Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/CMxibTdZ-IzTtbNjsHEuGJLmc08.roa
File: CMxibTdZ-IzTtbNjsHEuGJLmc08.roa (raw, json)
Hash identifier: h3s5HNsZsrtEKeZ3dZjj9ubR1NCifH/ZKj3bCLL8amE=
Subject key identifier: 08:CC:62:6D:37:59:F8:8C:D3:B5:B3:63:B0:71:2E:18:92:E6:73:4F
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 01945034A67989D4F2824035348F1A950912
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/CMxibTdZ-IzTtbNjsHEuGJLmc08.roa
Signing time: Fri 10 Jan 2025 12:33:35 +0000
ROA not before: Fri 10 Jan 2025 12:33:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212192
IP address blocks: 5.157.164.0/22 maxlen: 24
37.35.32.0/22 maxlen: 22
37.35.38.0/24 maxlen: 24
146.66.211.0/24 maxlen: 24
188.74.156.0/22 maxlen: 22
188.74.191.0/24 maxlen: 24
188.74.244.0/24 maxlen: 24
188.119.164.0/24 maxlen: 24
188.119.167.0/24 maxlen: 24
188.119.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:50:34:a6:79:89:d4:f2:82:40:35:34:8f:1a:95:09:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 10 12:33:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08cc626d3759f88cd3b5b363b0712e1892e6734f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:74:ae:56:a9:9e:f1:1f:f6:a5:50:a8:38:a3:
68:ce:61:9b:54:d3:0f:ad:0c:2a:ee:1b:60:ed:71:
8e:70:e9:77:4d:b9:a1:8a:86:94:2f:27:59:5d:95:
c2:01:66:49:96:21:6a:5d:ea:ff:6b:66:21:31:19:
e5:9c:07:7a:fe:38:3c:77:10:ba:cd:2f:c1:b9:b5:
ee:44:c0:74:31:a8:00:9f:6b:74:e7:84:e4:d6:d2:
6e:a2:33:a3:85:8b:92:a8:d2:dc:7b:73:a2:ef:38:
05:ba:47:69:46:e9:8c:2d:67:8a:9c:38:fc:9c:a8:
f8:e1:aa:06:79:c0:5b:4e:f7:34:b1:c0:5e:60:03:
21:53:1c:f0:21:38:dc:03:c8:de:1e:7b:8c:a8:37:
44:a2:5f:4c:da:85:60:52:51:5e:95:1d:66:04:d4:
37:dd:2d:d2:8b:33:a8:f6:a8:4d:a9:09:da:0e:f8:
1c:b6:ed:86:9f:cf:10:07:41:9c:e8:c5:5d:be:7e:
e9:a8:b3:41:b8:da:2d:4a:0d:ca:6c:5e:16:f1:8c:
63:c7:64:79:1d:26:5f:6d:c5:4b:c4:f5:c4:b5:98:
1f:e1:56:7c:39:c5:5b:52:94:8f:ef:a2:da:c9:99:
74:52:cb:99:80:d9:df:46:77:9c:57:04:29:dc:c2:
bd:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:CC:62:6D:37:59:F8:8C:D3:B5:B3:63:B0:71:2E:18:92:E6:73:4F
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/CMxibTdZ-IzTtbNjsHEuGJLmc08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.164.0/22
37.35.32.0/22
37.35.38.0/24
146.66.211.0/24
188.74.156.0/22
188.74.191.0/24
188.74.244.0/24
188.119.164.0/24
188.119.167.0/24
188.119.189.0/24
Signature Algorithm: sha256WithRSAEncryption
00:bf:26:dd:ce:30:c2:ed:f9:0a:63:d4:97:a4:a1:77:02:f9:
04:f4:cd:5b:b3:de:3b:21:08:b2:3a:8d:91:a1:a8:8c:9d:a0:
a6:4d:b0:31:2b:26:16:10:cc:3f:de:ec:62:0e:91:e6:01:2e:
be:e7:69:0b:f8:1f:d8:23:2c:5f:67:7c:0e:61:78:44:b3:f5:
29:ee:f7:ae:d5:f6:55:9d:2a:9d:1c:0a:22:c1:0c:7c:19:c6:
7e:48:69:45:8c:c8:c4:f8:1c:19:ea:67:8f:4d:6e:e1:e8:21:
72:97:3d:0c:bc:fe:94:9d:47:99:b1:1e:a2:03:23:f6:ec:dd:
40:db:bc:21:96:6a:5b:d2:f3:09:bf:cb:cd:a4:48:1a:10:4b:
f5:2d:90:91:15:1a:e0:8d:c9:ab:ff:72:58:6b:0f:ab:6a:38:
99:e9:11:64:99:b9:92:f4:3f:a6:eb:cf:bf:88:91:6f:b8:95:
c4:d5:29:58:85:c6:22:3e:7d:ae:38:fe:18:00:27:d9:2c:8b:
5d:1a:6c:2a:c3:82:24:96:5a:74:52:81:06:35:b8:91:08:a0:
b6:f3:ae:58:c2:ab:6e:d1:43:75:11:bd:c9:1e:94:75:29:a1:
ff:04:2c:47:e0:8d:3e:40:89:6d:7a:47:f3:09:43:63:c6:ba:
04:c3:10:d6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZRQNKZ5idTygkA1NI8alQkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjUwMTEwMTIzMzM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGNjNjI2ZDM3NTlmODhjZDNiNWIzNjNiMDcxMmUxODkyZTY3MzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3SuVqme8R/2pVCoOKNozmGbVNMP
rQwq7htg7XGOcOl3TbmhioaULydZXZXCAWZJliFqXer/a2YhMRnlnAd6/jg8dxC6
zS/BubXuRMB0MagAn2t054Tk1tJuojOjhYuSqNLce3Oi7zgFukdpRumMLWeKnDj8
nKj44aoGecBbTvc0scBeYAMhUxzwITjcA8jeHnuMqDdEol9M2oVgUlFelR1mBNQ3
3S3SizOo9qhNqQnaDvgctu2Gn88QB0Gc6MVdvn7pqLNBuNotSg3KbF4W8Yxjx2R5
HSZfbcVLxPXEtZgf4VZ8OcVbUpSP76LayZl0UsuZgNnfRnecVwQp3MK9MQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFAjMYm03WfiM07WzY7BxLhiS5nNPMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvQ014aWJUZFotSXpUdGJOanNIRXVHSkxtYzA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCBZ2kAwQC
JSMgAwQAJSMmAwQAkkLTAwQCvEqcAwQAvEq/AwQAvEr0AwQAvHekAwQAvHenAwQA
vHe9MA0GCSqGSIb3DQEBCwUAA4IBAQAAvybdzjDC7fkKY9SXpKF3AvkE9M1bs947
IQiyOo2RoaiMnaCmTbAxKyYWEMw/3uxiDpHmAS6+52kL+B/YIyxfZ3wOYXhEs/Up
7veu1fZVnSqdHAoiwQx8GcZ+SGlFjMjE+BwZ6mePTW7h6CFylz0MvP6UnUeZsR6i
AyP27N1A27whlmpb0vMJv8vNpEgaEEv1LZCRFRrgjcmr/3JYaw+rajiZ6RFkmbmS
9D+m68+/iJFvuJXE1SlYhcYiPn2uOP4YACfZLItdGmwqw4Ikllp0UoEGNbiRCKC2
865Ywqtu0UN1Eb3JHpR1KaH/BCxH4I0+QIltekfzCUNjxroEwxDW
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:22:11 2025 by rpki-client