Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/07cc25-8597-430b-bc52-448b9b95b09e/1/B5YSYjeYr4Sz9pWORRaMRNqbLdo.roa
File: B5YSYjeYr4Sz9pWORRaMRNqbLdo.roa (raw, json)
Hash identifier: fM1qwPfPzh4uHHiPxXWA1vmQEzz1cIIEo/UJMyl+wj4=
Subject key identifier: 07:96:12:62:37:98:AF:84:B3:F6:95:8E:45:16:8C:44:DA:9B:2D:DA
Certificate issuer: /CN=26d38293f669db48b6d0bd1036adfdef6bd3d375
Certificate serial: 019425FC04B70991EDD3188A75990316DD50
Authority key identifier: 26:D3:82:93:F6:69:DB:48:B6:D0:BD:10:36:AD:FD:EF:6B:D3:D3:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JtOCk_Zp20i20L0QNq3972vT03U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/07cc25-8597-430b-bc52-448b9b95b09e/1/B5YSYjeYr4Sz9pWORRaMRNqbLdo.roa
Signing time: Thu 02 Jan 2025 07:47:40 +0000
ROA not before: Thu 02 Jan 2025 07:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49956
IP address blocks: 185.52.120.0/22 maxlen: 22
185.114.168.0/22 maxlen: 22
185.114.220.0/22 maxlen: 22
185.163.8.0/22 maxlen: 22
185.166.10.0/24 maxlen: 24
194.54.76.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/07cc25-8597-430b-bc52-448b9b95b09e/1/JtOCk_Zp20i20L0QNq3972vT03U.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/07cc25-8597-430b-bc52-448b9b95b09e/1/JtOCk_Zp20i20L0QNq3972vT03U.mft
rsync://rpki.ripe.net/repository/DEFAULT/JtOCk_Zp20i20L0QNq3972vT03U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:04:b7:09:91:ed:d3:18:8a:75:99:03:16:dd:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26d38293f669db48b6d0bd1036adfdef6bd3d375
Validity
Not Before: Jan 2 07:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=079612623798af84b3f6958e45168c44da9b2dda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:01:76:9f:ee:47:01:6c:b5:34:ed:02:a0:bd:
fa:92:40:c3:07:50:7f:96:e2:2c:77:57:1a:ba:a7:
ea:0a:9b:00:49:d4:ab:29:a3:87:f5:cb:24:03:a4:
f6:13:3d:13:46:11:9d:39:6c:94:25:00:83:13:5e:
7e:38:b8:03:56:73:da:f4:5f:37:e5:ae:cb:3c:fc:
1b:c6:b8:5d:19:9c:32:27:56:45:f4:81:3c:c0:cb:
c7:73:34:f3:76:51:73:6b:bb:7b:39:ab:a7:75:2e:
0a:81:2b:c0:5e:09:2a:e3:68:81:c0:2d:0f:34:83:
4b:14:8a:ad:96:c6:81:20:78:c2:87:61:de:2d:41:
06:a8:0a:fc:f8:cb:32:a2:4b:ce:53:b5:00:7f:fd:
50:f4:46:e0:d8:39:4c:55:7b:9b:23:9b:91:46:83:
cf:9b:47:dc:79:0e:9c:3d:3b:dc:84:82:c2:aa:ec:
ba:a9:d8:28:32:41:2a:c7:f4:6a:90:51:7c:72:db:
0e:98:b5:2f:8a:b7:a0:2f:f6:a6:46:25:17:9d:07:
76:a7:08:b9:97:7f:b0:02:d3:48:ec:54:bb:a6:76:
9c:02:22:73:ce:5a:2f:a3:ee:2a:e5:4e:de:4f:f5:
22:e2:2d:ae:9e:b1:2b:7a:c4:3f:e3:ed:f3:86:77:
11:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:96:12:62:37:98:AF:84:B3:F6:95:8E:45:16:8C:44:DA:9B:2D:DA
X509v3 Authority Key Identifier:
keyid:26:D3:82:93:F6:69:DB:48:B6:D0:BD:10:36:AD:FD:EF:6B:D3:D3:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JtOCk_Zp20i20L0QNq3972vT03U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/07cc25-8597-430b-bc52-448b9b95b09e/1/B5YSYjeYr4Sz9pWORRaMRNqbLdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/07cc25-8597-430b-bc52-448b9b95b09e/1/JtOCk_Zp20i20L0QNq3972vT03U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.120.0/22
185.114.168.0/22
185.114.220.0/22
185.163.8.0/22
185.166.10.0/24
194.54.76.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:c8:96:60:e4:c0:8e:c9:41:68:ac:05:02:05:58:5c:05:c5:
b9:75:7d:1c:3b:24:98:b5:48:ef:5a:e5:cf:05:bd:28:04:be:
7a:2d:00:f2:9a:39:2f:3d:e4:bc:27:c6:f2:28:d5:c7:4b:62:
2f:9d:1e:fd:75:62:8e:d8:7a:d7:ff:ae:91:0f:0e:17:fe:8f:
68:7b:9f:49:23:4c:f2:43:ef:26:ed:4c:eb:ec:25:55:f4:25:
bf:f6:e3:d9:2b:74:22:a1:49:67:ea:cd:70:f1:d3:a5:63:55:
6e:b2:f6:27:5a:07:af:0a:4a:c3:d2:36:d9:ba:48:26:c1:f6:
c1:2b:2e:33:9a:cb:49:d8:1a:40:e4:b9:25:e4:a3:6b:7d:4a:
98:c7:08:3d:79:8a:a1:5d:4f:f3:92:d7:d5:6a:e3:a3:22:18:
0e:22:83:e5:4d:9a:be:c5:36:f4:2d:ce:c2:f7:c1:9c:73:5b:
db:2e:6f:7d:5d:fa:5a:b9:01:24:ed:96:cd:d8:9e:ba:7c:c4:
41:9b:6f:04:90:d0:d8:5e:9f:14:82:d5:74:ba:ae:af:f4:93:
61:09:4e:a9:42:67:03:1a:d3:28:a0:31:e3:5c:e3:11:4d:82:
30:6f:cc:4f:53:18:84:bc:fb:bb:19:0e:ff:d8:65:5f:b5:74:
83:26:c8:ef
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQl/AS3CZHt0xiKdZkDFt1QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ZDM4MjkzZjY2OWRiNDhiNmQwYmQxMDM2YWRmZGVmNmJk
M2QzNzUwHhcNMjUwMTAyMDc0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzk2MTI2MjM3OThhZjg0YjNmNjk1OGU0NTE2OGM0NGRhOWIyZGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAF2n+5HAWy1NO0CoL36kkDDB1B/
luIsd1cauqfqCpsASdSrKaOH9cskA6T2Ez0TRhGdOWyUJQCDE15+OLgDVnPa9F83
5a7LPPwbxrhdGZwyJ1ZF9IE8wMvHczTzdlFza7t7OaundS4KgSvAXgkq42iBwC0P
NINLFIqtlsaBIHjCh2HeLUEGqAr8+MsyokvOU7UAf/1Q9Ebg2DlMVXubI5uRRoPP
m0fceQ6cPTvchILCquy6qdgoMkEqx/RqkFF8ctsOmLUviregL/amRiUXnQd2pwi5
l3+wAtNI7FS7pnacAiJzzlovo+4q5U7eT/Ui4i2unrEresQ/4+3zhncR6QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAeWEmI3mK+Es/aVjkUWjETamy3aMB8GA1UdIwQY
MBaAFCbTgpP2adtIttC9EDat/e9r09N1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnRPQ2tfWnAyMGkyMEwwUU5xMzk3MnZUMDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8wN2NjMjUtODU5Ny00MzBiLWJjNTIt
NDQ4YjliOTViMDllLzEvQjVZU1lqZVlyNFN6OXBXT1JSYU1STnFiTGRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8wN2NjMjUtODU5Ny00MzBiLWJjNTItNDQ4YjliOTViMDll
LzEvSnRPQ2tfWnAyMGkyMEwwUU5xMzk3MnZUMDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCuTR4AwQC
uXKoAwQCuXLcAwQCuaMIAwQAuaYKAwQCwjZMMA0GCSqGSIb3DQEBCwUAA4IBAQBt
yJZg5MCOyUForAUCBVhcBcW5dX0cOySYtUjvWuXPBb0oBL56LQDymjkvPeS8J8by
KNXHS2IvnR79dWKO2HrX/66RDw4X/o9oe59JI0zyQ+8m7Uzr7CVV9CW/9uPZK3Qi
oUln6s1w8dOlY1VusvYnWgevCkrD0jbZukgmwfbBKy4zmstJ2BpA5Lkl5KNrfUqY
xwg9eYqhXU/zktfVauOjIhgOIoPlTZq+xTb0Lc7C98Gcc1vbLm99XfpauQEk7ZbN
2J66fMRBm28EkNDYXp8UgtV0uq6v9JNhCU6pQmcDGtMooDHjXOMRTYIwb8xPUxiE
vPu7GQ7/2GVftXSDJsjv
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:36:41 2025 by rpki-client