Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/yzgxHb39JlWgV-6OUyl9AE4hQAQ.roa
File: yzgxHb39JlWgV-6OUyl9AE4hQAQ.roa (raw, json)
Hash identifier: pG2NZjpFYDlbN9iuGT1kUvmnDeM4noZC3E54rEDkwXo=
Subject key identifier: CB:38:31:1D:BD:FD:26:55:A0:57:EE:8E:53:29:7D:00:4E:21:40:04
Certificate issuer: /CN=36fe3a91263e2e8319c2a678e629851d09e77f0d
Certificate serial: 01942748309E4C6FB9E50419317CDE0453A9
Authority key identifier: 36:FE:3A:91:26:3E:2E:83:19:C2:A6:78:E6:29:85:1D:09:E7:7F:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nv46kSY-LoMZwqZ45imFHQnnfw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/yzgxHb39JlWgV-6OUyl9AE4hQAQ.roa
Signing time: Thu 02 Jan 2025 13:50:29 +0000
ROA not before: Thu 02 Jan 2025 13:50:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199319
IP address blocks: 185.38.224.0/22 maxlen: 22
185.228.140.0/22 maxlen: 22
2a00:fb20::/32 maxlen: 32
2a00:fb20:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/Nv46kSY-LoMZwqZ45imFHQnnfw0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/Nv46kSY-LoMZwqZ45imFHQnnfw0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nv46kSY-LoMZwqZ45imFHQnnfw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:30:9e:4c:6f:b9:e5:04:19:31:7c:de:04:53:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36fe3a91263e2e8319c2a678e629851d09e77f0d
Validity
Not Before: Jan 2 13:50:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb38311dbdfd2655a057ee8e53297d004e214004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4d:80:ec:29:49:b5:86:4f:81:7b:d6:7e:0b:
bc:fe:7b:58:ad:a3:8c:8e:45:21:ae:48:3c:5b:25:
5e:4c:78:ba:7c:27:74:d8:1a:fb:96:4b:7e:a3:7f:
09:68:5d:50:d6:a9:d5:68:4f:b4:f1:6b:2e:66:26:
52:a1:a4:3e:a3:b6:0b:3f:bb:4f:81:34:32:cc:b9:
b8:90:e8:35:15:cd:71:55:4b:8f:3f:3c:d5:95:c8:
38:07:7e:85:16:6e:48:2e:16:37:04:09:81:ab:08:
2c:dd:a5:97:fc:7c:fa:dc:47:7b:21:52:34:98:2d:
df:fa:03:53:41:5a:95:3a:1b:4e:f1:f2:b2:04:e5:
ae:28:64:86:be:3d:42:ad:13:4e:bb:ad:42:ba:3a:
ee:96:26:9c:4e:19:ce:83:52:ac:49:4f:cc:f8:08:
c3:8f:41:b5:f9:99:f2:2c:38:f4:4f:40:d3:f1:c1:
78:af:36:14:c4:42:53:50:a9:fc:cf:ea:80:08:0d:
e2:3f:14:c8:04:82:ea:73:5f:4b:a6:53:ec:d0:11:
aa:36:e6:89:3e:f9:6f:ca:b8:93:d9:ef:71:3b:32:
96:49:01:c0:3b:bf:b7:42:83:4c:d0:91:3e:b7:bd:
71:68:3d:76:69:e1:1b:40:ad:31:b5:54:5c:e9:78:
db:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:38:31:1D:BD:FD:26:55:A0:57:EE:8E:53:29:7D:00:4E:21:40:04
X509v3 Authority Key Identifier:
keyid:36:FE:3A:91:26:3E:2E:83:19:C2:A6:78:E6:29:85:1D:09:E7:7F:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nv46kSY-LoMZwqZ45imFHQnnfw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/yzgxHb39JlWgV-6OUyl9AE4hQAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/Nv46kSY-LoMZwqZ45imFHQnnfw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.224.0/22
185.228.140.0/22
IPv6:
2a00:fb20::/32
Signature Algorithm: sha256WithRSAEncryption
4c:72:03:14:79:ef:54:3c:5f:89:0f:f4:20:83:b5:04:b6:5d:
4b:a1:c7:b0:bc:8e:b6:89:f4:be:7a:87:e2:1f:d3:73:45:1c:
a0:20:c6:0c:4e:3a:ce:0f:6b:4e:80:90:b6:fc:ed:b7:de:fd:
f0:e7:b5:48:25:75:04:f7:78:05:6e:5a:cc:3a:71:29:aa:2f:
d9:48:26:ac:c2:4f:b9:4f:8b:91:05:a7:89:0e:6a:fb:33:42:
92:ae:ba:e8:23:87:be:be:b5:d0:a6:80:98:65:32:c2:c1:c1:
16:f4:43:ec:23:2a:17:15:a3:83:00:ef:a8:02:d8:92:9d:48:
27:f8:b3:44:be:b7:ca:14:2c:54:9d:eb:2c:51:28:15:d0:a5:
a1:54:dd:74:06:b8:73:ab:f4:b4:35:b1:38:0f:85:1b:76:d7:
80:bf:26:6a:cf:44:80:d4:ec:2c:e3:c9:b9:c0:21:d1:05:6a:
d9:95:a5:2e:40:a1:68:c8:9c:ac:f9:de:d5:99:83:84:81:2f:
05:f7:16:3d:5d:b4:dc:bb:95:a0:9d:43:87:ea:3b:2e:b4:98:
a5:56:69:6a:71:b1:d5:54:78:ce:8e:b3:2a:5d:63:b2:81:91:
b2:18:c2:a5:83:e0:a7:8d:d9:2b:c7:8d:91:c4:d1:9b:7a:10:
0a:60:73:d6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQnSDCeTG+55QQZMXzeBFOpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZmUzYTkxMjYzZTJlODMxOWMyYTY3OGU2Mjk4NTFkMDll
NzdmMGQwHhcNMjUwMTAyMTM1MDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjM4MzExZGJkZmQyNjU1YTA1N2VlOGU1MzI5N2QwMDRlMjE0MDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzU2A7ClJtYZPgXvWfgu8/ntYraOM
jkUhrkg8WyVeTHi6fCd02Br7lkt+o38JaF1Q1qnVaE+08WsuZiZSoaQ+o7YLP7tP
gTQyzLm4kOg1Fc1xVUuPPzzVlcg4B36FFm5ILhY3BAmBqwgs3aWX/Hz63Ed7IVI0
mC3f+gNTQVqVOhtO8fKyBOWuKGSGvj1CrRNOu61CujruliacThnOg1KsSU/M+AjD
j0G1+ZnyLDj0T0DT8cF4rzYUxEJTUKn8z+qACA3iPxTIBILqc19LplPs0BGqNuaJ
PvlvyriT2e9xOzKWSQHAO7+3QoNM0JE+t71xaD12aeEbQK0xtVRc6Xjb4QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMs4MR29/SZVoFfujlMpfQBOIUAEMB8GA1UdIwQY
MBaAFDb+OpEmPi6DGcKmeOYphR0J538NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnY0NmtTWS1Mb01ad3FaNDVpbUZIUW5uZncwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lOTZlZjQtNGY0NS00N2MwLWJlYmYt
ZmEzZTA5MDFmMjQwLzEveXpneEhiMzlKbFdnVi02T1V5bDlBRTRoUUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lOTZlZjQtNGY0NS00N2MwLWJlYmYtZmEzZTA5MDFmMjQw
LzEvTnY0NmtTWS1Mb01ad3FaNDVpbUZIUW5uZncwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSbgAwQC
ueSMMA0EAgACMAcDBQAqAPsgMA0GCSqGSIb3DQEBCwUAA4IBAQBMcgMUee9UPF+J
D/Qgg7UEtl1LocewvI62ifS+eofiH9NzRRygIMYMTjrOD2tOgJC2/O233v3w57VI
JXUE93gFblrMOnEpqi/ZSCaswk+5T4uRBaeJDmr7M0KSrrroI4e+vrXQpoCYZTLC
wcEW9EPsIyoXFaODAO+oAtiSnUgn+LNEvrfKFCxUnessUSgV0KWhVN10Brhzq/S0
NbE4D4UbdteAvyZqz0SA1Ows48m5wCHRBWrZlaUuQKFoyJys+d7VmYOEgS8F9xY9
XbTcu5WgnUOH6jsutJilVmlqcbHVVHjOjrMqXWOygZGyGMKlg+Cnjdkrx42RxNGb
ehAKYHPW
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:05:54 2025 by rpki-client