Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/oJiU1V51ZZl_N4ToFh-NlqOM8z0.roa
File: oJiU1V51ZZl_N4ToFh-NlqOM8z0.roa (raw, json)
Hash identifier: znkk0QlNHaLuba4n9SX0RvPzCmnzjyzvLIXxhtn6th4=
Subject key identifier: A0:98:94:D5:5E:75:65:99:7F:37:84:E8:16:1F:8D:96:A3:8C:F3:3D
Certificate issuer: /CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
Certificate serial: 019424B3BAFA059495C7300C92AF29648486
Authority key identifier: 57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/oJiU1V51ZZl_N4ToFh-NlqOM8z0.roa
Signing time: Thu 02 Jan 2025 01:49:06 +0000
ROA not before: Thu 02 Jan 2025 01:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 178.236.224.0/23 maxlen: 24
178.236.226.0/24 maxlen: 24
178.236.227.0/24 maxlen: 24
178.236.233.0/24 maxlen: 24
178.236.235.0/24 maxlen: 24
178.236.236.0/24 maxlen: 24
178.236.238.0/23 maxlen: 24
185.2.49.0/24 maxlen: 24
185.2.50.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/V5Sv215qGIV4CSClT_qCQI6oW6E.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/V5Sv215qGIV4CSClT_qCQI6oW6E.mft
rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ba:fa:05:94:95:c7:30:0c:92:af:29:64:84:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
Validity
Not Before: Jan 2 01:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a09894d55e7565997f3784e8161f8d96a38cf33d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f1:9c:f3:d9:d4:71:b9:d2:64:9c:43:49:3f:
29:3f:5d:f3:82:69:26:59:a6:79:6e:fd:6a:3b:8b:
fe:c1:7f:c9:0d:df:58:47:b0:cb:ee:14:05:65:39:
66:fd:45:ca:d7:92:cf:e5:e9:40:79:29:32:14:f4:
f7:87:8d:e3:a1:c6:73:62:58:1f:6a:5b:2b:12:68:
5b:92:f7:c9:e3:72:3e:0f:a6:9b:36:a3:29:ce:5b:
94:21:94:97:5d:71:9b:fb:0e:29:e5:58:a2:9b:5a:
fa:52:11:2e:c2:3e:4d:28:5e:a1:c9:27:5e:8b:99:
73:48:0d:32:30:e1:c7:73:a1:06:6b:eb:6f:49:9a:
0a:3a:a1:d7:59:d1:3b:5f:e7:7f:61:07:4a:67:59:
da:29:cb:4e:59:a1:8d:a1:0b:7f:e8:fa:37:7c:5c:
ed:2a:98:11:92:f0:fd:51:e0:a9:45:fe:e2:45:ae:
6d:85:56:76:8f:ca:5d:25:57:4b:b0:08:b2:a7:9d:
3a:13:9f:22:68:34:c9:35:19:93:2a:8a:08:1c:6d:
6a:49:2a:58:1f:32:57:f3:df:1b:d6:cd:4d:87:4b:
37:d9:1c:58:d4:7c:f9:5f:0d:6e:d5:29:5f:86:3f:
c9:6f:16:0c:f2:42:80:69:8f:07:95:d0:30:d8:80:
46:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:98:94:D5:5E:75:65:99:7F:37:84:E8:16:1F:8D:96:A3:8C:F3:3D
X509v3 Authority Key Identifier:
keyid:57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/oJiU1V51ZZl_N4ToFh-NlqOM8z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/V5Sv215qGIV4CSClT_qCQI6oW6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.224.0/22
178.236.233.0/24
178.236.235.0-178.236.236.255
178.236.238.0/23
185.2.49.0-185.2.51.255
Signature Algorithm: sha256WithRSAEncryption
48:a8:4a:88:a7:97:f3:4b:9d:d1:82:43:02:14:0f:c7:d8:96:
85:ca:7f:1c:f9:dc:12:dc:3f:07:f1:b4:fc:46:97:cc:53:b8:
c4:16:4b:ec:84:7b:07:c0:5b:f1:18:86:fd:6c:c1:d4:93:79:
48:9f:83:e7:87:b5:34:e4:cc:f8:b6:bb:d1:93:c9:de:68:0b:
77:62:ed:7e:61:95:52:7a:37:0e:27:3b:1a:e3:22:44:4a:a8:
9c:66:04:0a:ee:d7:5f:84:fd:e8:7e:63:a9:76:a4:02:e1:71:
74:7c:68:6a:59:08:c5:77:2e:05:c1:22:63:bc:19:84:fb:89:
a4:8d:47:f0:aa:42:3f:33:96:1a:c3:f5:1d:0f:dd:da:00:c3:
be:4d:2a:22:31:55:ad:da:08:a4:27:8f:0c:77:78:c2:c5:21:
d5:e1:50:85:03:1d:9c:3a:40:f9:d8:32:03:90:fa:3b:00:51:
cf:75:71:bc:3d:d1:07:55:2e:28:f9:9c:e2:15:2a:64:1b:28:
46:77:d1:4c:69:c4:fc:b3:10:19:d6:83:fc:54:b0:19:09:7b:
f3:62:9f:24:aa:01:58:d1:e1:32:81:00:45:b1:95:ab:66:b3:
04:c8:f1:52:07:03:c7:3c:4c:17:a0:0b:83:47:2f:e7:4c:d4:
ed:4a:2d:53
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQks7r6BZSVxzAMkq8pZISGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OTRhZmRiNWU2YTE4ODU3ODA5MjBhNTRmZmE4MjQwOGVh
ODViYTEwHhcNMjUwMTAyMDE0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDk4OTRkNTVlNzU2NTk5N2YzNzg0ZTgxNjFmOGQ5NmEzOGNmMzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/Gc89nUcbnSZJxDST8pP13zgmkm
WaZ5bv1qO4v+wX/JDd9YR7DL7hQFZTlm/UXK15LP5elAeSkyFPT3h43jocZzYlgf
alsrEmhbkvfJ43I+D6abNqMpzluUIZSXXXGb+w4p5Viim1r6UhEuwj5NKF6hySde
i5lzSA0yMOHHc6EGa+tvSZoKOqHXWdE7X+d/YQdKZ1naKctOWaGNoQt/6Po3fFzt
KpgRkvD9UeCpRf7iRa5thVZ2j8pdJVdLsAiyp506E58iaDTJNRmTKooIHG1qSSpY
HzJX898b1s1Nh0s32RxY1Hz5Xw1u1Slfhj/JbxYM8kKAaY8HldAw2IBG4QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFKCYlNVedWWZfzeE6BYfjZajjPM9MB8GA1UdIwQY
MBaAFFeUr9teahiFeAkgpU/6gkCOqFuhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQt
NDdkODJhNDFhOGYzLzEvb0ppVTFWNTFaWmxfTjRUb0ZoLU5scU9NOHowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQtNDdkODJhNDFhOGYz
LzEvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCsuzgAwQA
suzpMAwDBACy7OsDBACy7OwDBAGy7O4wDAMEALkCMQMEArkCMDANBgkqhkiG9w0B
AQsFAAOCAQEASKhKiKeX80ud0YJDAhQPx9iWhcp/HPncEtw/B/G0/EaXzFO4xBZL
7IR7B8Bb8RiG/WzB1JN5SJ+D54e1NOTM+La70ZPJ3mgLd2LtfmGVUno3Dic7GuMi
REqonGYECu7XX4T96H5jqXakAuFxdHxoalkIxXcuBcEiY7wZhPuJpI1H8KpCPzOW
GsP1HQ/d2gDDvk0qIjFVrdoIpCePDHd4wsUh1eFQhQMdnDpA+dgyA5D6OwBRz3Vx
vD3RB1UuKPmc4hUqZBsoRnfRTGnE/LMQGdaD/FSwGQl782KfJKoBWNHhMoEARbGV
q2azBMjxUgcDxzxMF6ALg0cv50zU7UotUw==
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:50:59 2025 by rpki-client