Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/69b290-d375-4e89-8fb5-fb235dba7b18/1/8Lh_EZUjo4d8T-WMsVc5_oid1Mo.roa
File: 8Lh_EZUjo4d8T-WMsVc5_oid1Mo.roa (raw, json)
Hash identifier: cbyV06wf44D7SymSNRd5DeNmzcspVDJoD1qFeH8lxNU=
Subject key identifier: F0:B8:7F:11:95:23:A3:87:7C:4F:E5:8C:B1:57:39:FE:88:9D:D4:CA
Certificate issuer: /CN=70c12309ee98d442ec8a7650127eb0e621894df1
Certificate serial: 019421B1C0A706D9EAAB0330F6FECE4B91BF
Authority key identifier: 70:C1:23:09:EE:98:D4:42:EC:8A:76:50:12:7E:B0:E6:21:89:4D:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMEjCe6Y1ELsinZQEn6w5iGJTfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/69b290-d375-4e89-8fb5-fb235dba7b18/1/8Lh_EZUjo4d8T-WMsVc5_oid1Mo.roa
Signing time: Wed 01 Jan 2025 11:48:04 +0000
ROA not before: Wed 01 Jan 2025 11:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42692
IP address blocks: 185.164.178.0/24 maxlen: 24
185.164.179.0/24 maxlen: 24
2a0a:ec02:101::/48 maxlen: 48
2a0a:ec02:201::/48 maxlen: 48
2a0a:ec02:202::/48 maxlen: 48
2a0a:ec02:301::/48 maxlen: 48
2a0a:ec02:401::/48 maxlen: 48
2a0a:ec02:501::/48 maxlen: 48
2a0a:ec02:701::/48 maxlen: 48
2a0a:ec02:801::/48 maxlen: 48
2a0a:ec02:901::/48 maxlen: 48
2a0a:ec02:902::/48 maxlen: 48
2a0a:ec02:a01::/48 maxlen: 48
2a0a:ec02:b01::/48 maxlen: 48
2a0a:ec02:c01::/48 maxlen: 48
2a0a:ec02:ff00::/48 maxlen: 48
2a0a:ec02:ff01::/48 maxlen: 48
2a0a:ec04::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/69b290-d375-4e89-8fb5-fb235dba7b18/1/cMEjCe6Y1ELsinZQEn6w5iGJTfE.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/69b290-d375-4e89-8fb5-fb235dba7b18/1/cMEjCe6Y1ELsinZQEn6w5iGJTfE.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMEjCe6Y1ELsinZQEn6w5iGJTfE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 02:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:c0:a7:06:d9:ea:ab:03:30:f6:fe:ce:4b:91:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70c12309ee98d442ec8a7650127eb0e621894df1
Validity
Not Before: Jan 1 11:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0b87f119523a3877c4fe58cb15739fe889dd4ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7c:6a:f8:a6:98:0e:eb:88:62:4f:39:e3:13:
8d:29:d8:ef:ff:87:19:6e:d1:9d:39:e1:ba:af:ee:
d3:b6:11:67:4b:18:05:5c:8f:c4:50:96:f7:e7:64:
db:79:10:31:b4:b0:03:40:80:e7:4a:b9:1e:4c:25:
59:c4:43:ec:f8:a2:bf:5b:4f:7b:be:d1:0f:47:ba:
fd:6a:a8:75:df:aa:ee:c4:c5:3b:2f:83:d6:00:7e:
80:1a:75:ef:e2:ab:55:8c:e9:7b:80:7d:75:cc:14:
5f:bc:59:b6:af:7c:8e:c8:37:1f:cc:b3:c2:a3:cd:
9d:12:43:17:02:9a:fe:b8:a4:60:ec:cd:a7:9a:9c:
1a:6c:4e:b7:35:6b:34:a9:ff:8c:91:34:79:63:dc:
0b:e5:2f:2c:b3:cd:de:b2:27:e4:ac:d3:12:93:ca:
40:55:c9:27:d6:a0:80:f1:c1:00:43:96:22:23:15:
89:5f:4c:eb:91:50:b6:26:80:9a:c0:46:4e:02:53:
ba:f0:4a:bf:2e:3a:8b:e1:9c:81:7e:a1:64:18:db:
fb:05:de:aa:5c:42:25:2f:1b:37:0e:70:2f:81:22:
0c:11:34:3d:97:26:a1:65:77:b9:b0:3d:c3:b1:38:
27:13:b0:9f:e5:c8:ca:24:c6:a7:b4:34:44:11:04:
06:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:B8:7F:11:95:23:A3:87:7C:4F:E5:8C:B1:57:39:FE:88:9D:D4:CA
X509v3 Authority Key Identifier:
keyid:70:C1:23:09:EE:98:D4:42:EC:8A:76:50:12:7E:B0:E6:21:89:4D:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMEjCe6Y1ELsinZQEn6w5iGJTfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/69b290-d375-4e89-8fb5-fb235dba7b18/1/8Lh_EZUjo4d8T-WMsVc5_oid1Mo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/69b290-d375-4e89-8fb5-fb235dba7b18/1/cMEjCe6Y1ELsinZQEn6w5iGJTfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.178.0/23
IPv6:
2a0a:ec02:101::/48
2a0a:ec02:201::-2a0a:ec02:202:ffff:ffff:ffff:ffff:ffff
2a0a:ec02:301::/48
2a0a:ec02:401::/48
2a0a:ec02:501::/48
2a0a:ec02:701::/48
2a0a:ec02:801::/48
2a0a:ec02:901::-2a0a:ec02:902:ffff:ffff:ffff:ffff:ffff
2a0a:ec02:a01::/48
2a0a:ec02:b01::/48
2a0a:ec02:c01::/48
2a0a:ec02:ff00::/47
2a0a:ec04::/32
Signature Algorithm: sha256WithRSAEncryption
80:f2:e9:cc:0f:f7:67:7b:4c:8d:e9:dd:1e:63:e2:73:7d:1a:
a5:6c:bc:f4:c4:e6:94:32:8e:e4:62:5a:84:e2:dc:b3:fb:11:
7f:b8:f7:50:b2:bf:c1:ed:12:56:d3:28:c7:29:4c:bf:91:7d:
8f:2f:6a:fb:6e:53:a9:91:20:67:ed:06:18:dd:3d:28:19:c7:
26:0f:e3:ae:74:28:5e:32:ba:80:66:26:ac:01:e9:f6:05:17:
7f:17:e3:2e:42:75:28:72:55:04:17:33:12:63:8d:0c:08:6d:
26:1e:98:67:5e:68:7e:36:77:c5:84:86:5c:8c:3d:00:6c:48:
48:1b:1a:6d:3d:dd:01:a8:52:6c:e7:53:f5:9c:51:27:c5:68:
75:d6:87:b5:96:95:da:08:c5:77:65:c3:bb:96:ce:e0:7a:e2:
9f:31:a8:3b:41:9a:0f:a9:6c:9e:99:6d:03:f2:c5:b2:0e:34:
ca:1f:e5:7d:3c:b9:4f:55:a2:c6:3c:77:a2:82:56:de:62:1b:
97:bc:97:9d:43:53:bc:7a:16:37:43:22:ed:12:0b:db:30:66:
75:da:53:b3:75:63:11:25:f1:a3:6c:f1:77:c5:e7:23:49:26:
76:af:57:e4:5d:2a:aa:07:96:74:f7:b5:3c:a7:d9:9b:01:f9:
6c:37:92:bc
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZQhscCnBtnqqwMw9v7OS5G/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYzEyMzA5ZWU5OGQ0NDJlYzhhNzY1MDEyN2ViMGU2MjE4
OTRkZjEwHhcNMjUwMTAxMTE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGI4N2YxMTk1MjNhMzg3N2M0ZmU1OGNiMTU3MzlmZTg4OWRkNGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXxq+KaYDuuIYk854xONKdjv/4cZ
btGdOeG6r+7TthFnSxgFXI/EUJb352TbeRAxtLADQIDnSrkeTCVZxEPs+KK/W097
vtEPR7r9aqh136ruxMU7L4PWAH6AGnXv4qtVjOl7gH11zBRfvFm2r3yOyDcfzLPC
o82dEkMXApr+uKRg7M2nmpwabE63NWs0qf+MkTR5Y9wL5S8ss83esifkrNMSk8pA
Vckn1qCA8cEAQ5YiIxWJX0zrkVC2JoCawEZOAlO68Eq/LjqL4ZyBfqFkGNv7Bd6q
XEIlLxs3DnAvgSIMETQ9lyahZXe5sD3DsTgnE7Cf5cjKJMantDREEQQGBQIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFPC4fxGVI6OHfE/ljLFXOf6IndTKMB8GA1UdIwQY
MBaAFHDBIwnumNRC7Ip2UBJ+sOYhiU3xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY01FakNlNlkxRUxzaW5aUUVuNnc1aUdKVGZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi82OWIyOTAtZDM3NS00ZTg5LThmYjUt
ZmIyMzVkYmE3YjE4LzEvOExoX0VaVWpvNGQ4VC1XTXNWYzVfb2lkMU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi82OWIyOTAtZDM3NS00ZTg5LThmYjUtZmIyMzVkYmE3YjE4
LzEvY01FakNlNlkxRUxzaW5aUUVuNnc1aUdKVGZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTAMBAIAATAGAwQBuaSy
MIGQBAIAAjCBiQMHACoK7AIBATASAwcAKgrsAgIBAwcAKgrsAgICAwcAKgrsAgMB
AwcAKgrsAgQBAwcAKgrsAgUBAwcAKgrsAgcBAwcAKgrsAggBMBIDBwAqCuwCCQED
BwAqCuwCCQIDBwAqCuwCCgEDBwAqCuwCCwEDBwAqCuwCDAEDBwEqCuwC/wADBQAq
CuwEMA0GCSqGSIb3DQEBCwUAA4IBAQCA8unMD/dne0yN6d0eY+JzfRqlbLz0xOaU
Mo7kYlqE4tyz+xF/uPdQsr/B7RJW0yjHKUy/kX2PL2r7blOpkSBn7QYY3T0oGccm
D+OudCheMrqAZiasAen2BRd/F+MuQnUoclUEFzMSY40MCG0mHphnXmh+NnfFhIZc
jD0AbEhIGxptPd0BqFJs51P1nFEnxWh11oe1lpXaCMV3ZcO7ls7geuKfMag7QZoP
qWyemW0D8sWyDjTKH+V9PLlPVaLGPHeiglbeYhuXvJedQ1O8ehY3QyLtEgvbMGZ1
2lOzdWMRJfGjbPF3xecjSSZ2r1fkXSqqB5Z097U8p9mbAflsN5K8
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:59:44 2025 by rpki-client