Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/kexkh65vQ7bMWtG8mnCvje3Zp-w.roa
File: kexkh65vQ7bMWtG8mnCvje3Zp-w.roa (raw, json)
Hash identifier: Pg9AL21punrl7WTntjhvGX0o4iTm5IvkXrJIfPr6Vw0=
Subject key identifier: 91:EC:64:87:AE:6F:43:B6:CC:5A:D1:BC:9A:70:AF:8D:ED:D9:A7:EC
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 019519204F17537184D824E55A745B5DF12B
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/kexkh65vQ7bMWtG8mnCvje3Zp-w.roa
Signing time: Tue 18 Feb 2025 12:55:02 +0000
ROA not before: Tue 18 Feb 2025 12:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 85.153.12.0/22 maxlen: 22
85.153.24.0/22 maxlen: 22
85.153.35.0/24 maxlen: 24
85.153.36.0/22 maxlen: 22
85.153.40.0/24 maxlen: 24
85.153.41.0/24 maxlen: 24
85.153.42.0/24 maxlen: 24
85.153.48.0/22 maxlen: 22
85.153.52.0/22 maxlen: 22
85.153.59.0/24 maxlen: 24
85.153.60.0/22 maxlen: 22
85.153.66.0/24 maxlen: 24
85.153.67.0/24 maxlen: 24
85.153.72.0/24 maxlen: 24
85.153.73.0/24 maxlen: 24
85.153.88.0/22 maxlen: 22
85.153.96.0/22 maxlen: 22
85.153.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.mft
rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 21:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:19:20:4f:17:53:71:84:d8:24:e5:5a:74:5b:5d:f1:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Feb 18 12:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91ec6487ae6f43b6cc5ad1bc9a70af8dedd9a7ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:be:d2:97:8c:4b:4c:e3:f9:c1:97:c5:e6:78:
bf:cd:64:8b:d2:a7:26:50:ec:be:cb:71:2e:62:1a:
20:6c:30:bd:9e:ae:67:da:a3:a3:b2:84:33:ff:ea:
93:a8:a4:5c:a3:cc:47:89:f8:14:87:d9:65:9e:51:
cc:b5:98:6e:11:12:f4:b7:98:94:ad:0d:31:8d:d6:
89:88:4c:8f:8c:a6:0e:0e:27:c2:29:14:9f:36:ca:
ee:6f:cc:bc:ad:9b:c0:71:d0:82:42:f5:2c:e5:13:
5c:92:ca:11:80:a8:3b:25:23:1c:0d:7f:03:d6:4f:
66:d5:20:d3:35:14:b6:8d:42:72:ed:0a:fe:48:4c:
3e:3a:57:99:c1:dc:1d:ca:2a:9e:55:02:09:c3:15:
ed:59:7c:9f:bd:59:2e:d5:12:2b:ec:40:ce:93:c9:
7c:58:33:ee:26:86:87:7f:dd:0c:3d:eb:8a:b0:2a:
c5:a5:fc:5f:ac:04:5f:2d:76:5c:c7:79:bb:f7:fb:
57:36:b7:e8:74:2a:c4:8f:dc:d1:e0:f0:80:0f:45:
fb:40:d6:4f:31:6e:12:64:04:a2:52:73:06:17:5a:
84:51:b2:fd:85:84:e6:7b:18:f4:81:17:ec:3a:1b:
e0:72:25:cb:c1:b8:18:48:0a:02:83:d9:e2:7e:9b:
9b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:EC:64:87:AE:6F:43:B6:CC:5A:D1:BC:9A:70:AF:8D:ED:D9:A7:EC
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/kexkh65vQ7bMWtG8mnCvje3Zp-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.12.0/22
85.153.24.0/22
85.153.35.0-85.153.42.255
85.153.48.0/21
85.153.59.0-85.153.63.255
85.153.66.0/23
85.153.72.0/23
85.153.88.0/22
85.153.96.0/22
85.153.114.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:45:21:42:88:df:a5:7f:96:9a:0f:bc:ae:8f:88:41:f4:58:
ef:cf:c2:a0:72:ea:19:84:43:23:7b:31:2f:88:0a:65:e1:3d:
f0:d4:0a:5a:bb:cb:d9:1d:3b:9a:c9:83:ba:be:03:6d:e7:5b:
16:ef:e5:03:86:c9:39:d2:ee:47:cb:33:7a:bd:b8:c2:5b:c1:
34:8b:a0:a6:10:6d:9a:b4:7e:8e:99:ff:ec:3e:67:07:52:51:
6c:c6:d7:d7:0b:31:07:fb:2a:7d:5b:0a:91:96:08:c7:b7:e6:
04:d7:0a:8c:c4:b0:03:4f:88:d9:68:60:eb:28:e3:7e:c9:53:
af:cf:aa:4a:56:c2:ad:2c:93:12:bf:aa:81:6e:1f:4c:ef:eb:
5e:69:f1:2a:f8:5d:cb:40:5c:c7:87:e2:2b:a3:37:92:c5:83:
54:d8:f6:23:40:35:eb:4b:c3:18:94:35:50:e8:1b:99:dc:66:
7d:8f:55:4f:31:bf:ad:b7:0e:d7:7f:cb:5b:56:b4:87:fc:40:
74:01:e4:22:bc:06:37:73:3a:e8:a9:a7:88:77:fa:d9:71:b2:
32:83:35:57:96:13:ea:38:bf:79:f0:8e:ff:28:49:37:8e:2c:
d6:70:17:bf:a0:7c:98:55:f1:41:fe:a0:20:7f:76:91:a1:5c:
13:25:19:65
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZUZIE8XU3GE2CTlWnRbXfErMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjUwMjE4MTI1NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWVjNjQ4N2FlNmY0M2I2Y2M1YWQxYmM5YTcwYWY4ZGVkZDlhN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvr7Sl4xLTOP5wZfF5ni/zWSL0qcm
UOy+y3EuYhogbDC9nq5n2qOjsoQz/+qTqKRco8xHifgUh9llnlHMtZhuERL0t5iU
rQ0xjdaJiEyPjKYODifCKRSfNsrub8y8rZvAcdCCQvUs5RNcksoRgKg7JSMcDX8D
1k9m1SDTNRS2jUJy7Qr+SEw+OleZwdwdyiqeVQIJwxXtWXyfvVku1RIr7EDOk8l8
WDPuJoaHf90MPeuKsCrFpfxfrARfLXZcx3m79/tXNrfodCrEj9zR4PCAD0X7QNZP
MW4SZASiUnMGF1qEUbL9hYTmexj0gRfsOhvgciXLwbgYSAoCg9nifpubOQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFJHsZIeub0O2zFrRvJpwr43t2afsMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEva2V4a2g2NXZRN2JNV3RHOG1uQ3ZqZTNacC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQCVZkMAwQC
VZkYMAwDBABVmSMDBABVmSoDBANVmTAwDAMEAFWZOwMEBlWZAAMEAVWZQgMEAVWZ
SAMEAlWZWAMEAlWZYAMEAFWZcjANBgkqhkiG9w0BAQsFAAOCAQEAo0UhQojfpX+W
mg+8ro+IQfRY78/CoHLqGYRDI3sxL4gKZeE98NQKWrvL2R07msmDur4DbedbFu/l
A4bJOdLuR8szer24wlvBNIugphBtmrR+jpn/7D5nB1JRbMbX1wsxB/sqfVsKkZYI
x7fmBNcKjMSwA0+I2Whg6yjjfslTr8+qSlbCrSyTEr+qgW4fTO/rXmnxKvhdy0Bc
x4fiK6M3ksWDVNj2I0A160vDGJQ1UOgbmdxmfY9VTzG/rbcO13/LW1a0h/xAdAHk
IrwGN3M66KmniHf62XGyMoM1V5YT6ji/efCO/yhJN44s1nAXv6B8mFXxQf6gIH92
kaFcEyUZZQ==
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:00:15 2025 by rpki-client