Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/sIxOdNT6bFxHKmNN0CZFI4DmR-8.roa
File: sIxOdNT6bFxHKmNN0CZFI4DmR-8.roa (raw, json)
Hash identifier: 5J0fAmw/YI6nG5pD9p8YdD7k7oyOLgeH2PS70uMH6I4=
Subject key identifier: B0:8C:4E:74:D4:FA:6C:5C:47:2A:63:4D:D0:26:45:23:80:E6:47:EF
Certificate issuer: /CN=57b275b9bcc45dce8b3ef0172c96737800947a4e
Certificate serial: 0194266B9B55AAB5C63D0098D01897B94766
Authority key identifier: 57:B2:75:B9:BC:C4:5D:CE:8B:3E:F0:17:2C:96:73:78:00:94:7A:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V7J1ubzEXc6LPvAXLJZzeACUek4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/sIxOdNT6bFxHKmNN0CZFI4DmR-8.roa
Signing time: Thu 02 Jan 2025 09:49:33 +0000
ROA not before: Thu 02 Jan 2025 09:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201691
IP address blocks: 185.88.176.0/24 maxlen: 24
185.88.177.0/24 maxlen: 24
185.88.178.0/24 maxlen: 24
185.88.179.0/24 maxlen: 24
2a05:cd00::/32 maxlen: 32
2a05:cd01::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/V7J1ubzEXc6LPvAXLJZzeACUek4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/V7J1ubzEXc6LPvAXLJZzeACUek4.mft
rsync://rpki.ripe.net/repository/DEFAULT/V7J1ubzEXc6LPvAXLJZzeACUek4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 11:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:9b:55:aa:b5:c6:3d:00:98:d0:18:97:b9:47:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57b275b9bcc45dce8b3ef0172c96737800947a4e
Validity
Not Before: Jan 2 09:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b08c4e74d4fa6c5c472a634dd026452380e647ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:36:5d:46:c3:37:d2:ea:e8:31:08:b1:53:5d:
34:21:3d:1c:90:23:28:d9:ff:46:e6:11:7b:6c:64:
11:f3:eb:30:1e:cc:92:18:17:85:ce:15:89:a7:12:
6b:b3:85:da:21:a3:be:af:a2:6f:a1:c9:c1:2a:fe:
80:2b:51:71:54:d2:4e:f7:4c:3a:8a:0f:b6:81:6e:
e4:9f:68:dd:12:20:71:96:a1:ce:b2:f9:5c:ed:0f:
08:10:20:f6:80:ef:d8:6a:49:62:59:66:fb:a9:47:
b8:f7:15:be:ea:40:c8:4b:3b:86:94:cb:9d:e2:ca:
53:ec:55:6a:76:6e:ca:47:52:01:d6:b8:35:1a:1c:
e9:66:e6:48:7e:1f:81:b0:3f:aa:ac:94:a7:74:46:
f8:b6:da:dd:f0:1f:21:af:8a:fa:29:55:18:df:c0:
68:59:a2:7b:c7:59:eb:a1:17:22:5f:c3:64:bd:70:
5c:13:34:48:cc:c5:51:cc:23:46:84:53:08:e6:83:
9f:be:ed:22:0a:1b:69:37:92:03:7a:d3:41:6e:b1:
d5:b3:2d:41:55:ce:09:8d:fd:13:52:bb:14:5b:51:
1f:82:66:bf:d7:e8:0c:fa:10:2c:60:3c:12:23:f6:
33:4a:0b:4a:39:fb:6a:ef:7e:69:7a:6e:a9:db:09:
03:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:8C:4E:74:D4:FA:6C:5C:47:2A:63:4D:D0:26:45:23:80:E6:47:EF
X509v3 Authority Key Identifier:
keyid:57:B2:75:B9:BC:C4:5D:CE:8B:3E:F0:17:2C:96:73:78:00:94:7A:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V7J1ubzEXc6LPvAXLJZzeACUek4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/sIxOdNT6bFxHKmNN0CZFI4DmR-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/V7J1ubzEXc6LPvAXLJZzeACUek4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.176.0/22
IPv6:
2a05:cd00::/31
Signature Algorithm: sha256WithRSAEncryption
14:f9:7f:e1:53:e7:50:2d:3b:53:6a:11:a3:cd:f6:9b:d0:e1:
0c:1d:3e:af:5d:5f:b2:d9:04:5a:4a:11:e2:0e:5a:85:0b:16:
22:b6:1d:49:67:ff:e5:cc:e4:84:02:f2:ac:2b:63:c4:7b:97:
1a:a3:1a:a2:2a:20:1e:b8:04:cf:06:1a:b9:3f:79:61:ce:f5:
ba:cd:d7:fa:c5:af:5f:d6:a7:13:09:cd:d7:64:27:69:67:26:
00:63:76:fd:78:fd:64:53:0d:3a:e9:d9:8c:9b:0f:1a:25:61:
29:71:45:4d:83:3a:2e:7a:a8:b1:c6:90:1b:31:d7:5a:a8:fb:
8f:e9:95:1f:04:20:f2:3b:fb:3f:78:84:dc:25:e8:ed:86:27:
1f:fb:b1:e9:d4:f6:4b:d3:fc:82:6f:0e:ad:2b:e8:d5:1e:6a:
7b:fa:90:af:ce:47:af:ed:ca:c4:c9:97:f7:e2:0f:2f:ed:98:
db:b3:20:75:f2:f2:d8:b3:6c:8a:a2:0e:30:5d:ac:ce:ad:d7:
9b:4d:4b:8e:19:70:16:ba:ff:9b:66:21:3e:76:e9:ec:29:3c:
e7:46:60:db:02:fe:87:f9:bb:58:bb:a9:f5:25:8e:d9:73:e6:
16:d0:ec:7d:55:4c:20:9d:3a:4c:b1:8a:e1:9e:f6:bb:8f:a7:
8e:0a:03:92
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQma5tVqrXGPQCY0BiXuUdmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YjI3NWI5YmNjNDVkY2U4YjNlZjAxNzJjOTY3Mzc4MDA5
NDdhNGUwHhcNMjUwMTAyMDk0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDhjNGU3NGQ0ZmE2YzVjNDcyYTYzNGRkMDI2NDUyMzgwZTY0N2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTZdRsM30uroMQixU100IT0ckCMo
2f9G5hF7bGQR8+swHsySGBeFzhWJpxJrs4XaIaO+r6JvocnBKv6AK1FxVNJO90w6
ig+2gW7kn2jdEiBxlqHOsvlc7Q8IECD2gO/YakliWWb7qUe49xW+6kDISzuGlMud
4spT7FVqdm7KR1IB1rg1GhzpZuZIfh+BsD+qrJSndEb4ttrd8B8hr4r6KVUY38Bo
WaJ7x1nroRciX8NkvXBcEzRIzMVRzCNGhFMI5oOfvu0iChtpN5IDetNBbrHVsy1B
Vc4Jjf0TUrsUW1Efgma/1+gM+hAsYDwSI/YzSgtKOftq735pem6p2wkDdQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLCMTnTU+mxcRypjTdAmRSOA5kfvMB8GA1UdIwQY
MBaAFFeydbm8xF3Oiz7wFyyWc3gAlHpOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjdKMXViekVYYzZMUHZBWExKWnplQUNVZWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hMzUwNTItNzMzNi00MjVmLWE3YmEt
ODdmNjhiNzFlNDRkLzEvc0l4T2ROVDZiRnhIS21OTjBDWkZJNERtUi04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hMzUwNTItNzMzNi00MjVmLWE3YmEtODdmNjhiNzFlNDRk
LzEvVjdKMXViekVYYzZMUHZBWExKWnplQUNVZWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuViwMA0E
AgACMAcDBQEqBc0AMA0GCSqGSIb3DQEBCwUAA4IBAQAU+X/hU+dQLTtTahGjzfab
0OEMHT6vXV+y2QRaShHiDlqFCxYith1JZ//lzOSEAvKsK2PEe5caoxqiKiAeuATP
Bhq5P3lhzvW6zdf6xa9f1qcTCc3XZCdpZyYAY3b9eP1kUw066dmMmw8aJWEpcUVN
gzoueqixxpAbMddaqPuP6ZUfBCDyO/s/eITcJejthicf+7Hp1PZL0/yCbw6tK+jV
Hmp7+pCvzkev7crEyZf34g8v7ZjbsyB18vLYs2yKog4wXazOrdebTUuOGXAWuv+b
ZiE+dunsKTznRmDbAv6H+btYu6n1JY7Zc+YW0Ox9VUwgnTpMsYrhnva7j6eOCgOS
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:30:40 2025 by rpki-client