Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/6451ef-32d2-4f51-b3bd-9d1cda23ec4f/1/0U0iwiffVettO-vogpqMch7csq4.roa
File: 0U0iwiffVettO-vogpqMch7csq4.roa (raw, json)
Hash identifier: uPiED/FamX8UNur9ecAQaLp7MXQZVhIJRf73CMOjMOY=
Subject key identifier: D1:4D:22:C2:27:DF:55:EB:6D:3B:EB:E8:82:9A:8C:72:1E:DC:B2:AE
Certificate issuer: /CN=7813663c64a5da8dcaf5b3acfd3eeaf835b41a53
Certificate serial: 019420D631B16125593D388F2C9B89CB8AB0
Authority key identifier: 78:13:66:3C:64:A5:DA:8D:CA:F5:B3:AC:FD:3E:EA:F8:35:B4:1A:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eBNmPGSl2o3K9bOs_T7q-DW0GlM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/6451ef-32d2-4f51-b3bd-9d1cda23ec4f/1/0U0iwiffVettO-vogpqMch7csq4.roa
Signing time: Wed 01 Jan 2025 07:48:15 +0000
ROA not before: Wed 01 Jan 2025 07:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59794
IP address blocks: 185.211.88.0/22 maxlen: 22
185.211.88.0/23 maxlen: 23
185.211.88.0/24 maxlen: 24
185.211.89.0/24 maxlen: 24
185.211.90.0/23 maxlen: 23
185.211.90.0/24 maxlen: 24
185.211.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/6451ef-32d2-4f51-b3bd-9d1cda23ec4f/1/eBNmPGSl2o3K9bOs_T7q-DW0GlM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/6451ef-32d2-4f51-b3bd-9d1cda23ec4f/1/eBNmPGSl2o3K9bOs_T7q-DW0GlM.mft
rsync://rpki.ripe.net/repository/DEFAULT/eBNmPGSl2o3K9bOs_T7q-DW0GlM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:31:b1:61:25:59:3d:38:8f:2c:9b:89:cb:8a:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7813663c64a5da8dcaf5b3acfd3eeaf835b41a53
Validity
Not Before: Jan 1 07:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d14d22c227df55eb6d3bebe8829a8c721edcb2ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b4:2d:fb:2c:15:b2:f2:6c:71:95:d8:a0:8c:
2a:bd:8b:06:16:52:8d:e2:24:91:2e:40:50:dc:fd:
b5:3b:45:ca:ad:66:22:8f:7d:b8:bf:4b:76:25:ad:
c1:47:51:10:f7:90:b9:58:1e:85:ac:1d:2d:97:4e:
cc:f4:c4:6a:73:35:16:08:4e:2c:7d:db:c5:fb:c0:
fd:29:58:28:a3:3f:c4:4c:93:96:a6:39:5c:7d:01:
bd:4e:28:e5:16:e1:4c:3c:ca:0c:9b:d8:97:6f:bb:
1f:69:13:2e:2d:80:60:b2:b0:3c:b0:84:2e:97:b9:
a1:f6:a8:a5:d9:c8:3b:a0:37:63:5c:34:19:7c:fb:
d8:bb:cb:29:89:a4:37:1b:f7:e4:72:11:01:be:55:
78:4e:a1:1f:2a:7c:a7:c7:b1:3d:d2:e1:f4:eb:48:
0e:20:3f:ac:10:3c:4a:0a:a9:3b:e8:97:52:b2:12:
f6:16:b9:b9:44:0f:fe:94:3a:f0:04:24:79:eb:ba:
6a:1f:fe:02:84:df:60:e5:b3:b5:1d:b8:bd:45:24:
aa:6f:67:81:74:f4:bf:15:56:bb:df:ac:1a:03:a7:
14:d1:1e:e5:5f:d0:1b:b8:66:44:8e:98:f1:d9:00:
a0:4d:c5:f2:af:9c:12:8c:64:66:7d:e3:ee:ce:dd:
4b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:4D:22:C2:27:DF:55:EB:6D:3B:EB:E8:82:9A:8C:72:1E:DC:B2:AE
X509v3 Authority Key Identifier:
keyid:78:13:66:3C:64:A5:DA:8D:CA:F5:B3:AC:FD:3E:EA:F8:35:B4:1A:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eBNmPGSl2o3K9bOs_T7q-DW0GlM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6451ef-32d2-4f51-b3bd-9d1cda23ec4f/1/0U0iwiffVettO-vogpqMch7csq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6451ef-32d2-4f51-b3bd-9d1cda23ec4f/1/eBNmPGSl2o3K9bOs_T7q-DW0GlM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.88.0/22
Signature Algorithm: sha256WithRSAEncryption
62:e5:cb:47:e5:bf:6a:eb:ba:fb:ea:62:af:21:b6:0d:b9:4c:
4a:df:63:92:8c:db:1f:b5:21:d6:0f:b0:ae:39:82:55:e8:05:
eb:48:d9:0b:00:ef:ad:30:6d:9b:28:92:de:d2:11:74:de:c2:
67:d8:a8:fb:ff:eb:2c:07:58:bf:23:9c:3f:c6:81:41:9c:79:
64:2b:d0:17:18:48:7a:16:50:df:e1:95:b8:a7:da:8f:56:ad:
c3:7d:79:e8:4b:58:cf:32:e9:b4:cf:62:be:ce:80:1d:91:a1:
66:21:07:4b:5d:b8:d8:86:ed:44:51:cb:17:a6:fe:33:b6:f7:
60:a4:cf:70:63:92:86:2a:e3:db:4b:24:59:5f:18:fc:14:28:
44:f0:e7:40:a4:f3:f4:a5:59:83:c4:13:49:ce:51:75:df:f0:
0e:0b:89:0e:0d:83:e6:62:eb:a9:87:a6:0f:a1:e1:30:70:c7:
32:93:fa:bf:71:58:df:7a:59:8e:7b:59:1b:f8:86:9f:d0:66:
df:cd:60:3b:02:f3:3b:ea:65:25:cc:31:8e:d3:ee:75:41:d3:
36:73:10:3e:48:e3:3c:f7:9b:d8:61:db:45:83:0b:0e:90:bc:
35:b2:4b:95:50:f7:ed:0b:7c:86:f3:46:92:54:ad:53:0a:13:
d1:d2:e0:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1jGxYSVZPTiPLJuJy4qwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MTM2NjNjNjRhNWRhOGRjYWY1YjNhY2ZkM2VlYWY4MzVi
NDFhNTMwHhcNMjUwMTAxMDc0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTRkMjJjMjI3ZGY1NWViNmQzYmViZTg4MjlhOGM3MjFlZGNiMmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbQt+ywVsvJscZXYoIwqvYsGFlKN
4iSRLkBQ3P21O0XKrWYij324v0t2Ja3BR1EQ95C5WB6FrB0tl07M9MRqczUWCE4s
fdvF+8D9KVgooz/ETJOWpjlcfQG9TijlFuFMPMoMm9iXb7sfaRMuLYBgsrA8sIQu
l7mh9qil2cg7oDdjXDQZfPvYu8spiaQ3G/fkchEBvlV4TqEfKnynx7E90uH060gO
ID+sEDxKCqk76JdSshL2Frm5RA/+lDrwBCR567pqH/4ChN9g5bO1Hbi9RSSqb2eB
dPS/FVa736waA6cU0R7lX9AbuGZEjpjx2QCgTcXyr5wSjGRmfePuzt1LGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNFNIsIn31XrbTvr6IKajHIe3LKuMB8GA1UdIwQY
MBaAFHgTZjxkpdqNyvWzrP0+6vg1tBpTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUJObVBHU2wybzNLOWJPc19UN3EtRFcwR2xNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy82NDUxZWYtMzJkMi00ZjUxLWIzYmQt
OWQxY2RhMjNlYzRmLzEvMFUwaXdpZmZWZXR0Ty12b2dwcU1jaDdjc3E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy82NDUxZWYtMzJkMi00ZjUxLWIzYmQtOWQxY2RhMjNlYzRm
LzEvZUJObVBHU2wybzNLOWJPc19UN3EtRFcwR2xNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudNYMA0G
CSqGSIb3DQEBCwUAA4IBAQBi5ctH5b9q67r76mKvIbYNuUxK32OSjNsftSHWD7Cu
OYJV6AXrSNkLAO+tMG2bKJLe0hF03sJn2Kj7/+ssB1i/I5w/xoFBnHlkK9AXGEh6
FlDf4ZW4p9qPVq3DfXnoS1jPMum0z2K+zoAdkaFmIQdLXbjYhu1EUcsXpv4ztvdg
pM9wY5KGKuPbSyRZXxj8FChE8OdApPP0pVmDxBNJzlF13/AOC4kODYPmYuuph6YP
oeEwcMcyk/q/cVjfelmOe1kb+Iaf0GbfzWA7AvM76mUlzDGO0+51QdM2cxA+SOM8
95vYYdtFgwsOkLw1skuVUPftC3yG80aSVK1TChPR0uBB
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:53:42 2025 by rpki-client