Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/1ikX92cBkm7W7rHfhLCtgqKM0d8.roa
File: 1ikX92cBkm7W7rHfhLCtgqKM0d8.roa (raw, json)
Hash identifier: oY5BxXRyJZhAnRLwWm3V4CClsVP5JaJOwIydkhqNE80=
Subject key identifier: D6:29:17:F7:67:01:92:6E:D6:EE:B1:DF:84:B0:AD:82:A2:8C:D1:DF
Certificate issuer: /CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Certificate serial: 01941FFA64D3F4994A131E6D59E0ADE00943
Authority key identifier: 68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/1ikX92cBkm7W7rHfhLCtgqKM0d8.roa
Signing time: Wed 01 Jan 2025 03:48:10 +0000
ROA not before: Wed 01 Jan 2025 03:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31673
IP address blocks: 185.181.84.0/22 maxlen: 22
2a0a:c780::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:64:d3:f4:99:4a:13:1e:6d:59:e0:ad:e0:09:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Validity
Not Before: Jan 1 03:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d62917f76701926ed6eeb1df84b0ad82a28cd1df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:92:14:3f:b0:33:3b:df:ba:17:8d:2f:49:09:
8d:38:44:ac:48:2a:c1:3b:38:90:25:97:0e:d3:b0:
7b:d3:16:5a:1b:59:f3:d3:bd:5a:6e:db:56:90:77:
c0:87:9f:16:a2:8e:70:6a:3b:b0:43:8d:96:ae:54:
77:d4:bc:b2:44:86:b1:15:0d:27:e1:58:77:be:56:
9a:39:a0:de:5e:dc:93:17:f0:80:91:29:1c:98:0e:
02:d2:49:11:77:1a:c1:eb:a9:18:ef:66:42:d7:f9:
cf:82:6d:5d:20:f2:00:03:47:30:0a:af:91:70:b2:
54:87:dc:c7:16:30:a1:a8:eb:f0:1a:a1:3c:86:7b:
20:a1:d4:a5:d1:b7:88:af:36:2a:e8:a2:da:6c:98:
18:51:de:23:80:4c:45:2e:96:7f:c2:89:32:dd:9f:
63:00:09:1b:da:8e:ba:50:08:f9:b6:9e:db:34:38:
3c:7f:3d:16:c1:49:8c:4d:3f:a0:c9:e1:13:60:74:
4f:14:ef:25:91:4e:e8:c8:87:e1:1d:91:41:9f:32:
56:ae:b5:e6:24:df:a9:e1:72:47:7d:eb:d0:97:3b:
8c:d8:5a:51:2e:cc:05:62:24:37:60:d8:ce:fb:9a:
c6:1f:f5:30:e4:e1:7d:23:5f:50:b0:f3:e9:bf:8c:
39:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:29:17:F7:67:01:92:6E:D6:EE:B1:DF:84:B0:AD:82:A2:8C:D1:DF
X509v3 Authority Key Identifier:
keyid:68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/1ikX92cBkm7W7rHfhLCtgqKM0d8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.181.84.0/22
IPv6:
2a0a:c780::/29
Signature Algorithm: sha256WithRSAEncryption
54:77:98:ef:4e:b7:99:4a:fc:73:a9:e5:28:8b:a4:95:a4:dd:
8a:16:61:c4:f9:6b:0e:68:66:65:39:c3:22:1e:ed:a3:05:6f:
33:c8:09:60:6d:c6:dc:51:1d:5e:a0:7e:fc:71:fb:5f:78:95:
e5:04:19:84:ae:43:d1:ff:6e:dc:c9:30:30:9a:5a:be:68:d5:
dc:b1:ef:f2:86:16:04:70:fe:45:00:b7:a9:cd:84:fe:7c:cc:
97:37:09:8b:96:14:c8:2c:7a:bc:f2:fc:f1:59:e4:29:89:0b:
44:22:d6:80:bc:d4:da:86:51:18:df:3d:06:50:c6:e8:a6:33:
d8:d8:b0:aa:4c:e2:b7:08:34:79:a6:c2:8f:7a:7d:15:27:2e:
c5:34:dd:d5:c7:ee:f5:17:31:2b:a2:14:8f:65:27:51:59:dd:
f1:14:f5:0b:2b:59:c0:33:8d:15:5d:59:af:59:82:9d:db:11:
cb:c5:f5:ed:27:77:58:91:5c:7d:bf:45:1a:a0:bb:be:55:2d:
1b:ab:9e:11:59:e5:ed:27:d0:b8:1e:cf:78:52:de:16:91:e0:
84:53:eb:ba:ed:ea:e9:d7:fa:52:2f:65:f0:e2:b8:df:1f:20:
9f:94:10:76:aa:91:21:61:90:06:42:0d:19:ba:41:05:1b:f0:
28:0c:8c:58
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQf+mTT9JlKEx5tWeCt4AlDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDQyNWNjN2IxYjc4ODBhODc1Zjc2YmVkYTgwZmUzMTA5
MzE5ZWQwHhcNMjUwMTAxMDM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjI5MTdmNzY3MDE5MjZlZDZlZWIxZGY4NGIwYWQ4MmEyOGNkMWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZIUP7AzO9+6F40vSQmNOESsSCrB
OziQJZcO07B70xZaG1nz071abttWkHfAh58Woo5wajuwQ42WrlR31LyyRIaxFQ0n
4Vh3vlaaOaDeXtyTF/CAkSkcmA4C0kkRdxrB66kY72ZC1/nPgm1dIPIAA0cwCq+R
cLJUh9zHFjChqOvwGqE8hnsgodSl0beIrzYq6KLabJgYUd4jgExFLpZ/woky3Z9j
AAkb2o66UAj5tp7bNDg8fz0WwUmMTT+gyeETYHRPFO8lkU7oyIfhHZFBnzJWrrXm
JN+p4XJHfevQlzuM2FpRLswFYiQ3YNjO+5rGH/Uw5OF9I19QsPPpv4w5eQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNYpF/dnAZJu1u6x34SwrYKijNHfMB8GA1UdIwQY
MBaAFGjUJcx7G3iAqHX3a+2oD+MQkxntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2Et
NWM0NWI2MThmOTkwLzEvMWlrWDkyY0JrbTdXN3JIZmhMQ3RncUtNMGQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2EtNWM0NWI2MThmOTkw
LzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubVUMA0E
AgACMAcDBQMqCseAMA0GCSqGSIb3DQEBCwUAA4IBAQBUd5jvTreZSvxzqeUoi6SV
pN2KFmHE+WsOaGZlOcMiHu2jBW8zyAlgbcbcUR1eoH78cftfeJXlBBmErkPR/27c
yTAwmlq+aNXcse/yhhYEcP5FALepzYT+fMyXNwmLlhTILHq88vzxWeQpiQtEItaA
vNTahlEY3z0GUMbopjPY2LCqTOK3CDR5psKPen0VJy7FNN3Vx+71FzErohSPZSdR
Wd3xFPULK1nAM40VXVmvWYKd2xHLxfXtJ3dYkVx9v0UaoLu+VS0bq54RWeXtJ9C4
Hs94Ut4WkeCEU+u67erp1/pSL2Xw4rjfHyCflBB2qpEhYZAGQg0ZukEFG/AoDIxY
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:34:05 2025 by rpki-client