Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/78178f-2199-48e0-901d-bda215b81636/1/TcLtt8MW6k1lXpNgBVH9jdy5v60.roa
File: TcLtt8MW6k1lXpNgBVH9jdy5v60.roa (raw, json)
Hash identifier: wy80lGUvnlcwv01nCG8qqLZ0l9j+IjMXtN6aRV+obm4=
Subject key identifier: 4D:C2:ED:B7:C3:16:EA:4D:65:5E:93:60:05:51:FD:8D:DC:B9:BF:AD
Certificate issuer: /CN=fb95e6594dc37053ce98bd5889063591b35e2d80
Certificate serial: 019422FB1ED93ACD276D3E9171276A53CC45
Authority key identifier: FB:95:E6:59:4D:C3:70:53:CE:98:BD:58:89:06:35:91:B3:5E:2D:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5XmWU3DcFPOmL1YiQY1kbNeLYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/78178f-2199-48e0-901d-bda215b81636/1/TcLtt8MW6k1lXpNgBVH9jdy5v60.roa
Signing time: Wed 01 Jan 2025 17:47:50 +0000
ROA not before: Wed 01 Jan 2025 17:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202421
IP address blocks: 185.204.176.0/22 maxlen: 24
185.204.176.0/23 maxlen: 24
185.204.176.0/24 maxlen: 24
185.204.177.0/24 maxlen: 24
185.204.178.0/23 maxlen: 24
185.204.178.0/24 maxlen: 24
185.204.179.0/24 maxlen: 24
2a0a:fac0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/78178f-2199-48e0-901d-bda215b81636/1/1-5XmWU3DcFPOmL1YiQY1kbNeLYA.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/78178f-2199-48e0-901d-bda215b81636/1/1-5XmWU3DcFPOmL1YiQY1kbNeLYA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-5XmWU3DcFPOmL1YiQY1kbNeLYA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:1e:d9:3a:cd:27:6d:3e:91:71:27:6a:53:cc:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb95e6594dc37053ce98bd5889063591b35e2d80
Validity
Not Before: Jan 1 17:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4dc2edb7c316ea4d655e93600551fd8ddcb9bfad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:22:1c:47:0d:3e:90:46:c0:f3:ac:62:fd:2f:
d4:8f:78:f9:2f:be:14:c5:f2:4f:7a:f8:a3:ff:55:
c9:22:46:1a:43:f6:4f:63:57:bc:eb:ff:a9:3c:cb:
31:2a:22:f7:06:4e:69:bd:46:0a:1a:98:a8:76:47:
ff:71:53:11:d2:97:a1:44:91:82:e2:88:ee:c4:c0:
40:06:5c:b5:0b:a3:8f:73:43:08:8c:5c:2e:95:15:
bb:06:59:7e:fc:14:60:36:da:ff:b3:be:b6:26:08:
45:8d:fb:bd:19:bd:83:a2:66:b3:54:da:3a:b7:89:
42:3c:82:68:f4:06:01:4b:2d:d6:86:49:af:a9:a9:
5b:ae:98:50:63:67:f3:7b:4b:e1:5b:f5:84:77:45:
9e:76:5b:8f:7c:40:a4:7a:52:8e:7d:e3:0c:bd:ae:
df:12:4a:fb:21:a7:af:bd:74:fa:3e:26:cc:39:4e:
4a:43:19:12:19:1b:98:88:c9:39:3d:0b:63:0e:11:
31:78:e0:a5:77:10:48:d5:8d:49:11:24:7c:a4:16:
26:3f:5e:98:31:c3:ab:63:4d:93:f0:ba:2f:b6:88:
fc:d5:2d:db:77:48:64:c7:1e:7d:05:8c:09:e1:e3:
c3:66:01:06:d0:01:b2:45:a0:80:22:21:01:c6:a4:
d4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C2:ED:B7:C3:16:EA:4D:65:5E:93:60:05:51:FD:8D:DC:B9:BF:AD
X509v3 Authority Key Identifier:
keyid:FB:95:E6:59:4D:C3:70:53:CE:98:BD:58:89:06:35:91:B3:5E:2D:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5XmWU3DcFPOmL1YiQY1kbNeLYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/78178f-2199-48e0-901d-bda215b81636/1/TcLtt8MW6k1lXpNgBVH9jdy5v60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/78178f-2199-48e0-901d-bda215b81636/1/1-5XmWU3DcFPOmL1YiQY1kbNeLYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.176.0/22
IPv6:
2a0a:fac0::/29
Signature Algorithm: sha256WithRSAEncryption
95:76:1f:51:4c:56:1a:12:74:d0:48:d3:45:47:c6:29:81:50:
51:e7:68:6e:94:cd:d5:55:10:03:d1:2f:da:a9:b9:30:6d:de:
81:98:db:80:8e:e2:85:ec:c1:95:5b:e3:a5:4c:53:7e:44:f6:
8a:d3:70:d7:a0:00:7f:dd:67:50:7f:7d:d5:b5:5a:bc:68:4c:
80:35:c5:96:2a:79:4b:dc:96:f3:1f:e6:50:80:8e:b3:20:e6:
94:57:02:48:42:75:66:98:77:13:ad:99:6b:db:60:08:33:37:
a1:98:33:74:f4:03:e5:4e:49:6d:e7:16:cc:9f:58:14:28:0e:
71:64:c6:df:26:31:68:b9:a3:87:78:92:12:c2:08:d4:3d:4a:
63:e7:34:7a:57:61:eb:e3:1d:4a:ed:01:27:fc:e6:ea:ce:0e:
a0:36:45:cd:b1:d2:0f:a0:f1:37:4c:ef:24:de:f8:23:68:6e:
bd:86:7c:1c:8d:be:2d:62:ea:d1:22:b0:93:5c:f9:80:f9:5a:
91:b9:79:a3:27:91:32:5a:7a:14:45:bc:1e:68:48:8c:cc:ca:
97:49:23:f2:8e:37:5e:95:95:40:ae:60:6e:6b:d5:d5:7f:b8:
ab:ca:5b:15:44:19:d0:88:7e:3b:f7:64:00:41:09:ba:35:8e:
27:43:a9:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQi+x7ZOs0nbT6RcSdqU8xFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOTVlNjU5NGRjMzcwNTNjZTk4YmQ1ODg5MDYzNTkxYjM1
ZTJkODAwHhcNMjUwMTAxMTc0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGMyZWRiN2MzMTZlYTRkNjU1ZTkzNjAwNTUxZmQ4ZGRjYjliZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyIcRw0+kEbA86xi/S/Uj3j5L74U
xfJPevij/1XJIkYaQ/ZPY1e86/+pPMsxKiL3Bk5pvUYKGpiodkf/cVMR0pehRJGC
4ojuxMBABly1C6OPc0MIjFwulRW7Bll+/BRgNtr/s762JghFjfu9Gb2DomazVNo6
t4lCPIJo9AYBSy3WhkmvqalbrphQY2fze0vhW/WEd0WedluPfECkelKOfeMMva7f
Ekr7IaevvXT6PibMOU5KQxkSGRuYiMk5PQtjDhExeOCldxBI1Y1JESR8pBYmP16Y
McOrY02T8Lovtoj81S3bd0hkxx59BYwJ4ePDZgEG0AGyRaCAIiEBxqTUyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE3C7bfDFupNZV6TYAVR/Y3cub+tMB8GA1UdIwQY
MBaAFPuV5llNw3BTzpi9WIkGNZGzXi2AMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01WG1XVTNEY0ZQT21MMVlpUVkxa2JOZUxZQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIvNzgxNzhmLTIxOTktNDhlMC05MDFk
LWJkYTIxNWI4MTYzNi8xL1RjTHR0OE1XNmsxbFhwTmdCVkg5amR5NXY2MC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmIvNzgxNzhmLTIxOTktNDhlMC05MDFkLWJkYTIxNWI4MTYz
Ni8xLzEtNVhtV1UzRGNGUE9tTDFZaVFZMWtiTmVMWUEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5zLAw
DQQCAAIwBwMFAyoK+sAwDQYJKoZIhvcNAQELBQADggEBAJV2H1FMVhoSdNBI00VH
ximBUFHnaG6UzdVVEAPRL9qpuTBt3oGY24CO4oXswZVb46VMU35E9orTcNegAH/d
Z1B/fdW1WrxoTIA1xZYqeUvclvMf5lCAjrMg5pRXAkhCdWaYdxOtmWvbYAgzN6GY
M3T0A+VOSW3nFsyfWBQoDnFkxt8mMWi5o4d4khLCCNQ9SmPnNHpXYevjHUrtASf8
5urODqA2Rc2x0g+g8TdM7yTe+CNobr2GfByNvi1i6tEisJNc+YD5WpG5eaMnkTJa
ehRFvB5oSIzMypdJI/KON16VlUCuYG5r1dV/uKvKWxVEGdCIfjv3ZABBCbo1jidD
qWk=
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:18:15 2025 by rpki-client