Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/pM8rrfbLw8gBuT9MppMBPtFFKlM.roa
File: pM8rrfbLw8gBuT9MppMBPtFFKlM.roa (raw, json)
Hash identifier: ioCVW6t7ze0VBB3sFaN026IrAp6OLLgUf56gkcAIXz0=
Subject key identifier: A4:CF:2B:AD:F6:CB:C3:C8:01:B9:3F:4C:A6:93:01:3E:D1:45:2A:53
Certificate issuer: /CN=f8e826de1070d9d79daa9e415fc432613cc57e57
Certificate serial: 019421445CE2606E7AB5446D4AADB3762FD8
Authority key identifier: F8:E8:26:DE:10:70:D9:D7:9D:AA:9E:41:5F:C4:32:61:3C:C5:7E:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Ogm3hBw2dedqp5BX8QyYTzFflc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/pM8rrfbLw8gBuT9MppMBPtFFKlM.roa
Signing time: Wed 01 Jan 2025 09:48:35 +0000
ROA not before: Wed 01 Jan 2025 09:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202932
IP address blocks: 185.47.224.0/22 maxlen: 24
185.47.227.0/24 maxlen: 24
185.150.68.0/22 maxlen: 22
2a07:6e80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/1-Ogm3hBw2dedqp5BX8QyYTzFflc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/1-Ogm3hBw2dedqp5BX8QyYTzFflc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-Ogm3hBw2dedqp5BX8QyYTzFflc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:5c:e2:60:6e:7a:b5:44:6d:4a:ad:b3:76:2f:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e826de1070d9d79daa9e415fc432613cc57e57
Validity
Not Before: Jan 1 09:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4cf2badf6cbc3c801b93f4ca693013ed1452a53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:99:71:5a:97:31:88:95:2e:ca:1b:28:9e:b1:
2f:d9:0a:33:91:61:35:ad:c0:f7:95:e7:43:d2:61:
3a:cc:53:53:31:17:9d:9a:d3:89:d1:fd:fb:73:82:
d4:49:c8:4e:fa:8a:2b:ad:4b:5a:58:bc:a4:85:1d:
25:f8:d3:31:d9:2c:99:cd:8b:b5:0b:3e:78:9e:90:
55:bb:57:99:a4:be:29:1d:07:34:36:6d:d5:1f:8b:
86:ff:6b:72:8b:b3:32:65:43:70:b5:a3:91:da:c9:
21:a7:79:29:81:75:2d:99:14:84:97:6b:6c:43:66:
b5:f3:67:ea:ac:73:5e:e4:88:fa:ef:16:af:53:81:
db:8c:a0:8f:90:03:04:41:40:d3:93:99:42:51:47:
b9:79:2e:a5:04:0b:65:5e:fc:e1:99:88:1a:e2:ff:
25:ab:ff:1d:95:6a:93:a5:7e:71:9d:bb:02:e1:f2:
f2:69:84:d6:0d:62:b1:db:9f:f4:d2:06:3b:17:ea:
f2:e8:ff:96:a6:95:4a:65:29:16:55:53:35:10:29:
a3:cc:a2:7b:61:63:02:8a:f7:dd:0e:fb:3c:84:1a:
4c:6d:36:37:c0:eb:e5:04:b0:46:dd:d4:ba:ef:a6:
b1:e6:e9:50:a4:1f:1b:c3:97:64:45:59:30:3e:6c:
92:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:CF:2B:AD:F6:CB:C3:C8:01:B9:3F:4C:A6:93:01:3E:D1:45:2A:53
X509v3 Authority Key Identifier:
keyid:F8:E8:26:DE:10:70:D9:D7:9D:AA:9E:41:5F:C4:32:61:3C:C5:7E:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Ogm3hBw2dedqp5BX8QyYTzFflc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/pM8rrfbLw8gBuT9MppMBPtFFKlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/1-Ogm3hBw2dedqp5BX8QyYTzFflc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.47.224.0/22
185.150.68.0/22
IPv6:
2a07:6e80::/29
Signature Algorithm: sha256WithRSAEncryption
1f:c5:26:d3:e0:d3:a5:d4:37:20:70:1c:d7:7a:98:0b:63:15:
ed:ec:cb:0e:2f:14:35:22:2a:63:92:d9:25:a7:39:6f:7d:f5:
c0:9e:d2:9e:cf:da:31:07:bc:8b:36:2a:24:32:8c:32:46:45:
8c:ad:32:87:bc:a5:58:58:13:ca:11:8b:d5:b5:8f:af:52:da:
45:df:ee:51:10:15:a7:98:49:98:52:15:3b:f0:82:85:1c:e9:
a7:b3:16:de:ea:74:4f:7e:d9:ae:77:da:f8:9c:d4:17:a9:54:
67:78:ca:fc:9a:5c:ba:65:b0:a6:d4:a9:28:6c:90:48:62:4c:
f5:1b:c4:9f:61:29:09:6c:a5:30:95:de:65:76:81:6e:ca:d1:
98:b0:0c:d4:a6:eb:45:e2:73:74:86:a5:fe:ff:14:02:52:91:
66:9b:a2:95:53:7a:72:70:cc:90:b4:ae:20:a8:54:0d:61:bd:
cd:e4:78:fc:0f:8c:17:c9:7e:d3:f3:36:51:5b:74:6a:2b:b6:
bf:5f:46:97:b6:e3:3c:86:eb:47:56:3f:b3:d9:0d:51:56:bc:
cb:26:3f:33:f3:cc:5c:29:45:f4:a0:ff:6e:c2:79:14:33:51:
5a:8d:e1:02:ae:b8:e8:90:c3:11:6c:c6:29:9b:6b:3c:da:c4:
c7:65:f6:d1
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQhRFziYG56tURtSq2zdi/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTgyNmRlMTA3MGQ5ZDc5ZGFhOWU0MTVmYzQzMjYxM2Nj
NTdlNTcwHhcNMjUwMTAxMDk0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGNmMmJhZGY2Y2JjM2M4MDFiOTNmNGNhNjkzMDEzZWQxNDUyYTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5lxWpcxiJUuyhsonrEv2QozkWE1
rcD3ledD0mE6zFNTMRedmtOJ0f37c4LUSchO+oorrUtaWLykhR0l+NMx2SyZzYu1
Cz54npBVu1eZpL4pHQc0Nm3VH4uG/2tyi7MyZUNwtaOR2skhp3kpgXUtmRSEl2ts
Q2a182fqrHNe5Ij67xavU4HbjKCPkAMEQUDTk5lCUUe5eS6lBAtlXvzhmYga4v8l
q/8dlWqTpX5xnbsC4fLyaYTWDWKx25/00gY7F+ry6P+WppVKZSkWVVM1ECmjzKJ7
YWMCivfdDvs8hBpMbTY3wOvlBLBG3dS676ax5ulQpB8bw5dkRVkwPmySLwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKTPK632y8PIAbk/TKaTAT7RRSpTMB8GA1UdIwQY
MBaAFPjoJt4QcNnXnaqeQV/EMmE8xX5XMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PZ20zaEJ3MmRlZHFwNUJYOFF5WVR6RmZsYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQvNzNkYjc3LTBhNmItNGY5Yi1hOGU4
LWVhZWRiNzA5ZWZiZi8xL3BNOHJyZmJMdzhnQnVUOU1wcE1CUHRGRktsTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWQvNzNkYjc3LTBhNmItNGY5Yi1hOGU4LWVhZWRiNzA5ZWZi
Zi8xLzEtT2dtM2hCdzJkZWRxcDVCWDhReVlUekZmbGMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAK5L+AD
BAK5lkQwDQQCAAIwBwMFAyoHboAwDQYJKoZIhvcNAQELBQADggEBAB/FJtPg06XU
NyBwHNd6mAtjFe3syw4vFDUiKmOS2SWnOW999cCe0p7P2jEHvIs2KiQyjDJGRYyt
Moe8pVhYE8oRi9W1j69S2kXf7lEQFaeYSZhSFTvwgoUc6aezFt7qdE9+2a532vic
1BepVGd4yvyaXLplsKbUqShskEhiTPUbxJ9hKQlspTCV3mV2gW7K0ZiwDNSm60Xi
c3SGpf7/FAJSkWabopVTenJwzJC0riCoVA1hvc3kePwPjBfJftPzNlFbdGortr9f
Rpe24zyG60dWP7PZDVFWvMsmPzPzzFwpRfSg/27CeRQzUVqN4QKuuOiQwxFsximb
azzaxMdl9tE=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:35 2025 by rpki-client