Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/tPkC9g1rh0B-WDtzyBxNorqbjqo.roa
File: tPkC9g1rh0B-WDtzyBxNorqbjqo.roa (raw, json)
Hash identifier: 3UTyjNkmps78kxWwCRVUmx8qZWeL7ho0lCKlGDqKCwQ=
Subject key identifier: B4:F9:02:F6:0D:6B:87:40:7E:58:3B:73:C8:1C:4D:A2:BA:9B:8E:AA
Certificate issuer: /CN=bc9c403ad007e2a242a6b09061a3c1a360a64d5a
Certificate serial: 0194A8E71E8F5E56E5406A285912998A2E32
Authority key identifier: BC:9C:40:3A:D0:07:E2:A2:42:A6:B0:90:61:A3:C1:A3:60:A6:4D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJxAOtAH4qJCprCQYaPBo2CmTVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/tPkC9g1rh0B-WDtzyBxNorqbjqo.roa
Signing time: Mon 27 Jan 2025 17:55:06 +0000
ROA not before: Mon 27 Jan 2025 17:55:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203217
IP address blocks: 185.112.188.0/22 maxlen: 22
185.112.188.0/23 maxlen: 23
185.112.188.0/24 maxlen: 24
185.112.189.0/24 maxlen: 24
185.112.190.0/23 maxlen: 23
185.112.190.0/24 maxlen: 24
185.112.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/vJxAOtAH4qJCprCQYaPBo2CmTVo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/vJxAOtAH4qJCprCQYaPBo2CmTVo.mft
rsync://rpki.ripe.net/repository/DEFAULT/vJxAOtAH4qJCprCQYaPBo2CmTVo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a8:e7:1e:8f:5e:56:e5:40:6a:28:59:12:99:8a:2e:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc9c403ad007e2a242a6b09061a3c1a360a64d5a
Validity
Not Before: Jan 27 17:55:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4f902f60d6b87407e583b73c81c4da2ba9b8eaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3f:67:c4:bf:31:7e:35:e1:db:d3:1f:4e:eb:
fe:82:ba:50:25:48:25:f2:f9:e6:92:93:78:fd:eb:
cc:05:1b:2e:1c:7f:ae:40:38:c0:d3:21:db:ce:c7:
d0:ad:ae:77:60:19:28:97:9c:cc:ec:1a:02:64:53:
ec:00:d1:cd:9b:3f:a4:7f:53:dd:38:94:27:aa:2d:
cb:fd:54:37:68:41:63:dd:1a:07:d8:f0:91:9d:7a:
8b:ec:cb:00:44:d3:07:bc:02:1c:39:52:82:81:f4:
54:8e:e6:02:1e:ff:43:a0:90:c2:10:61:f3:21:14:
7f:b6:1d:17:68:b0:8c:11:0b:76:88:de:e0:ae:63:
58:f4:eb:78:19:c1:f2:35:a9:f2:cf:09:a9:39:36:
cd:2f:f2:60:0c:31:e8:4f:44:0e:0f:1c:c3:83:12:
cb:ce:9a:a5:0a:2a:2d:4f:31:25:3f:04:55:70:52:
31:a7:fa:2a:5f:0b:03:c0:26:b2:47:d4:d6:5b:8c:
fa:e6:f9:6b:48:64:d8:4b:b1:8d:58:9d:52:4a:93:
84:45:7c:8c:75:d2:b5:06:fd:84:7a:55:f8:da:66:
a8:5c:84:e2:94:93:38:60:14:9d:91:22:62:4a:6f:
3b:a4:a7:2a:09:51:f7:f8:17:81:d2:d9:c9:34:48:
5a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F9:02:F6:0D:6B:87:40:7E:58:3B:73:C8:1C:4D:A2:BA:9B:8E:AA
X509v3 Authority Key Identifier:
keyid:BC:9C:40:3A:D0:07:E2:A2:42:A6:B0:90:61:A3:C1:A3:60:A6:4D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJxAOtAH4qJCprCQYaPBo2CmTVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/tPkC9g1rh0B-WDtzyBxNorqbjqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/vJxAOtAH4qJCprCQYaPBo2CmTVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.188.0/22
Signature Algorithm: sha256WithRSAEncryption
08:ac:09:81:3a:a8:23:c0:0e:83:08:d1:f1:23:c2:2a:fa:bb:
2b:9d:65:48:49:ad:94:34:77:1e:a1:59:7e:52:80:37:0b:34:
ea:03:35:29:04:40:58:52:1f:2c:9b:61:b0:c9:1e:df:a9:cf:
a6:01:6c:27:2e:94:91:70:ed:62:31:d8:2d:6b:a7:4e:06:c0:
2f:7c:a2:44:a6:3b:4c:54:24:3a:87:41:0f:cc:9a:ff:68:18:
ec:8b:a5:e2:f4:c8:ae:be:8c:16:91:81:3c:80:40:72:3a:89:
00:d3:05:95:6a:a9:c8:2b:fb:4f:f3:bf:21:f7:8e:5c:94:fd:
5c:a0:1e:8c:d2:6f:44:01:f6:24:37:e1:12:9f:70:2c:89:c2:
f8:0e:65:13:f4:33:e0:e7:a5:8d:64:bf:02:b6:51:10:d6:77:
0b:75:56:ad:d4:ec:bc:0d:e5:bb:df:d1:17:fa:c7:8c:86:3f:
65:3c:d9:15:fb:48:f5:02:a9:12:f6:1f:82:02:d7:3d:ca:f9:
ec:08:9c:70:05:8b:12:d8:56:a5:77:fa:1d:40:8b:ff:33:ab:
6f:86:ad:33:73:26:a7:dd:3d:bd:f0:26:68:f0:67:5d:a8:4c:
38:b3:dd:ee:c4:7c:8a:87:d5:1a:5c:de:98:23:7b:65:dc:06:
bc:bd:22:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSo5x6PXlblQGooWRKZii4yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOWM0MDNhZDAwN2UyYTI0MmE2YjA5MDYxYTNjMWEzNjBh
NjRkNWEwHhcNMjUwMTI3MTc1NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGY5MDJmNjBkNmI4NzQwN2U1ODNiNzNjODFjNGRhMmJhOWI4ZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxT9nxL8xfjXh29MfTuv+grpQJUgl
8vnmkpN4/evMBRsuHH+uQDjA0yHbzsfQra53YBkol5zM7BoCZFPsANHNmz+kf1Pd
OJQnqi3L/VQ3aEFj3RoH2PCRnXqL7MsARNMHvAIcOVKCgfRUjuYCHv9DoJDCEGHz
IRR/th0XaLCMEQt2iN7grmNY9Ot4GcHyNanyzwmpOTbNL/JgDDHoT0QODxzDgxLL
zpqlCiotTzElPwRVcFIxp/oqXwsDwCayR9TWW4z65vlrSGTYS7GNWJ1SSpOERXyM
ddK1Bv2EelX42maoXITilJM4YBSdkSJiSm87pKcqCVH3+BeB0tnJNEhaTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLT5AvYNa4dAflg7c8gcTaK6m46qMB8GA1UdIwQY
MBaAFLycQDrQB+KiQqawkGGjwaNgpk1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkp4QU90QUg0cUpDcHJDUVlhUEJvMkNtVFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80YWU0YzctZjI4Ni00YzZlLTk1MTQt
ODhlNjgxNjI3MWY3LzEvdFBrQzlnMXJoMEItV0R0enlCeE5vcnFianFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80YWU0YzctZjI4Ni00YzZlLTk1MTQtODhlNjgxNjI3MWY3
LzEvdkp4QU90QUg0cUpDcHJDUVlhUEJvMkNtVFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXC8MA0G
CSqGSIb3DQEBCwUAA4IBAQAIrAmBOqgjwA6DCNHxI8Iq+rsrnWVISa2UNHceoVl+
UoA3CzTqAzUpBEBYUh8sm2GwyR7fqc+mAWwnLpSRcO1iMdgta6dOBsAvfKJEpjtM
VCQ6h0EPzJr/aBjsi6Xi9MiuvowWkYE8gEByOokA0wWVaqnIK/tP878h945clP1c
oB6M0m9EAfYkN+ESn3AsicL4DmUT9DPg56WNZL8CtlEQ1ncLdVat1Oy8DeW739EX
+seMhj9lPNkV+0j1AqkS9h+CAtc9yvnsCJxwBYsS2Fald/odQIv/M6tvhq0zcyan
3T298CZo8GddqEw4s93uxHyKh9UaXN6YI3tl3Aa8vSIZ
-----END CERTIFICATE-----
Generated at Sun Apr 13 09:05:58 2025 by rpki-client