Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/SA8oSTczcAjgQR1zXNlc0Vgrtd0.roa
File: SA8oSTczcAjgQR1zXNlc0Vgrtd0.roa (raw, json)
Hash identifier: fw6Ud0wGZN9ltnlpcBVHmq+wSri7RZaFK71pfthgGyU=
Subject key identifier: 48:0F:28:49:37:33:70:08:E0:41:1D:73:5C:D9:5C:D1:58:2B:B5:DD
Certificate issuer: /CN=d181d0c40951a4f900e4d9dd9c20e4856350920e
Certificate serial: 019425FDC9A53DF5620FF8205F39C2BF7148
Authority key identifier: D1:81:D0:C4:09:51:A4:F9:00:E4:D9:DD:9C:20:E4:85:63:50:92:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0YHQxAlRpPkA5NndnCDkhWNQkg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/SA8oSTczcAjgQR1zXNlc0Vgrtd0.roa
Signing time: Thu 02 Jan 2025 07:49:36 +0000
ROA not before: Thu 02 Jan 2025 07:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205694
IP address blocks: 185.160.152.0/23 maxlen: 23
185.160.152.0/24 maxlen: 24
185.160.153.0/24 maxlen: 24
185.160.154.0/23 maxlen: 23
185.160.154.0/24 maxlen: 24
185.160.155.0/24 maxlen: 24
185.208.184.0/22 maxlen: 22
185.208.184.0/23 maxlen: 23
185.208.184.0/24 maxlen: 24
185.208.185.0/24 maxlen: 24
185.208.186.0/23 maxlen: 23
185.208.186.0/24 maxlen: 24
185.208.187.0/24 maxlen: 24
2a07:c2c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/0YHQxAlRpPkA5NndnCDkhWNQkg4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/0YHQxAlRpPkA5NndnCDkhWNQkg4.mft
rsync://rpki.ripe.net/repository/DEFAULT/0YHQxAlRpPkA5NndnCDkhWNQkg4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c9:a5:3d:f5:62:0f:f8:20:5f:39:c2:bf:71:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d181d0c40951a4f900e4d9dd9c20e4856350920e
Validity
Not Before: Jan 2 07:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=480f284937337008e0411d735cd95cd1582bb5dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f5:97:f9:4f:2d:79:f3:5a:76:2d:ea:ce:5a:
e1:64:dc:e8:ac:db:da:16:c7:56:73:1c:e4:dd:7c:
c2:f2:46:ed:be:8d:f0:52:fb:81:23:eb:be:4a:71:
de:08:99:80:dc:63:9d:be:91:c5:7b:64:58:50:65:
9e:e9:db:6d:b1:7c:5b:31:7c:a8:bc:d5:17:56:62:
38:35:0e:2c:70:7f:fc:96:50:32:4d:26:0d:7a:59:
00:ef:6a:98:97:ce:3d:63:2c:6e:7b:53:ba:25:bc:
37:06:c6:46:4a:e0:79:2d:c2:06:f0:43:bf:df:93:
c4:5b:55:b9:70:d4:9b:91:ae:8f:23:cf:23:ce:5b:
0f:c7:b0:7c:23:bf:51:35:79:7c:7d:b5:74:5d:ac:
a0:e5:83:9e:4a:71:6c:8e:95:92:39:cc:e0:77:ac:
70:0f:5c:67:74:58:2d:73:36:99:0c:d0:95:cb:bd:
dd:d5:71:65:6c:e0:0e:24:5f:3c:3f:be:9f:a3:4e:
54:c3:0d:ac:31:4d:ba:a5:18:80:b5:bd:86:3f:99:
58:43:8d:d6:b6:a5:a7:8f:5c:f7:91:42:63:ca:25:
1a:99:35:af:ae:af:74:3f:0b:50:12:e0:48:3b:3e:
45:33:d3:ca:fd:0f:7a:69:8d:e0:d5:fb:d4:0f:b5:
5e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:0F:28:49:37:33:70:08:E0:41:1D:73:5C:D9:5C:D1:58:2B:B5:DD
X509v3 Authority Key Identifier:
keyid:D1:81:D0:C4:09:51:A4:F9:00:E4:D9:DD:9C:20:E4:85:63:50:92:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0YHQxAlRpPkA5NndnCDkhWNQkg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/SA8oSTczcAjgQR1zXNlc0Vgrtd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/0YHQxAlRpPkA5NndnCDkhWNQkg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.152.0/22
185.208.184.0/22
IPv6:
2a07:c2c0::/29
Signature Algorithm: sha256WithRSAEncryption
c5:f5:fc:f5:f3:b7:b8:b6:43:d5:51:57:1a:ac:a8:d1:3a:07:
15:0b:96:35:5a:4b:5a:a1:cc:98:28:9f:4b:fc:8e:ab:aa:2d:
77:ef:56:7d:b7:47:da:96:5f:09:19:a6:30:98:60:0b:8d:0d:
85:57:86:bc:4d:48:16:10:ac:c2:aa:16:a6:f7:06:e0:b6:f5:
57:f7:7d:89:a0:f3:65:f9:a1:2b:3a:e8:31:9f:9c:bb:be:5d:
32:dd:56:af:48:25:29:61:f4:d6:5c:d6:a1:b2:aa:d1:86:2b:
99:dd:0b:31:ea:b8:5f:4b:ce:ad:7f:73:cf:01:9e:1e:f5:fe:
47:e5:c3:72:f1:e1:ec:b9:df:54:6d:f5:e6:46:43:4c:bb:04:
ba:c5:33:f1:61:12:c2:88:69:c4:fc:8c:58:e6:35:70:1f:f7:
83:25:ee:c8:63:8f:86:b9:2d:3e:7e:bb:7d:2a:9f:60:d1:b9:
ac:77:d5:83:3f:a0:db:16:a6:ab:8b:c2:65:2a:68:7e:4c:f1:
89:f2:14:f4:08:aa:bc:89:c6:a4:6d:3f:9e:1b:b8:3f:d0:3d:
57:c1:6c:50:b7:c0:81:a5:04:a6:1f:71:55:d1:d4:2f:e5:12:
66:58:0e:a3:e9:d3:0c:fc:0a:47:06:cb:4d:da:75:f9:d9:e6:
83:d6:9c:f5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQl/cmlPfViD/ggXznCv3FIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxODFkMGM0MDk1MWE0ZjkwMGU0ZDlkZDljMjBlNDg1NjM1
MDkyMGUwHhcNMjUwMTAyMDc0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODBmMjg0OTM3MzM3MDA4ZTA0MTFkNzM1Y2Q5NWNkMTU4MmJiNWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPWX+U8tefNadi3qzlrhZNzorNva
FsdWcxzk3XzC8kbtvo3wUvuBI+u+SnHeCJmA3GOdvpHFe2RYUGWe6dttsXxbMXyo
vNUXVmI4NQ4scH/8llAyTSYNelkA72qYl849Yyxue1O6Jbw3BsZGSuB5LcIG8EO/
35PEW1W5cNSbka6PI88jzlsPx7B8I79RNXl8fbV0Xayg5YOeSnFsjpWSOczgd6xw
D1xndFgtczaZDNCVy73d1XFlbOAOJF88P76fo05Uww2sMU26pRiAtb2GP5lYQ43W
tqWnj1z3kUJjyiUamTWvrq90PwtQEuBIOz5FM9PK/Q96aY3g1fvUD7VeIQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEgPKEk3M3AI4EEdc1zZXNFYK7XdMB8GA1UdIwQY
MBaAFNGB0MQJUaT5AOTZ3Zwg5IVjUJIOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFlIUXhBbFJwUGtBNU5uZG5DRGtoV05Ra2c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9hOWQ3OWUtYjI4Mi00M2MxLThiOGEt
Mzg4YjgxYzBjOTBjLzEvU0E4b1NUY3pjQWpnUVIxelhObGMwVmdydGQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9hOWQ3OWUtYjI4Mi00M2MxLThiOGEtMzg4YjgxYzBjOTBj
LzEvMFlIUXhBbFJwUGtBNU5uZG5DRGtoV05Ra2c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuaCYAwQC
udC4MA0EAgACMAcDBQMqB8LAMA0GCSqGSIb3DQEBCwUAA4IBAQDF9fz187e4tkPV
UVcarKjROgcVC5Y1WktaocyYKJ9L/I6rqi1371Z9t0fall8JGaYwmGALjQ2FV4a8
TUgWEKzCqham9wbgtvVX932JoPNl+aErOugxn5y7vl0y3VavSCUpYfTWXNahsqrR
hiuZ3Qsx6rhfS86tf3PPAZ4e9f5H5cNy8eHsud9UbfXmRkNMuwS6xTPxYRLCiGnE
/IxY5jVwH/eDJe7IY4+GuS0+frt9Kp9g0bmsd9WDP6DbFqari8JlKmh+TPGJ8hT0
CKq8icakbT+eG7g/0D1XwWxQt8CBpQSmH3FV0dQv5RJmWA6j6dMM/ApHBstN2nX5
2eaD1pz1
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:06 2025 by rpki-client