Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f95298-f909-45c9-9104-8a4f63ea9bf1/1/xNXvRwm0cFi8tLLdb2nvNopZe5s.roa
File: xNXvRwm0cFi8tLLdb2nvNopZe5s.roa (raw, json)
Hash identifier: Ek+ehf6lVos9XeTSOdvg4+GzfPP9fwac2An5Jv96Lm0=
Subject key identifier: C4:D5:EF:47:09:B4:70:58:BC:B4:B2:DD:6F:69:EF:36:8A:59:7B:9B
Certificate issuer: /CN=ea53f33ccdfc5fe84b84c15f04322906991af9e7
Certificate serial: 0194252135FC61357FAB3F69BF6B1C0B58F3
Authority key identifier: EA:53:F3:3C:CD:FC:5F:E8:4B:84:C1:5F:04:32:29:06:99:1A:F9:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6lPzPM38X-hLhMFfBDIpBpka-ec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f95298-f909-45c9-9104-8a4f63ea9bf1/1/xNXvRwm0cFi8tLLdb2nvNopZe5s.roa
Signing time: Thu 02 Jan 2025 03:48:40 +0000
ROA not before: Thu 02 Jan 2025 03:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205581
IP address blocks: 185.213.36.0/24 maxlen: 24
185.213.37.0/24 maxlen: 24
185.213.38.0/24 maxlen: 24
185.213.39.0/24 maxlen: 24
2a0b:8240::/32 maxlen: 32
2a0b:8241::/32 maxlen: 32
2a0b:8242::/32 maxlen: 32
2a0b:8243::/32 maxlen: 32
2a0b:8244::/32 maxlen: 32
2a0b:8245::/32 maxlen: 32
2a0b:8246::/32 maxlen: 32
2a0b:8247::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/f95298-f909-45c9-9104-8a4f63ea9bf1/1/6lPzPM38X-hLhMFfBDIpBpka-ec.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/f95298-f909-45c9-9104-8a4f63ea9bf1/1/6lPzPM38X-hLhMFfBDIpBpka-ec.mft
rsync://rpki.ripe.net/repository/DEFAULT/6lPzPM38X-hLhMFfBDIpBpka-ec.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:35:fc:61:35:7f:ab:3f:69:bf:6b:1c:0b:58:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea53f33ccdfc5fe84b84c15f04322906991af9e7
Validity
Not Before: Jan 2 03:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4d5ef4709b47058bcb4b2dd6f69ef368a597b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1e:65:e7:e4:1b:7f:e2:a1:ee:48:1d:1c:23:
f5:e6:03:d7:0d:da:e7:05:4d:d0:b3:a4:ad:9e:66:
99:67:45:7d:00:f3:09:1c:92:bc:f6:2c:70:a0:27:
d4:de:c1:ee:27:65:46:af:7d:53:54:41:88:9a:cd:
b9:8c:e4:54:5e:67:c2:a3:12:3a:17:3d:fa:44:b2:
7b:f5:9d:bb:3e:f0:84:b1:51:c1:12:53:96:de:a0:
98:01:ed:4a:af:7e:29:c8:f9:6a:8d:37:3e:3d:c3:
43:da:09:22:85:17:b2:70:b4:4b:aa:4c:b9:6e:fc:
2e:3b:a9:64:f6:0c:fa:04:9b:bd:63:9b:68:aa:70:
39:fd:89:16:30:a2:f4:c0:57:58:76:02:48:c2:01:
5e:8a:ca:dd:23:94:e3:37:03:80:82:60:30:0c:30:
04:0c:3d:5e:41:0d:12:55:69:b6:15:9c:79:a9:5b:
82:10:84:18:e7:47:13:a9:13:48:45:de:23:20:7e:
c4:0e:6a:44:47:c9:04:3c:c2:7d:52:92:73:23:90:
15:f5:5e:e1:68:03:d6:b8:fc:c8:bd:c8:f4:9f:c6:
62:37:61:3a:d6:eb:0f:05:bc:b0:e0:74:53:ef:ca:
10:2d:16:eb:a1:01:15:25:ce:47:69:9f:b5:b2:7c:
d8:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:D5:EF:47:09:B4:70:58:BC:B4:B2:DD:6F:69:EF:36:8A:59:7B:9B
X509v3 Authority Key Identifier:
keyid:EA:53:F3:3C:CD:FC:5F:E8:4B:84:C1:5F:04:32:29:06:99:1A:F9:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6lPzPM38X-hLhMFfBDIpBpka-ec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f95298-f909-45c9-9104-8a4f63ea9bf1/1/xNXvRwm0cFi8tLLdb2nvNopZe5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f95298-f909-45c9-9104-8a4f63ea9bf1/1/6lPzPM38X-hLhMFfBDIpBpka-ec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.36.0/22
IPv6:
2a0b:8240::/29
Signature Algorithm: sha256WithRSAEncryption
37:3f:c0:09:29:62:70:a3:78:3e:74:dc:9b:e3:f2:e1:53:d2:
72:1a:a5:20:c1:bd:c5:a1:53:a5:92:98:45:e8:45:a1:b3:c7:
28:f5:56:5d:b3:72:a7:90:51:34:25:f1:f9:35:85:8f:4a:eb:
a2:6f:1d:97:94:6e:b1:c7:ff:2d:ea:14:75:44:c4:d1:b2:c1:
5f:46:8e:73:d6:48:c2:f9:6e:b8:93:8b:03:5c:99:d2:a9:4b:
07:ff:90:ad:52:04:b7:da:ec:44:83:c1:0b:91:14:78:4a:91:
92:aa:7c:fb:32:ec:19:2f:b7:94:42:a9:45:d1:7a:b7:c3:b4:
27:77:cd:48:52:cd:db:53:88:37:cb:b0:fd:88:bc:be:65:0e:
cd:a7:3d:c3:70:f8:03:5e:2b:b5:9d:ec:d9:a2:d2:70:b5:bb:
4d:db:aa:53:84:ac:64:71:a3:be:5c:9d:1e:f1:23:e5:41:84:
d2:52:7f:1e:d5:a4:12:83:2e:a2:10:1a:e6:c8:42:7e:83:4d:
fb:75:a7:2b:87:6f:69:82:47:b9:8c:1b:ba:0d:f0:c4:b8:3f:
d1:88:58:f4:5a:66:9b:c4:61:d0:d1:7d:22:fa:60:a0:49:76:
19:f6:da:62:f4:60:de:40:5f:06:03:f9:3a:fc:49:2b:82:6e:
99:cc:cb:78
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlITX8YTV/qz9pv2scC1jzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNTNmMzNjY2RmYzVmZTg0Yjg0YzE1ZjA0MzIyOTA2OTkx
YWY5ZTcwHhcNMjUwMTAyMDM0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGQ1ZWY0NzA5YjQ3MDU4YmNiNGIyZGQ2ZjY5ZWYzNjhhNTk3YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxx5l5+Qbf+Kh7kgdHCP15gPXDdrn
BU3Qs6StnmaZZ0V9APMJHJK89ixwoCfU3sHuJ2VGr31TVEGIms25jORUXmfCoxI6
Fz36RLJ79Z27PvCEsVHBElOW3qCYAe1Kr34pyPlqjTc+PcND2gkihReycLRLqky5
bvwuO6lk9gz6BJu9Y5toqnA5/YkWMKL0wFdYdgJIwgFeisrdI5TjNwOAgmAwDDAE
DD1eQQ0SVWm2FZx5qVuCEIQY50cTqRNIRd4jIH7EDmpER8kEPMJ9UpJzI5AV9V7h
aAPWuPzIvcj0n8ZiN2E61usPBbyw4HRT78oQLRbroQEVJc5HaZ+1snzYDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMTV70cJtHBYvLSy3W9p7zaKWXubMB8GA1UdIwQY
MBaAFOpT8zzN/F/oS4TBXwQyKQaZGvnnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmxQelBNMzhYLWhMaE1GZkJESXBCcGthLWVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mOTUyOTgtZjkwOS00NWM5LTkxMDQt
OGE0ZjYzZWE5YmYxLzEveE5YdlJ3bTBjRmk4dExMZGIybnZOb3BaZTVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mOTUyOTgtZjkwOS00NWM5LTkxMDQtOGE0ZjYzZWE5YmYx
LzEvNmxQelBNMzhYLWhMaE1GZkJESXBCcGthLWVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudUkMA0E
AgACMAcDBQMqC4JAMA0GCSqGSIb3DQEBCwUAA4IBAQA3P8AJKWJwo3g+dNyb4/Lh
U9JyGqUgwb3FoVOlkphF6EWhs8co9VZds3KnkFE0JfH5NYWPSuuibx2XlG6xx/8t
6hR1RMTRssFfRo5z1kjC+W64k4sDXJnSqUsH/5CtUgS32uxEg8ELkRR4SpGSqnz7
MuwZL7eUQqlF0Xq3w7Qnd81IUs3bU4g3y7D9iLy+ZQ7Npz3DcPgDXiu1nezZotJw
tbtN26pThKxkcaO+XJ0e8SPlQYTSUn8e1aQSgy6iEBrmyEJ+g037dacrh29pgke5
jBu6DfDEuD/RiFj0WmabxGHQ0X0i+mCgSXYZ9tpi9GDeQF8GA/k6/Ekrgm6ZzMt4
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:20 2025 by rpki-client