea:81:d0:21:ca:66:a7:8d:04:9e:6d:2e:
77:9f:dd:f6:be:6e:bd:13:d1:0e:b6:ba:0e:bb:64:3e:a5:63:
14:76:13:6a:dc:cc:2f:2c:56:cf:4d:4c:53:d9:2c:28:0f:1e:
e7:6a:5c:de
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQf+lJyAdomL1xNP0v0NAB0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMmQxMWU4NTI2MTU3NDAwNzZiMzI4MWI4YWZmMGZhYzVj
YTJmMzMwHhcNMjUwMTAxMDM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTVmZTFkZTNhODNhODFiZmMxOTNhMzAxYjkzNTk0ZmNkYzg0NTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruDYzMx9Kx1Be4xodOJ9gRsW6nEI
z1eXAqopQIewIDgax/lqt82bKxD3QLRqbShMLWuptfdJgncqmRlfyKfDWiGu6afZ
MKAV0C3rknqmqYxUOeunvvNTD6snw3Jjp9n7dZccFSbzo78EymSeSu2KzEOAOi6v
rIbEhzy2dZVqmZ3o/tds3iVhVkf2zmYP9c1FGLqJcvEoEq4QMh/DhHo5Qs+/1HwZ
S6UYlquu8Kb3gfKLwtxxp2TMPLUdVsRxE3yPX3AFx4tBBr70oXQtibN5KCY1Ednn
Sr4++++P6YpQnEZzS59Vfx7JhZr0nojDLgPSFW5VSom8dv2sCgg/2Jg+CwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAFf4d46g6gb/Bk6MBuTWU/NyEVTMB8GA1UdIwQY
MBaAFDAtEehSYVdAB2sygbiv8PrFyi8zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUMwUjZGSmhWMEFIYXpLQnVLX3ctc1hLTHpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9iZDM4ODAtZmMyNi00MTIxLWIyZTQt
ZTZkNmU4YWViZWY4LzEvQVZfaDNqcURxQnY4R1Rvd0c1TlpUODNJUlZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9iZDM4ODAtZmMyNi00MTIxLWIyZTQtZTZkNmU4YWViZWY4
LzEvTUMwUjZGSmhWMEFIYXpLQnVLX3ctc1hLTHpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAubYaMA8E
AgACMAkDBwAqCt+AACYwDQYJKoZIhvcNAQELBQADggEBALjInASGkP2e3O7JQRP9
S2w+War8xquyeMx//uK0rGW6qATQAV8fdigaqtO+nyTXYk3fGSwiqTHli5SV8QvU
p8R5er1+EndPOMuJvx6VjyEUEmzkhAsoRuBbOxR+qFzSDGh4yIXaIBqKBVRH2bsL
leg8H0r7otBZk8xImK5Z9Qmk464XiouSI6vX8joJUHtUbimoc1hfgYHowlsXhYzJ
oH+IsvxTtFDK8XT0aEuaqpcSxoosiY9TCyOolmAhP7Z2ZqKF7riCB1BUk43miuqB
0CHKZqeNBJ5tLnef3fa+br0T0Q62ug67ZD6lYxR2E2rczC8sVs9NTFPZLCgPHudq
XN4=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:54:27 2025 by rpki-client