Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/7bfb11-be26-4c4e-9c35-d7c6708414fa/1/t1gHtFwa5agDSOfrfRir11uhmyo.roa
File: t1gHtFwa5agDSOfrfRir11uhmyo.roa (raw, json)
Hash identifier: YIC9w6VlHFB3KCLja0LdQ8JmLu/DL14I9GQCq+0Dsw8=
Subject key identifier: B7:58:07:B4:5C:1A:E5:A8:03:48:E7:EB:7D:18:AB:D7:5B:A1:9B:2A
Certificate issuer: /CN=46efb53f266e11e6ed5a13eb3e97f4b9601dd6e0
Certificate serial: 01942521894E43991DD0227EDE21E13D3BE9
Authority key identifier: 46:EF:B5:3F:26:6E:11:E6:ED:5A:13:EB:3E:97:F4:B9:60:1D:D6:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ru-1PyZuEebtWhPrPpf0uWAd1uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/7bfb11-be26-4c4e-9c35-d7c6708414fa/1/t1gHtFwa5agDSOfrfRir11uhmyo.roa
Signing time: Thu 02 Jan 2025 03:49:02 +0000
ROA not before: Thu 02 Jan 2025 03:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6453
IP address blocks: 185.156.184.0/24 maxlen: 24
185.156.185.0/24 maxlen: 24
185.156.186.0/24 maxlen: 24
185.156.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/7bfb11-be26-4c4e-9c35-d7c6708414fa/1/Ru-1PyZuEebtWhPrPpf0uWAd1uA.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/7bfb11-be26-4c4e-9c35-d7c6708414fa/1/Ru-1PyZuEebtWhPrPpf0uWAd1uA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ru-1PyZuEebtWhPrPpf0uWAd1uA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:89:4e:43:99:1d:d0:22:7e:de:21:e1:3d:3b:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46efb53f266e11e6ed5a13eb3e97f4b9601dd6e0
Validity
Not Before: Jan 2 03:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b75807b45c1ae5a80348e7eb7d18abd75ba19b2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:05:c3:20:c6:86:3d:c1:a6:d5:48:fa:d8:fd:
86:9d:7d:91:97:52:d8:5a:37:50:a2:0e:5c:29:68:
0e:de:bd:08:67:39:75:d5:4b:74:e2:f7:74:57:10:
9b:2c:2e:95:5e:96:b7:bc:7b:48:bc:48:ee:59:30:
c0:73:29:44:b2:4d:d5:6a:90:b8:c4:c7:d3:13:51:
a8:72:04:bc:f2:b1:24:02:4d:23:5a:9b:2e:89:39:
f4:45:a2:b6:cd:91:1e:78:45:bf:03:21:d0:b8:e1:
a2:37:fd:36:df:e1:d3:05:f6:b5:d4:53:c4:a4:6d:
cd:62:5c:bf:f8:9c:a1:ce:c6:94:6d:e9:8b:1f:c9:
ec:92:6c:e4:bc:2b:2f:ae:2f:fb:4b:a2:60:78:68:
50:1f:a6:4d:bc:24:be:fe:90:3d:e5:68:e6:cf:2d:
91:24:8f:23:9a:d6:1a:e4:9c:8c:45:4f:1b:2e:97:
60:e2:9e:4d:66:8f:91:85:c3:1a:72:0e:95:0a:33:
03:43:4f:12:3b:1c:97:41:d4:73:78:eb:fd:3c:d9:
90:69:ba:1d:85:e4:be:a8:15:e8:18:8d:e8:9f:58:
c6:a9:2d:67:bc:8d:a8:3a:92:c9:2e:7e:b4:5c:8e:
94:37:2a:92:e1:ad:36:78:0b:54:d1:ec:53:b7:5a:
e7:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:58:07:B4:5C:1A:E5:A8:03:48:E7:EB:7D:18:AB:D7:5B:A1:9B:2A
X509v3 Authority Key Identifier:
keyid:46:EF:B5:3F:26:6E:11:E6:ED:5A:13:EB:3E:97:F4:B9:60:1D:D6:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ru-1PyZuEebtWhPrPpf0uWAd1uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/7bfb11-be26-4c4e-9c35-d7c6708414fa/1/t1gHtFwa5agDSOfrfRir11uhmyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/7bfb11-be26-4c4e-9c35-d7c6708414fa/1/Ru-1PyZuEebtWhPrPpf0uWAd1uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.184.0/22
Signature Algorithm: sha256WithRSAEncryption
42:3b:b1:d8:01:1f:48:4b:fb:9a:6a:a3:a1:fa:22:ff:df:7b:
e2:f9:53:d1:c2:22:92:4b:fb:fb:53:5f:b8:5f:54:87:0b:ef:
eb:b9:3a:86:75:85:52:9f:1a:04:26:ba:5c:18:72:f0:c3:21:
93:0c:10:5f:3b:4b:ea:bb:b2:80:a0:ec:88:0f:42:5c:bb:70:
71:e8:74:0d:7a:7d:ad:42:d7:cd:32:9f:8c:05:ad:95:18:74:
93:78:95:e3:d1:b2:12:1a:7c:a1:c6:76:e3:4d:77:25:e7:56:
79:a2:c7:28:00:d6:05:79:e9:2f:b8:b7:87:91:70:6d:79:82:
a8:b6:52:bc:a2:b0:1e:80:79:f8:a7:b7:ea:c8:bf:04:f1:44:
b2:17:7b:1c:8a:dd:5f:4f:18:43:65:32:8e:f9:85:98:2f:06:
13:fa:88:7f:db:d9:ce:df:4d:ed:c5:0f:24:1f:b4:86:b2:a2:
3b:62:6b:d8:e6:91:17:67:ca:0e:f8:30:ad:09:72:f3:82:14:
41:a8:16:c4:31:2d:f8:eb:4f:db:b0:7e:30:2e:0a:e5:f8:d0:
89:e1:0b:4c:36:ee:8a:a1:00:66:53:f1:61:e9:82:9b:bc:76:
02:8a:9b:01:6b:48:06:19:a9:df:d4:55:cb:ea:74:06:59:36:
dd:13:b2:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIYlOQ5kd0CJ+3iHhPTvpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZWZiNTNmMjY2ZTExZTZlZDVhMTNlYjNlOTdmNGI5NjAx
ZGQ2ZTAwHhcNMjUwMTAyMDM0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzU4MDdiNDVjMWFlNWE4MDM0OGU3ZWI3ZDE4YWJkNzViYTE5YjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAXDIMaGPcGm1Uj62P2GnX2Rl1LY
WjdQog5cKWgO3r0IZzl11Ut04vd0VxCbLC6VXpa3vHtIvEjuWTDAcylEsk3VapC4
xMfTE1GocgS88rEkAk0jWpsuiTn0RaK2zZEeeEW/AyHQuOGiN/023+HTBfa11FPE
pG3NYly/+JyhzsaUbemLH8nskmzkvCsvri/7S6JgeGhQH6ZNvCS+/pA95Wjmzy2R
JI8jmtYa5JyMRU8bLpdg4p5NZo+RhcMacg6VCjMDQ08SOxyXQdRzeOv9PNmQabod
heS+qBXoGI3on1jGqS1nvI2oOpLJLn60XI6UNyqS4a02eAtU0exTt1rn/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLdYB7RcGuWoA0jn630Yq9dboZsqMB8GA1UdIwQY
MBaAFEbvtT8mbhHm7VoT6z6X9LlgHdbgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnUtMVB5WnVFZWJ0V2hQclBwZjB1V0FkMXVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny83YmZiMTEtYmUyNi00YzRlLTljMzUt
ZDdjNjcwODQxNGZhLzEvdDFnSHRGd2E1YWdEU09mcmZSaXIxMXVobXlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny83YmZiMTEtYmUyNi00YzRlLTljMzUtZDdjNjcwODQxNGZh
LzEvUnUtMVB5WnVFZWJ0V2hQclBwZjB1V0FkMXVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZy4MA0G
CSqGSIb3DQEBCwUAA4IBAQBCO7HYAR9IS/uaaqOh+iL/33vi+VPRwiKSS/v7U1+4
X1SHC+/ruTqGdYVSnxoEJrpcGHLwwyGTDBBfO0vqu7KAoOyID0Jcu3Bx6HQNen2t
QtfNMp+MBa2VGHSTeJXj0bISGnyhxnbjTXcl51Z5oscoANYFeekvuLeHkXBteYKo
tlK8orAegHn4p7fqyL8E8USyF3scit1fTxhDZTKO+YWYLwYT+oh/29nO303txQ8k
H7SGsqI7YmvY5pEXZ8oO+DCtCXLzghRBqBbEMS3460/bsH4wLgrl+NCJ4QtMNu6K
oQBmU/Fh6YKbvHYCipsBa0gGGanf1FXL6nQGWTbdE7I3
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:38:09 2025 by rpki-client