Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/a-p1UhUt4t3M5odJCGB7R5m1rzM.roa
File: a-p1UhUt4t3M5odJCGB7R5m1rzM.roa (raw, json)
Hash identifier: 2U39CobRw9KssePwQXfRPFLNg8MC7aWq6D0bgHVvK7A=
Subject key identifier: 6B:EA:75:52:15:2D:E2:DD:CC:E6:87:49:08:60:7B:47:99:B5:AF:33
Certificate issuer: /CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Certificate serial: 0194266C367D6B1A988AF8DF53C373408E26
Authority key identifier: 73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/a-p1UhUt4t3M5odJCGB7R5m1rzM.roa
Signing time: Thu 02 Jan 2025 09:50:13 +0000
ROA not before: Thu 02 Jan 2025 09:50:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57758
IP address blocks: 185.167.204.0/22 maxlen: 24
185.167.207.0/24 maxlen: 24
2a0b:b600::/36 maxlen: 36
2a0b:b600:110::/44 maxlen: 44
2a0b:b600:400::/38 maxlen: 48
2a0b:b600:800::/38 maxlen: 38
2a0b:b600:1400::/38 maxlen: 38
2a0b:b600:1800::/38 maxlen: 38
2a0b:b600:2000::/38 maxlen: 48
2a0b:b600:2400::/38 maxlen: 38
2a0b:b600:3400::/38 maxlen: 48
2a0b:b600:3400::/48 maxlen: 48
2a0b:b600:3800::/38 maxlen: 38
2a0b:b600:3802::/48 maxlen: 48
2a0b:b600:3803::/48 maxlen: 48
2a0b:b600:3804::/48 maxlen: 48
2a0b:b600:3c04::/48 maxlen: 48
2a0b:b602::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.mft
rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:36:7d:6b:1a:98:8a:f8:df:53:c3:73:40:8e:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Validity
Not Before: Jan 2 09:50:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bea7552152de2ddcce6874908607b4799b5af33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:97:cc:76:a9:9d:dd:d7:5a:83:19:2e:86:25:
8d:48:a4:d4:f5:83:4c:a6:30:78:dc:76:8d:65:a2:
cc:5f:02:b4:68:f2:20:8d:03:cc:9a:80:50:04:b1:
1c:45:93:b8:6f:97:57:31:76:ec:ef:ff:07:39:61:
48:fd:0a:38:06:b1:f6:f4:d6:28:f4:87:0a:87:fc:
4a:e9:90:85:50:ec:1f:3a:d1:5c:9a:44:20:5c:f0:
49:55:34:b8:54:90:fe:0f:1b:15:96:65:b9:a6:70:
94:d7:e0:fd:da:a3:1e:bd:fb:f7:03:4b:dc:2c:c1:
03:bb:89:af:b3:71:12:09:a8:21:5a:f0:5b:0e:a5:
49:8b:3a:96:cd:66:ba:9c:61:79:6b:fb:04:30:51:
44:36:38:1e:39:dd:4a:fd:ff:bc:2a:5f:f9:2c:4b:
16:8d:ec:7a:9e:2b:3d:17:e3:13:4b:14:c7:66:5b:
ff:91:0b:60:27:55:a3:ec:8f:ce:83:f4:0d:04:6c:
c0:4b:72:96:04:0f:25:79:91:e8:b6:1c:f5:45:a3:
35:38:73:bd:b7:d3:63:c6:a0:dd:28:47:93:0d:41:
f4:9a:fe:fa:46:71:d5:49:1b:5d:06:17:e2:69:0b:
b1:48:86:f4:97:c9:60:75:1d:ab:d5:b9:0d:e8:55:
d9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:EA:75:52:15:2D:E2:DD:CC:E6:87:49:08:60:7B:47:99:B5:AF:33
X509v3 Authority Key Identifier:
keyid:73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/a-p1UhUt4t3M5odJCGB7R5m1rzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.204.0/22
IPv6:
2a0b:b600::/36
2a0b:b600:1400::-2a0b:b600:1bff:ffff:ffff:ffff:ffff:ffff
2a0b:b600:2000::/37
2a0b:b600:3400::-2a0b:b600:3bff:ffff:ffff:ffff:ffff:ffff
2a0b:b600:3c04::/48
2a0b:b602::/32
Signature Algorithm: sha256WithRSAEncryption
85:3f:d6:d0:9e:1e:1b:0c:f8:8a:72:cc:cf:10:0b:c4:a4:ec:
20:ce:32:35:d7:f6:c9:5a:cb:31:c1:4a:8c:da:7a:dc:44:22:
69:ed:0e:d9:52:16:d0:27:21:21:fc:21:0f:64:1f:23:eb:f2:
2e:6a:17:3b:59:7f:58:93:58:98:a8:93:3a:68:04:cb:4c:e5:
0c:91:5b:c7:a9:62:df:9f:e6:56:a9:99:ef:39:b5:cb:4d:5b:
e1:8b:e5:97:6a:08:92:e5:2d:bd:c6:c8:34:e7:68:22:fa:34:
db:09:07:c7:70:34:8c:94:df:1a:ec:52:c6:fd:76:b6:93:b0:
3f:d8:87:45:dc:99:ea:3f:b3:64:12:e4:f0:bd:2d:e5:d8:e7:
91:4b:b8:25:3f:24:24:a9:03:bf:b8:22:58:0c:95:58:43:de:
cd:a2:17:51:af:27:75:b4:87:fb:e8:d2:09:8a:01:86:91:89:
76:e2:a7:52:da:37:2b:e3:f3:24:b7:93:ac:80:3e:ca:da:4a:
bf:0d:48:70:ee:27:e0:ff:31:55:44:99:ac:3b:ca:e4:28:fb:
43:59:e6:b8:6f:35:d2:bd:d7:53:03:e0:1c:57:e6:8e:ae:ed:
25:37:4c:10:ee:c5:74:94:3a:ea:5b:16:ca:49:c6:be:77:3d:
a8:62:31:a9
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZQmbDZ9axqYivjfU8NzQI4mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjk4NmM3NzA1YmQ4MDhjMWIwMmViZDc1NGZiZmE5MTgw
N2U5YjYwHhcNMjUwMTAyMDk1MDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmVhNzU1MjE1MmRlMmRkY2NlNjg3NDkwODYwN2I0Nzk5YjVhZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZfMdqmd3ddagxkuhiWNSKTU9YNM
pjB43HaNZaLMXwK0aPIgjQPMmoBQBLEcRZO4b5dXMXbs7/8HOWFI/Qo4BrH29NYo
9IcKh/xK6ZCFUOwfOtFcmkQgXPBJVTS4VJD+DxsVlmW5pnCU1+D92qMevfv3A0vc
LMEDu4mvs3ESCaghWvBbDqVJizqWzWa6nGF5a/sEMFFENjgeOd1K/f+8Kl/5LEsW
jex6nis9F+MTSxTHZlv/kQtgJ1Wj7I/Og/QNBGzAS3KWBA8leZHothz1RaM1OHO9
t9NjxqDdKEeTDUH0mv76RnHVSRtdBhfiaQuxSIb0l8lgdR2r1bkN6FXZAwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFGvqdVIVLeLdzOaHSQhge0eZta8zMB8GA1UdIwQY
MBaAFHP5hsdwW9gIwbAuvXVPv6kYB+m2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEt
OWExMjk1ZjAyZjJlLzEvYS1wMVVoVXQ0dDNNNW9kSkNHQjdSNW0xcnpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEtOWExMjk1ZjAyZjJl
LzEvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjAMBAIAATAGAwQCuafMMEoE
AgACMEQDBgQqC7YAADAQAwYCKgu2ABQDBgIqC7YAGAMGAyoLtgAgMBADBgIqC7YA
NAMGAioLtgA4AwcAKgu2ADwEAwUAKgu2AjANBgkqhkiG9w0BAQsFAAOCAQEAhT/W
0J4eGwz4inLMzxALxKTsIM4yNdf2yVrLMcFKjNp63EQiae0O2VIW0CchIfwhD2Qf
I+vyLmoXO1l/WJNYmKiTOmgEy0zlDJFbx6li35/mVqmZ7zm1y01b4Yvll2oIkuUt
vcbINOdoIvo02wkHx3A0jJTfGuxSxv12tpOwP9iHRdyZ6j+zZBLk8L0t5djnkUu4
JT8kJKkDv7giWAyVWEPezaIXUa8ndbSH++jSCYoBhpGJduKnUto3K+PzJLeTrIA+
ytpKvw1IcO4n4P8xVUSZrDvK5Cj7Q1nmuG810r3XUwPgHFfmjq7tJTdMEO7FdJQ6
6lsWyknGvnc9qGIxqQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:59:15 2025 by rpki-client