Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/RJkO8AUrZrMkwWrIpOKAj9ZRQns.roa
File: RJkO8AUrZrMkwWrIpOKAj9ZRQns.roa (raw, json)
Hash identifier: DMl9U1g0NhHcsK5udeo5/s32paUDRQXnGqAqFKyzYXk=
Subject key identifier: 44:99:0E:F0:05:2B:66:B3:24:C1:6A:C8:A4:E2:80:8F:D6:51:42:7B
Certificate issuer: /CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Certificate serial: 019424449B0CCD1CE7AB20A11A3504D6F070
Authority key identifier: 8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/RJkO8AUrZrMkwWrIpOKAj9ZRQns.roa
Signing time: Wed 01 Jan 2025 23:47:43 +0000
ROA not before: Wed 01 Jan 2025 23:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206119
IP address blocks: 185.213.169.0/24 maxlen: 24
185.213.170.0/24 maxlen: 24
185.213.171.0/24 maxlen: 24
194.0.207.0/24 maxlen: 24
2a0b:8b40::/32 maxlen: 32
2a0b:8b41::/32 maxlen: 32
2a0b:8b42::/32 maxlen: 32
2a0b:8b43::/32 maxlen: 32
2a0b:8b44::/32 maxlen: 32
2a0b:8b45::/32 maxlen: 32
2a0b:8b46::/32 maxlen: 32
2a0b:8b47::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/jYkiPB8zXAzFaTWfot2jSaIjbMs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/jYkiPB8zXAzFaTWfot2jSaIjbMs.mft
rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 23:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:9b:0c:cd:1c:e7:ab:20:a1:1a:35:04:d6:f0:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Validity
Not Before: Jan 1 23:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44990ef0052b66b324c16ac8a4e2808fd651427b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:80:f8:72:22:1b:8a:cd:05:2c:bb:33:f2:cf:
43:11:12:2b:95:2e:17:7c:ca:96:e1:b6:41:bb:ff:
05:e8:61:d9:0b:f1:79:55:7e:fd:bf:d1:ff:ea:1d:
a4:bc:6d:5d:74:73:d8:6a:e1:2c:be:0f:68:9f:50:
b9:cb:71:e2:a8:83:7d:54:79:6f:42:43:30:1d:f2:
0b:30:a7:c8:67:4c:d7:33:fa:1d:54:de:17:29:7f:
c0:95:f9:15:41:e2:f0:10:28:37:77:a9:3d:01:88:
c3:7b:70:74:b9:62:1d:66:0b:ab:2a:9e:a9:15:b6:
5f:d2:29:10:87:09:5d:c6:1b:da:1c:88:a7:24:d9:
88:f3:67:9c:d0:5c:a8:d1:d4:e0:23:92:a5:78:16:
d6:0c:fe:3d:a4:7f:b8:1d:3c:21:58:80:63:d1:4e:
48:42:8c:53:ca:aa:57:eb:2f:4e:eb:ec:45:3f:c3:
8a:db:64:5b:31:64:4b:bb:e4:4d:ab:3b:ae:0a:f2:
96:75:cf:88:5c:c1:7a:eb:28:0d:d4:9c:85:5b:ca:
e7:d3:3a:e6:a7:9e:dc:75:26:86:f6:89:94:d2:c5:
64:0d:1f:87:11:20:a8:03:5c:0f:97:53:63:5d:56:
b6:f8:83:63:e4:87:b4:14:92:2c:19:22:f7:0c:4d:
79:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:99:0E:F0:05:2B:66:B3:24:C1:6A:C8:A4:E2:80:8F:D6:51:42:7B
X509v3 Authority Key Identifier:
keyid:8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/RJkO8AUrZrMkwWrIpOKAj9ZRQns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/jYkiPB8zXAzFaTWfot2jSaIjbMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.169.0-185.213.171.255
194.0.207.0/24
IPv6:
2a0b:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
82:0f:c0:8c:ab:d5:d2:d9:ee:61:52:a5:c2:be:53:f9:96:09:
d6:82:87:dd:8a:f4:4a:1f:75:dc:c6:8e:05:61:79:58:89:8d:
7e:3e:7f:52:da:09:50:71:a2:c0:fb:bb:c7:cf:71:83:45:c9:
be:eb:e4:c8:2b:85:f1:04:a9:f5:71:16:fc:74:7c:ab:a1:5d:
a4:c0:ec:07:7d:89:0e:da:f2:4b:65:69:94:9c:11:0a:8f:ed:
82:af:b8:05:a5:9b:16:90:14:2c:3c:fa:23:53:d1:34:66:f2:
4c:b0:bb:87:06:32:ed:30:83:c9:44:53:47:4a:65:25:04:1d:
72:99:c7:34:52:9c:2e:80:fa:4d:6f:2c:41:36:47:10:d3:59:
aa:f7:fe:ab:d5:c7:ae:f8:40:0c:08:a3:a4:25:3f:f1:c0:97:
bb:f2:1f:f6:df:65:3d:e6:0d:7f:10:3f:27:ba:13:19:20:1e:
83:53:45:a5:17:41:9e:d7:7b:7a:7c:a4:57:a1:6e:59:b0:21:
16:40:f8:cf:97:99:53:a3:0a:f1:f2:10:7f:d8:98:75:11:43:
7a:f1:63:47:2d:e5:9c:6e:8c:92:05:31:97:01:28:f3:b9:e1:
8d:8e:d5:77:1a:d6:35:14:a2:3f:5f:b8:a3:d3:47:55:f0:8c:
76:57:ca:7f
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQkRJsMzRznqyChGjUE1vBwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODkyMjNjMWYzMzVjMGNjNTY5MzU5ZmEyZGRhMzQ5YTIy
MzZjY2IwHhcNMjUwMTAxMjM0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDk5MGVmMDA1MmI2NmIzMjRjMTZhYzhhNGUyODA4ZmQ2NTE0MjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24D4ciIbis0FLLsz8s9DERIrlS4X
fMqW4bZBu/8F6GHZC/F5VX79v9H/6h2kvG1ddHPYauEsvg9on1C5y3HiqIN9VHlv
QkMwHfILMKfIZ0zXM/odVN4XKX/AlfkVQeLwECg3d6k9AYjDe3B0uWIdZgurKp6p
FbZf0ikQhwldxhvaHIinJNmI82ec0Fyo0dTgI5KleBbWDP49pH+4HTwhWIBj0U5I
QoxTyqpX6y9O6+xFP8OK22RbMWRLu+RNqzuuCvKWdc+IXMF66ygN1JyFW8rn0zrm
p57cdSaG9omU0sVkDR+HESCoA1wPl1NjXVa2+INj5Ie0FJIsGSL3DE15MQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFESZDvAFK2azJMFqyKTigI/WUUJ7MB8GA1UdIwQY
MBaAFI2JIjwfM1wMxWk1n6Ldo0miI2zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAt
YTEwMjhlZGE2MzgzLzEvUkprTzhBVXJack1rd1dySXBPS0FqOVpSUW5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAtYTEwMjhlZGE2Mzgz
LzEvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAC51akD
BAK51agDBADCAM8wDQQCAAIwBwMFAyoLi0AwDQYJKoZIhvcNAQELBQADggEBAIIP
wIyr1dLZ7mFSpcK+U/mWCdaCh92K9EofddzGjgVheViJjX4+f1LaCVBxosD7u8fP
cYNFyb7r5MgrhfEEqfVxFvx0fKuhXaTA7Ad9iQ7a8ktlaZScEQqP7YKvuAWlmxaQ
FCw8+iNT0TRm8kywu4cGMu0wg8lEU0dKZSUEHXKZxzRSnC6A+k1vLEE2RxDTWar3
/qvVx674QAwIo6QlP/HAl7vyH/bfZT3mDX8QPye6ExkgHoNTRaUXQZ7Xe3p8pFeh
blmwIRZA+M+XmVOjCvHyEH/YmHURQ3rxY0ct5ZxujJIFMZcBKPO54Y2O1Xca1jUU
oj9fuKPTR1XwjHZXyn8=
-----END CERTIFICATE-----
Generated at Thu Apr 10 09:34:37 2025 by rpki-client