Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/4c4058-8ee3-4e3e-a30c-bac476b97eee/1/F0v3ZdAWJMgM-NX7fWdPVPvmHtw.roa
File: F0v3ZdAWJMgM-NX7fWdPVPvmHtw.roa (raw, json)
Hash identifier: 5lz4KZFI8B9Thk9y5Q0cmh/EUM6SOuSnTkJHbk1d9g0=
Subject key identifier: 17:4B:F7:65:D0:16:24:C8:0C:F8:D5:FB:7D:67:4F:54:FB:E6:1E:DC
Certificate issuer: /CN=ee182424b484197dc304524092dcdd992fcbe4be
Certificate serial: 019423D6EDFC92EFB679F75B9908337FF338
Authority key identifier: EE:18:24:24:B4:84:19:7D:C3:04:52:40:92:DC:DD:99:2F:CB:E4:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hgkJLSEGX3DBFJAktzdmS_L5L4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/4c4058-8ee3-4e3e-a30c-bac476b97eee/1/F0v3ZdAWJMgM-NX7fWdPVPvmHtw.roa
Signing time: Wed 01 Jan 2025 21:47:55 +0000
ROA not before: Wed 01 Jan 2025 21:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208321
IP address blocks: 185.235.88.0/22 maxlen: 24
2a0b:e200::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/4c4058-8ee3-4e3e-a30c-bac476b97eee/1/7hgkJLSEGX3DBFJAktzdmS_L5L4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/4c4058-8ee3-4e3e-a30c-bac476b97eee/1/7hgkJLSEGX3DBFJAktzdmS_L5L4.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hgkJLSEGX3DBFJAktzdmS_L5L4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ed:fc:92:ef:b6:79:f7:5b:99:08:33:7f:f3:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee182424b484197dc304524092dcdd992fcbe4be
Validity
Not Before: Jan 1 21:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=174bf765d01624c80cf8d5fb7d674f54fbe61edc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d9:8d:fe:fa:5d:d1:c2:f2:e2:ba:65:d2:12:
ee:57:82:71:52:71:c0:00:3a:8e:97:64:ff:1c:58:
85:4c:5d:38:24:bb:25:b7:32:fa:9c:ad:70:ae:92:
47:17:a0:fa:11:29:fc:ef:29:b1:47:25:9c:b8:9b:
6b:4e:1d:7b:4a:6c:ef:4f:cf:f6:70:bf:a0:fc:4d:
07:33:6f:58:e4:49:0d:71:5a:20:13:ec:af:dd:26:
49:70:ae:89:7d:3c:9d:d9:9b:23:3f:d8:63:f5:b3:
df:06:dc:20:29:c1:d7:2b:85:9f:19:5f:b6:0e:08:
0a:22:ce:de:ad:d5:bd:b0:42:0d:c9:03:72:58:91:
b1:80:b3:50:c3:86:97:76:48:0b:f9:b7:d7:3e:d3:
fd:b7:d4:e5:8d:cf:c3:37:63:06:7e:cb:c3:ff:11:
88:04:62:fb:9d:a7:34:e5:d1:a4:70:b4:87:25:ce:
fe:82:b9:c5:c1:70:17:0d:53:5d:2c:a5:c7:7b:28:
5c:0e:03:1a:39:cc:63:16:da:ea:ab:a5:0b:a9:00:
f1:84:41:cc:9b:3f:ed:3d:e9:70:31:c1:c3:23:ec:
c8:0d:a5:b3:cb:ce:95:97:ca:8d:e4:dd:a7:14:67:
a5:13:6b:39:f2:d5:16:e4:70:0e:a9:43:f3:34:d4:
d7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:4B:F7:65:D0:16:24:C8:0C:F8:D5:FB:7D:67:4F:54:FB:E6:1E:DC
X509v3 Authority Key Identifier:
keyid:EE:18:24:24:B4:84:19:7D:C3:04:52:40:92:DC:DD:99:2F:CB:E4:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hgkJLSEGX3DBFJAktzdmS_L5L4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/4c4058-8ee3-4e3e-a30c-bac476b97eee/1/F0v3ZdAWJMgM-NX7fWdPVPvmHtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/4c4058-8ee3-4e3e-a30c-bac476b97eee/1/7hgkJLSEGX3DBFJAktzdmS_L5L4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.88.0/22
IPv6:
2a0b:e200::/29
Signature Algorithm: sha256WithRSAEncryption
78:f3:e4:07:c4:75:ab:2c:4e:9e:0e:39:74:d7:a8:6b:18:07:
07:6b:f6:21:83:09:3b:7b:c6:fb:a8:38:d2:63:8c:9c:29:7e:
10:c1:a9:8e:5f:57:1e:36:56:cc:a6:09:c1:7d:b2:de:90:d7:
a8:7d:ad:71:ca:5a:49:62:35:89:19:cc:48:07:3a:14:9d:49:
0d:15:5e:68:32:3f:bd:5a:fc:a9:e1:26:fa:69:63:ed:1d:e2:
fa:7f:3b:2a:90:4f:6c:43:1a:0a:30:6a:9c:42:03:b0:6c:b5:
cf:50:7b:90:ce:2b:7d:62:1d:36:a9:c1:d6:4d:27:e8:c8:b8:
b7:9a:85:05:11:41:59:dd:1f:84:a0:e3:4a:17:2e:e4:34:05:
cd:cd:42:e2:ef:4a:9a:aa:e6:40:bb:52:70:a0:fe:13:6d:f9:
b5:fe:a7:ad:b7:9a:3c:51:1c:f3:e6:94:8e:c7:de:b9:fe:af:
8f:cb:2a:0b:69:f4:68:4e:60:7e:95:1d:27:a0:32:ff:cf:66:
7d:90:bc:2a:f1:dd:df:e0:f9:66:d6:30:be:7e:86:1d:80:2c:
b8:9b:f7:5a:a9:2d:4d:68:d1:c1:39:80:19:6a:b0:b0:80:d1:
28:6a:87:1d:ee:db:3f:bd:fb:7e:b3:86:64:f4:a9:a4:a4:0a:
f8:57:86:c6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1u38ku+2efdbmQgzf/M4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMTgyNDI0YjQ4NDE5N2RjMzA0NTI0MDkyZGNkZDk5MmZj
YmU0YmUwHhcNMjUwMTAxMjE0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzRiZjc2NWQwMTYyNGM4MGNmOGQ1ZmI3ZDY3NGY1NGZiZTYxZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstmN/vpd0cLy4rpl0hLuV4JxUnHA
ADqOl2T/HFiFTF04JLsltzL6nK1wrpJHF6D6ESn87ymxRyWcuJtrTh17SmzvT8/2
cL+g/E0HM29Y5EkNcVogE+yv3SZJcK6JfTyd2ZsjP9hj9bPfBtwgKcHXK4WfGV+2
DggKIs7erdW9sEINyQNyWJGxgLNQw4aXdkgL+bfXPtP9t9Tljc/DN2MGfsvD/xGI
BGL7nac05dGkcLSHJc7+grnFwXAXDVNdLKXHeyhcDgMaOcxjFtrqq6ULqQDxhEHM
mz/tPelwMcHDI+zIDaWzy86Vl8qN5N2nFGelE2s58tUW5HAOqUPzNNTXOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBdL92XQFiTIDPjV+31nT1T75h7cMB8GA1UdIwQY
MBaAFO4YJCS0hBl9wwRSQJLc3Zkvy+S+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2hna0pMU0VHWDNEQkZKQWt0emRtU19MNUw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi80YzQwNTgtOGVlMy00ZTNlLWEzMGMt
YmFjNDc2Yjk3ZWVlLzEvRjB2M1pkQVdKTWdNLU5YN2ZXZFBWUHZtSHR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi80YzQwNTgtOGVlMy00ZTNlLWEzMGMtYmFjNDc2Yjk3ZWVl
LzEvN2hna0pMU0VHWDNEQkZKQWt0emRtU19MNUw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuetYMA0E
AgACMAcDBQMqC+IAMA0GCSqGSIb3DQEBCwUAA4IBAQB48+QHxHWrLE6eDjl016hr
GAcHa/Yhgwk7e8b7qDjSY4ycKX4QwamOX1ceNlbMpgnBfbLekNeofa1xylpJYjWJ
GcxIBzoUnUkNFV5oMj+9Wvyp4Sb6aWPtHeL6fzsqkE9sQxoKMGqcQgOwbLXPUHuQ
zit9Yh02qcHWTSfoyLi3moUFEUFZ3R+EoONKFy7kNAXNzULi70qaquZAu1JwoP4T
bfm1/qett5o8URzz5pSOx965/q+PyyoLafRoTmB+lR0noDL/z2Z9kLwq8d3f4Plm
1jC+foYdgCy4m/daqS1NaNHBOYAZarCwgNEoaocd7ts/vft+s4Zk9KmkpAr4V4bG
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:51 2025 by rpki-client