Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/5od14N8EPOMxQ4fUOUrPRGUEPPA.roa
File: 5od14N8EPOMxQ4fUOUrPRGUEPPA.roa (raw, json)
Hash identifier: 2xL5OMAwvSbuV8pVtcGoLDBgsU728ZUn8ej1GF9ZZio=
Subject key identifier: E6:87:75:E0:DF:04:3C:E3:31:43:87:D4:39:4A:CF:44:65:04:3C:F0
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 0194EF19E9DD022E938EF305CB7D09DF85D3
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/5od14N8EPOMxQ4fUOUrPRGUEPPA.roa
Signing time: Mon 10 Feb 2025 09:04:00 +0000
ROA not before: Mon 10 Feb 2025 09:04:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201453
IP address blocks: 185.74.192.0/24 maxlen: 24
185.112.76.0/24 maxlen: 24
185.112.78.0/24 maxlen: 24
185.163.166.0/24 maxlen: 24
185.163.167.0/24 maxlen: 24
185.178.80.0/22 maxlen: 22
185.178.80.0/24 maxlen: 24
185.178.81.0/24 maxlen: 24
185.178.82.0/24 maxlen: 24
185.178.83.0/24 maxlen: 24
185.183.16.0/24 maxlen: 24
185.183.17.0/24 maxlen: 24
185.183.18.0/24 maxlen: 24
185.194.24.0/24 maxlen: 24
185.194.26.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.219.216.0/22 maxlen: 22
185.221.189.0/24 maxlen: 24
185.225.148.0/24 maxlen: 24
2a05:4ac0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.mft
rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ef:19:e9:dd:02:2e:93:8e:f3:05:cb:7d:09:df:85:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Feb 10 09:04:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e68775e0df043ce3314387d4394acf4465043cf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:3e:bb:64:dd:c4:a3:f4:b6:05:a6:a9:9e:1a:
a4:37:cb:a4:b5:c7:1a:84:3a:bd:ec:79:90:0c:29:
fa:c2:90:e4:e2:11:ac:82:40:b8:88:93:37:38:a0:
c1:8c:26:86:c3:f1:1c:54:4c:53:c4:cf:7b:4b:19:
ee:5d:d5:7a:fc:74:4c:4c:db:2a:aa:81:76:46:bc:
ea:00:ca:56:c3:8b:9e:08:ec:70:42:d7:7b:c3:84:
4a:f8:c4:89:24:22:8c:01:65:ad:e6:40:57:3f:78:
f7:cb:12:c4:fe:5b:c3:cb:34:13:48:ed:43:a2:2f:
d3:e9:cd:71:21:cb:95:af:d2:6d:cb:78:3d:2c:ea:
f8:3e:d8:10:e5:72:73:a6:2f:21:cc:17:96:f9:19:
2b:a2:cf:af:31:83:7f:93:ea:44:47:73:07:33:d8:
d0:d9:3f:e2:39:94:53:78:1d:f3:5e:31:f7:f7:33:
59:af:32:d8:f7:bf:0a:7d:4c:bc:6b:b3:96:7f:8f:
21:5c:0a:ce:68:b5:1d:53:3a:63:2b:c7:4f:b3:f2:
0f:af:d5:da:d1:4a:28:53:1f:c7:81:c0:4a:87:6b:
48:43:f0:9a:72:13:62:a7:70:db:bd:81:32:6d:08:
5f:d1:f0:46:2c:56:26:f1:37:27:cd:42:85:fb:a6:
c9:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:87:75:E0:DF:04:3C:E3:31:43:87:D4:39:4A:CF:44:65:04:3C:F0
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/5od14N8EPOMxQ4fUOUrPRGUEPPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.192.0/24
185.112.76.0/24
185.112.78.0/24
185.163.166.0/23
185.178.80.0/22
185.183.16.0-185.183.18.255
185.194.24.0/24
185.194.26.0/23
185.219.216.0/22
185.221.189.0/24
185.225.148.0/24
IPv6:
2a05:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
7f:56:7e:8a:0b:a4:45:a2:38:01:2a:97:8e:1d:a2:3c:bb:04:
a5:47:32:58:55:06:20:8f:54:3d:66:1f:cc:b1:44:82:bf:5a:
42:79:fa:50:d9:2b:92:3a:ab:93:c1:1d:ec:f1:76:ac:ec:ef:
9e:62:2b:32:a2:64:ff:3c:b3:e8:17:a9:ab:81:e9:61:5b:c2:
cc:0d:9b:62:11:0d:fe:dc:ee:54:87:85:82:d3:90:5a:fd:82:
e9:d9:ef:14:de:70:c1:de:8c:9f:62:02:fb:ba:95:55:5a:08:
3c:bc:09:5b:e6:d9:43:a2:fc:d6:30:44:f5:fa:56:7b:fe:1e:
09:74:f1:27:cf:48:6f:e5:41:b7:e6:62:a6:7b:e9:93:84:ab:
df:1a:b8:16:59:8d:69:e6:75:ac:11:e3:ac:4d:4c:f8:65:02:
a6:63:33:51:06:d8:e9:65:b3:b5:0b:79:72:1f:bc:e4:4a:ce:
e9:cb:49:19:cf:45:5e:ab:e4:64:e0:8b:8e:7f:d4:d2:c6:f2:
af:be:91:99:ef:15:9b:64:5d:d9:d3:de:99:84:7a:74:07:5c:
67:8e:b8:94:a4:1b:48:ff:7e:6a:0d:0d:4f:23:d9:9b:79:c7:
05:8a:2d:b5:8d:e1:20:14:92:c0:78:57:8d:bd:03:de:b5:70:
be:46:14:41
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZTvGendAi6TjvMFy30J34XTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjUwMjEwMDkwNDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjg3NzVlMGRmMDQzY2UzMzE0Mzg3ZDQzOTRhY2Y0NDY1MDQzY2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmz67ZN3Eo/S2BaapnhqkN8uktcca
hDq97HmQDCn6wpDk4hGsgkC4iJM3OKDBjCaGw/EcVExTxM97SxnuXdV6/HRMTNsq
qoF2RrzqAMpWw4ueCOxwQtd7w4RK+MSJJCKMAWWt5kBXP3j3yxLE/lvDyzQTSO1D
oi/T6c1xIcuVr9Jty3g9LOr4PtgQ5XJzpi8hzBeW+Rkros+vMYN/k+pER3MHM9jQ
2T/iOZRTeB3zXjH39zNZrzLY978KfUy8a7OWf48hXArOaLUdUzpjK8dPs/IPr9Xa
0UooUx/HgcBKh2tIQ/CachNip3DbvYEybQhf0fBGLFYm8TcnzUKF+6bJRwIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFOaHdeDfBDzjMUOH1DlKz0RlBDzwMB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvNW9kMTROOEVQT014UTRmVU9VclBSR1VFUFBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQAuUrAAwQA
uXBMAwQAuXBOAwQBuaOmAwQCubJQMAwDBAS5txADBAC5txIDBAC5whgDBAG5whoD
BAK529gDBAC53b0DBAC54ZQwDQQCAAIwBwMFACoFSsAwDQYJKoZIhvcNAQELBQAD
ggEBAH9WfooLpEWiOAEql44dojy7BKVHMlhVBiCPVD1mH8yxRIK/WkJ5+lDZK5I6
q5PBHezxdqzs755iKzKiZP88s+gXqauB6WFbwswNm2IRDf7c7lSHhYLTkFr9gunZ
7xTecMHejJ9iAvu6lVVaCDy8CVvm2UOi/NYwRPX6Vnv+Hgl08SfPSG/lQbfmYqZ7
6ZOEq98auBZZjWnmdawR46xNTPhlAqZjM1EG2Olls7ULeXIfvORKzunLSRnPRV6r
5GTgi45/1NLG8q++kZnvFZtkXdnT3pmEenQHXGeOuJSkG0j/fmoNDU8j2Zt5xwWK
LbWN4SAUksB4V429A961cL5GFEE=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:32 2025 by rpki-client