Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/83cebe-c8ce-489d-a2f0-b95a16416b56/1/qCeXwVNQp66WQ27Det0b9KrkJEc.roa
File: qCeXwVNQp66WQ27Det0b9KrkJEc.roa (raw, json)
Hash identifier: WoKc3ldX5sHKUSOKMyS/VBt9xUxQrJ5xCbXpuIjQb48=
Subject key identifier: A8:27:97:C1:53:50:A7:AE:96:43:6E:C3:7A:DD:1B:F4:AA:E4:24:47
Certificate issuer: /CN=f215517b0b20309e916405b9e1ed21a0469a6895
Certificate serial: 01947B3399350DCFFB63980AB73F895F9936
Authority key identifier: F2:15:51:7B:0B:20:30:9E:91:64:05:B9:E1:ED:21:A0:46:9A:68:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8hVRewsgMJ6RZAW54e0hoEaaaJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/83cebe-c8ce-489d-a2f0-b95a16416b56/1/qCeXwVNQp66WQ27Det0b9KrkJEc.roa
Signing time: Sat 18 Jan 2025 20:56:06 +0000
ROA not before: Sat 18 Jan 2025 20:56:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201966
IP address blocks: 185.92.216.0/22 maxlen: 24
185.92.216.0/24 maxlen: 24
185.92.217.0/24 maxlen: 24
185.92.218.0/24 maxlen: 24
185.92.219.0/24 maxlen: 24
2a14:8900::/29 maxlen: 64
2a14:8900::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/83cebe-c8ce-489d-a2f0-b95a16416b56/1/8hVRewsgMJ6RZAW54e0hoEaaaJU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/83cebe-c8ce-489d-a2f0-b95a16416b56/1/8hVRewsgMJ6RZAW54e0hoEaaaJU.mft
rsync://rpki.ripe.net/repository/DEFAULT/8hVRewsgMJ6RZAW54e0hoEaaaJU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7b:33:99:35:0d:cf:fb:63:98:0a:b7:3f:89:5f:99:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f215517b0b20309e916405b9e1ed21a0469a6895
Validity
Not Before: Jan 18 20:56:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a82797c15350a7ae96436ec37add1bf4aae42447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:7b:cb:eb:e8:b5:b7:0a:da:03:a9:e3:d7:38:
70:3f:c8:9a:2a:11:26:87:61:e4:c2:46:7a:a3:b4:
d6:ce:50:ac:1c:8d:a4:d7:e1:5f:b9:b3:d5:dd:d5:
98:27:b1:29:ab:20:f4:70:78:12:04:21:4f:44:ca:
56:8f:5b:de:fd:a2:54:cc:e2:ae:15:bd:51:b2:52:
75:eb:a1:6b:b2:d8:c9:1c:ad:75:c4:ff:84:ab:70:
35:f9:68:bd:8a:62:ce:96:24:3c:24:22:96:72:4d:
98:e1:72:7a:e9:cf:79:8a:15:75:94:f9:cc:4d:44:
c7:5e:32:ee:61:92:cc:9a:0d:1b:01:2c:28:f3:60:
e2:3d:f7:da:ab:37:87:4c:c5:fc:b2:4b:d2:07:23:
81:05:1d:cc:b1:bc:9c:8f:c8:99:e3:03:c3:e6:21:
34:3b:e8:b5:c8:ff:2e:69:ec:20:51:a6:49:11:7a:
f9:03:2c:39:84:c8:e0:a8:0d:57:9e:0f:5c:52:34:
83:bd:ad:8b:1b:11:9d:41:af:b3:0c:bb:23:49:77:
3d:75:d9:d8:2e:c7:f5:2c:75:d1:e4:4c:2d:ad:ba:
1c:e8:fb:82:1b:7d:e5:ea:f8:09:31:73:5e:e9:43:
ce:4f:96:21:68:d8:4e:17:50:8d:43:23:1b:53:c2:
12:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:27:97:C1:53:50:A7:AE:96:43:6E:C3:7A:DD:1B:F4:AA:E4:24:47
X509v3 Authority Key Identifier:
keyid:F2:15:51:7B:0B:20:30:9E:91:64:05:B9:E1:ED:21:A0:46:9A:68:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8hVRewsgMJ6RZAW54e0hoEaaaJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/83cebe-c8ce-489d-a2f0-b95a16416b56/1/qCeXwVNQp66WQ27Det0b9KrkJEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/83cebe-c8ce-489d-a2f0-b95a16416b56/1/8hVRewsgMJ6RZAW54e0hoEaaaJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.92.216.0/22
IPv6:
2a14:8900::/29
Signature Algorithm: sha256WithRSAEncryption
72:a5:b4:72:b6:77:b4:2b:de:0d:00:ed:09:ac:9e:a0:eb:ab:
e6:21:dd:ab:c7:f9:2b:5a:aa:6b:21:17:b5:99:41:7a:ca:c7:
a7:88:ae:77:0b:be:83:4b:6b:29:ff:ed:4c:d0:7f:e2:0b:92:
b4:24:fb:34:53:e6:75:aa:e5:46:ff:8c:52:44:77:11:19:d5:
1e:09:83:18:db:22:a7:11:f0:b6:ad:b2:78:c8:76:93:f1:c0:
4f:80:a9:d8:79:86:b0:da:99:b4:7b:64:a2:9d:dd:be:33:c6:
42:62:83:ae:73:35:ea:b2:04:34:60:bf:f6:19:64:34:1a:56:
37:16:81:08:ff:31:69:1f:2c:75:50:66:48:bd:ec:e6:51:2a:
fa:b5:5f:72:42:03:19:8b:f3:85:0b:9f:44:d6:22:50:6b:d9:
28:7a:82:72:af:c0:d4:03:0f:ed:1f:2b:54:08:84:2a:ff:0b:
75:6c:c9:b6:72:3d:6c:76:d4:58:72:37:fd:a4:41:73:f8:d2:
52:83:3d:af:ea:cc:a4:c6:91:0c:d0:08:a3:42:34:a4:df:ea:
33:e2:a9:d9:0a:c7:59:e2:6f:65:4b:48:52:3e:c3:a4:a8:67:
bd:87:38:5a:8f:6e:94:c5:98:ee:32:cd:99:4a:01:1d:84:31:
15:23:f1:b3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZR7M5k1Dc/7Y5gKtz+JX5k2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMTU1MTdiMGIyMDMwOWU5MTY0MDViOWUxZWQyMWEwNDY5
YTY4OTUwHhcNMjUwMTE4MjA1NjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODI3OTdjMTUzNTBhN2FlOTY0MzZlYzM3YWRkMWJmNGFhZTQyNDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5HvL6+i1twraA6nj1zhwP8iaKhEm
h2HkwkZ6o7TWzlCsHI2k1+FfubPV3dWYJ7EpqyD0cHgSBCFPRMpWj1ve/aJUzOKu
Fb1RslJ166FrstjJHK11xP+Eq3A1+Wi9imLOliQ8JCKWck2Y4XJ66c95ihV1lPnM
TUTHXjLuYZLMmg0bASwo82DiPffaqzeHTMX8skvSByOBBR3Msbycj8iZ4wPD5iE0
O+i1yP8uaewgUaZJEXr5Ayw5hMjgqA1Xng9cUjSDva2LGxGdQa+zDLsjSXc9ddnY
Lsf1LHXR5Ewtrboc6PuCG33l6vgJMXNe6UPOT5YhaNhOF1CNQyMbU8ISGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKgnl8FTUKeulkNuw3rdG/Sq5CRHMB8GA1UdIwQY
MBaAFPIVUXsLIDCekWQFueHtIaBGmmiVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGhWUmV3c2dNSjZSWkFXNTRlMGhvRWFhYUpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi84M2NlYmUtYzhjZS00ODlkLWEyZjAt
Yjk1YTE2NDE2YjU2LzEvcUNlWHdWTlFwNjZXUTI3RGV0MGI5S3JrSkVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi84M2NlYmUtYzhjZS00ODlkLWEyZjAtYjk1YTE2NDE2YjU2
LzEvOGhWUmV3c2dNSjZSWkFXNTRlMGhvRWFhYUpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVzYMA0E
AgACMAcDBQMqFIkAMA0GCSqGSIb3DQEBCwUAA4IBAQBypbRytne0K94NAO0JrJ6g
66vmId2rx/krWqprIRe1mUF6yseniK53C76DS2sp/+1M0H/iC5K0JPs0U+Z1quVG
/4xSRHcRGdUeCYMY2yKnEfC2rbJ4yHaT8cBPgKnYeYaw2pm0e2Sind2+M8ZCYoOu
czXqsgQ0YL/2GWQ0GlY3FoEI/zFpHyx1UGZIvezmUSr6tV9yQgMZi/OFC59E1iJQ
a9koeoJyr8DUAw/tHytUCIQq/wt1bMm2cj1sdtRYcjf9pEFz+NJSgz2v6sykxpEM
0AijQjSk3+oz4qnZCsdZ4m9lS0hSPsOkqGe9hzhaj26UxZjuMs2ZSgEdhDEVI/Gz
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:34:32 2025 by rpki-client