Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/p1jHUWGlvnk7Ka4HcEkuiaMwNSk.roa
File: p1jHUWGlvnk7Ka4HcEkuiaMwNSk.roa (raw, json)
Hash identifier: T44dCRAJmpy8f1ZvUn76dYDQCT4dySiiGDZxPQ1K3jA=
Subject key identifier: A7:58:C7:51:61:A5:BE:79:3B:29:AE:07:70:49:2E:89:A3:30:35:29
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01942220139EC7863F89D271B1DF27D4DD22
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/p1jHUWGlvnk7Ka4HcEkuiaMwNSk.roa
Signing time: Wed 01 Jan 2025 13:48:34 +0000
ROA not before: Wed 01 Jan 2025 13:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25596
IP address blocks: 82.197.192.0/19 maxlen: 19
84.245.0.0/20 maxlen: 20
84.245.16.0/20 maxlen: 20
84.245.32.0/20 maxlen: 20
87.101.0.0/21 maxlen: 21
185.6.48.0/22 maxlen: 22
185.227.72.0/22 maxlen: 22
217.19.16.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:13:9e:c7:86:3f:89:d2:71:b1:df:27:d4:dd:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 13:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a758c75161a5be793b29ae0770492e89a3303529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:57:73:c3:b6:98:fb:3e:2c:06:77:09:6a:a3:
26:38:65:75:49:8e:a4:11:53:47:63:e2:2e:01:d3:
24:1f:42:f2:d2:ae:c9:47:35:90:b4:df:f8:08:fd:
9b:22:c6:d8:e7:70:cd:10:8d:c2:97:f8:3b:8d:7b:
59:56:6d:30:db:91:10:4b:09:40:4c:90:bb:b6:fe:
2f:a1:2c:28:48:47:ad:ca:52:37:21:c3:a6:48:18:
20:16:a8:c1:23:5a:17:a3:6e:57:79:d3:a9:57:65:
8a:8a:b5:33:51:20:6b:ed:62:c2:06:6d:f7:11:8e:
1a:d5:98:fe:79:dc:6a:1e:91:76:db:4f:a7:e7:ba:
7f:d5:52:f3:b2:53:83:86:f3:09:22:af:1e:6d:4e:
bd:bc:80:0e:cc:5a:1f:f0:ff:43:39:e9:b1:c0:5d:
b4:fe:ac:c1:02:c5:30:10:2c:4b:c3:dc:79:57:5f:
a6:b0:55:12:3a:74:8a:ec:31:d0:6e:2a:55:a5:eb:
ac:26:1f:35:dd:3b:a9:8e:13:9a:6d:e3:15:7c:79:
97:5c:f4:21:bc:cf:34:f9:61:1a:03:0f:f1:3f:85:
6e:c9:59:6a:48:6c:c1:08:0b:8c:22:42:c8:89:c2:
f3:70:35:6c:0c:cf:b7:16:ca:40:84:1d:ac:76:37:
5f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:58:C7:51:61:A5:BE:79:3B:29:AE:07:70:49:2E:89:A3:30:35:29
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/p1jHUWGlvnk7Ka4HcEkuiaMwNSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.197.192.0/19
84.245.0.0-84.245.47.255
87.101.0.0/21
185.6.48.0/22
185.227.72.0/22
217.19.16.0/20
Signature Algorithm: sha256WithRSAEncryption
44:34:47:c7:de:8b:e7:5f:e1:33:40:3f:5e:da:4d:18:6f:41:
67:f8:dd:ca:63:e3:8a:a0:24:11:b8:dd:78:88:ae:1b:84:94:
89:5a:b7:e8:8f:8a:61:70:fe:58:e3:ca:cc:7f:ab:5e:6f:9c:
da:e2:70:d8:37:46:0a:59:86:8a:ed:d9:87:9f:4d:d8:b3:e6:
65:15:42:a7:89:fa:68:c9:b4:52:92:5d:12:53:f7:ea:b4:ed:
20:c3:5c:0a:fa:0f:51:29:c8:2b:46:7e:40:2c:b2:23:27:10:
bf:13:71:1f:3b:bd:b3:30:5d:52:ae:14:37:d8:88:15:3e:03:
74:67:6e:86:50:be:19:cf:8d:4f:03:f7:fb:e4:48:3f:24:22:
de:6a:6a:82:16:3a:ad:43:16:ce:5b:aa:87:e3:2c:99:df:fd:
1d:f2:b8:0f:2d:db:63:d9:70:e2:59:3e:23:ca:ee:db:fc:c5:
73:f9:9d:09:12:18:f6:60:e1:97:cb:52:41:82:41:ed:5b:97:
65:1c:83:c3:8a:48:5e:06:04:4e:d7:7c:64:ae:3a:39:1a:e0:
b7:dc:5a:03:d7:73:a5:0a:7c:04:4c:ba:73:b3:54:2c:c2:68:
8d:14:0c:c7:a8:e1:ce:5e:da:36:38:95:67:7b:dc:d3:1d:ab:
ee:30:c6:64
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZQiIBOex4Y/idJxsd8n1N0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwMTAxMTM0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzU4Yzc1MTYxYTViZTc5M2IyOWFlMDc3MDQ5MmU4OWEzMzAzNTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFdzw7aY+z4sBncJaqMmOGV1SY6k
EVNHY+IuAdMkH0Ly0q7JRzWQtN/4CP2bIsbY53DNEI3Cl/g7jXtZVm0w25EQSwlA
TJC7tv4voSwoSEetylI3IcOmSBggFqjBI1oXo25XedOpV2WKirUzUSBr7WLCBm33
EY4a1Zj+edxqHpF220+n57p/1VLzslODhvMJIq8ebU69vIAOzFof8P9DOemxwF20
/qzBAsUwECxLw9x5V1+msFUSOnSK7DHQbipVpeusJh813TupjhOabeMVfHmXXPQh
vM80+WEaAw/xP4VuyVlqSGzBCAuMIkLIicLzcDVsDM+3FspAhB2sdjdfCQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFKdYx1Fhpb55OymuB3BJLomjMDUpMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcDFqSFVXR2x2bms3S2E0SGNFa3VpYU13TlNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAxBAIAATArAwQFUsXAMAsD
AwBU9QMEBFT1IAMEA1dlAAMEArkGMAMEArnjSAMEBNkTEDANBgkqhkiG9w0BAQsF
AAOCAQEARDRHx96L51/hM0A/XtpNGG9BZ/jdymPjiqAkEbjdeIiuG4SUiVq36I+K
YXD+WOPKzH+rXm+c2uJw2DdGClmGiu3Zh59N2LPmZRVCp4n6aMm0UpJdElP36rTt
IMNcCvoPUSnIK0Z+QCyyIycQvxNxHzu9szBdUq4UN9iIFT4DdGduhlC+Gc+NTwP3
++RIPyQi3mpqghY6rUMWzluqh+Msmd/9HfK4Dy3bY9lw4lk+I8ru2/zFc/mdCRIY
9mDhl8tSQYJB7VuXZRyDw4pIXgYETtd8ZK46ORrgt9xaA9dzpQp8BEy6c7NULMJo
jRQMx6jhzl7aNjiVZ3vc0x2r7jDGZA==
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:40:46 2025 by rpki-client