Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/v8zUsRBNwECEAu2aOUDthF32Ldc.roa
File: v8zUsRBNwECEAu2aOUDthF32Ldc.roa (raw, json)
Hash identifier: EgwEm0mHHZuzyt4EgzWtyJchZ9xyGDbUPpYJISyJCnY=
Subject key identifier: BF:CC:D4:B1:10:4D:C0:40:84:02:ED:9A:39:40:ED:84:5D:F6:2D:D7
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 0194282390FB9EB43929653A5E718856D128
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/v8zUsRBNwECEAu2aOUDthF32Ldc.roa
Signing time: Thu 02 Jan 2025 17:50:06 +0000
ROA not before: Thu 02 Jan 2025 17:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21286
IP address blocks: 80.79.96.0/20 maxlen: 20
145.13.0.0/16 maxlen: 16
145.222.0.0/16 maxlen: 16
192.33.235.0/24 maxlen: 24
192.33.238.0/24 maxlen: 24
192.33.239.0/24 maxlen: 24
192.35.133.0/24 maxlen: 24
192.58.226.0/24 maxlen: 24
192.58.227.0/24 maxlen: 24
192.58.228.0/24 maxlen: 24
192.101.111.0/24 maxlen: 24
192.101.112.0/24 maxlen: 24
192.101.113.0/24 maxlen: 24
193.202.32.0/23 maxlen: 23
194.104.32.0/24 maxlen: 24
194.104.59.0/24 maxlen: 24
199.88.208.0/24 maxlen: 24
199.88.209.0/24 maxlen: 24
2a02:2b50:ffff::/48 maxlen: 48
2a03:4800::/40 maxlen: 40
2a03:4800:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.mft
rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 10:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:90:fb:9e:b4:39:29:65:3a:5e:71:88:56:d1:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 2 17:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bfccd4b1104dc0408402ed9a3940ed845df62dd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:58:bb:d6:95:b0:39:0d:5b:e9:85:44:19:ac:
c7:b4:c8:71:b7:d1:31:e6:53:00:8a:58:66:13:e1:
96:7d:f0:a3:a7:e1:dd:f5:1a:b9:a8:6b:ec:d0:e5:
12:b8:82:81:f8:f8:a2:51:b5:cb:c3:95:bc:86:00:
de:07:92:fa:47:16:f2:5b:3c:4b:20:f1:c8:40:36:
60:78:19:70:9f:b8:71:b1:5a:35:7a:c1:e1:35:76:
96:7f:21:6f:3a:54:4e:f7:b2:b0:4e:32:e9:88:75:
e9:d5:81:72:f5:bf:be:7c:3f:49:f0:05:c5:34:1a:
90:2d:05:ad:46:30:60:36:d2:b1:d2:d0:91:8d:cc:
ac:a6:4f:a7:32:f0:4a:5b:3f:35:eb:09:2a:db:8d:
f5:9f:2e:24:3d:47:1c:40:df:cf:f2:25:cf:9f:f6:
11:69:40:91:e2:9c:3a:ee:5a:15:41:c4:08:6c:39:
fc:4d:b9:61:34:c4:ed:e9:ce:11:f5:e2:c8:d5:d9:
09:06:6b:09:a2:ca:df:ec:89:08:cc:07:63:75:88:
83:6a:48:3b:1d:64:a4:e8:97:dc:5e:5a:66:27:fc:
de:b1:72:6b:ea:43:37:55:fe:aa:f0:aa:07:8a:6c:
cf:6f:7f:c8:bd:a1:ea:67:3d:58:4f:32:1a:74:9c:
eb:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:CC:D4:B1:10:4D:C0:40:84:02:ED:9A:39:40:ED:84:5D:F6:2D:D7
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/v8zUsRBNwECEAu2aOUDthF32Ldc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.79.96.0/20
145.13.0.0/16
145.222.0.0/16
192.33.235.0/24
192.33.238.0/23
192.35.133.0/24
192.58.226.0-192.58.228.255
192.101.111.0-192.101.113.255
193.202.32.0/23
194.104.32.0/24
194.104.59.0/24
199.88.208.0/23
IPv6:
2a02:2b50:ffff::/48
2a03:4800::/39
Signature Algorithm: sha256WithRSAEncryption
08:29:38:94:76:2e:3e:f4:56:f5:46:d8:b4:c9:2c:bb:04:66:
a9:fd:e8:88:f3:82:ea:9d:28:f9:e0:55:e2:29:7b:6b:89:91:
9f:c3:20:5e:6f:3b:c6:b3:b6:e0:c2:fb:49:3d:04:ee:68:99:
26:e5:b7:a7:c6:51:e0:a2:b0:5d:b2:cf:84:e8:cc:39:d8:77:
0e:65:a6:b3:b9:c5:2e:2c:55:a0:e5:f5:a0:eb:25:04:29:e7:
2a:8e:0e:79:22:c6:43:56:b4:32:a8:e1:8e:46:4b:16:76:0c:
e4:19:3a:7c:70:11:f2:71:27:ba:e1:4d:fd:25:1d:15:1a:1d:
22:25:e6:9a:31:bc:da:56:18:81:e3:74:82:cd:7f:e2:73:4d:
40:a0:50:69:71:f3:48:5f:fa:c1:2e:75:8e:a2:26:11:14:30:
ba:14:fa:ec:00:05:7b:ae:ca:ed:96:a5:69:0e:cc:f4:c6:05:
6f:28:87:ec:a9:82:93:e2:ad:bd:91:ca:a4:db:e8:80:31:28:
87:4e:72:5b:b1:64:3d:a4:25:ee:dd:b2:26:8b:67:81:97:ad:
4d:34:3a:84:3f:e8:30:9f:71:d0:d4:d5:f4:a1:63:fe:36:7a:
25:06:35:20:8e:70:00:36:c8:2e:1f:de:d2:dc:56:83:6a:23:
2b:dd:b7:9c
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZQoI5D7nrQ5KWU6XnGIVtEoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjUwMTAyMTc1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmNjZDRiMTEwNGRjMDQwODQwMmVkOWEzOTQwZWQ4NDVkZjYyZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFi71pWwOQ1b6YVEGazHtMhxt9Ex
5lMAilhmE+GWffCjp+Hd9Rq5qGvs0OUSuIKB+PiiUbXLw5W8hgDeB5L6RxbyWzxL
IPHIQDZgeBlwn7hxsVo1esHhNXaWfyFvOlRO97KwTjLpiHXp1YFy9b++fD9J8AXF
NBqQLQWtRjBgNtKx0tCRjcyspk+nMvBKWz816wkq2431ny4kPUccQN/P8iXPn/YR
aUCR4pw67loVQcQIbDn8TblhNMTt6c4R9eLI1dkJBmsJosrf7IkIzAdjdYiDakg7
HWSk6JfcXlpmJ/zesXJr6kM3Vf6q8KoHimzPb3/IvaHqZz1YTzIadJzrwwIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFL/M1LEQTcBAhALtmjlA7YRd9i3XMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvdjh6VXNSQk53RUNFQXUyYU9VRHRoRjMyTGRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwXAQCAAEwVgMEBFBPYAMD
AJENAwMAkd4DBADAIesDBAHAIe4DBADAI4UwDAMEAcA64gMEAMA65DAMAwQAwGVv
AwQBwGVwAwQBwcogAwQAwmggAwQAwmg7AwQBx1jQMBcEAgACMBEDBwAqAitQ//8D
BgEqA0gAADANBgkqhkiG9w0BAQsFAAOCAQEACCk4lHYuPvRW9UbYtMksuwRmqf3o
iPOC6p0o+eBV4il7a4mRn8MgXm87xrO24ML7ST0E7miZJuW3p8ZR4KKwXbLPhOjM
Odh3DmWms7nFLixVoOX1oOslBCnnKo4OeSLGQ1a0MqjhjkZLFnYM5Bk6fHAR8nEn
uuFN/SUdFRodIiXmmjG82lYYgeN0gs1/4nNNQKBQaXHzSF/6wS51jqImERQwuhT6
7AAFe67K7ZalaQ7M9MYFbyiH7KmCk+KtvZHKpNvogDEoh05yW7FkPaQl7t2yJotn
gZetTTQ6hD/oMJ9x0NTV9KFj/jZ6JQY1II5wADbILh/e0txWg2ojK923nA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:56:37 2025 by rpki-client