Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ee04d8-49dc-409f-92fc-dd5623048ea2/1/RHlWpFi-cDo-cyvs-sRaiXiZbg8.roa
File: RHlWpFi-cDo-cyvs-sRaiXiZbg8.roa (raw, json)
Hash identifier: 1PWadJWZ+l1enHDdWPnllLiQPr55+3WUCTN9xqnYDuA=
Subject key identifier: 44:79:56:A4:58:BE:70:3A:3E:73:2B:EC:FA:C4:5A:89:78:99:6E:0F
Certificate issuer: /CN=7a0cfd5a51013e5fd6caf809878047a605ee9d6d
Certificate serial: 0194214412621FAA212F9DE848A9DE697D57
Authority key identifier: 7A:0C:FD:5A:51:01:3E:5F:D6:CA:F8:09:87:80:47:A6:05:EE:9D:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/egz9WlEBPl_WyvgJh4BHpgXunW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ee04d8-49dc-409f-92fc-dd5623048ea2/1/RHlWpFi-cDo-cyvs-sRaiXiZbg8.roa
Signing time: Wed 01 Jan 2025 09:48:16 +0000
ROA not before: Wed 01 Jan 2025 09:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198551
IP address blocks: 185.76.0.0/22 maxlen: 24
185.171.112.0/22 maxlen: 24
185.204.204.0/22 maxlen: 24
185.204.208.0/22 maxlen: 24
185.206.116.0/22 maxlen: 24
185.208.60.0/22 maxlen: 24
185.218.32.0/22 maxlen: 24
185.226.16.0/22 maxlen: 24
185.234.140.0/22 maxlen: 24
212.84.56.0/21 maxlen: 24
2a00:dfc0::/29 maxlen: 29
2a00:dfc1::/32 maxlen: 32
2a00:dfc2::/32 maxlen: 32
2a0a:d100::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/ee04d8-49dc-409f-92fc-dd5623048ea2/1/egz9WlEBPl_WyvgJh4BHpgXunW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/ee04d8-49dc-409f-92fc-dd5623048ea2/1/egz9WlEBPl_WyvgJh4BHpgXunW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/egz9WlEBPl_WyvgJh4BHpgXunW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:12:62:1f:aa:21:2f:9d:e8:48:a9:de:69:7d:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a0cfd5a51013e5fd6caf809878047a605ee9d6d
Validity
Not Before: Jan 1 09:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=447956a458be703a3e732becfac45a8978996e0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:39:1b:eb:27:36:15:5e:41:51:42:8a:09:25:
9c:58:c0:60:1b:97:b2:67:b3:95:fa:5f:20:be:b0:
40:2e:5e:d6:b9:d5:6e:12:9f:60:d7:24:bf:07:11:
de:4c:46:10:9b:d4:22:83:81:1d:60:f8:d1:01:bb:
8e:73:e4:8e:58:a9:70:a2:a4:97:00:90:d2:9b:80:
6e:01:c1:4d:1d:16:ac:a1:ee:b0:2d:29:ec:df:5d:
76:ab:eb:89:96:29:3d:94:74:43:14:06:89:bf:b1:
eb:4f:dc:b8:87:0b:49:5a:0f:16:7d:32:7b:fb:2d:
ac:76:02:46:c5:0c:14:25:fb:5a:e3:5b:b0:5a:67:
b6:45:e1:65:be:7f:04:f8:fc:e5:88:8e:e6:24:4e:
c5:42:da:e6:2b:76:2d:87:c6:42:e0:d0:64:4c:27:
73:4b:e3:92:e9:85:b1:18:f0:ba:16:7a:1b:a1:65:
53:7d:b1:23:aa:19:6d:17:08:25:d2:11:82:a8:99:
05:98:93:7c:57:4d:31:07:bc:46:dd:1d:d8:8c:0b:
4b:16:c3:29:c5:c7:61:03:33:b2:39:8e:45:58:94:
15:ae:dd:e5:94:64:c2:c8:10:01:12:e1:a3:8d:3c:
64:64:6e:83:33:5f:ab:77:9b:52:e1:4c:6b:45:6c:
5b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:79:56:A4:58:BE:70:3A:3E:73:2B:EC:FA:C4:5A:89:78:99:6E:0F
X509v3 Authority Key Identifier:
keyid:7A:0C:FD:5A:51:01:3E:5F:D6:CA:F8:09:87:80:47:A6:05:EE:9D:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/egz9WlEBPl_WyvgJh4BHpgXunW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ee04d8-49dc-409f-92fc-dd5623048ea2/1/RHlWpFi-cDo-cyvs-sRaiXiZbg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ee04d8-49dc-409f-92fc-dd5623048ea2/1/egz9WlEBPl_WyvgJh4BHpgXunW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.0.0/22
185.171.112.0/22
185.204.204.0-185.204.211.255
185.206.116.0/22
185.208.60.0/22
185.218.32.0/22
185.226.16.0/22
185.234.140.0/22
212.84.56.0/21
IPv6:
2a00:dfc0::/29
2a0a:d100::/29
Signature Algorithm: sha256WithRSAEncryption
02:38:64:09:68:58:ac:11:18:90:f0:b3:bc:db:a8:88:65:58:
08:ad:3d:62:0d:70:0e:b1:b4:99:a7:3a:73:2f:49:db:da:d9:
6a:35:c4:eb:2d:e0:6e:cd:4e:53:15:54:da:e5:2f:85:3a:21:
8e:da:ae:9e:af:d4:8d:c0:eb:1b:35:6e:c6:63:e8:cf:41:05:
e4:be:5d:0b:ac:12:fe:5e:96:9f:9f:fe:41:c8:5a:a5:d5:b0:
9b:51:c9:cd:09:74:db:4e:8c:b1:c3:87:e2:ea:e2:86:8e:6c:
57:f4:7d:53:6b:e1:2e:03:5f:f7:ac:32:31:10:3d:5a:a0:f7:
4c:94:8b:a3:b4:a8:61:b4:51:44:a0:bd:1d:95:75:81:b6:a0:
25:05:a4:3c:68:72:d3:86:03:5b:69:7a:fb:36:ce:15:3f:0f:
a2:bc:9a:e0:85:45:ad:97:54:06:52:a1:c2:b6:da:10:43:71:
40:4d:dd:d2:a8:b0:6d:ed:d2:77:d9:e1:52:ac:8e:72:26:02:
da:d7:11:6c:15:03:99:54:e2:a9:82:de:e5:e1:e8:f8:d5:fa:
f1:63:73:74:ce:1b:2f:03:d7:93:bc:f5:08:fc:f9:57:f3:40:
0f:07:e0:c8:dd:e6:6c:44:31:4b:7f:70:a7:cd:dd:97:ab:24:
9f:f9:f3:cf
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZQhRBJiH6ohL53oSKneaX1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMGNmZDVhNTEwMTNlNWZkNmNhZjgwOTg3ODA0N2E2MDVl
ZTlkNmQwHhcNMjUwMTAxMDk0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDc5NTZhNDU4YmU3MDNhM2U3MzJiZWNmYWM0NWE4OTc4OTk2ZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjkb6yc2FV5BUUKKCSWcWMBgG5ey
Z7OV+l8gvrBALl7WudVuEp9g1yS/BxHeTEYQm9Qig4EdYPjRAbuOc+SOWKlwoqSX
AJDSm4BuAcFNHRasoe6wLSns3112q+uJlik9lHRDFAaJv7HrT9y4hwtJWg8WfTJ7
+y2sdgJGxQwUJfta41uwWme2ReFlvn8E+PzliI7mJE7FQtrmK3Yth8ZC4NBkTCdz
S+OS6YWxGPC6FnoboWVTfbEjqhltFwgl0hGCqJkFmJN8V00xB7xG3R3YjAtLFsMp
xcdhAzOyOY5FWJQVrt3llGTCyBABEuGjjTxkZG6DM1+rd5tS4UxrRWxbQwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFER5VqRYvnA6PnMr7PrEWol4mW4PMB8GA1UdIwQY
MBaAFHoM/VpRAT5f1sr4CYeAR6YF7p1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWd6OVdsRUJQbF9XeXZnSmg0QkhwZ1h1blcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lZTA0ZDgtNDlkYy00MDlmLTkyZmMt
ZGQ1NjIzMDQ4ZWEyLzEvUkhsV3BGaS1jRG8tY3l2cy1zUmFpWGlaYmc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lZTA0ZDgtNDlkYy00MDlmLTkyZmMtZGQ1NjIzMDQ4ZWEy
LzEvZWd6OVdsRUJQbF9XeXZnSmg0QkhwZ1h1blcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQCuUwAAwQC
uatwMAwDBAK5zMwDBAK5zNADBAK5znQDBAK50DwDBAK52iADBAK54hADBAK56owD
BAPUVDgwFAQCAAIwDgMFAyoA38ADBQMqCtEAMA0GCSqGSIb3DQEBCwUAA4IBAQAC
OGQJaFisERiQ8LO826iIZVgIrT1iDXAOsbSZpzpzL0nb2tlqNcTrLeBuzU5TFVTa
5S+FOiGO2q6er9SNwOsbNW7GY+jPQQXkvl0LrBL+Xpafn/5ByFql1bCbUcnNCXTb
Toyxw4fi6uKGjmxX9H1Ta+EuA1/3rDIxED1aoPdMlIujtKhhtFFEoL0dlXWBtqAl
BaQ8aHLThgNbaXr7Ns4VPw+ivJrghUWtl1QGUqHCttoQQ3FATd3SqLBt7dJ32eFS
rI5yJgLa1xFsFQOZVOKpgt7l4ej41frxY3N0zhsvA9eTvPUI/PlX80APB+DI3eZs
RDFLf3Cnzd2XqySf+fPP
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:15:44 2025 by rpki-client