Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/X8y17pVc211N8MGfVTBzz81iEoA.roa
File: X8y17pVc211N8MGfVTBzz81iEoA.roa (raw, json)
Hash identifier: Hl59xAoHLIR2ve7ZY+IGK+whUrubuEhh7gzRr94EmJM=
Subject key identifier: 5F:CC:B5:EE:95:5C:DB:5D:4D:F0:C1:9F:55:30:73:CF:CD:62:12:80
Certificate issuer: /CN=830555f011be5e241eb0b425de5fd86cc6834a54
Certificate serial: 019424B3C2DE4B1AAC02834B83665FEDE3B8
Authority key identifier: 83:05:55:F0:11:BE:5E:24:1E:B0:B4:25:DE:5F:D8:6C:C6:83:4A:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gwVV8BG-XiQesLQl3l_YbMaDSlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/X8y17pVc211N8MGfVTBzz81iEoA.roa
Signing time: Thu 02 Jan 2025 01:49:08 +0000
ROA not before: Thu 02 Jan 2025 01:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199803
IP address blocks: 188.92.40.0/24 maxlen: 24
188.92.41.0/24 maxlen: 24
188.92.42.0/24 maxlen: 24
188.92.43.0/24 maxlen: 24
188.92.44.0/24 maxlen: 24
188.92.45.0/24 maxlen: 24
188.92.46.0/24 maxlen: 24
188.92.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/gwVV8BG-XiQesLQl3l_YbMaDSlQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/gwVV8BG-XiQesLQl3l_YbMaDSlQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/gwVV8BG-XiQesLQl3l_YbMaDSlQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:c2:de:4b:1a:ac:02:83:4b:83:66:5f:ed:e3:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830555f011be5e241eb0b425de5fd86cc6834a54
Validity
Not Before: Jan 2 01:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5fccb5ee955cdb5d4df0c19f553073cfcd621280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b6:6f:7f:2f:cf:84:d5:5b:b8:45:73:5d:c7:
d8:64:4a:ae:f7:09:82:35:d5:a8:6f:20:8f:ee:b7:
42:a8:e9:e5:9c:27:c1:85:cf:75:76:fc:e4:c2:af:
de:84:40:ef:56:d3:5f:2d:18:3c:5b:77:2e:9f:09:
c8:af:ad:4d:16:54:e3:78:39:7b:2e:73:b2:70:e2:
3d:40:b3:c1:41:ba:b5:4b:65:81:64:b3:b3:0f:97:
ee:ff:c2:ae:c1:60:2b:4f:b3:b5:4e:8a:10:d0:7d:
92:0a:08:b7:13:77:eb:d5:69:38:5c:5d:98:f7:8b:
5f:92:e5:db:17:9b:3a:1f:27:8d:cc:3a:9f:1c:46:
48:ab:f0:9f:2e:72:79:62:b5:07:3e:b3:b9:55:c4:
05:61:a6:8a:98:41:70:df:7b:30:13:22:2b:68:9b:
6b:0f:92:36:99:0f:7c:71:6d:de:64:32:6c:8b:fe:
6e:30:33:78:33:e1:80:8e:a7:74:96:f1:ec:db:f9:
cf:ed:4b:41:8f:4c:9d:68:d7:6e:c4:8a:98:a0:81:
79:a0:f0:7e:33:72:63:27:d0:0a:27:2e:cc:2a:12:
a4:28:fa:13:92:74:dc:25:b8:d0:25:33:8e:c0:ad:
23:4b:8b:53:a8:40:a1:1a:db:ed:da:f2:1c:f7:31:
56:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:CC:B5:EE:95:5C:DB:5D:4D:F0:C1:9F:55:30:73:CF:CD:62:12:80
X509v3 Authority Key Identifier:
keyid:83:05:55:F0:11:BE:5E:24:1E:B0:B4:25:DE:5F:D8:6C:C6:83:4A:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gwVV8BG-XiQesLQl3l_YbMaDSlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/X8y17pVc211N8MGfVTBzz81iEoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/gwVV8BG-XiQesLQl3l_YbMaDSlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.92.40.0/21
Signature Algorithm: sha256WithRSAEncryption
69:60:33:ad:5e:5c:a7:bb:2d:ae:a0:5a:5d:b6:83:7d:cc:51:
1a:e4:61:91:e8:57:4e:41:ce:3b:b6:57:67:61:d9:d8:a8:e3:
54:17:5f:32:b8:5c:84:10:df:fe:ed:40:8c:58:cf:db:28:86:
21:64:48:a3:de:8d:4a:2d:9d:b0:00:78:d8:21:6b:24:01:cb:
8a:e9:b3:3f:5e:ea:61:20:d1:7a:a8:ef:4e:43:8e:2b:83:ee:
6d:3a:48:4d:d5:55:01:62:fc:2b:57:dc:65:9f:c7:26:62:e6:
c7:ce:4f:b2:00:2c:24:57:da:40:d5:ca:b9:da:d4:53:cb:af:
f0:aa:28:66:e7:a9:1c:81:ba:12:d7:fe:c8:2d:62:03:c7:b8:
72:1e:a5:0e:70:fc:b4:ca:00:7f:2c:76:0d:3d:6d:80:92:a9:
04:d5:a9:c4:f0:c5:2d:f2:fc:0d:7e:fb:4a:fc:68:2e:c7:6f:
17:e0:49:fd:9d:48:16:a9:3b:5e:b4:48:cd:68:8b:89:dc:b3:
a9:ee:b5:ce:57:b8:76:cc:d0:48:64:c8:fe:4c:ef:42:1a:d5:
e8:9a:b6:d4:ee:74:2c:53:9f:8f:0d:89:fc:ef:03:41:77:13:
3c:2b:33:4a:9a:84:56:6a:3c:eb:20:eb:f4:7a:07:60:4c:2a:
dd:3d:ee:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks8LeSxqsAoNLg2Zf7eO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMDU1NWYwMTFiZTVlMjQxZWIwYjQyNWRlNWZkODZjYzY4
MzRhNTQwHhcNMjUwMTAyMDE0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmNjYjVlZTk1NWNkYjVkNGRmMGMxOWY1NTMwNzNjZmNkNjIxMjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLZvfy/PhNVbuEVzXcfYZEqu9wmC
NdWobyCP7rdCqOnlnCfBhc91dvzkwq/ehEDvVtNfLRg8W3cunwnIr61NFlTjeDl7
LnOycOI9QLPBQbq1S2WBZLOzD5fu/8KuwWArT7O1TooQ0H2SCgi3E3fr1Wk4XF2Y
94tfkuXbF5s6HyeNzDqfHEZIq/CfLnJ5YrUHPrO5VcQFYaaKmEFw33swEyIraJtr
D5I2mQ98cW3eZDJsi/5uMDN4M+GAjqd0lvHs2/nP7UtBj0ydaNduxIqYoIF5oPB+
M3JjJ9AKJy7MKhKkKPoTknTcJbjQJTOOwK0jS4tTqEChGtvt2vIc9zFWlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF/Mte6VXNtdTfDBn1Uwc8/NYhKAMB8GA1UdIwQY
MBaAFIMFVfARvl4kHrC0Jd5f2GzGg0pUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3dWVjhCRy1YaVFlc0xRbDNsX1liTWFEU2xRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iZjAxNjItZmNiYS00MDg1LWI0ZjEt
ZDY5OWRkYzlkMDljLzEvWDh5MTdwVmMyMTFOOE1HZlZUQnp6ODFpRW9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iZjAxNjItZmNiYS00MDg1LWI0ZjEtZDY5OWRkYzlkMDlj
LzEvZ3dWVjhCRy1YaVFlc0xRbDNsX1liTWFEU2xRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDvFwoMA0G
CSqGSIb3DQEBCwUAA4IBAQBpYDOtXlynuy2uoFpdtoN9zFEa5GGR6FdOQc47tldn
YdnYqONUF18yuFyEEN/+7UCMWM/bKIYhZEij3o1KLZ2wAHjYIWskAcuK6bM/Xuph
INF6qO9OQ44rg+5tOkhN1VUBYvwrV9xln8cmYubHzk+yACwkV9pA1cq52tRTy6/w
qihm56kcgboS1/7ILWIDx7hyHqUOcPy0ygB/LHYNPW2AkqkE1anE8MUt8vwNfvtK
/Ggux28X4En9nUgWqTtetEjNaIuJ3LOp7rXOV7h2zNBIZMj+TO9CGtXomrbU7nQs
U5+PDYn87wNBdxM8KzNKmoRWajzrIOv0egdgTCrdPe5T
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:14:54 2025 by rpki-client