Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/iWHLz7pb0VOnknWH2cLTUErxOZo.roa
File: iWHLz7pb0VOnknWH2cLTUErxOZo.roa (raw, json)
Hash identifier: jWeDGrOMaI4VEcetBFaHjDSN9dYVfQeBBIRCHkcbqGg=
Subject key identifier: 89:61:CB:CF:BA:5B:D1:53:A7:92:75:87:D9:C2:D3:50:4A:F1:39:9A
Certificate issuer: /CN=a76dd9dad75877f7d28d14e08dc55b1330bd13b7
Certificate serial: 0194CE917418D8F365ABE61FCC39FA49CC1D
Authority key identifier: A7:6D:D9:DA:D7:58:77:F7:D2:8D:14:E0:8D:C5:5B:13:30:BD:13:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p23Z2tdYd_fSjRTgjcVbEzC9E7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/iWHLz7pb0VOnknWH2cLTUErxOZo.roa
Signing time: Tue 04 Feb 2025 01:27:06 +0000
ROA not before: Tue 04 Feb 2025 01:27:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61135
IP address blocks: 185.17.113.0/24 maxlen: 24
185.73.200.0/22 maxlen: 24
185.73.201.0/24 maxlen: 32
185.165.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/p23Z2tdYd_fSjRTgjcVbEzC9E7c.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/p23Z2tdYd_fSjRTgjcVbEzC9E7c.mft
rsync://rpki.ripe.net/repository/DEFAULT/p23Z2tdYd_fSjRTgjcVbEzC9E7c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ce:91:74:18:d8:f3:65:ab:e6:1f:cc:39:fa:49:cc:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a76dd9dad75877f7d28d14e08dc55b1330bd13b7
Validity
Not Before: Feb 4 01:27:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8961cbcfba5bd153a7927587d9c2d3504af1399a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:56:e0:12:8c:cb:6e:58:e0:f0:78:f7:46:55:
1d:8b:d6:50:48:c7:a0:6a:f1:7c:16:f1:e2:2a:26:
43:a0:e0:a3:a5:cb:23:33:58:1d:2d:4f:0b:41:a4:
fc:a0:7e:84:cc:bb:ff:28:fb:12:ab:12:14:4a:fd:
ac:64:3e:a3:c0:33:ec:43:21:7b:78:6d:e1:c8:25:
ad:7c:01:47:4c:a9:b3:7d:86:84:53:fe:3c:78:80:
4e:ee:49:66:1e:51:ce:08:bc:e4:08:ed:f7:b7:17:
62:60:69:59:0e:79:5a:5b:d1:0f:79:8d:40:21:ad:
76:e4:b7:30:a4:ea:ae:a6:a6:d1:b7:69:9e:2e:7a:
18:60:b7:be:b8:a3:b1:c8:d5:11:b0:97:1e:13:c0:
1c:58:11:0d:ec:af:6a:6c:1c:2f:40:a4:60:d9:32:
9c:ac:3e:24:b9:fe:d0:fd:a5:e2:29:7a:44:4d:16:
3f:7e:d9:4f:73:4f:65:08:a8:81:15:09:4c:3a:84:
a6:18:f2:fd:72:c0:b2:e9:0e:1a:41:5a:21:39:4d:
e1:1c:d2:b7:61:53:c6:cf:b8:77:25:48:2b:68:1f:
65:5e:7a:78:61:df:0f:e4:d8:c8:0d:e3:b8:a6:e5:
8e:be:2b:ef:57:fe:2b:30:0f:0f:ca:af:d5:44:e1:
0e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:61:CB:CF:BA:5B:D1:53:A7:92:75:87:D9:C2:D3:50:4A:F1:39:9A
X509v3 Authority Key Identifier:
keyid:A7:6D:D9:DA:D7:58:77:F7:D2:8D:14:E0:8D:C5:5B:13:30:BD:13:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p23Z2tdYd_fSjRTgjcVbEzC9E7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/iWHLz7pb0VOnknWH2cLTUErxOZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/p23Z2tdYd_fSjRTgjcVbEzC9E7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.113.0/24
185.73.200.0/22
185.165.77.0/24
Signature Algorithm: sha256WithRSAEncryption
46:ca:af:01:e3:ec:0b:d5:26:1b:3a:83:60:0b:72:5c:6e:38:
80:23:e9:52:d8:6d:ac:11:1d:ed:02:2b:c3:27:31:b9:3d:24:
bc:aa:12:43:b0:67:56:cf:d0:e8:fa:48:87:00:bb:a2:01:54:
4d:8d:35:09:43:82:d3:11:69:4c:3e:13:87:06:8d:8e:2c:a0:
52:64:35:98:98:98:5d:25:98:cd:99:44:65:43:ff:04:44:01:
05:75:59:bf:d9:5e:b5:a9:28:a0:89:85:b0:a3:7d:58:47:c5:
c8:00:dd:4b:d8:fe:0a:3d:65:f6:fc:e9:ac:38:2b:ed:7d:dc:
8a:35:04:e0:81:15:7e:71:b0:1b:22:e3:ef:1a:2b:3c:a7:6f:
bf:7f:f2:ec:bf:ce:70:28:30:9f:aa:5e:bb:7b:5e:fd:98:86:
f1:80:3e:43:c3:00:e2:ac:48:f3:06:65:5a:4b:7f:9c:32:76:
66:dd:6c:cf:a1:68:72:e2:35:c6:74:8f:52:39:f1:03:54:8f:
c9:88:41:37:18:77:38:2b:f3:2d:03:4a:30:8f:0a:f5:1e:8a:
cf:ce:ed:04:65:22:d8:83:4c:61:63:0a:49:73:34:02:8b:63:
57:8d:1e:13:f8:6c:94:79:bf:93:94:65:c8:c9:2e:cf:ab:99:
9a:c7:09:11
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZTOkXQY2PNlq+YfzDn6ScwdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NmRkOWRhZDc1ODc3ZjdkMjhkMTRlMDhkYzU1YjEzMzBi
ZDEzYjcwHhcNMjUwMjA0MDEyNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTYxY2JjZmJhNWJkMTUzYTc5Mjc1ODdkOWMyZDM1MDRhZjEzOTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VbgEozLbljg8Hj3RlUdi9ZQSMeg
avF8FvHiKiZDoOCjpcsjM1gdLU8LQaT8oH6EzLv/KPsSqxIUSv2sZD6jwDPsQyF7
eG3hyCWtfAFHTKmzfYaEU/48eIBO7klmHlHOCLzkCO33txdiYGlZDnlaW9EPeY1A
Ia125LcwpOqupqbRt2meLnoYYLe+uKOxyNURsJceE8AcWBEN7K9qbBwvQKRg2TKc
rD4kuf7Q/aXiKXpETRY/ftlPc09lCKiBFQlMOoSmGPL9csCy6Q4aQVohOU3hHNK3
YVPGz7h3JUgraB9lXnp4Yd8P5NjIDeO4puWOvivvV/4rMA8Pyq/VROEOGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIlhy8+6W9FTp5J1h9nC01BK8TmaMB8GA1UdIwQY
MBaAFKdt2drXWHf30o0U4I3FWxMwvRO3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDIzWjJ0ZFlkX2ZTalJUZ2pjVmJFekM5RTdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9kMDA4ODktZTVjYS00MDkwLWE2YTQt
MmFjNmZmNzViZWIwLzEvaVdITHo3cGIwVk9ua25XSDJjTFRVRXJ4T1pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9kMDA4ODktZTVjYS00MDkwLWE2YTQtMmFjNmZmNzViZWIw
LzEvcDIzWjJ0ZFlkX2ZTalJUZ2pjVmJFekM5RTdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuRFxAwQC
uUnIAwQAuaVNMA0GCSqGSIb3DQEBCwUAA4IBAQBGyq8B4+wL1SYbOoNgC3JcbjiA
I+lS2G2sER3tAivDJzG5PSS8qhJDsGdWz9Do+kiHALuiAVRNjTUJQ4LTEWlMPhOH
Bo2OLKBSZDWYmJhdJZjNmURlQ/8ERAEFdVm/2V61qSigiYWwo31YR8XIAN1L2P4K
PWX2/OmsOCvtfdyKNQTggRV+cbAbIuPvGis8p2+/f/Lsv85wKDCfql67e179mIbx
gD5DwwDirEjzBmVaS3+cMnZm3WzPoWhy4jXGdI9SOfEDVI/JiEE3GHc4K/MtA0ow
jwr1HorPzu0EZSLYg0xhYwpJczQCi2NXjR4T+GyUeb+TlGXIyS7Pq5maxwkR
-----END CERTIFICATE-----
Generated at Wed Apr 16 23:22:19 2025 by rpki-client