Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/d40773-cf2d-4198-8b3f-727ab6d07ff2/1/8B-49SRrYWj3BFm1FIacELaGu3s.roa
File: 8B-49SRrYWj3BFm1FIacELaGu3s.roa (raw, json)
Hash identifier: laIZJXxS1vtVLt93zJEWrt+cjjvvJapngvXurJPqS7Y=
Subject key identifier: F0:1F:B8:F5:24:6B:61:68:F7:04:59:B5:14:86:9C:10:B6:86:BB:7B
Certificate issuer: /CN=cc01833c7ee5f343ff093b6c4e6151d0e3645768
Certificate serial: 019420D634BC44014CC22A0679A1F3546EBA
Authority key identifier: CC:01:83:3C:7E:E5:F3:43:FF:09:3B:6C:4E:61:51:D0:E3:64:57:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zAGDPH7l80P_CTtsTmFR0ONkV2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/d40773-cf2d-4198-8b3f-727ab6d07ff2/1/8B-49SRrYWj3BFm1FIacELaGu3s.roa
Signing time: Wed 01 Jan 2025 07:48:16 +0000
ROA not before: Wed 01 Jan 2025 07:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213002
IP address blocks: 185.210.92.0/24 maxlen: 24
185.210.93.0/24 maxlen: 24
185.210.94.0/24 maxlen: 24
185.210.95.0/24 maxlen: 24
2a0b:5540::/33 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/d40773-cf2d-4198-8b3f-727ab6d07ff2/1/zAGDPH7l80P_CTtsTmFR0ONkV2g.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/d40773-cf2d-4198-8b3f-727ab6d07ff2/1/zAGDPH7l80P_CTtsTmFR0ONkV2g.mft
rsync://rpki.ripe.net/repository/DEFAULT/zAGDPH7l80P_CTtsTmFR0ONkV2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:34:bc:44:01:4c:c2:2a:06:79:a1:f3:54:6e:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc01833c7ee5f343ff093b6c4e6151d0e3645768
Validity
Not Before: Jan 1 07:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f01fb8f5246b6168f70459b514869c10b686bb7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:77:e6:ef:76:1b:26:c0:2b:79:06:67:46:a4:
75:9f:3f:0e:3b:88:bf:32:b2:5d:f3:79:de:9c:66:
6c:d7:fb:04:69:05:3f:e2:32:c6:32:bd:1c:fb:47:
fa:f8:68:e7:e3:89:a7:a1:1c:01:6e:ae:89:83:3d:
55:a7:0b:8c:f5:32:74:b6:ef:ba:cb:a1:dd:10:60:
50:65:d7:a4:4c:b9:f6:0f:3c:41:e9:d3:74:cd:0c:
a5:b8:cf:04:01:a2:cc:3a:ed:35:8a:dd:53:e8:74:
03:75:3a:a1:fb:96:74:7f:b8:81:dd:0b:72:e5:a8:
0c:7c:c6:53:5f:2e:a7:90:85:c6:d2:22:07:2c:a5:
d1:4a:43:b1:1b:65:df:a0:32:1f:4c:9a:c6:dc:ed:
79:36:6b:21:e8:e9:43:8f:9c:ad:4b:48:1a:a9:f3:
19:fc:c2:5f:56:ec:e8:68:8f:9d:ca:d7:35:8c:90:
95:13:a4:60:ab:fc:0b:c7:6b:29:d8:0f:b8:f1:8c:
5d:4a:b3:4c:b2:8a:62:96:1d:3c:44:89:43:fa:1e:
d7:17:3b:e1:74:ac:0e:1a:93:b5:97:d4:0a:4b:44:
48:ca:e2:44:e3:07:0c:70:f7:08:d8:78:54:cb:a0:
2a:1a:fa:2f:dc:4e:b8:7f:0d:3a:87:b6:a2:70:b8:
b2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:1F:B8:F5:24:6B:61:68:F7:04:59:B5:14:86:9C:10:B6:86:BB:7B
X509v3 Authority Key Identifier:
keyid:CC:01:83:3C:7E:E5:F3:43:FF:09:3B:6C:4E:61:51:D0:E3:64:57:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zAGDPH7l80P_CTtsTmFR0ONkV2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/d40773-cf2d-4198-8b3f-727ab6d07ff2/1/8B-49SRrYWj3BFm1FIacELaGu3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/d40773-cf2d-4198-8b3f-727ab6d07ff2/1/zAGDPH7l80P_CTtsTmFR0ONkV2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.92.0/22
IPv6:
2a0b:5540::/33
Signature Algorithm: sha256WithRSAEncryption
a8:c1:e2:2f:db:c5:6c:d1:41:66:48:40:a5:af:b2:7d:e1:c1:
6e:c0:e2:76:e7:39:8c:0c:f7:f0:59:97:59:c7:9b:20:76:8f:
ac:18:ed:a4:b1:ba:12:0e:33:a9:1d:41:96:84:75:12:30:b0:
a3:19:d9:2a:53:f5:f6:f4:cb:3a:df:f3:f2:a0:16:84:f3:4d:
b8:f3:6d:c9:80:38:c0:bb:69:30:2b:89:0b:70:0b:63:10:ab:
fc:81:62:15:4d:10:73:a0:82:02:ab:6d:e9:e0:09:83:f2:fd:
63:35:d6:de:4e:58:50:80:e8:7f:7f:ea:46:d3:2e:d1:21:22:
d0:04:f0:45:37:ff:d7:30:ab:b3:dc:19:c3:8e:26:94:34:50:
4d:e7:40:48:68:7a:5a:6b:73:e4:8b:ab:16:fa:f2:5f:63:38:
f3:95:ba:d3:eb:53:29:1f:a3:cd:73:96:3d:6e:ec:a3:14:1c:
bc:2a:6b:40:ec:63:be:9d:f5:90:1c:79:e5:50:a4:12:88:dd:
af:fe:e3:61:f6:43:e6:15:f6:22:9f:66:fa:e4:7f:26:5f:4f:
42:b9:18:99:ec:67:9e:3a:30:2c:25:3b:03:15:ba:ca:7f:36:
ae:1a:52:2d:fd:ac:07:ad:0b:83:7e:3a:85:1e:57:39:20:45:
a1:24:2e:a5
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQg1jS8RAFMwioGeaHzVG66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMDE4MzNjN2VlNWYzNDNmZjA5M2I2YzRlNjE1MWQwZTM2
NDU3NjgwHhcNMjUwMTAxMDc0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDFmYjhmNTI0NmI2MTY4ZjcwNDU5YjUxNDg2OWMxMGI2ODZiYjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Xfm73YbJsAreQZnRqR1nz8OO4i/
MrJd83nenGZs1/sEaQU/4jLGMr0c+0f6+Gjn44mnoRwBbq6Jgz1VpwuM9TJ0tu+6
y6HdEGBQZdekTLn2DzxB6dN0zQyluM8EAaLMOu01it1T6HQDdTqh+5Z0f7iB3Qty
5agMfMZTXy6nkIXG0iIHLKXRSkOxG2XfoDIfTJrG3O15Nmsh6OlDj5ytS0gaqfMZ
/MJfVuzoaI+dytc1jJCVE6Rgq/wLx2sp2A+48YxdSrNMsopilh08RIlD+h7XFzvh
dKwOGpO1l9QKS0RIyuJE4wcMcPcI2HhUy6AqGvov3E64fw06h7aicLiyTwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPAfuPUka2Fo9wRZtRSGnBC2hrt7MB8GA1UdIwQY
MBaAFMwBgzx+5fND/wk7bE5hUdDjZFdoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekFHRFBIN2w4MFBfQ1R0c1RtRlIwT05rVjJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9kNDA3NzMtY2YyZC00MTk4LThiM2Yt
NzI3YWI2ZDA3ZmYyLzEvOEItNDlTUnJZV2ozQkZtMUZJYWNFTGFHdTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9kNDA3NzMtY2YyZC00MTk4LThiM2YtNzI3YWI2ZDA3ZmYy
LzEvekFHRFBIN2w4MFBfQ1R0c1RtRlIwT05rVjJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCudJcMA4E
AgACMAgDBgcqC1VAADANBgkqhkiG9w0BAQsFAAOCAQEAqMHiL9vFbNFBZkhApa+y
feHBbsDiduc5jAz38FmXWcebIHaPrBjtpLG6Eg4zqR1BloR1EjCwoxnZKlP19vTL
Ot/z8qAWhPNNuPNtyYA4wLtpMCuJC3ALYxCr/IFiFU0Qc6CCAqtt6eAJg/L9YzXW
3k5YUIDof3/qRtMu0SEi0ATwRTf/1zCrs9wZw44mlDRQTedASGh6Wmtz5IurFvry
X2M485W60+tTKR+jzXOWPW7soxQcvCprQOxjvp31kBx55VCkEojdr/7jYfZD5hX2
Ip9m+uR/Jl9PQrkYmexnnjowLCU7AxW6yn82rhpSLf2sB60Lg346hR5XOSBFoSQu
pQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 21:49:08 2025 by rpki-client