Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/b27baf-e681-4ab6-b903-6a10c6e3222d/1/7SN7zcCvYfxuFlfhHOApOkQRiJo.roa
File: 7SN7zcCvYfxuFlfhHOApOkQRiJo.roa (raw, json)
Hash identifier: 3PArA/Gbu4mqUDahb41KthgCQL2QFV8tBeKTUZBovcI=
Subject key identifier: ED:23:7B:CD:C0:AF:61:FC:6E:16:57:E1:1C:E0:29:3A:44:11:88:9A
Certificate issuer: /CN=535a0905ad5684f414182c99e1ed998163093001
Certificate serial: 0194221FD674EE8F4B8460E9C649D859848A
Authority key identifier: 53:5A:09:05:AD:56:84:F4:14:18:2C:99:E1:ED:99:81:63:09:30:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1oJBa1WhPQUGCyZ4e2ZgWMJMAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/b27baf-e681-4ab6-b903-6a10c6e3222d/1/7SN7zcCvYfxuFlfhHOApOkQRiJo.roa
Signing time: Wed 01 Jan 2025 13:48:19 +0000
ROA not before: Wed 01 Jan 2025 13:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206976
IP address blocks: 185.222.16.0/22 maxlen: 24
2a0c:f000::/48 maxlen: 48
2a0c:f000:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/b27baf-e681-4ab6-b903-6a10c6e3222d/1/U1oJBa1WhPQUGCyZ4e2ZgWMJMAE.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/b27baf-e681-4ab6-b903-6a10c6e3222d/1/U1oJBa1WhPQUGCyZ4e2ZgWMJMAE.mft
rsync://rpki.ripe.net/repository/DEFAULT/U1oJBa1WhPQUGCyZ4e2ZgWMJMAE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:d6:74:ee:8f:4b:84:60:e9:c6:49:d8:59:84:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535a0905ad5684f414182c99e1ed998163093001
Validity
Not Before: Jan 1 13:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed237bcdc0af61fc6e1657e11ce0293a4411889a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8a:ad:e8:fa:92:14:c1:2d:35:e0:61:72:04:
5d:1e:2a:a5:da:60:c9:05:e2:e5:30:e6:44:64:12:
75:04:2f:85:d3:3b:e7:b2:a1:d4:85:0a:71:03:a4:
fe:58:66:f2:68:9c:e6:4f:55:47:16:3f:33:d1:d6:
5d:9c:d4:af:9f:70:9b:dd:f2:a1:df:bb:32:16:eb:
d1:cc:64:3d:fd:c3:23:51:93:0a:64:ec:b9:5d:ce:
ae:3b:5a:80:52:e6:c9:47:14:49:97:30:f4:53:cc:
6d:3c:f1:d4:16:0a:bf:eb:48:33:ff:d2:ff:c0:63:
77:ad:45:da:b1:ac:f6:e9:97:3d:b1:cf:f4:c3:9e:
b1:26:54:14:41:b5:d9:a5:b2:5c:31:a3:e0:82:69:
20:26:f3:47:27:c6:9c:80:d1:64:11:fd:fc:74:06:
eb:22:c9:a7:1d:43:cc:b1:34:52:0b:27:cc:33:2b:
6a:0a:8c:27:a3:32:c1:f2:cc:e8:d6:3a:86:26:10:
86:0e:26:2d:07:b3:5f:4a:e2:27:9a:c1:8e:79:2a:
ce:51:54:13:ee:a8:4c:2e:c3:5e:ba:97:71:e4:02:
05:02:03:81:94:d1:74:df:6f:02:8a:c9:3d:70:a6:
6e:c6:28:ab:1d:df:0f:1d:a0:86:96:fa:9b:93:36:
8d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:23:7B:CD:C0:AF:61:FC:6E:16:57:E1:1C:E0:29:3A:44:11:88:9A
X509v3 Authority Key Identifier:
keyid:53:5A:09:05:AD:56:84:F4:14:18:2C:99:E1:ED:99:81:63:09:30:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1oJBa1WhPQUGCyZ4e2ZgWMJMAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b27baf-e681-4ab6-b903-6a10c6e3222d/1/7SN7zcCvYfxuFlfhHOApOkQRiJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b27baf-e681-4ab6-b903-6a10c6e3222d/1/U1oJBa1WhPQUGCyZ4e2ZgWMJMAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.16.0/22
IPv6:
2a0c:f000::/48
2a0c:f000:1000::/48
Signature Algorithm: sha256WithRSAEncryption
0c:85:2d:dd:e8:81:ad:6b:38:f3:4d:98:b8:71:52:eb:e0:30:
61:3c:fa:cd:06:c6:fc:0b:93:85:fb:d7:6c:5d:80:d8:02:ff:
7d:3f:34:84:4a:74:a4:36:83:b2:f3:b2:d4:5b:5e:fd:fa:43:
9d:14:43:33:c5:f4:eb:49:12:ac:1f:58:af:1a:8a:bb:4d:37:
a1:38:38:d1:dc:3d:84:e4:27:4e:43:2b:66:80:9b:29:80:5e:
1f:ea:07:32:81:d1:e3:2d:2f:f7:24:19:c9:bf:58:fe:39:f1:
51:8c:bd:91:5e:e4:14:f0:da:67:63:9f:56:b5:e1:fd:1a:06:
3b:54:eb:d1:ec:22:83:a8:93:87:d6:c1:9b:04:e8:ac:c3:d3:
61:50:09:06:13:cb:b5:fb:6f:17:fe:a8:d2:84:59:28:8c:93:
3a:c6:9d:ef:80:7d:49:90:5f:48:6b:b1:da:b4:0e:36:d7:87:
c2:94:c8:8f:c0:b0:f7:91:92:1e:44:31:44:84:7e:e1:75:aa:
bf:49:98:18:14:a2:fe:0c:fc:31:46:b1:46:fb:82:5b:75:b3:
0c:19:a6:e8:48:e3:f6:f9:08:ba:21:67:9f:61:56:1a:6c:f7:
90:f7:87:87:5e:36:4a:c7:86:15:f7:f1:d4:64:aa:8b:ca:0a:
e0:e3:07:57
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQiH9Z07o9LhGDpxknYWYSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNWEwOTA1YWQ1Njg0ZjQxNDE4MmM5OWUxZWQ5OTgxNjMw
OTMwMDEwHhcNMjUwMTAxMTM0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDIzN2JjZGMwYWY2MWZjNmUxNjU3ZTExY2UwMjkzYTQ0MTE4ODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Yqt6PqSFMEtNeBhcgRdHiql2mDJ
BeLlMOZEZBJ1BC+F0zvnsqHUhQpxA6T+WGbyaJzmT1VHFj8z0dZdnNSvn3Cb3fKh
37syFuvRzGQ9/cMjUZMKZOy5Xc6uO1qAUubJRxRJlzD0U8xtPPHUFgq/60gz/9L/
wGN3rUXasaz26Zc9sc/0w56xJlQUQbXZpbJcMaPggmkgJvNHJ8acgNFkEf38dAbr
IsmnHUPMsTRSCyfMMytqCownozLB8szo1jqGJhCGDiYtB7NfSuInmsGOeSrOUVQT
7qhMLsNeupdx5AIFAgOBlNF0328Cisk9cKZuxiirHd8PHaCGlvqbkzaNwwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFO0je83Ar2H8bhZX4RzgKTpEEYiaMB8GA1UdIwQY
MBaAFFNaCQWtVoT0FBgsmeHtmYFjCTABMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFvSkJhMVdoUFFVR0N5WjRlMlpnV01KTUFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9iMjdiYWYtZTY4MS00YWI2LWI5MDMt
NmExMGM2ZTMyMjJkLzEvN1NON3pjQ3ZZZnh1RmxmaEhPQXBPa1FSaUpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9iMjdiYWYtZTY4MS00YWI2LWI5MDMtNmExMGM2ZTMyMjJk
LzEvVTFvSkJhMVdoUFFVR0N5WjRlMlpnV01KTUFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCud4QMBgE
AgACMBIDBwAqDPAAAAADBwAqDPAAEAAwDQYJKoZIhvcNAQELBQADggEBAAyFLd3o
ga1rOPNNmLhxUuvgMGE8+s0GxvwLk4X712xdgNgC/30/NIRKdKQ2g7LzstRbXv36
Q50UQzPF9OtJEqwfWK8airtNN6E4ONHcPYTkJ05DK2aAmymAXh/qBzKB0eMtL/ck
Gcm/WP458VGMvZFe5BTw2mdjn1a14f0aBjtU69HsIoOok4fWwZsE6KzD02FQCQYT
y7X7bxf+qNKEWSiMkzrGne+AfUmQX0hrsdq0DjbXh8KUyI/AsPeRkh5EMUSEfuF1
qr9JmBgUov4M/DFGsUb7glt1swwZpuhI4/b5CLohZ59hVhps95D3h4deNkrHhhX3
8dRkqovKCuDjB1c=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:50:00 2025 by rpki-client