Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/117fc9-7a62-4682-bfbc-2ca3aa71ec5f/1/sh9Rh_XHxgs73xUgLaXpfEWoL2M.roa
File: sh9Rh_XHxgs73xUgLaXpfEWoL2M.roa (raw, json)
Hash identifier: u3ZNcYvwXVoq0LzAan53+HMQH1md2pw7AMcoma6/Peg=
Subject key identifier: B2:1F:51:87:F5:C7:C6:0B:3B:DF:15:20:2D:A5:E9:7C:45:A8:2F:63
Certificate issuer: /CN=489c263e818486cfd831c245ddfacca91fbd81c0
Certificate serial: 0194228DB3B94876FE617A984D7F8EB0D2FB
Authority key identifier: 48:9C:26:3E:81:84:86:CF:D8:31:C2:45:DD:FA:CC:A9:1F:BD:81:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SJwmPoGEhs_YMcJF3frMqR-9gcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/117fc9-7a62-4682-bfbc-2ca3aa71ec5f/1/sh9Rh_XHxgs73xUgLaXpfEWoL2M.roa
Signing time: Wed 01 Jan 2025 15:48:19 +0000
ROA not before: Wed 01 Jan 2025 15:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206702
IP address blocks: 185.160.148.0/24 maxlen: 24
185.160.149.0/24 maxlen: 24
185.160.150.0/24 maxlen: 24
185.160.151.0/24 maxlen: 24
185.178.160.0/24 maxlen: 24
185.178.161.0/24 maxlen: 24
185.178.162.0/24 maxlen: 24
185.178.163.0/24 maxlen: 24
185.194.192.0/24 maxlen: 24
185.194.193.0/24 maxlen: 24
185.194.195.0/24 maxlen: 24
193.148.84.0/24 maxlen: 24
193.148.85.0/24 maxlen: 24
193.148.86.0/24 maxlen: 24
193.148.87.0/24 maxlen: 24
2a0a:1141:4000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/117fc9-7a62-4682-bfbc-2ca3aa71ec5f/1/SJwmPoGEhs_YMcJF3frMqR-9gcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/117fc9-7a62-4682-bfbc-2ca3aa71ec5f/1/SJwmPoGEhs_YMcJF3frMqR-9gcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/SJwmPoGEhs_YMcJF3frMqR-9gcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:b3:b9:48:76:fe:61:7a:98:4d:7f:8e:b0:d2:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=489c263e818486cfd831c245ddfacca91fbd81c0
Validity
Not Before: Jan 1 15:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b21f5187f5c7c60b3bdf15202da5e97c45a82f63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:af:f2:b2:8c:0a:2c:d3:51:6c:fb:79:94:66:
0c:3d:81:41:e4:ac:49:4c:d1:68:e7:81:fb:79:00:
65:d5:49:70:f5:82:2b:01:9e:93:53:af:0b:d8:c3:
63:95:ca:80:99:07:d4:87:c4:35:96:16:ab:10:24:
3b:d2:6b:db:f4:de:9d:f1:f4:18:c3:7b:fd:e2:66:
2d:cd:9a:18:d3:9d:f3:e8:28:3a:20:f6:20:61:46:
e2:81:b0:e1:33:b9:1e:a3:bc:f8:6f:c1:07:a2:86:
75:e6:4f:b5:f4:87:85:0b:d9:1e:ff:c2:1e:7e:7b:
ab:47:c7:b4:fe:c2:bb:29:13:fc:64:25:66:9f:90:
8a:ae:2d:01:98:49:47:23:0d:65:40:ff:2c:08:bc:
14:ac:72:0a:cd:a3:ef:67:91:8c:60:53:b0:92:15:
ad:d2:60:7c:cc:97:ef:a4:b5:39:a7:98:d8:3f:fb:
eb:61:3e:15:81:10:75:6f:2a:38:76:6e:7e:e5:c6:
9a:3a:c8:71:b4:d9:23:cf:56:ff:67:c1:39:7c:09:
28:11:d3:6b:57:cb:78:86:0f:d0:03:c4:b0:39:77:
7f:e0:74:cf:b1:49:16:f4:c9:2c:f1:b6:6a:de:6c:
8e:8d:b7:8b:e7:e4:8b:96:1c:72:6b:5e:96:9b:73:
8d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:1F:51:87:F5:C7:C6:0B:3B:DF:15:20:2D:A5:E9:7C:45:A8:2F:63
X509v3 Authority Key Identifier:
keyid:48:9C:26:3E:81:84:86:CF:D8:31:C2:45:DD:FA:CC:A9:1F:BD:81:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SJwmPoGEhs_YMcJF3frMqR-9gcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/117fc9-7a62-4682-bfbc-2ca3aa71ec5f/1/sh9Rh_XHxgs73xUgLaXpfEWoL2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/117fc9-7a62-4682-bfbc-2ca3aa71ec5f/1/SJwmPoGEhs_YMcJF3frMqR-9gcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.148.0/22
185.178.160.0/22
185.194.192.0/23
185.194.195.0/24
193.148.84.0/22
IPv6:
2a0a:1141:4000::/34
Signature Algorithm: sha256WithRSAEncryption
74:3b:ee:5d:14:84:ad:d2:30:52:76:88:f4:a4:a7:cf:81:49:
fb:b9:77:9a:21:22:04:f8:f3:3b:4f:3f:a6:8f:87:48:99:b2:
02:cf:67:a7:5d:f9:9b:83:e1:89:a1:ea:6e:77:d7:da:0e:75:
3d:e9:c4:8f:f9:dd:58:a7:c0:58:1b:b5:c9:6c:00:a4:4b:86:
43:53:f3:44:d5:8c:fb:d5:73:2a:ad:00:4e:51:12:49:48:4c:
bf:62:48:d5:65:f7:b2:a7:f7:78:74:f8:25:e1:ab:98:ba:88:
69:dd:82:03:3d:c5:b4:76:84:f5:18:b9:0e:27:7f:f3:51:09:
ab:e3:25:10:18:8f:a3:36:9b:5a:22:fa:bf:dc:1d:11:bd:7f:
30:ba:9b:17:2c:3b:b2:0f:11:c7:16:06:52:27:7c:02:27:26:
37:e5:4e:21:78:fa:09:46:ab:a9:54:7d:0a:b0:d2:43:fb:38:
f0:3d:3e:1f:62:e1:ea:67:e6:62:e1:71:59:7a:1d:1e:b6:30:
84:ea:dc:78:70:23:3c:4c:b4:73:28:60:f9:28:35:0e:2d:e5:
b4:2f:ce:5c:cf:50:42:09:10:e3:a4:fe:a5:da:d2:61:e7:60:
70:df:03:7b:24:fe:d6:f5:e6:9f:ae:26:2d:19:ce:ed:9d:59:
ce:2f:c4:af
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQijbO5SHb+YXqYTX+OsNL7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4OWMyNjNlODE4NDg2Y2ZkODMxYzI0NWRkZmFjY2E5MWZi
ZDgxYzAwHhcNMjUwMTAxMTU0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjFmNTE4N2Y1YzdjNjBiM2JkZjE1MjAyZGE1ZTk3YzQ1YTgyZjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqK/ysowKLNNRbPt5lGYMPYFB5KxJ
TNFo54H7eQBl1Ulw9YIrAZ6TU68L2MNjlcqAmQfUh8Q1lharECQ70mvb9N6d8fQY
w3v94mYtzZoY053z6Cg6IPYgYUbigbDhM7keo7z4b8EHooZ15k+19IeFC9ke/8Ie
fnurR8e0/sK7KRP8ZCVmn5CKri0BmElHIw1lQP8sCLwUrHIKzaPvZ5GMYFOwkhWt
0mB8zJfvpLU5p5jYP/vrYT4VgRB1byo4dm5+5caaOshxtNkjz1b/Z8E5fAkoEdNr
V8t4hg/QA8SwOXd/4HTPsUkW9Mks8bZq3myOjbeL5+SLlhxya16Wm3ONWQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFLIfUYf1x8YLO98VIC2l6XxFqC9jMB8GA1UdIwQY
MBaAFEicJj6BhIbP2DHCRd36zKkfvYHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0p3bVBvR0Voc19ZTWNKRjNmck1xUi05Z2NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8xMTdmYzktN2E2Mi00NjgyLWJmYmMt
MmNhM2FhNzFlYzVmLzEvc2g5UmhfWEh4Z3M3M3hVZ0xhWHBmRVdvTDJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8xMTdmYzktN2E2Mi00NjgyLWJmYmMtMmNhM2FhNzFlYzVm
LzEvU0p3bVBvR0Voc19ZTWNKRjNmck1xUi05Z2NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQCuaCUAwQC
ubKgAwQBucLAAwQAucLDAwQCwZRUMA4EAgACMAgDBgYqChFBQDANBgkqhkiG9w0B
AQsFAAOCAQEAdDvuXRSErdIwUnaI9KSnz4FJ+7l3miEiBPjzO08/po+HSJmyAs9n
p135m4PhiaHqbnfX2g51PenEj/ndWKfAWBu1yWwApEuGQ1PzRNWM+9VzKq0ATlES
SUhMv2JI1WX3sqf3eHT4JeGrmLqIad2CAz3FtHaE9Ri5Did/81EJq+MlEBiPozab
WiL6v9wdEb1/MLqbFyw7sg8RxxYGUid8AicmN+VOIXj6CUarqVR9CrDSQ/s48D0+
H2Lh6mfmYuFxWXodHrYwhOrceHAjPEy0cyhg+Sg1Di3ltC/OXM9QQgkQ46T+pdrS
YedgcN8DeyT+1vXmn64mLRnO7Z1Zzi/Erw==
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:57:16 2025 by rpki-client