Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f64f83-370a-4901-8bfa-3655302bf005/1/unS2BH6IRvMlWO0CeZZ9qSzMqA0.roa
File: unS2BH6IRvMlWO0CeZZ9qSzMqA0.roa (raw, json)
Hash identifier: 7PVmOlO8Ugj501NmZwLgajumsSoAEyC9CKRs3IKLmtk=
Subject key identifier: BA:74:B6:04:7E:88:46:F3:25:58:ED:02:79:96:7D:A9:2C:CC:A8:0D
Certificate issuer: /CN=05da7571c5eb13b1ae4f4417cefec2bd77902e2d
Certificate serial: 019421441CD32B3D3693FDA47BDB185FDA13
Authority key identifier: 05:DA:75:71:C5:EB:13:B1:AE:4F:44:17:CE:FE:C2:BD:77:90:2E:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bdp1ccXrE7GuT0QXzv7CvXeQLi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f64f83-370a-4901-8bfa-3655302bf005/1/unS2BH6IRvMlWO0CeZZ9qSzMqA0.roa
Signing time: Wed 01 Jan 2025 09:48:19 +0000
ROA not before: Wed 01 Jan 2025 09:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203185
IP address blocks: 185.112.244.0/24 maxlen: 24
185.112.245.0/24 maxlen: 24
185.112.246.0/24 maxlen: 24
185.112.247.0/24 maxlen: 24
2a02:6e40:3::/48 maxlen: 48
2a02:6e40:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/f64f83-370a-4901-8bfa-3655302bf005/1/Bdp1ccXrE7GuT0QXzv7CvXeQLi0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/f64f83-370a-4901-8bfa-3655302bf005/1/Bdp1ccXrE7GuT0QXzv7CvXeQLi0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Bdp1ccXrE7GuT0QXzv7CvXeQLi0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 14:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:1c:d3:2b:3d:36:93:fd:a4:7b:db:18:5f:da:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05da7571c5eb13b1ae4f4417cefec2bd77902e2d
Validity
Not Before: Jan 1 09:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba74b6047e8846f32558ed0279967da92ccca80d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:1b:37:ab:dc:be:fa:f0:ec:5d:9a:1a:88:7d:
2e:3a:fe:0d:3d:80:88:03:5a:ad:da:54:6a:f3:c0:
89:8f:5d:6d:89:96:e0:28:26:96:69:3e:32:94:fb:
6e:b8:a1:cb:3a:ec:01:08:aa:0a:6c:04:bc:ae:8e:
e1:28:ff:2c:bd:68:2c:9c:b9:e9:c5:da:45:c7:20:
a8:20:74:99:42:bf:61:26:65:9f:8b:00:88:91:ec:
ff:fe:7c:de:34:4b:83:4d:c3:76:75:25:62:af:4a:
dd:37:50:dd:ff:06:ed:19:7d:50:8d:d9:3e:01:04:
fe:7e:5a:94:8e:ff:a0:91:59:9f:eb:0c:04:55:1d:
04:5e:a9:68:8b:66:58:95:46:7c:fc:4a:67:48:7a:
64:f4:82:a0:ad:1d:b1:28:43:cc:53:3c:36:a7:d4:
c1:56:6d:5d:9a:f6:04:9f:b4:d3:70:65:12:08:ee:
55:7d:52:36:4f:db:75:d1:f7:12:ae:02:00:20:33:
6d:a8:13:49:c2:8e:d1:b9:b6:9a:cd:b1:7c:8d:2f:
5b:4c:14:d2:c4:dc:e8:f2:6e:a3:8d:24:e6:d6:f5:
9a:b0:10:3e:50:64:94:18:ce:a4:37:8f:e6:0d:74:
ff:70:25:a5:f9:b1:e9:77:8c:40:46:7a:10:0d:d7:
e4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:74:B6:04:7E:88:46:F3:25:58:ED:02:79:96:7D:A9:2C:CC:A8:0D
X509v3 Authority Key Identifier:
keyid:05:DA:75:71:C5:EB:13:B1:AE:4F:44:17:CE:FE:C2:BD:77:90:2E:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bdp1ccXrE7GuT0QXzv7CvXeQLi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f64f83-370a-4901-8bfa-3655302bf005/1/unS2BH6IRvMlWO0CeZZ9qSzMqA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f64f83-370a-4901-8bfa-3655302bf005/1/Bdp1ccXrE7GuT0QXzv7CvXeQLi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.244.0/22
IPv6:
2a02:6e40:3::-2a02:6e40:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
76:6a:cf:1b:76:1d:5c:20:e7:d5:a5:f2:11:88:4d:85:8b:6f:
25:5a:0f:ab:24:09:9a:6a:39:2a:00:28:63:26:f1:8e:b9:d4:
6f:58:2e:b1:82:bf:51:ae:c5:3e:98:7b:57:0b:fe:78:34:31:
af:98:cb:17:db:5e:0a:2b:31:23:b4:49:12:5f:f7:a9:1b:11:
d0:66:5a:7f:6f:32:06:b0:da:c6:3e:78:27:c5:f7:d2:c5:09:
57:66:64:09:fc:f7:7a:ec:0f:19:01:54:2a:cc:17:21:c3:ca:
1f:23:17:41:2c:1d:cf:4a:7d:5f:64:53:e0:53:1a:18:ce:ff:
1f:6e:79:f4:94:4e:63:b4:ca:a8:08:63:cc:cd:7b:16:a5:6a:
a3:c1:7c:12:7d:22:1e:07:16:6a:bf:3c:71:ad:01:72:c9:d4:
48:7f:a5:8f:a8:58:ae:e9:f4:35:fb:9c:77:43:18:19:70:bc:
a4:3b:e7:4f:8e:83:f1:2a:d3:17:0e:e7:31:8a:a9:14:8b:5b:
45:6e:0a:cb:e5:a4:3c:cb:63:2d:d8:c9:98:66:01:a1:f9:3c:
be:72:b9:10:2e:a6:f8:c2:20:e6:14:22:02:83:c9:b6:5c:36:
99:f2:20:83:34:5a:4c:a3:06:cd:c9:b1:a4:6f:7f:7a:f8:6a:
a4:ac:8a:e8
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQhRBzTKz02k/2ke9sYX9oTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZGE3NTcxYzVlYjEzYjFhZTRmNDQxN2NlZmVjMmJkNzc5
MDJlMmQwHhcNMjUwMTAxMDk0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTc0YjYwNDdlODg0NmYzMjU1OGVkMDI3OTk2N2RhOTJjY2NhODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Rs3q9y++vDsXZoaiH0uOv4NPYCI
A1qt2lRq88CJj11tiZbgKCaWaT4ylPtuuKHLOuwBCKoKbAS8ro7hKP8svWgsnLnp
xdpFxyCoIHSZQr9hJmWfiwCIkez//nzeNEuDTcN2dSVir0rdN1Dd/wbtGX1Qjdk+
AQT+flqUjv+gkVmf6wwEVR0EXqloi2ZYlUZ8/EpnSHpk9IKgrR2xKEPMUzw2p9TB
Vm1dmvYEn7TTcGUSCO5VfVI2T9t10fcSrgIAIDNtqBNJwo7RubaazbF8jS9bTBTS
xNzo8m6jjSTm1vWasBA+UGSUGM6kN4/mDXT/cCWl+bHpd4xARnoQDdfkMQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLp0tgR+iEbzJVjtAnmWfakszKgNMB8GA1UdIwQY
MBaAFAXadXHF6xOxrk9EF87+wr13kC4tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmRwMWNjWHJFN0d1VDBRWHp2N0N2WGVRTGkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjRmODMtMzcwYS00OTAxLThiZmEt
MzY1NTMwMmJmMDA1LzEvdW5TMkJINklSdk1sV08wQ2VaWjlxU3pNcUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjRmODMtMzcwYS00OTAxLThiZmEtMzY1NTMwMmJmMDA1
LzEvQmRwMWNjWHJFN0d1VDBRWHp2N0N2WGVRTGkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuXD0MBoE
AgACMBQwEgMHACoCbkAAAwMHACoCbkAABDANBgkqhkiG9w0BAQsFAAOCAQEAdmrP
G3YdXCDn1aXyEYhNhYtvJVoPqyQJmmo5KgAoYybxjrnUb1gusYK/Ua7FPph7Vwv+
eDQxr5jLF9teCisxI7RJEl/3qRsR0GZaf28yBrDaxj54J8X30sUJV2ZkCfz3euwP
GQFUKswXIcPKHyMXQSwdz0p9X2RT4FMaGM7/H2559JROY7TKqAhjzM17FqVqo8F8
En0iHgcWar88ca0BcsnUSH+lj6hYrun0Nfucd0MYGXC8pDvnT46D8SrTFw7nMYqp
FItbRW4Ky+WkPMtjLdjJmGYBofk8vnK5EC6m+MIg5hQiAoPJtlw2mfIggzRaTKMG
zcmxpG9/evhqpKyK6A==
-----END CERTIFICATE-----
Generated at Sun Apr 13 00:19:49 2025 by rpki-client