Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/c4jk7gKONHNQDGzC6dsv2q8s7vI.roa
File: c4jk7gKONHNQDGzC6dsv2q8s7vI.roa (raw, json)
Hash identifier: a6L74Wo+bnsgWub76o3PYF/fgomhfzvN3TtRHLCaboU=
Subject key identifier: 73:88:E4:EE:02:8E:34:73:50:0C:6C:C2:E9:DB:2F:DA:AF:2C:EE:F2
Certificate issuer: /CN=bc9c403ad007e2a242a6b09061a3c1a360a64d5a
Certificate serial: 0194A8FB429E2A0C99B4922E2493C0DFD49C
Authority key identifier: BC:9C:40:3A:D0:07:E2:A2:42:A6:B0:90:61:A3:C1:A3:60:A6:4D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJxAOtAH4qJCprCQYaPBo2CmTVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/c4jk7gKONHNQDGzC6dsv2q8s7vI.roa
Signing time: Mon 27 Jan 2025 18:17:06 +0000
ROA not before: Mon 27 Jan 2025 18:17:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204149
IP address blocks: 185.112.188.0/22 maxlen: 22
185.112.188.0/23 maxlen: 23
185.112.188.0/24 maxlen: 24
185.112.189.0/24 maxlen: 24
185.112.190.0/23 maxlen: 23
185.112.190.0/24 maxlen: 24
185.112.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/vJxAOtAH4qJCprCQYaPBo2CmTVo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/vJxAOtAH4qJCprCQYaPBo2CmTVo.mft
rsync://rpki.ripe.net/repository/DEFAULT/vJxAOtAH4qJCprCQYaPBo2CmTVo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a8:fb:42:9e:2a:0c:99:b4:92:2e:24:93:c0:df:d4:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc9c403ad007e2a242a6b09061a3c1a360a64d5a
Validity
Not Before: Jan 27 18:17:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7388e4ee028e3473500c6cc2e9db2fdaaf2ceef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:6d:94:63:f8:db:0c:e1:be:ae:05:0a:eb:30:
90:6b:2a:07:74:34:c1:47:f0:63:77:55:1e:0b:60:
5b:a8:70:7e:18:d8:ae:79:91:d6:da:29:ed:b8:de:
ae:c6:4d:d6:e9:71:84:2b:57:7e:76:7e:bb:44:01:
9e:1c:02:ef:50:e4:c4:fc:0b:6a:9a:8f:34:29:2b:
4b:80:cc:29:86:53:87:2e:d1:c9:ae:c6:61:56:18:
a7:bb:d1:1d:69:28:32:ef:d2:dc:12:95:0a:4c:d1:
fb:06:e9:e2:de:8b:29:54:e4:25:06:64:fa:79:ce:
89:de:b2:94:9d:94:b8:a8:00:4c:71:d8:c3:e3:b3:
22:c2:ba:19:f5:e8:d6:37:6c:2c:29:32:8e:fc:40:
c3:b4:ab:b2:3a:a2:4f:ba:5c:35:70:7d:14:79:fc:
62:74:0b:f8:f0:16:31:51:4d:38:f5:b6:ce:67:6d:
8c:28:a6:4d:f4:e9:5c:ca:8c:79:51:22:c9:e8:ff:
d3:61:c6:f3:47:a3:b6:ad:3f:d2:e6:ec:1f:98:86:
1f:70:10:a3:bc:ee:79:9c:26:f2:57:fb:9f:92:e2:
89:2b:6f:24:fa:4d:9f:23:43:24:11:2d:88:39:ba:
97:1f:e9:9b:e7:98:09:b4:9d:15:e0:53:8c:9d:0e:
6d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:88:E4:EE:02:8E:34:73:50:0C:6C:C2:E9:DB:2F:DA:AF:2C:EE:F2
X509v3 Authority Key Identifier:
keyid:BC:9C:40:3A:D0:07:E2:A2:42:A6:B0:90:61:A3:C1:A3:60:A6:4D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJxAOtAH4qJCprCQYaPBo2CmTVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/c4jk7gKONHNQDGzC6dsv2q8s7vI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/vJxAOtAH4qJCprCQYaPBo2CmTVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.188.0/22
Signature Algorithm: sha256WithRSAEncryption
21:ff:e6:9b:79:11:1d:5d:24:c3:85:79:3f:c2:88:8d:3f:b9:
cd:6b:3a:9a:90:86:00:a7:ae:6c:29:9a:78:a9:d2:2d:12:af:
f8:a9:d6:e3:37:4a:3c:94:c3:3a:27:67:57:62:a6:a7:e0:f1:
75:13:98:9b:ed:da:3d:45:f5:f5:a9:91:fa:23:e9:f8:62:d0:
a6:da:1d:7c:54:79:44:25:22:7e:81:b9:b3:f7:69:34:d0:8b:
d5:18:71:a2:3a:be:9f:3a:ed:b1:c8:31:8a:d9:ca:b8:76:e4:
ac:e3:44:66:f9:58:67:5e:78:90:cf:7c:c0:44:65:4a:f0:62:
b4:4e:ec:28:64:0e:d1:98:e2:2a:73:f1:2a:e9:3d:e6:39:d5:
30:59:94:69:c5:6f:11:7a:34:90:0f:7e:d3:4a:8f:54:29:85:
d9:27:b4:0b:d0:f7:a9:df:7d:fd:c6:fb:2f:4b:f6:14:7d:e7:
14:a4:9e:6d:02:be:77:a9:7d:2b:a7:a5:6a:a4:ee:4d:00:e7:
19:4c:1d:bd:2c:0d:53:2f:3c:03:16:0f:f9:f1:be:fc:64:9b:
29:cf:ff:0d:29:1b:05:24:9c:da:e8:f8:5c:a0:40:0e:da:41:
aa:bb:44:2a:4e:62:dd:63:f0:d2:5e:8d:de:96:51:49:c3:55:
e5:c2:9b:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSo+0KeKgyZtJIuJJPA39ScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOWM0MDNhZDAwN2UyYTI0MmE2YjA5MDYxYTNjMWEzNjBh
NjRkNWEwHhcNMjUwMTI3MTgxNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mzg4ZTRlZTAyOGUzNDczNTAwYzZjYzJlOWRiMmZkYWFmMmNlZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6m2UY/jbDOG+rgUK6zCQayoHdDTB
R/Bjd1UeC2BbqHB+GNiueZHW2intuN6uxk3W6XGEK1d+dn67RAGeHALvUOTE/Atq
mo80KStLgMwphlOHLtHJrsZhVhinu9EdaSgy79LcEpUKTNH7Buni3ospVOQlBmT6
ec6J3rKUnZS4qABMcdjD47MiwroZ9ejWN2wsKTKO/EDDtKuyOqJPulw1cH0Uefxi
dAv48BYxUU049bbOZ22MKKZN9Olcyox5USLJ6P/TYcbzR6O2rT/S5uwfmIYfcBCj
vO55nCbyV/ufkuKJK28k+k2fI0MkES2IObqXH+mb55gJtJ0V4FOMnQ5tAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHOI5O4CjjRzUAxswunbL9qvLO7yMB8GA1UdIwQY
MBaAFLycQDrQB+KiQqawkGGjwaNgpk1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkp4QU90QUg0cUpDcHJDUVlhUEJvMkNtVFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80YWU0YzctZjI4Ni00YzZlLTk1MTQt
ODhlNjgxNjI3MWY3LzEvYzRqazdnS09OSE5RREd6QzZkc3YycThzN3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80YWU0YzctZjI4Ni00YzZlLTk1MTQtODhlNjgxNjI3MWY3
LzEvdkp4QU90QUg0cUpDcHJDUVlhUEJvMkNtVFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXC8MA0G
CSqGSIb3DQEBCwUAA4IBAQAh/+abeREdXSTDhXk/woiNP7nNazqakIYAp65sKZp4
qdItEq/4qdbjN0o8lMM6J2dXYqan4PF1E5ib7do9RfX1qZH6I+n4YtCm2h18VHlE
JSJ+gbmz92k00IvVGHGiOr6fOu2xyDGK2cq4duSs40Rm+VhnXniQz3zARGVK8GK0
TuwoZA7RmOIqc/Eq6T3mOdUwWZRpxW8RejSQD37TSo9UKYXZJ7QL0Pep3339xvsv
S/YUfecUpJ5tAr53qX0rp6VqpO5NAOcZTB29LA1TLzwDFg/58b78ZJspz/8NKRsF
JJza6PhcoEAO2kGqu0QqTmLdY/DSXo3ellFJw1XlwpuM
-----END CERTIFICATE-----
Generated at Wed Apr 16 00:25:19 2025 by rpki-client