Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/7fb4ea-5bbc-4c8c-8b5d-288cfd1c2a3d/1/Wq2iqPYhNjor18Qz9IXxlr7x8mQ.roa
File: Wq2iqPYhNjor18Qz9IXxlr7x8mQ.roa (raw, json)
Hash identifier: QfZmNahEgmZ6AaDD2oA3mk7CjDsVWvRKb2LNfkM1y9A=
Subject key identifier: 5A:AD:A2:A8:F6:21:36:3A:2B:D7:C4:33:F4:85:F1:96:BE:F1:F2:64
Certificate issuer: /CN=90b3a3a0d662d14da8404bd21dc489e63945624e
Certificate serial: 019497B72C7B02AF8CE01A431E7F4E7D9EFB
Authority key identifier: 90:B3:A3:A0:D6:62:D1:4D:A8:40:4B:D2:1D:C4:89:E6:39:45:62:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kLOjoNZi0U2oQEvSHcSJ5jlFYk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/7fb4ea-5bbc-4c8c-8b5d-288cfd1c2a3d/1/Wq2iqPYhNjor18Qz9IXxlr7x8mQ.roa
Signing time: Fri 24 Jan 2025 09:49:11 +0000
ROA not before: Fri 24 Jan 2025 09:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205704
IP address blocks: 185.200.148.0/23 maxlen: 23
185.200.148.0/24 maxlen: 24
185.200.149.0/24 maxlen: 24
185.200.150.0/23 maxlen: 23
185.200.150.0/24 maxlen: 24
185.200.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/7fb4ea-5bbc-4c8c-8b5d-288cfd1c2a3d/1/kLOjoNZi0U2oQEvSHcSJ5jlFYk4.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/7fb4ea-5bbc-4c8c-8b5d-288cfd1c2a3d/1/kLOjoNZi0U2oQEvSHcSJ5jlFYk4.mft
rsync://rpki.ripe.net/repository/DEFAULT/kLOjoNZi0U2oQEvSHcSJ5jlFYk4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:97:b7:2c:7b:02:af:8c:e0:1a:43:1e:7f:4e:7d:9e:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90b3a3a0d662d14da8404bd21dc489e63945624e
Validity
Not Before: Jan 24 09:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5aada2a8f621363a2bd7c433f485f196bef1f264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2c:38:29:f2:e5:45:c9:6a:1c:42:79:82:1f:
e5:2a:47:fe:f3:27:2d:48:c1:ff:44:a3:58:ce:f9:
67:cd:3b:dc:1f:de:ce:88:b4:2a:6a:2a:f9:9d:84:
c7:76:b8:83:d1:5a:ac:08:d5:dc:6d:d6:f2:2a:91:
78:83:69:a5:bf:22:70:e4:f7:7e:e0:ea:1f:f1:ff:
d7:d3:37:7c:fc:f2:6a:db:80:07:4e:c3:9f:87:c3:
d2:cc:55:35:40:33:af:ed:9c:99:8c:3c:53:7e:e8:
28:47:37:a9:82:6a:92:d9:eb:22:ed:bc:78:6b:b1:
b6:24:56:de:2f:25:62:a6:e9:62:60:2c:08:b3:40:
df:18:c2:b0:02:64:cf:95:af:be:76:92:6a:81:02:
67:25:c5:dd:12:6a:85:eb:0b:19:6b:d3:2a:69:b9:
4b:db:60:e5:c0:29:06:9b:92:54:c9:dd:af:dd:75:
8f:14:e3:79:a5:94:bc:65:dd:07:07:a5:ce:f8:a8:
c5:b8:92:16:8e:73:74:61:92:32:5e:7d:2d:04:24:
a8:fc:8e:5c:ad:73:1d:b8:f4:bc:e6:d2:62:1a:cd:
8c:b6:5b:3e:f0:be:8f:e8:d2:ee:92:c8:f1:1d:5c:
b0:e1:44:08:09:df:33:21:49:6c:59:47:2e:86:08:
a5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:AD:A2:A8:F6:21:36:3A:2B:D7:C4:33:F4:85:F1:96:BE:F1:F2:64
X509v3 Authority Key Identifier:
keyid:90:B3:A3:A0:D6:62:D1:4D:A8:40:4B:D2:1D:C4:89:E6:39:45:62:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kLOjoNZi0U2oQEvSHcSJ5jlFYk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/7fb4ea-5bbc-4c8c-8b5d-288cfd1c2a3d/1/Wq2iqPYhNjor18Qz9IXxlr7x8mQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/7fb4ea-5bbc-4c8c-8b5d-288cfd1c2a3d/1/kLOjoNZi0U2oQEvSHcSJ5jlFYk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.148.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:cf:5c:4a:40:c5:0d:0f:db:48:8c:8b:1f:98:d5:06:8e:b4:
54:da:de:cd:4a:24:44:14:3f:7a:03:2e:c8:5d:2d:c2:10:95:
81:8c:84:04:46:7b:37:66:8c:97:b9:51:61:5a:0a:87:71:0b:
e3:7a:8e:ff:ad:7a:58:28:ee:ee:91:18:72:64:4a:2e:b1:5f:
e9:f0:28:16:c8:13:94:5f:bc:52:5f:b0:b7:e2:37:e8:d7:3f:
09:8d:a2:76:75:3c:75:70:d6:2f:01:37:e5:cc:79:23:35:0c:
f8:fe:e7:97:b2:e0:4c:9c:29:1e:69:00:2a:3f:f5:4e:f9:89:
9b:d9:f6:dd:e1:40:ea:e5:a9:72:75:aa:c2:c8:e5:24:e7:d3:
15:a3:6f:33:88:1b:14:b3:13:18:ca:55:97:f4:ba:56:e7:93:
e7:1f:69:60:bd:c7:8c:ca:f0:55:38:41:22:4e:df:a0:74:71:
c6:0b:4f:a8:df:0d:92:05:a1:2b:cc:01:6f:84:9d:28:ac:cf:
73:72:8f:b9:40:5e:b2:79:2b:01:03:2c:71:f9:d5:f4:f2:2e:
85:c0:46:02:75:fa:2d:72:f1:e7:06:0f:1e:06:17:be:ae:b7:
64:c9:94:52:51:85:0f:81:33:6a:01:5d:a4:f7:df:61:b0:76:
50:47:ac:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSXtyx7Aq+M4BpDHn9OfZ77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYjNhM2EwZDY2MmQxNGRhODQwNGJkMjFkYzQ4OWU2Mzk0
NTYyNGUwHhcNMjUwMTI0MDk0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWFkYTJhOGY2MjEzNjNhMmJkN2M0MzNmNDg1ZjE5NmJlZjFmMjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSw4KfLlRclqHEJ5gh/lKkf+8yct
SMH/RKNYzvlnzTvcH97OiLQqair5nYTHdriD0VqsCNXcbdbyKpF4g2mlvyJw5Pd+
4Oof8f/X0zd8/PJq24AHTsOfh8PSzFU1QDOv7ZyZjDxTfugoRzepgmqS2esi7bx4
a7G2JFbeLyVipuliYCwIs0DfGMKwAmTPla++dpJqgQJnJcXdEmqF6wsZa9MqablL
22DlwCkGm5JUyd2v3XWPFON5pZS8Zd0HB6XO+KjFuJIWjnN0YZIyXn0tBCSo/I5c
rXMduPS85tJiGs2Mtls+8L6P6NLuksjxHVyw4UQICd8zIUlsWUcuhgil6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFqtoqj2ITY6K9fEM/SF8Za+8fJkMB8GA1UdIwQY
MBaAFJCzo6DWYtFNqEBL0h3EieY5RWJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0xPam9OWmkwVTJvUUV2U0hjU0o1amxGWWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS83ZmI0ZWEtNWJiYy00YzhjLThiNWQt
Mjg4Y2ZkMWMyYTNkLzEvV3EyaXFQWWhOam9yMThRejlJWHhscjd4OG1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS83ZmI0ZWEtNWJiYy00YzhjLThiNWQtMjg4Y2ZkMWMyYTNk
LzEva0xPam9OWmkwVTJvUUV2U0hjU0o1amxGWWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuciUMA0G
CSqGSIb3DQEBCwUAA4IBAQCqz1xKQMUND9tIjIsfmNUGjrRU2t7NSiREFD96Ay7I
XS3CEJWBjIQERns3ZoyXuVFhWgqHcQvjeo7/rXpYKO7ukRhyZEousV/p8CgWyBOU
X7xSX7C34jfo1z8JjaJ2dTx1cNYvATflzHkjNQz4/ueXsuBMnCkeaQAqP/VO+Ymb
2fbd4UDq5alydarCyOUk59MVo28ziBsUsxMYylWX9LpW55PnH2lgvceMyvBVOEEi
Tt+gdHHGC0+o3w2SBaErzAFvhJ0orM9zco+5QF6yeSsBAyxx+dX08i6FwEYCdfot
cvHnBg8eBhe+rrdkyZRSUYUPgTNqAV2k999hsHZQR6zN
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:55:28 2025 by rpki-client