Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/b27baf-e681-4ab6-b903-6a10c6e3222d/1/obJncD_0pTUlPPD-AcEn_M1zGfo.roa
File: obJncD_0pTUlPPD-AcEn_M1zGfo.roa (raw, json)
Hash identifier: RuqdX0YCoJMcWHJ0m+d97tTxosEY+ohGr3DZreCWswY=
Subject key identifier: A1:B2:67:70:3F:F4:A5:35:25:3C:F0:FE:01:C1:27:FC:CD:73:19:FA
Certificate issuer: /CN=535a0905ad5684f414182c99e1ed998163093001
Certificate serial: 0194221FD54C6560C0550728E1795E963DDF
Authority key identifier: 53:5A:09:05:AD:56:84:F4:14:18:2C:99:E1:ED:99:81:63:09:30:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1oJBa1WhPQUGCyZ4e2ZgWMJMAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/b27baf-e681-4ab6-b903-6a10c6e3222d/1/obJncD_0pTUlPPD-AcEn_M1zGfo.roa
Signing time: Wed 01 Jan 2025 13:48:18 +0000
ROA not before: Wed 01 Jan 2025 13:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205265
IP address blocks: 185.222.16.0/22 maxlen: 24
2a0c:f000::/48 maxlen: 48
2a0c:f000:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/b27baf-e681-4ab6-b903-6a10c6e3222d/1/U1oJBa1WhPQUGCyZ4e2ZgWMJMAE.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/b27baf-e681-4ab6-b903-6a10c6e3222d/1/U1oJBa1WhPQUGCyZ4e2ZgWMJMAE.mft
rsync://rpki.ripe.net/repository/DEFAULT/U1oJBa1WhPQUGCyZ4e2ZgWMJMAE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:d5:4c:65:60:c0:55:07:28:e1:79:5e:96:3d:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535a0905ad5684f414182c99e1ed998163093001
Validity
Not Before: Jan 1 13:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1b267703ff4a535253cf0fe01c127fccd7319fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:82:d7:bf:a5:d3:5c:47:66:0c:8d:9e:d0:9d:
cb:91:48:a7:b8:04:2a:6f:d9:70:34:cc:4b:3d:00:
3f:35:2f:01:3e:59:6a:cd:00:f3:b9:c3:4d:bb:16:
07:ff:b2:90:79:ad:1f:98:03:a3:ce:b1:e5:4c:79:
05:25:4f:9a:c4:77:dd:3e:9f:47:94:88:a9:22:5a:
18:26:e2:ff:00:11:82:d7:70:fd:05:dd:0e:ab:c5:
e5:57:6f:75:a6:47:89:b7:9b:b7:d9:49:5c:ca:bf:
ad:b9:9c:be:1d:8a:a6:83:b7:d9:b0:17:41:52:5f:
2d:b9:b2:3f:37:ef:43:91:90:2a:2e:6b:8e:00:46:
6a:a9:93:71:46:f1:98:87:52:04:76:d0:2d:c7:f3:
40:ed:62:58:5a:33:21:77:e7:00:ed:3e:d9:58:0b:
a2:86:4e:18:2b:99:ba:ef:f5:21:f4:4e:cc:97:c8:
e3:b3:d6:74:8e:06:72:a1:18:29:ab:78:b2:3c:9e:
90:ed:55:ad:66:83:5e:16:be:44:3b:56:d7:09:92:
48:e5:cb:b9:6e:0e:72:e5:0a:46:40:60:c5:d0:ff:
07:f2:ee:86:b2:1d:2e:67:16:5b:5c:01:29:20:cc:
49:ef:a6:fb:35:af:f6:a9:0c:ec:e4:7c:e7:7e:d7:
1a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:B2:67:70:3F:F4:A5:35:25:3C:F0:FE:01:C1:27:FC:CD:73:19:FA
X509v3 Authority Key Identifier:
keyid:53:5A:09:05:AD:56:84:F4:14:18:2C:99:E1:ED:99:81:63:09:30:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1oJBa1WhPQUGCyZ4e2ZgWMJMAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b27baf-e681-4ab6-b903-6a10c6e3222d/1/obJncD_0pTUlPPD-AcEn_M1zGfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b27baf-e681-4ab6-b903-6a10c6e3222d/1/U1oJBa1WhPQUGCyZ4e2ZgWMJMAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.16.0/22
IPv6:
2a0c:f000::/48
2a0c:f000:2000::/48
Signature Algorithm: sha256WithRSAEncryption
13:79:fe:88:89:e3:71:07:43:b0:22:65:99:5c:33:e3:ec:06:
14:c9:8d:96:fe:f0:24:58:0a:d0:43:b2:d8:7d:6b:8f:7b:7f:
da:0a:33:df:1c:29:a6:7a:cc:67:33:84:97:1f:fa:4f:89:73:
9d:ed:c0:77:de:2d:00:30:1f:38:d7:67:ae:f4:74:af:68:19:
5c:c6:fd:77:ff:f4:8e:f5:9f:18:4d:e4:cc:60:47:46:c2:30:
11:2c:35:1d:ee:75:a1:db:59:8f:da:ce:91:16:de:10:d3:6e:
14:57:07:32:f3:a6:4c:50:96:2d:dc:7d:d1:2d:7d:4c:aa:8c:
d5:25:65:e0:2a:81:79:fa:59:a1:33:2d:cd:e2:9b:6a:73:40:
b9:0f:05:73:71:51:f1:ec:ae:f3:3c:78:0a:a0:80:c3:72:0e:
43:db:a3:6f:33:3d:75:35:b6:80:c2:57:77:2f:b9:9a:b1:63:
50:5d:ec:8c:6b:7f:76:46:39:b7:7b:5e:8b:8e:5c:8d:48:31:
f2:4d:d8:5e:74:69:13:86:cf:c0:3c:13:af:3f:ec:97:54:cd:
ca:75:1d:45:d7:29:e6:55:fa:e4:95:66:b0:af:ff:e6:72:67:
22:79:78:7a:79:45:a0:ec:ad:86:58:c1:5c:98:9b:3c:c7:98:
65:2b:5c:2a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQiH9VMZWDAVQco4Xlelj3fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNWEwOTA1YWQ1Njg0ZjQxNDE4MmM5OWUxZWQ5OTgxNjMw
OTMwMDEwHhcNMjUwMTAxMTM0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWIyNjc3MDNmZjRhNTM1MjUzY2YwZmUwMWMxMjdmY2NkNzMxOWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoLXv6XTXEdmDI2e0J3LkUinuAQq
b9lwNMxLPQA/NS8BPllqzQDzucNNuxYH/7KQea0fmAOjzrHlTHkFJU+axHfdPp9H
lIipIloYJuL/ABGC13D9Bd0Oq8XlV291pkeJt5u32Ulcyr+tuZy+HYqmg7fZsBdB
Ul8tubI/N+9DkZAqLmuOAEZqqZNxRvGYh1IEdtAtx/NA7WJYWjMhd+cA7T7ZWAui
hk4YK5m67/Uh9E7Ml8jjs9Z0jgZyoRgpq3iyPJ6Q7VWtZoNeFr5EO1bXCZJI5cu5
bg5y5QpGQGDF0P8H8u6Gsh0uZxZbXAEpIMxJ76b7Na/2qQzs5HznftcaEwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKGyZ3A/9KU1JTzw/gHBJ/zNcxn6MB8GA1UdIwQY
MBaAFFNaCQWtVoT0FBgsmeHtmYFjCTABMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFvSkJhMVdoUFFVR0N5WjRlMlpnV01KTUFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9iMjdiYWYtZTY4MS00YWI2LWI5MDMt
NmExMGM2ZTMyMjJkLzEvb2JKbmNEXzBwVFVsUFBELUFjRW5fTTF6R2ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9iMjdiYWYtZTY4MS00YWI2LWI5MDMtNmExMGM2ZTMyMjJk
LzEvVTFvSkJhMVdoUFFVR0N5WjRlMlpnV01KTUFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCud4QMBgE
AgACMBIDBwAqDPAAAAADBwAqDPAAIAAwDQYJKoZIhvcNAQELBQADggEBABN5/oiJ
43EHQ7AiZZlcM+PsBhTJjZb+8CRYCtBDsth9a497f9oKM98cKaZ6zGczhJcf+k+J
c53twHfeLQAwHzjXZ670dK9oGVzG/Xf/9I71nxhN5MxgR0bCMBEsNR3udaHbWY/a
zpEW3hDTbhRXBzLzpkxQli3cfdEtfUyqjNUlZeAqgXn6WaEzLc3im2pzQLkPBXNx
UfHsrvM8eAqggMNyDkPbo28zPXU1toDCV3cvuZqxY1Bd7Ixrf3ZGObd7XouOXI1I
MfJN2F50aROGz8A8E68/7JdUzcp1HUXXKeZV+uSVZrCv/+ZyZyJ5eHp5RaDsrYZY
wVyYmzzHmGUrXCo=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:55:51 2025 by rpki-client