Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/761b17-6cb5-47fd-8c4f-efa6789fd972/1/0RTmTUPTdqVwMU5i8iRqJZA86F0.roa
File: 0RTmTUPTdqVwMU5i8iRqJZA86F0.roa (raw, json)
Hash identifier: eIjsDcha7FolfU5e8Eelou/OO0UBzir5atE5Gevb/B4=
Subject key identifier: D1:14:E6:4D:43:D3:76:A5:70:31:4E:62:F2:24:6A:25:90:3C:E8:5D
Certificate issuer: /CN=447c52d81edc1249644ad794be028af90e024a16
Certificate serial: 019420685BAB97B8B489CE22F92279E8DF67
Authority key identifier: 44:7C:52:D8:1E:DC:12:49:64:4A:D7:94:BE:02:8A:F9:0E:02:4A:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RHxS2B7cEklkSteUvgKK-Q4CShY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/761b17-6cb5-47fd-8c4f-efa6789fd972/1/0RTmTUPTdqVwMU5i8iRqJZA86F0.roa
Signing time: Wed 01 Jan 2025 05:48:17 +0000
ROA not before: Wed 01 Jan 2025 05:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57684
IP address blocks: 185.205.212.0/22 maxlen: 24
194.110.156.0/22 maxlen: 24
2001:67c:2674::/48 maxlen: 48
2a0b:a40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/761b17-6cb5-47fd-8c4f-efa6789fd972/1/RHxS2B7cEklkSteUvgKK-Q4CShY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/761b17-6cb5-47fd-8c4f-efa6789fd972/1/RHxS2B7cEklkSteUvgKK-Q4CShY.mft
rsync://rpki.ripe.net/repository/DEFAULT/RHxS2B7cEklkSteUvgKK-Q4CShY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:5b:ab:97:b8:b4:89:ce:22:f9:22:79:e8:df:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=447c52d81edc1249644ad794be028af90e024a16
Validity
Not Before: Jan 1 05:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d114e64d43d376a570314e62f2246a25903ce85d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:54:75:71:00:7a:43:d8:3e:37:51:53:ea:23:
73:69:c8:27:5c:67:fd:26:b5:ee:ae:47:1a:28:19:
9d:4b:58:a1:4a:66:15:ea:71:28:5a:17:6e:4d:00:
65:41:6f:5c:4b:f4:e2:fe:53:b9:47:7b:7b:eb:9a:
71:df:6e:d5:21:7c:52:5b:44:89:d2:60:90:cd:74:
ff:3f:b7:f3:b3:2a:d8:f4:cc:e3:7e:77:ca:f2:75:
ba:c1:19:81:ef:61:40:64:e5:57:60:f4:f1:f5:07:
a9:63:22:11:34:43:9d:8c:1b:64:3b:14:cc:ca:33:
5c:2f:1f:e4:0d:79:28:de:ef:14:b2:e2:3a:36:47:
1b:16:3d:68:a6:25:68:43:2b:1e:0d:57:f7:21:8d:
1c:3e:28:3b:f5:c3:64:b7:97:4c:ac:f6:c5:5b:26:
8d:d4:fd:56:ab:1c:b7:94:3b:53:e1:0e:45:61:9b:
4d:c1:13:93:8d:23:4d:74:d0:17:9b:56:80:68:aa:
47:08:55:1d:b5:4b:27:07:14:5e:fd:47:4f:8b:5c:
28:56:4e:a2:a8:80:d4:5b:82:20:c3:0c:c3:76:6a:
49:a8:fc:5d:5a:47:41:57:62:e8:47:cc:4f:75:f1:
04:ca:ff:ff:9e:71:de:c1:62:19:46:5b:fb:c3:9a:
b0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:14:E6:4D:43:D3:76:A5:70:31:4E:62:F2:24:6A:25:90:3C:E8:5D
X509v3 Authority Key Identifier:
keyid:44:7C:52:D8:1E:DC:12:49:64:4A:D7:94:BE:02:8A:F9:0E:02:4A:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHxS2B7cEklkSteUvgKK-Q4CShY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/761b17-6cb5-47fd-8c4f-efa6789fd972/1/0RTmTUPTdqVwMU5i8iRqJZA86F0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/761b17-6cb5-47fd-8c4f-efa6789fd972/1/RHxS2B7cEklkSteUvgKK-Q4CShY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.212.0/22
194.110.156.0/22
IPv6:
2001:67c:2674::/48
2a0b:a40::/29
Signature Algorithm: sha256WithRSAEncryption
7f:99:81:2e:59:70:e1:82:52:e0:a5:9d:2d:6a:2a:66:8c:f3:
ed:21:29:a4:ba:af:d6:19:0d:3c:14:16:40:15:94:43:1b:43:
bf:88:26:f8:d6:10:76:ed:43:84:6a:3d:f8:f2:de:ba:a7:64:
28:62:9c:9d:8d:9d:a1:07:50:00:43:11:93:ff:6f:9f:27:72:
aa:87:b5:f3:32:4d:36:0b:4e:ea:c8:21:2a:a4:f5:37:78:11:
10:b6:39:3e:61:9e:2b:d6:1a:d5:d3:45:7d:24:d2:b7:c6:a9:
b4:72:4a:7a:22:2b:c3:e4:b4:09:89:12:a4:45:f7:79:07:25:
df:a2:b1:0a:19:96:26:a4:6b:b8:5c:3d:dc:85:92:4d:ec:25:
fd:44:8a:a8:3b:0d:97:48:74:33:f5:73:f1:d9:09:c2:85:52:
98:d4:ff:1a:a1:01:8a:ec:4c:d9:71:97:4f:51:4f:20:5d:af:
30:57:db:7b:1e:13:87:c8:f2:99:a2:cb:12:eb:31:bb:a5:e2:
74:03:f9:93:e6:4c:d8:eb:48:40:7b:b2:ff:a3:79:d0:69:09:
fd:7f:88:2c:da:0f:1d:95:93:ee:b4:31:a7:70:fa:69:61:07:
95:e6:34:d9:61:fb:27:b0:d4:ea:5a:35:76:28:2b:cc:47:0a:
76:bb:b2:42
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQgaFurl7i0ic4i+SJ56N9nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0N2M1MmQ4MWVkYzEyNDk2NDRhZDc5NGJlMDI4YWY5MGUw
MjRhMTYwHhcNMjUwMTAxMDU0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTE0ZTY0ZDQzZDM3NmE1NzAzMTRlNjJmMjI0NmEyNTkwM2NlODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8VR1cQB6Q9g+N1FT6iNzacgnXGf9
JrXurkcaKBmdS1ihSmYV6nEoWhduTQBlQW9cS/Ti/lO5R3t765px327VIXxSW0SJ
0mCQzXT/P7fzsyrY9MzjfnfK8nW6wRmB72FAZOVXYPTx9QepYyIRNEOdjBtkOxTM
yjNcLx/kDXko3u8UsuI6NkcbFj1opiVoQyseDVf3IY0cPig79cNkt5dMrPbFWyaN
1P1Wqxy3lDtT4Q5FYZtNwROTjSNNdNAXm1aAaKpHCFUdtUsnBxRe/UdPi1woVk6i
qIDUW4IgwwzDdmpJqPxdWkdBV2LoR8xPdfEEyv//nnHewWIZRlv7w5qwBwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNEU5k1D03alcDFOYvIkaiWQPOhdMB8GA1UdIwQY
MBaAFER8Utge3BJJZErXlL4CivkOAkoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkh4UzJCN2NFa2xrU3RlVXZnS0stUTRDU2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC83NjFiMTctNmNiNS00N2ZkLThjNGYt
ZWZhNjc4OWZkOTcyLzEvMFJUbVRVUFRkcVZ3TVU1aThpUnFKWkE4NkYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC83NjFiMTctNmNiNS00N2ZkLThjNGYtZWZhNjc4OWZkOTcy
LzEvUkh4UzJCN2NFa2xrU3RlVXZnS0stUTRDU2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuc3UAwQC
wm6cMBYEAgACMBADBwAgAQZ8JnQDBQMqCwpAMA0GCSqGSIb3DQEBCwUAA4IBAQB/
mYEuWXDhglLgpZ0taipmjPPtISmkuq/WGQ08FBZAFZRDG0O/iCb41hB27UOEaj34
8t66p2QoYpydjZ2hB1AAQxGT/2+fJ3Kqh7XzMk02C07qyCEqpPU3eBEQtjk+YZ4r
1hrV00V9JNK3xqm0ckp6IivD5LQJiRKkRfd5ByXforEKGZYmpGu4XD3chZJN7CX9
RIqoOw2XSHQz9XPx2QnChVKY1P8aoQGK7EzZcZdPUU8gXa8wV9t7HhOHyPKZossS
6zG7peJ0A/mT5kzY60hAe7L/o3nQaQn9f4gs2g8dlZPutDGncPppYQeV5jTZYfsn
sNTqWjV2KCvMRwp2u7JC
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:36:53 2025 by rpki-client