Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/5edd6f-2c65-447d-bcad-4aaada65d71c/1/04EXo_aa8R-wCVS1fC9fkSKHbQk.roa
File: 04EXo_aa8R-wCVS1fC9fkSKHbQk.roa (raw, json)
Hash identifier: D39mfhIOXghwegUx11UFZTXpnVcMRyxswgHcx5Y2hRA=
Subject key identifier: D3:81:17:A3:F6:9A:F1:1F:B0:09:54:B5:7C:2F:5F:91:22:87:6D:09
Certificate issuer: /CN=2559e9be1fbd1e6909a0be9a90b380f824fab1a5
Certificate serial: 019427B52CA245A649E818219600422B9F17
Authority key identifier: 25:59:E9:BE:1F:BD:1E:69:09:A0:BE:9A:90:B3:80:F8:24:FA:B1:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JVnpvh-9HmkJoL6akLOA-CT6saU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/5edd6f-2c65-447d-bcad-4aaada65d71c/1/04EXo_aa8R-wCVS1fC9fkSKHbQk.roa
Signing time: Thu 02 Jan 2025 15:49:32 +0000
ROA not before: Thu 02 Jan 2025 15:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 185.198.4.0/24 maxlen: 24
185.198.5.0/24 maxlen: 24
185.198.6.0/24 maxlen: 24
185.198.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/5edd6f-2c65-447d-bcad-4aaada65d71c/1/JVnpvh-9HmkJoL6akLOA-CT6saU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/5edd6f-2c65-447d-bcad-4aaada65d71c/1/JVnpvh-9HmkJoL6akLOA-CT6saU.mft
rsync://rpki.ripe.net/repository/DEFAULT/JVnpvh-9HmkJoL6akLOA-CT6saU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:2c:a2:45:a6:49:e8:18:21:96:00:42:2b:9f:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2559e9be1fbd1e6909a0be9a90b380f824fab1a5
Validity
Not Before: Jan 2 15:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d38117a3f69af11fb00954b57c2f5f9122876d09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:18:fb:df:86:d6:b6:e9:3f:80:28:39:1f:03:
ec:31:bc:65:3d:94:83:14:63:8a:99:2b:df:2c:a4:
fe:d8:b7:9a:7d:31:d5:38:8e:fd:fe:ed:88:18:98:
95:81:b5:09:3d:7c:99:2d:95:da:13:4e:e1:c4:79:
f2:0a:f3:04:3e:b6:34:5a:b1:22:23:bf:03:aa:9e:
04:aa:4a:d4:45:a7:f6:39:7c:84:79:44:88:38:5a:
b0:56:e4:07:e4:2a:ae:d0:96:ff:80:eb:8e:3a:2c:
ae:af:f0:9f:27:e3:d2:6a:8a:4a:fc:2b:5e:6f:44:
02:be:a3:d1:07:d7:fb:e6:15:46:80:52:a9:5e:7c:
5a:3f:1a:28:81:8b:ea:72:45:0f:85:6e:9b:9d:ac:
5d:af:08:e8:bf:d4:cb:31:d0:f4:b5:14:1b:ca:16:
f1:c4:17:e3:8e:5d:00:8c:cf:3b:23:ad:88:f0:dc:
d5:15:34:0f:93:69:d0:bd:2b:8f:06:50:50:7f:10:
80:a0:76:e1:80:5e:23:95:8d:21:3f:8c:12:ab:e5:
09:ca:72:af:f5:94:38:a2:5f:86:c2:5b:e4:77:df:
86:3b:2e:dc:28:f0:91:5b:47:5c:1d:f8:20:68:1f:
78:d0:e9:6f:ca:e1:36:77:3e:e2:6d:70:e0:87:ff:
d1:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:81:17:A3:F6:9A:F1:1F:B0:09:54:B5:7C:2F:5F:91:22:87:6D:09
X509v3 Authority Key Identifier:
keyid:25:59:E9:BE:1F:BD:1E:69:09:A0:BE:9A:90:B3:80:F8:24:FA:B1:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JVnpvh-9HmkJoL6akLOA-CT6saU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/5edd6f-2c65-447d-bcad-4aaada65d71c/1/04EXo_aa8R-wCVS1fC9fkSKHbQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/5edd6f-2c65-447d-bcad-4aaada65d71c/1/JVnpvh-9HmkJoL6akLOA-CT6saU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.4.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:52:ea:af:45:20:b7:cc:6f:af:47:4c:e7:a4:7c:6e:4d:7c:
52:f1:db:95:89:8a:46:09:38:aa:6a:00:be:14:b0:30:e9:30:
72:e0:1a:74:9a:e6:86:b7:8d:98:39:17:e2:8b:88:27:25:13:
00:d4:e4:0e:d5:96:60:50:a1:f0:7e:d5:7f:83:4e:46:56:bd:
69:48:85:90:3c:a3:b5:ea:7d:0a:60:51:29:ad:14:09:49:5b:
2f:18:7a:75:9a:9c:5d:94:2c:81:57:cf:f9:da:9d:80:26:72:
1d:bf:40:7d:bb:a6:47:54:6c:40:5d:70:04:5f:b6:2c:75:18:
b0:9f:47:f1:2d:fa:03:40:88:79:6d:92:62:6c:04:6c:c6:5e:
54:60:1a:1e:9d:6c:f4:f9:a2:f7:05:e2:c0:d1:5c:64:91:20:
69:05:1f:8e:a6:3f:b3:2b:ef:e2:29:d9:65:fd:c0:00:c5:03:
d6:ed:6a:96:42:a4:4b:dc:ea:2d:02:3f:2b:39:c7:ef:ac:77:
a4:32:2e:c1:5c:8c:a6:84:02:99:a0:39:e3:d3:0f:b4:9f:89:
46:55:4c:1a:55:d0:61:b9:f4:36:1d:62:e3:d9:fb:30:70:05:
55:c1:c8:92:af:35:34:de:64:9c:39:47:45:ff:68:c6:28:4d:
40:54:fe:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntSyiRaZJ6BghlgBCK58XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NTllOWJlMWZiZDFlNjkwOWEwYmU5YTkwYjM4MGY4MjRm
YWIxYTUwHhcNMjUwMTAyMTU0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzgxMTdhM2Y2OWFmMTFmYjAwOTU0YjU3YzJmNWY5MTIyODc2ZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBj734bWtuk/gCg5HwPsMbxlPZSD
FGOKmSvfLKT+2LeafTHVOI79/u2IGJiVgbUJPXyZLZXaE07hxHnyCvMEPrY0WrEi
I78Dqp4EqkrURaf2OXyEeUSIOFqwVuQH5Cqu0Jb/gOuOOiyur/CfJ+PSaopK/Cte
b0QCvqPRB9f75hVGgFKpXnxaPxoogYvqckUPhW6bnaxdrwjov9TLMdD0tRQbyhbx
xBfjjl0AjM87I62I8NzVFTQPk2nQvSuPBlBQfxCAoHbhgF4jlY0hP4wSq+UJynKv
9ZQ4ol+Gwlvkd9+GOy7cKPCRW0dcHfggaB940OlvyuE2dz7ibXDgh//R8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNOBF6P2mvEfsAlUtXwvX5Eih20JMB8GA1UdIwQY
MBaAFCVZ6b4fvR5pCaC+mpCzgPgk+rGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlZucHZoLTlIbWtKb0w2YWtMT0EtQ1Q2c2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy81ZWRkNmYtMmM2NS00NDdkLWJjYWQt
NGFhYWRhNjVkNzFjLzEvMDRFWG9fYWE4Ui13Q1ZTMWZDOWZrU0tIYlFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy81ZWRkNmYtMmM2NS00NDdkLWJjYWQtNGFhYWRhNjVkNzFj
LzEvSlZucHZoLTlIbWtKb0w2YWtMT0EtQ1Q2c2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucYEMA0G
CSqGSIb3DQEBCwUAA4IBAQBtUuqvRSC3zG+vR0znpHxuTXxS8duViYpGCTiqagC+
FLAw6TBy4Bp0muaGt42YORfii4gnJRMA1OQO1ZZgUKHwftV/g05GVr1pSIWQPKO1
6n0KYFEprRQJSVsvGHp1mpxdlCyBV8/52p2AJnIdv0B9u6ZHVGxAXXAEX7YsdRiw
n0fxLfoDQIh5bZJibARsxl5UYBoenWz0+aL3BeLA0VxkkSBpBR+Opj+zK+/iKdll
/cAAxQPW7WqWQqRL3OotAj8rOcfvrHekMi7BXIymhAKZoDnj0w+0n4lGVUwaVdBh
ufQ2HWLj2fswcAVVwciSrzU03mScOUdF/2jGKE1AVP5E
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:48:13 2025 by rpki-client