Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/e0b1b5-edef-4aeb-836b-63f5035f3446/1/t42bTlVzekO4_zka2dM08NYoS0o.roa
File: t42bTlVzekO4_zka2dM08NYoS0o.roa (raw, json)
Hash identifier: k4lNjjF23Ae3Sbhg3LYDkwgC4ol0mKxgVNJCg94oeiI=
Subject key identifier: B7:8D:9B:4E:55:73:7A:43:B8:FF:39:1A:D9:D3:34:F0:D6:28:4B:4A
Certificate issuer: /CN=975e5f48f53a8db9ca60fa8f1837d07f3191104f
Certificate serial: 019424B37186110D42FA5C499437F7D0915B
Authority key identifier: 97:5E:5F:48:F5:3A:8D:B9:CA:60:FA:8F:18:37:D0:7F:31:91:10:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l15fSPU6jbnKYPqPGDfQfzGREE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/e0b1b5-edef-4aeb-836b-63f5035f3446/1/t42bTlVzekO4_zka2dM08NYoS0o.roa
Signing time: Thu 02 Jan 2025 01:48:47 +0000
ROA not before: Thu 02 Jan 2025 01:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34380
IP address blocks: 185.162.148.0/22 maxlen: 24
185.162.148.0/24 maxlen: 24
185.162.149.0/24 maxlen: 24
185.162.150.0/24 maxlen: 24
185.162.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/e0b1b5-edef-4aeb-836b-63f5035f3446/1/l15fSPU6jbnKYPqPGDfQfzGREE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/e0b1b5-edef-4aeb-836b-63f5035f3446/1/l15fSPU6jbnKYPqPGDfQfzGREE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/l15fSPU6jbnKYPqPGDfQfzGREE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:71:86:11:0d:42:fa:5c:49:94:37:f7:d0:91:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=975e5f48f53a8db9ca60fa8f1837d07f3191104f
Validity
Not Before: Jan 2 01:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b78d9b4e55737a43b8ff391ad9d334f0d6284b4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:43:78:9b:2f:bb:81:0e:1e:de:da:b5:78:e5:
b4:1d:62:e9:76:26:92:8a:4c:37:97:c5:7d:84:7c:
f1:77:ea:f5:c0:69:57:a9:88:54:08:95:0e:12:89:
34:37:da:e7:3a:ea:90:c0:a8:da:c5:9d:6c:f7:1e:
e4:b6:22:ee:45:01:49:bb:17:ce:86:5a:4e:88:79:
08:1a:1d:38:6d:03:98:98:3b:b2:a7:54:3f:78:ef:
c2:ee:a0:dd:ee:16:86:fd:3d:e0:5c:a3:81:2d:8e:
00:01:cb:25:a8:ff:9b:7c:a5:ce:63:a6:79:dc:45:
9d:fb:b9:66:49:35:6f:46:a6:cb:46:a9:e4:83:b9:
51:1f:02:c6:48:c6:76:b0:6b:ce:a6:86:ce:c9:2b:
1c:f0:f4:7f:8c:a2:90:59:97:8e:a9:08:d9:94:9c:
36:80:18:97:4f:f7:ab:f8:82:6d:a9:ac:3d:e4:b4:
18:3a:7b:b5:5d:0c:b8:b2:13:4a:08:80:9b:d6:08:
8f:e0:d9:89:4a:b6:c5:2e:49:29:91:35:33:9f:be:
de:f7:0f:6a:b7:5b:94:69:9c:b2:53:6e:c9:36:87:
8f:6d:c8:60:46:85:71:80:43:a3:6d:17:d0:2b:7f:
53:5d:dd:a8:9e:0f:04:80:4b:49:f2:3e:d4:6d:20:
6d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:8D:9B:4E:55:73:7A:43:B8:FF:39:1A:D9:D3:34:F0:D6:28:4B:4A
X509v3 Authority Key Identifier:
keyid:97:5E:5F:48:F5:3A:8D:B9:CA:60:FA:8F:18:37:D0:7F:31:91:10:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l15fSPU6jbnKYPqPGDfQfzGREE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/e0b1b5-edef-4aeb-836b-63f5035f3446/1/t42bTlVzekO4_zka2dM08NYoS0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/e0b1b5-edef-4aeb-836b-63f5035f3446/1/l15fSPU6jbnKYPqPGDfQfzGREE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.148.0/22
Signature Algorithm: sha256WithRSAEncryption
83:13:ee:05:4a:6e:fa:27:62:ae:05:36:f5:0d:d6:22:89:df:
1f:5f:a9:21:a5:87:33:a4:10:b5:92:9d:b1:ce:c6:79:2d:61:
3d:e2:76:a5:df:07:8d:5e:5d:e1:cf:7b:39:9c:d9:17:d2:35:
1e:b4:3f:1f:01:2c:b0:0e:58:43:78:58:e8:44:78:57:c9:99:
28:6d:21:44:69:a8:f6:b3:ef:54:fb:b1:33:18:d5:22:bd:09:
d9:f6:34:f1:6a:45:d5:e5:94:a4:ba:2d:e2:26:ab:dd:89:4b:
58:6d:08:5d:ec:a6:c3:50:77:0b:bb:88:a3:66:21:b8:51:8b:
81:4f:7c:1a:1e:c9:82:52:d1:f5:41:70:e9:d1:1a:0e:45:00:
35:9f:18:72:c3:2e:27:92:34:6c:2d:20:19:f9:01:96:6e:a2:
c1:ea:2a:40:68:5a:82:7d:6a:a5:94:a1:3b:28:e0:dd:c9:99:
48:f9:07:38:36:8c:c9:ec:00:ac:4a:c1:f3:04:44:34:d8:bd:
40:18:74:a9:a1:e9:7f:1b:07:9e:ad:b9:b4:75:4b:fb:32:31:
e9:41:79:55:13:5e:e9:b9:ff:f0:b9:5a:1d:e7:ee:ba:78:a5:
f7:af:d7:dd:ad:6f:d6:4d:a7:5c:ec:77:69:cf:2b:de:d2:98:
26:0b:78:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks3GGEQ1C+lxJlDf30JFbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NWU1ZjQ4ZjUzYThkYjljYTYwZmE4ZjE4MzdkMDdmMzE5
MTEwNGYwHhcNMjUwMTAyMDE0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzhkOWI0ZTU1NzM3YTQzYjhmZjM5MWFkOWQzMzRmMGQ2Mjg0YjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0N4my+7gQ4e3tq1eOW0HWLpdiaS
ikw3l8V9hHzxd+r1wGlXqYhUCJUOEok0N9rnOuqQwKjaxZ1s9x7ktiLuRQFJuxfO
hlpOiHkIGh04bQOYmDuyp1Q/eO/C7qDd7haG/T3gXKOBLY4AAcslqP+bfKXOY6Z5
3EWd+7lmSTVvRqbLRqnkg7lRHwLGSMZ2sGvOpobOySsc8PR/jKKQWZeOqQjZlJw2
gBiXT/er+IJtqaw95LQYOnu1XQy4shNKCICb1giP4NmJSrbFLkkpkTUzn77e9w9q
t1uUaZyyU27JNoePbchgRoVxgEOjbRfQK39TXd2ong8EgEtJ8j7UbSBtywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLeNm05Vc3pDuP85GtnTNPDWKEtKMB8GA1UdIwQY
MBaAFJdeX0j1Oo25ymD6jxg30H8xkRBPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDE1ZlNQVTZqYm5LWVBxUEdEZlFmekdSRUU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9lMGIxYjUtZWRlZi00YWViLTgzNmIt
NjNmNTAzNWYzNDQ2LzEvdDQyYlRsVnpla080X3prYTJkTTA4TllvUzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9lMGIxYjUtZWRlZi00YWViLTgzNmItNjNmNTAzNWYzNDQ2
LzEvbDE1ZlNQVTZqYm5LWVBxUEdEZlFmekdSRUU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaKUMA0G
CSqGSIb3DQEBCwUAA4IBAQCDE+4FSm76J2KuBTb1DdYiid8fX6khpYczpBC1kp2x
zsZ5LWE94nal3weNXl3hz3s5nNkX0jUetD8fASywDlhDeFjoRHhXyZkobSFEaaj2
s+9U+7EzGNUivQnZ9jTxakXV5ZSkui3iJqvdiUtYbQhd7KbDUHcLu4ijZiG4UYuB
T3waHsmCUtH1QXDp0RoORQA1nxhywy4nkjRsLSAZ+QGWbqLB6ipAaFqCfWqllKE7
KODdyZlI+Qc4NozJ7ACsSsHzBEQ02L1AGHSpoel/Gweerbm0dUv7MjHpQXlVE17p
uf/wuVod5+66eKX3r9fdrW/WTadc7Hdpzyve0pgmC3j2
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:41:32 2025 by rpki-client