Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/d40773-cf2d-4198-8b3f-727ab6d07ff2/1/v23lFIw4nxT1-duGpgMU0lSEXsw.roa
File: v23lFIw4nxT1-duGpgMU0lSEXsw.roa (raw, json)
Hash identifier: 2n1Sc1V33Lym9tDfU6XAMI/RVBz4882qQ4ovgAYz3MY=
Subject key identifier: BF:6D:E5:14:8C:38:9F:14:F5:F9:DB:86:A6:03:14:D2:54:84:5E:CC
Certificate issuer: /CN=cc01833c7ee5f343ff093b6c4e6151d0e3645768
Certificate serial: 0194F4E51A8F81E3447BDC473DEA2344D5AA
Authority key identifier: CC:01:83:3C:7E:E5:F3:43:FF:09:3B:6C:4E:61:51:D0:E3:64:57:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zAGDPH7l80P_CTtsTmFR0ONkV2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/d40773-cf2d-4198-8b3f-727ab6d07ff2/1/v23lFIw4nxT1-duGpgMU0lSEXsw.roa
Signing time: Tue 11 Feb 2025 12:04:02 +0000
ROA not before: Tue 11 Feb 2025 12:04:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34828
IP address blocks: 185.210.92.0/24 maxlen: 24
185.210.93.0/24 maxlen: 24
185.210.94.0/24 maxlen: 24
185.210.95.0/24 maxlen: 24
2a0b:5540::/33 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/d40773-cf2d-4198-8b3f-727ab6d07ff2/1/zAGDPH7l80P_CTtsTmFR0ONkV2g.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/d40773-cf2d-4198-8b3f-727ab6d07ff2/1/zAGDPH7l80P_CTtsTmFR0ONkV2g.mft
rsync://rpki.ripe.net/repository/DEFAULT/zAGDPH7l80P_CTtsTmFR0ONkV2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f4:e5:1a:8f:81:e3:44:7b:dc:47:3d:ea:23:44:d5:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc01833c7ee5f343ff093b6c4e6151d0e3645768
Validity
Not Before: Feb 11 12:04:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf6de5148c389f14f5f9db86a60314d254845ecc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ff:d4:05:05:1d:81:af:71:22:69:3d:be:02:
34:26:72:c4:0c:78:30:66:2a:c8:d9:ea:ec:1b:9d:
27:e2:fa:36:7a:eb:df:20:a7:2c:fd:a0:6a:37:32:
e8:e6:ea:56:56:e3:a1:e4:88:a0:60:f5:56:5c:ad:
c3:2b:d7:14:fc:ca:2c:34:5a:1b:a4:87:e0:95:b1:
bf:bd:b2:47:ab:c8:3c:dc:c5:09:1a:3c:a3:62:97:
2d:39:e2:b5:2e:4a:fa:b9:c9:ae:0f:20:34:90:30:
d2:59:ae:a3:07:17:20:c0:b5:d0:d0:42:9b:13:03:
4c:12:e5:6e:13:b7:a3:b9:8d:fd:cd:e1:79:8f:b1:
29:c8:54:66:82:0c:4b:9b:ab:38:44:9f:e1:11:67:
08:3d:1d:98:4e:71:14:d8:ed:08:d3:2e:64:1c:4a:
e4:e7:14:2e:95:6b:90:d3:5a:b4:1a:51:91:8b:96:
ad:10:b5:86:6f:d8:0a:85:5f:f8:32:70:ab:9a:5f:
39:5b:03:b5:72:7b:a4:38:92:f5:e7:0e:e7:6f:42:
98:19:c6:68:69:f3:ef:1f:f6:9d:89:87:f3:1d:e3:
32:50:cd:19:24:cc:fe:bb:e4:99:8e:9b:f9:f6:56:
19:44:a7:41:8b:d2:a9:da:5b:82:0b:77:d9:6d:57:
e9:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:6D:E5:14:8C:38:9F:14:F5:F9:DB:86:A6:03:14:D2:54:84:5E:CC
X509v3 Authority Key Identifier:
keyid:CC:01:83:3C:7E:E5:F3:43:FF:09:3B:6C:4E:61:51:D0:E3:64:57:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zAGDPH7l80P_CTtsTmFR0ONkV2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/d40773-cf2d-4198-8b3f-727ab6d07ff2/1/v23lFIw4nxT1-duGpgMU0lSEXsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/d40773-cf2d-4198-8b3f-727ab6d07ff2/1/zAGDPH7l80P_CTtsTmFR0ONkV2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.92.0/22
IPv6:
2a0b:5540::/33
Signature Algorithm: sha256WithRSAEncryption
39:11:36:a2:7f:a1:f0:64:2d:ce:f7:81:2a:a6:5d:b6:d2:cd:
2e:bd:9e:99:d2:8b:e9:72:ed:f4:5b:b6:1c:85:ed:c6:70:8d:
15:96:f3:ad:4d:d0:35:06:1d:d9:5f:a7:ee:3d:87:7a:3b:44:
76:00:3d:2e:64:2d:8c:eb:a1:b3:7b:ba:50:11:99:79:a2:b6:
ca:17:ac:e5:f4:d6:17:24:bf:36:00:c0:36:82:e9:a9:88:b9:
69:80:29:b0:3d:5c:64:05:99:ad:d1:c9:39:ed:17:94:29:63:
1d:72:16:c2:5d:a1:ce:d1:46:e6:22:f1:34:57:db:75:2e:9e:
7e:b9:f6:fc:b8:a4:03:bc:3d:fc:3f:e8:e2:85:e8:d9:86:f6:
4b:01:21:59:44:50:f2:93:b2:75:53:0a:20:93:3f:26:92:7f:
23:9e:73:19:4f:81:63:90:6c:ef:86:84:85:96:18:f1:72:44:
f5:88:4b:68:29:6e:06:39:4c:73:bd:6a:00:c0:9b:63:e9:39:
62:7e:75:e5:00:2f:06:3f:f8:76:07:3b:7d:05:a5:4a:a5:68:
4d:3a:34:49:2e:b7:4b:01:bb:29:82:8a:70:53:16:78:b8:b7:
b2:94:9b:4c:ff:22:38:58:96:81:54:a8:02:1c:95:c2:7a:9e:
95:35:c9:4d
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZT05RqPgeNEe9xHPeojRNWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMDE4MzNjN2VlNWYzNDNmZjA5M2I2YzRlNjE1MWQwZTM2
NDU3NjgwHhcNMjUwMjExMTIwNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjZkZTUxNDhjMzg5ZjE0ZjVmOWRiODZhNjAzMTRkMjU0ODQ1ZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv/UBQUdga9xImk9vgI0JnLEDHgw
ZirI2ersG50n4vo2euvfIKcs/aBqNzLo5upWVuOh5IigYPVWXK3DK9cU/MosNFob
pIfglbG/vbJHq8g83MUJGjyjYpctOeK1Lkr6ucmuDyA0kDDSWa6jBxcgwLXQ0EKb
EwNMEuVuE7ejuY39zeF5j7EpyFRmggxLm6s4RJ/hEWcIPR2YTnEU2O0I0y5kHErk
5xQulWuQ01q0GlGRi5atELWGb9gKhV/4MnCrml85WwO1cnukOJL15w7nb0KYGcZo
afPvH/adiYfzHeMyUM0ZJMz+u+SZjpv59lYZRKdBi9Kp2luCC3fZbVfpNQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFL9t5RSMOJ8U9fnbhqYDFNJUhF7MMB8GA1UdIwQY
MBaAFMwBgzx+5fND/wk7bE5hUdDjZFdoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekFHRFBIN2w4MFBfQ1R0c1RtRlIwT05rVjJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9kNDA3NzMtY2YyZC00MTk4LThiM2Yt
NzI3YWI2ZDA3ZmYyLzEvdjIzbEZJdzRueFQxLWR1R3BnTVUwbFNFWHN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9kNDA3NzMtY2YyZC00MTk4LThiM2YtNzI3YWI2ZDA3ZmYy
LzEvekFHRFBIN2w4MFBfQ1R0c1RtRlIwT05rVjJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCudJcMA4E
AgACMAgDBgcqC1VAADANBgkqhkiG9w0BAQsFAAOCAQEAORE2on+h8GQtzveBKqZd
ttLNLr2emdKL6XLt9Fu2HIXtxnCNFZbzrU3QNQYd2V+n7j2HejtEdgA9LmQtjOuh
s3u6UBGZeaK2yhes5fTWFyS/NgDANoLpqYi5aYApsD1cZAWZrdHJOe0XlCljHXIW
wl2hztFG5iLxNFfbdS6efrn2/LikA7w9/D/o4oXo2Yb2SwEhWURQ8pOydVMKIJM/
JpJ/I55zGU+BY5Bs74aEhZYY8XJE9YhLaCluBjlMc71qAMCbY+k5Yn515QAvBj/4
dgc7fQWlSqVoTTo0SS63SwG7KYKKcFMWeLi3spSbTP8iOFiWgVSoAhyVwnqelTXJ
TQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:40:39 2025 by rpki-client