Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/eafe6e-cfe3-4245-9c36-07a28ad3cb64/1/IoLDWpZjj6oD1gt6nT7kXI9BcpA.roa
File: IoLDWpZjj6oD1gt6nT7kXI9BcpA.roa (raw, json)
Hash identifier: O3dblJBCfC0orY3rYiRzkRU6RkAUIy5FR+b3VhRRXis=
Subject key identifier: 22:82:C3:5A:96:63:8F:AA:03:D6:0B:7A:9D:3E:E4:5C:8F:41:72:90
Certificate issuer: /CN=199ef1b4eb6a0f812511b6bb2704801a3311f709
Certificate serial: 019424B3D58FCFC4A524FDC67424EE0708AF
Authority key identifier: 19:9E:F1:B4:EB:6A:0F:81:25:11:B6:BB:27:04:80:1A:33:11:F7:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GZ7xtOtqD4ElEba7JwSAGjMR9wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/eafe6e-cfe3-4245-9c36-07a28ad3cb64/1/IoLDWpZjj6oD1gt6nT7kXI9BcpA.roa
Signing time: Thu 02 Jan 2025 01:49:12 +0000
ROA not before: Thu 02 Jan 2025 01:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206060
IP address blocks: 185.197.176.0/22 maxlen: 22
185.197.176.0/24 maxlen: 24
185.197.177.0/24 maxlen: 24
185.197.178.0/24 maxlen: 24
185.197.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/eafe6e-cfe3-4245-9c36-07a28ad3cb64/1/GZ7xtOtqD4ElEba7JwSAGjMR9wk.crl
rsync://rpki.ripe.net/repository/DEFAULT/96/eafe6e-cfe3-4245-9c36-07a28ad3cb64/1/GZ7xtOtqD4ElEba7JwSAGjMR9wk.mft
rsync://rpki.ripe.net/repository/DEFAULT/GZ7xtOtqD4ElEba7JwSAGjMR9wk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 07:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:d5:8f:cf:c4:a5:24:fd:c6:74:24:ee:07:08:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=199ef1b4eb6a0f812511b6bb2704801a3311f709
Validity
Not Before: Jan 2 01:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2282c35a96638faa03d60b7a9d3ee45c8f417290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:27:22:08:cf:e9:09:a7:b8:d7:c1:49:a3:29:
fe:9c:37:55:74:f0:75:b5:4c:4f:43:1d:f5:a0:90:
22:16:48:5b:8c:64:67:f7:17:37:22:8d:b9:5a:34:
f0:5d:ad:41:9f:94:cb:fd:e4:17:39:1e:3e:56:08:
64:b3:9f:bb:e2:c5:22:33:60:c9:b8:c4:35:6c:a9:
05:38:4d:32:41:8e:3f:41:3f:e2:a5:84:b8:7e:1a:
84:81:ad:bc:fb:81:55:89:75:c6:00:9e:21:18:17:
fe:f8:68:ae:9f:8c:93:98:fb:1c:3f:d4:2e:c0:63:
5a:fc:5d:25:f2:a9:0a:f2:68:57:39:9b:b8:48:5a:
55:e0:8b:b2:4f:f4:1b:59:a7:97:13:96:09:8c:53:
fc:f2:99:36:12:22:72:0c:12:77:64:98:89:42:b2:
bc:d0:8c:07:8a:bb:7a:bf:7c:93:a2:b6:65:44:e2:
3d:5f:54:7a:61:db:34:ac:0b:ea:8b:5f:7c:c3:89:
a7:35:06:8f:f5:fd:d8:79:0f:c5:4d:4c:6e:64:13:
0f:6c:20:2b:41:da:c7:f2:14:a3:78:3c:de:39:ce:
5e:2d:44:05:d2:1b:e2:28:62:a4:1b:d5:65:fc:d8:
fa:c8:01:ad:38:42:24:c7:98:02:91:d0:de:58:02:
44:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:82:C3:5A:96:63:8F:AA:03:D6:0B:7A:9D:3E:E4:5C:8F:41:72:90
X509v3 Authority Key Identifier:
keyid:19:9E:F1:B4:EB:6A:0F:81:25:11:B6:BB:27:04:80:1A:33:11:F7:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GZ7xtOtqD4ElEba7JwSAGjMR9wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/eafe6e-cfe3-4245-9c36-07a28ad3cb64/1/IoLDWpZjj6oD1gt6nT7kXI9BcpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/eafe6e-cfe3-4245-9c36-07a28ad3cb64/1/GZ7xtOtqD4ElEba7JwSAGjMR9wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.176.0/22
Signature Algorithm: sha256WithRSAEncryption
48:f0:aa:dd:50:ae:57:49:c1:87:21:fd:05:a1:a5:76:89:fc:
5f:ea:4f:8f:9b:c5:6e:e3:ea:8b:4e:28:bf:0b:db:07:7e:b7:
ab:06:c0:2f:9a:d6:a6:a7:26:8f:44:1e:39:2b:74:87:0e:f8:
c0:ae:1e:8d:ae:e3:14:8c:0c:e0:8b:1c:7f:e6:5a:cb:c1:a8:
6b:a9:af:ce:bc:83:87:52:c6:68:a4:ea:0d:a4:e1:31:ce:e7:
b4:19:ff:4e:e8:62:e7:56:92:9a:3b:9c:52:29:b6:62:7f:44:
4e:bb:1c:f2:3d:00:19:44:61:7c:78:25:45:6e:c0:45:f5:be:
06:ee:64:8d:87:2c:42:ae:7a:a0:7d:9d:b5:85:bb:f4:a9:fc:
e8:b6:c3:c7:f9:d9:94:2e:e5:9d:44:c0:fa:39:48:36:72:ef:
70:e6:55:88:31:f5:2b:9e:17:e1:d8:b2:07:53:9d:f7:0d:0b:
47:8a:e8:34:86:af:f7:7b:a8:0e:8a:d4:8c:88:b1:37:a8:06:
24:8b:da:bd:fd:64:53:17:98:f8:88:0b:9e:fa:14:76:1f:0f:
b1:35:36:c9:65:81:79:18:1a:cd:85:cb:6e:c8:f5:ca:2e:59:
64:91:64:23:4b:c0:60:46:9b:9b:de:48:d4:be:31:6e:87:b0:
d1:24:bf:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks9WPz8SlJP3GdCTuBwivMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5OWVmMWI0ZWI2YTBmODEyNTExYjZiYjI3MDQ4MDFhMzMx
MWY3MDkwHhcNMjUwMTAyMDE0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjgyYzM1YTk2NjM4ZmFhMDNkNjBiN2E5ZDNlZTQ1YzhmNDE3MjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCciCM/pCae418FJoyn+nDdVdPB1
tUxPQx31oJAiFkhbjGRn9xc3Io25WjTwXa1Bn5TL/eQXOR4+Vghks5+74sUiM2DJ
uMQ1bKkFOE0yQY4/QT/ipYS4fhqEga28+4FViXXGAJ4hGBf++Giun4yTmPscP9Qu
wGNa/F0l8qkK8mhXOZu4SFpV4IuyT/QbWaeXE5YJjFP88pk2EiJyDBJ3ZJiJQrK8
0IwHirt6v3yTorZlROI9X1R6Yds0rAvqi198w4mnNQaP9f3YeQ/FTUxuZBMPbCAr
QdrH8hSjeDzeOc5eLUQF0hviKGKkG9Vl/Nj6yAGtOEIkx5gCkdDeWAJE1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCKCw1qWY4+qA9YLep0+5FyPQXKQMB8GA1UdIwQY
MBaAFBme8bTrag+BJRG2uycEgBozEfcJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1o3eHRPdHFENEVsRWJhN0p3U0FHak1SOXdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9lYWZlNmUtY2ZlMy00MjQ1LTljMzYt
MDdhMjhhZDNjYjY0LzEvSW9MRFdwWmpqNm9EMWd0Nm5UN2tYSTlCY3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9lYWZlNmUtY2ZlMy00MjQ1LTljMzYtMDdhMjhhZDNjYjY0
LzEvR1o3eHRPdHFENEVsRWJhN0p3U0FHak1SOXdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucWwMA0G
CSqGSIb3DQEBCwUAA4IBAQBI8KrdUK5XScGHIf0FoaV2ifxf6k+Pm8Vu4+qLTii/
C9sHfrerBsAvmtampyaPRB45K3SHDvjArh6NruMUjAzgixx/5lrLwahrqa/OvIOH
UsZopOoNpOExzue0Gf9O6GLnVpKaO5xSKbZif0ROuxzyPQAZRGF8eCVFbsBF9b4G
7mSNhyxCrnqgfZ21hbv0qfzotsPH+dmULuWdRMD6OUg2cu9w5lWIMfUrnhfh2LIH
U533DQtHiug0hq/3e6gOitSMiLE3qAYki9q9/WRTF5j4iAue+hR2Hw+xNTbJZYF5
GBrNhctuyPXKLllkkWQjS8BgRpub3kjUvjFuh7DRJL/I
-----END CERTIFICATE-----
Generated at Sun Apr 13 15:12:55 2025 by rpki-client