Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/df8d9a-8ddb-44b3-9ac0-cd572fd044ee/1/A4PQ0gQ7q04XkXEWkOpsFcG55U0.roa
File: A4PQ0gQ7q04XkXEWkOpsFcG55U0.roa (raw, json)
Hash identifier: BlIGTUdhWCkztoNKbN33qtlZGYIZKP+ZzvO3VxYHAQ8=
Subject key identifier: 03:83:D0:D2:04:3B:AB:4E:17:91:71:16:90:EA:6C:15:C1:B9:E5:4D
Certificate issuer: /CN=8146de8cec01d052536c0f08dfe7a8b53f9aaec2
Certificate serial: 019427B66F0D1F44C03252C643728C134119
Authority key identifier: 81:46:DE:8C:EC:01:D0:52:53:6C:0F:08:DF:E7:A8:B5:3F:9A:AE:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gUbejOwB0FJTbA8I3-eotT-arsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/df8d9a-8ddb-44b3-9ac0-cd572fd044ee/1/A4PQ0gQ7q04XkXEWkOpsFcG55U0.roa
Signing time: Thu 02 Jan 2025 15:50:54 +0000
ROA not before: Thu 02 Jan 2025 15:50:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209846
IP address blocks: 185.227.156.0/24 maxlen: 24
185.227.157.0/24 maxlen: 24
185.227.158.0/24 maxlen: 24
185.227.159.0/24 maxlen: 24
2a0c:be00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/df8d9a-8ddb-44b3-9ac0-cd572fd044ee/1/gUbejOwB0FJTbA8I3-eotT-arsI.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/df8d9a-8ddb-44b3-9ac0-cd572fd044ee/1/gUbejOwB0FJTbA8I3-eotT-arsI.mft
rsync://rpki.ripe.net/repository/DEFAULT/gUbejOwB0FJTbA8I3-eotT-arsI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:6f:0d:1f:44:c0:32:52:c6:43:72:8c:13:41:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8146de8cec01d052536c0f08dfe7a8b53f9aaec2
Validity
Not Before: Jan 2 15:50:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0383d0d2043bab4e1791711690ea6c15c1b9e54d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ea:bf:eb:7e:22:e3:76:3c:65:7f:75:65:ea:
ff:d7:e8:ff:06:67:78:ff:b1:08:01:f8:50:2e:2c:
a8:1a:40:79:1a:9c:55:18:cf:17:7c:1c:2e:3a:90:
20:0f:4c:5e:24:2d:8a:4a:2e:44:2d:4b:04:d6:94:
59:90:b8:f0:b8:65:2e:95:01:1c:df:82:c1:da:dd:
27:af:27:96:b6:8e:bc:bb:a0:e8:56:5f:f9:a2:99:
ff:62:9c:c6:0b:db:64:98:e0:0f:0d:2f:a0:7e:4d:
b4:67:3f:43:dc:09:13:bf:89:0f:c7:f2:71:26:a7:
e2:fe:6f:d9:f4:66:75:b5:28:78:e1:84:1c:59:95:
97:c9:87:c9:0a:c8:8d:1e:b7:4e:dd:98:0c:da:ef:
b2:af:5e:1b:8f:45:e3:d6:e0:20:ae:1f:e9:5b:ad:
dc:1b:0b:74:a4:dd:6c:ac:92:b6:a8:a1:d7:5d:6c:
ff:93:78:5c:30:72:1e:e0:af:f4:6d:0f:24:c2:a1:
62:da:f1:52:31:6d:5e:65:f2:4a:93:f5:46:e3:00:
a2:87:b7:0e:88:b3:ac:6d:99:12:8c:fc:f8:0b:16:
c0:b0:c8:e9:d5:55:62:90:ad:58:21:96:7b:39:7d:
d6:b4:2b:7e:c8:95:a5:b3:0c:1a:5a:b5:3d:67:0b:
0d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:83:D0:D2:04:3B:AB:4E:17:91:71:16:90:EA:6C:15:C1:B9:E5:4D
X509v3 Authority Key Identifier:
keyid:81:46:DE:8C:EC:01:D0:52:53:6C:0F:08:DF:E7:A8:B5:3F:9A:AE:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gUbejOwB0FJTbA8I3-eotT-arsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df8d9a-8ddb-44b3-9ac0-cd572fd044ee/1/A4PQ0gQ7q04XkXEWkOpsFcG55U0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df8d9a-8ddb-44b3-9ac0-cd572fd044ee/1/gUbejOwB0FJTbA8I3-eotT-arsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.156.0/22
IPv6:
2a0c:be00::/32
Signature Algorithm: sha256WithRSAEncryption
35:f2:94:22:99:ed:93:6c:9b:23:95:d3:64:3a:60:c3:33:4c:
28:06:ad:0e:2a:a8:70:f6:4c:d8:af:91:c6:ed:fe:d1:df:0b:
1a:a4:62:41:ee:0d:f4:2e:16:30:d0:7f:2a:78:ce:6a:7f:2b:
f4:23:ce:f2:65:3c:f0:99:c2:98:a3:49:e6:f0:3f:f0:67:4c:
d8:45:31:fc:43:e7:f6:16:ae:e3:ab:8a:58:53:f5:d8:db:06:
d4:b7:93:38:77:de:82:fe:6d:0c:c5:01:46:1d:8b:d8:f0:a6:
55:b9:0a:7e:eb:0d:83:d6:2d:f1:54:c6:63:e0:ab:ee:f6:0d:
50:83:39:84:5c:09:53:b8:ef:95:90:9a:fc:46:dd:1a:8a:11:
7c:9b:62:e4:28:e6:bb:3c:63:fc:17:f1:66:c7:7d:c2:05:96:
52:0e:a7:20:80:10:10:16:a6:f0:47:72:ae:c3:92:ef:5e:76:
5b:45:47:56:74:a6:95:35:2f:eb:8a:54:2b:ab:9e:df:40:42:
99:52:66:6c:22:44:20:45:a8:11:e6:da:97:f7:48:d8:e2:63:
e2:c9:d9:38:0e:5c:59:ce:33:bc:9b:62:6a:72:ee:bd:a4:45:
e4:5d:24:04:5c:4f:72:2e:d9:c2:ca:0b:f0:44:d5:df:e7:88:
d5:41:3e:85
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntm8NH0TAMlLGQ3KME0EZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNDZkZThjZWMwMWQwNTI1MzZjMGYwOGRmZTdhOGI1M2Y5
YWFlYzIwHhcNMjUwMTAyMTU1MDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzgzZDBkMjA0M2JhYjRlMTc5MTcxMTY5MGVhNmMxNWMxYjllNTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweq/634i43Y8ZX91Zer/1+j/Bmd4
/7EIAfhQLiyoGkB5GpxVGM8XfBwuOpAgD0xeJC2KSi5ELUsE1pRZkLjwuGUulQEc
34LB2t0nryeWto68u6DoVl/5opn/YpzGC9tkmOAPDS+gfk20Zz9D3AkTv4kPx/Jx
Jqfi/m/Z9GZ1tSh44YQcWZWXyYfJCsiNHrdO3ZgM2u+yr14bj0Xj1uAgrh/pW63c
Gwt0pN1srJK2qKHXXWz/k3hcMHIe4K/0bQ8kwqFi2vFSMW1eZfJKk/VG4wCih7cO
iLOsbZkSjPz4CxbAsMjp1VVikK1YIZZ7OX3WtCt+yJWlswwaWrU9ZwsN5QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAOD0NIEO6tOF5FxFpDqbBXBueVNMB8GA1UdIwQY
MBaAFIFG3ozsAdBSU2wPCN/nqLU/mq7CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1ViZWpPd0IwRkpUYkE4STMtZW90VC1hcnNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kZjhkOWEtOGRkYi00NGIzLTlhYzAt
Y2Q1NzJmZDA0NGVlLzEvQTRQUTBnUTdxMDRYa1hFV2tPcHNGY0c1NVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kZjhkOWEtOGRkYi00NGIzLTlhYzAtY2Q1NzJmZDA0NGVl
LzEvZ1ViZWpPd0IwRkpUYkE4STMtZW90VC1hcnNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueOcMA0E
AgACMAcDBQAqDL4AMA0GCSqGSIb3DQEBCwUAA4IBAQA18pQime2TbJsjldNkOmDD
M0woBq0OKqhw9kzYr5HG7f7R3wsapGJB7g30LhYw0H8qeM5qfyv0I87yZTzwmcKY
o0nm8D/wZ0zYRTH8Q+f2Fq7jq4pYU/XY2wbUt5M4d96C/m0MxQFGHYvY8KZVuQp+
6w2D1i3xVMZj4Kvu9g1QgzmEXAlTuO+VkJr8Rt0aihF8m2LkKOa7PGP8F/Fmx33C
BZZSDqcggBAQFqbwR3Kuw5LvXnZbRUdWdKaVNS/rilQrq57fQEKZUmZsIkQgRagR
5tqX90jY4mPiydk4DlxZzjO8m2Jqcu69pEXkXSQEXE9yLtnCygvwRNXf54jVQT6F
-----END CERTIFICATE-----
Generated at Sun Feb 2 14:55:22 2025 by rpki-client