Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/7f0464-226d-4f49-a270-1cd6c871c1e8/1/5OMr3xKs8jvtoFSwFc24Cwr8qm0.roa
File: 5OMr3xKs8jvtoFSwFc24Cwr8qm0.roa (raw, json)
Hash identifier: yTyBz+xUzE60EnbY56LmeruhsoeDG36ww4aSRH8th0I=
Subject key identifier: E4:E3:2B:DF:12:AC:F2:3B:ED:A0:54:B0:15:CD:B8:0B:0A:FC:AA:6D
Certificate issuer: /CN=20d2633bffb16da2d75edaf49bc821187cfb88ef
Certificate serial: 0194221FDF9E61FECF0016C4A2B086185C70
Authority key identifier: 20:D2:63:3B:FF:B1:6D:A2:D7:5E:DA:F4:9B:C8:21:18:7C:FB:88:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/INJjO_-xbaLXXtr0m8ghGHz7iO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/7f0464-226d-4f49-a270-1cd6c871c1e8/1/5OMr3xKs8jvtoFSwFc24Cwr8qm0.roa
Signing time: Wed 01 Jan 2025 13:48:21 +0000
ROA not before: Wed 01 Jan 2025 13:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47895
IP address blocks: 78.142.232.0/22 maxlen: 22
91.205.128.0/22 maxlen: 22
91.205.131.0/24 maxlen: 24
185.34.20.0/22 maxlen: 22
185.34.21.0/24 maxlen: 24
185.189.100.0/22 maxlen: 22
185.244.20.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/7f0464-226d-4f49-a270-1cd6c871c1e8/1/INJjO_-xbaLXXtr0m8ghGHz7iO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/7f0464-226d-4f49-a270-1cd6c871c1e8/1/INJjO_-xbaLXXtr0m8ghGHz7iO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/INJjO_-xbaLXXtr0m8ghGHz7iO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:df:9e:61:fe:cf:00:16:c4:a2:b0:86:18:5c:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20d2633bffb16da2d75edaf49bc821187cfb88ef
Validity
Not Before: Jan 1 13:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4e32bdf12acf23beda054b015cdb80b0afcaa6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:29:a7:05:de:dd:e8:0f:24:56:45:51:12:15:
8d:75:5c:32:a1:5b:95:de:19:7b:fa:78:af:29:b9:
63:40:e6:02:d2:e2:4a:51:fd:64:e0:09:1c:9f:f7:
9c:75:ad:f8:65:f7:17:15:75:77:5b:0a:bb:74:78:
5f:10:f0:19:14:e8:27:36:9d:63:66:42:a6:61:63:
1c:a6:1e:3d:65:40:21:72:3b:7a:ae:5f:87:83:35:
55:d2:47:b6:aa:2c:a2:eb:89:02:dd:e2:88:39:f4:
f1:ca:28:c6:b3:78:04:42:67:e4:54:69:f1:d6:a3:
85:38:fe:8b:3d:b6:17:d4:5a:c1:94:52:b7:45:72:
c2:86:22:d1:e0:b1:cc:dd:6d:f2:de:83:53:a9:ba:
e6:6e:1c:f1:1a:1e:62:06:b9:32:18:a5:b8:73:e0:
86:6d:23:f4:9d:97:43:f4:8d:df:55:f4:eb:ee:cb:
89:18:2d:0f:c9:fe:42:3a:f7:36:86:77:92:e5:bb:
3e:72:7c:0b:74:fc:53:0a:ba:0b:a5:6a:9b:c3:05:
1f:cf:71:4c:c9:15:51:e9:3e:09:ea:78:29:02:2d:
c1:16:ff:54:aa:20:d9:4a:49:7d:bc:76:6f:6e:45:
0e:32:fd:5e:3c:c7:6d:42:a5:47:c7:37:d1:36:e1:
24:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E3:2B:DF:12:AC:F2:3B:ED:A0:54:B0:15:CD:B8:0B:0A:FC:AA:6D
X509v3 Authority Key Identifier:
keyid:20:D2:63:3B:FF:B1:6D:A2:D7:5E:DA:F4:9B:C8:21:18:7C:FB:88:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/INJjO_-xbaLXXtr0m8ghGHz7iO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/7f0464-226d-4f49-a270-1cd6c871c1e8/1/5OMr3xKs8jvtoFSwFc24Cwr8qm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/7f0464-226d-4f49-a270-1cd6c871c1e8/1/INJjO_-xbaLXXtr0m8ghGHz7iO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.232.0/22
91.205.128.0/22
185.34.20.0/22
185.189.100.0/22
185.244.20.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:17:f6:48:8b:c7:18:17:bd:d8:6d:e1:ea:7c:a3:7d:c1:9f:
37:c3:47:d7:df:d5:31:c6:8d:4b:2b:a0:d4:67:ee:18:28:6c:
a0:05:6e:28:65:13:a4:56:29:e1:cc:b8:b8:ef:2a:e1:86:8f:
2c:93:0b:1b:32:2d:a5:bd:e5:a5:a5:70:b5:14:54:27:e7:d6:
3d:dc:a9:46:43:b5:78:f9:e3:9b:92:d5:c9:4f:99:84:06:04:
2c:0f:6f:e6:99:92:6c:a8:59:2a:56:f5:17:77:cc:0c:1a:2e:
b9:88:20:0b:2c:5a:f8:78:a3:31:9c:55:5f:b0:8c:23:00:7b:
e0:56:0b:1b:71:5b:bf:c2:58:33:48:d2:7b:ad:d1:da:a8:26:
31:b5:54:a2:03:10:50:ce:35:63:4a:77:2c:64:74:22:6c:a3:
e1:66:c2:0f:06:6e:80:4d:16:9d:e5:20:75:a2:df:1e:53:1d:
2b:e6:c3:ed:87:86:c3:e0:c6:75:e1:84:7b:57:eb:d9:62:73:
e1:01:10:24:c5:a5:ea:99:2b:b9:b1:c1:5a:02:7a:3d:1d:c4:
6a:5c:69:04:79:52:78:4f:08:29:5a:5c:d0:71:a5:ce:1a:11:
37:a4:e7:30:af:4b:5c:46:1e:09:4f:e2:dd:36:e4:50:0b:02:
d9:26:40:94
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQiH9+eYf7PABbEorCGGFxwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZDI2MzNiZmZiMTZkYTJkNzVlZGFmNDliYzgyMTE4N2Nm
Yjg4ZWYwHhcNMjUwMTAxMTM0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGUzMmJkZjEyYWNmMjNiZWRhMDU0YjAxNWNkYjgwYjBhZmNhYTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ymnBd7d6A8kVkVREhWNdVwyoVuV
3hl7+nivKbljQOYC0uJKUf1k4Akcn/ecda34ZfcXFXV3Wwq7dHhfEPAZFOgnNp1j
ZkKmYWMcph49ZUAhcjt6rl+HgzVV0ke2qiyi64kC3eKIOfTxyijGs3gEQmfkVGnx
1qOFOP6LPbYX1FrBlFK3RXLChiLR4LHM3W3y3oNTqbrmbhzxGh5iBrkyGKW4c+CG
bSP0nZdD9I3fVfTr7suJGC0Pyf5COvc2hneS5bs+cnwLdPxTCroLpWqbwwUfz3FM
yRVR6T4J6ngpAi3BFv9UqiDZSkl9vHZvbkUOMv1ePMdtQqVHxzfRNuEkEwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOTjK98SrPI77aBUsBXNuAsK/KptMB8GA1UdIwQY
MBaAFCDSYzv/sW2i117a9JvIIRh8+4jvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU5Kak9fLXhiYUxYWHRyMG04Z2hHSHo3aU84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi83ZjA0NjQtMjI2ZC00ZjQ5LWEyNzAt
MWNkNmM4NzFjMWU4LzEvNU9NcjN4S3M4anZ0b0ZTd0ZjMjRDd3I4cW0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi83ZjA0NjQtMjI2ZC00ZjQ5LWEyNzAtMWNkNmM4NzFjMWU4
LzEvSU5Kak9fLXhiYUxYWHRyMG04Z2hHSHo3aU84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCTo7oAwQC
W82AAwQCuSIUAwQCub1kAwQCufQUMA0GCSqGSIb3DQEBCwUAA4IBAQA+F/ZIi8cY
F73YbeHqfKN9wZ83w0fX39Uxxo1LK6DUZ+4YKGygBW4oZROkVinhzLi47yrhho8s
kwsbMi2lveWlpXC1FFQn59Y93KlGQ7V4+eObktXJT5mEBgQsD2/mmZJsqFkqVvUX
d8wMGi65iCALLFr4eKMxnFVfsIwjAHvgVgsbcVu/wlgzSNJ7rdHaqCYxtVSiAxBQ
zjVjSncsZHQibKPhZsIPBm6ATRad5SB1ot8eUx0r5sPth4bD4MZ14YR7V+vZYnPh
ARAkxaXqmSu5scFaAno9HcRqXGkEeVJ4TwgpWlzQcaXOGhE3pOcwr0tcRh4JT+Ld
NuRQCwLZJkCU
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:28:14 2025 by rpki-client