Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/36b040-f57b-4ae2-ab42-228733245cd1/1/j3qkWwGkWnrxhLgyGwrcFzXJWM4.roa
File: j3qkWwGkWnrxhLgyGwrcFzXJWM4.roa (raw, json)
Hash identifier: tCyqkdV84n1oHfUiO9Wnf9/3f5vZVsXyCuIYwhEsEzk=
Subject key identifier: 8F:7A:A4:5B:01:A4:5A:7A:F1:84:B8:32:1B:0A:DC:17:35:C9:58:CE
Certificate issuer: /CN=f1605d09ad2c6c437b6c2f8683ffffbe2174fe6c
Certificate serial: 0194228D0950036E6D7EB629940581153FB1
Authority key identifier: F1:60:5D:09:AD:2C:6C:43:7B:6C:2F:86:83:FF:FF:BE:21:74:FE:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8WBdCa0sbEN7bC-Gg___viF0_mw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/36b040-f57b-4ae2-ab42-228733245cd1/1/j3qkWwGkWnrxhLgyGwrcFzXJWM4.roa
Signing time: Wed 01 Jan 2025 15:47:35 +0000
ROA not before: Wed 01 Jan 2025 15:47:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202330
IP address blocks: 185.25.105.0/24 maxlen: 24
185.255.20.0/22 maxlen: 22
185.255.20.0/24 maxlen: 24
185.255.21.0/24 maxlen: 24
185.255.22.0/24 maxlen: 24
185.255.23.0/24 maxlen: 24
2a13:d680::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/36b040-f57b-4ae2-ab42-228733245cd1/1/8WBdCa0sbEN7bC-Gg___viF0_mw.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/36b040-f57b-4ae2-ab42-228733245cd1/1/8WBdCa0sbEN7bC-Gg___viF0_mw.mft
rsync://rpki.ripe.net/repository/DEFAULT/8WBdCa0sbEN7bC-Gg___viF0_mw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:09:50:03:6e:6d:7e:b6:29:94:05:81:15:3f:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1605d09ad2c6c437b6c2f8683ffffbe2174fe6c
Validity
Not Before: Jan 1 15:47:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f7aa45b01a45a7af184b8321b0adc1735c958ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1f:a2:d3:61:6c:6f:19:1e:3d:c4:31:47:73:
3a:ad:56:0f:c5:89:3b:54:51:1f:bb:27:2e:e0:5c:
2c:ae:b5:3d:ba:b9:42:81:45:f2:6c:53:ff:a5:90:
c4:97:4e:e2:28:2d:6e:d1:30:48:3e:93:98:c5:c4:
9c:e8:92:ea:89:22:d2:89:5f:37:55:0f:0b:f9:22:
b7:5a:f5:8c:fa:02:bd:2a:a5:23:fe:9a:0b:42:87:
3d:8a:30:99:42:6c:30:b6:e8:e5:19:f7:95:a0:58:
75:48:6b:a1:97:fa:d0:a7:01:a5:52:23:9e:77:d1:
b0:dc:08:0d:84:75:bb:64:cf:e6:d3:1f:3d:50:48:
63:9f:e9:30:15:0f:f0:bc:70:8b:91:73:8b:64:08:
ac:99:cf:63:f1:0d:fa:7a:a7:b7:fd:8e:e0:44:93:
cf:60:a5:f5:2d:3c:ae:bb:64:ce:2b:c0:c4:06:0d:
b7:7a:21:27:26:66:f3:0e:c4:51:b3:b5:07:7a:3f:
88:3b:2a:f7:fe:64:58:8f:7f:e3:56:57:71:56:20:
1d:fc:a1:1a:6d:32:9f:e3:2a:b7:1a:61:6c:af:c4:
be:08:cf:f0:88:90:04:b5:dc:3d:3e:21:ba:4c:f4:
f5:e3:d7:f1:cd:80:8d:7f:d0:e9:3d:e4:6a:2a:7d:
52:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:7A:A4:5B:01:A4:5A:7A:F1:84:B8:32:1B:0A:DC:17:35:C9:58:CE
X509v3 Authority Key Identifier:
keyid:F1:60:5D:09:AD:2C:6C:43:7B:6C:2F:86:83:FF:FF:BE:21:74:FE:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8WBdCa0sbEN7bC-Gg___viF0_mw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/36b040-f57b-4ae2-ab42-228733245cd1/1/j3qkWwGkWnrxhLgyGwrcFzXJWM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/36b040-f57b-4ae2-ab42-228733245cd1/1/8WBdCa0sbEN7bC-Gg___viF0_mw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.105.0/24
185.255.20.0/22
IPv6:
2a13:d680::/29
Signature Algorithm: sha256WithRSAEncryption
12:2e:04:2b:c7:bf:ba:78:64:dd:8e:69:11:78:ab:f6:2e:a7:
53:6a:f4:3e:82:41:8f:45:1e:29:08:72:c0:0c:5e:43:04:17:
d0:d8:73:70:50:5d:c9:00:17:17:17:7a:45:0e:a7:ab:5a:c9:
ef:4d:35:b4:aa:43:95:c8:52:4d:13:d6:e0:97:a4:c9:4e:f5:
aa:7e:67:5d:ac:d4:4c:bd:03:4b:22:7b:91:ee:55:3e:b4:d1:
ac:fe:37:2a:69:b4:76:a2:d1:47:91:f7:ee:ce:d5:23:f9:c8:
12:07:b1:d3:c4:19:9e:6d:54:4e:c0:8c:12:c1:cf:f2:fc:af:
5e:dd:4f:a6:6a:4f:25:f7:ad:ef:02:be:7c:8e:97:20:aa:eb:
85:1e:2a:31:94:ca:a8:d0:28:72:a6:33:85:7a:b8:f6:e9:a3:
38:0c:d8:1f:e7:7f:ef:03:e0:a0:19:dd:e5:58:1a:b6:8d:3a:
52:a3:5b:09:88:17:23:3c:71:66:11:42:60:f3:28:7e:0a:cb:
3b:de:56:2b:ef:c1:25:28:f8:54:33:1b:16:22:b6:56:53:6d:
c9:b6:8a:40:72:3a:9d:eb:76:43:3a:0b:4c:18:19:a2:8a:b9:
21:41:0b:d4:16:b5:ce:ef:63:e3:c9:68:e8:59:d1:c0:d8:72:
ad:8b:a9:72
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQijQlQA25tfrYplAWBFT+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNjA1ZDA5YWQyYzZjNDM3YjZjMmY4NjgzZmZmZmJlMjE3
NGZlNmMwHhcNMjUwMTAxMTU0NzM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjdhYTQ1YjAxYTQ1YTdhZjE4NGI4MzIxYjBhZGMxNzM1Yzk1OGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuh+i02FsbxkePcQxR3M6rVYPxYk7
VFEfuycu4FwsrrU9urlCgUXybFP/pZDEl07iKC1u0TBIPpOYxcSc6JLqiSLSiV83
VQ8L+SK3WvWM+gK9KqUj/poLQoc9ijCZQmwwtujlGfeVoFh1SGuhl/rQpwGlUiOe
d9Gw3AgNhHW7ZM/m0x89UEhjn+kwFQ/wvHCLkXOLZAismc9j8Q36eqe3/Y7gRJPP
YKX1LTyuu2TOK8DEBg23eiEnJmbzDsRRs7UHej+IOyr3/mRYj3/jVldxViAd/KEa
bTKf4yq3GmFsr8S+CM/wiJAEtdw9PiG6TPT149fxzYCNf9DpPeRqKn1SZQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFI96pFsBpFp68YS4MhsK3Bc1yVjOMB8GA1UdIwQY
MBaAFPFgXQmtLGxDe2wvhoP//74hdP5sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFdCZENhMHNiRU43YkMtR2dfX192aUYwX213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8zNmIwNDAtZjU3Yi00YWUyLWFiNDIt
MjI4NzMzMjQ1Y2QxLzEvajNxa1d3R2tXbnJ4aExneUd3cmNGelhKV000LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8zNmIwNDAtZjU3Yi00YWUyLWFiNDItMjI4NzMzMjQ1Y2Qx
LzEvOFdCZENhMHNiRU43YkMtR2dfX192aUYwX213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuRlpAwQC
uf8UMA0EAgACMAcDBQMqE9aAMA0GCSqGSIb3DQEBCwUAA4IBAQASLgQrx7+6eGTd
jmkReKv2LqdTavQ+gkGPRR4pCHLADF5DBBfQ2HNwUF3JABcXF3pFDqerWsnvTTW0
qkOVyFJNE9bgl6TJTvWqfmddrNRMvQNLInuR7lU+tNGs/jcqabR2otFHkffuztUj
+cgSB7HTxBmebVROwIwSwc/y/K9e3U+mak8l963vAr58jpcgquuFHioxlMqo0Chy
pjOFerj26aM4DNgf53/vA+CgGd3lWBq2jTpSo1sJiBcjPHFmEUJg8yh+Css73lYr
78ElKPhUMxsWIrZWU23JtopAcjqd63ZDOgtMGBmiirkhQQvUFrXO72PjyWjoWdHA
2HKti6ly
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:39 2025 by rpki-client