Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/4_O_iIpyAI9RehObq-pOpadb0Oc.roa
File: 4_O_iIpyAI9RehObq-pOpadb0Oc.roa (raw, json)
Hash identifier: yk0faU3G873g+gLSQoGVoe7NYYyCWEaHzHI6ZIk9UdY=
Subject key identifier: E3:F3:BF:88:8A:72:00:8F:51:7A:13:9B:AB:EA:4E:A5:A7:5B:D0:E7
Certificate issuer: /CN=a6785773df313b91711bf6bc5b149ecc246b9e89
Certificate serial: 019427B52076C29FA2ABFACA7B9E38564083
Authority key identifier: A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/4_O_iIpyAI9RehObq-pOpadb0Oc.roa
Signing time: Thu 02 Jan 2025 15:49:29 +0000
ROA not before: Thu 02 Jan 2025 15:49:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204798
IP address blocks: 185.239.176.0/24 maxlen: 24
185.239.177.0/24 maxlen: 24
185.239.178.0/24 maxlen: 24
185.239.179.0/24 maxlen: 24
2a0f:c9c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.mft
rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:20:76:c2:9f:a2:ab:fa:ca:7b:9e:38:56:40:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6785773df313b91711bf6bc5b149ecc246b9e89
Validity
Not Before: Jan 2 15:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3f3bf888a72008f517a139babea4ea5a75bd0e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:fc:e7:ad:39:bd:5d:4c:70:04:73:c8:61:4c:
2f:4c:f5:c6:f3:bb:f9:de:50:23:16:1c:70:f5:42:
b5:d6:b6:5b:68:54:7b:d7:34:a4:3b:49:eb:6d:e9:
39:28:08:a3:40:89:c2:79:2a:64:a3:fd:82:17:21:
61:da:46:95:2a:0b:f6:4d:40:b1:f7:08:9b:90:51:
1a:ae:62:b7:39:f6:16:bc:4e:16:47:3d:14:29:42:
10:82:b5:28:c0:ec:98:e1:25:93:5f:76:b4:7e:48:
9e:83:ad:29:5f:e2:84:94:46:8d:91:48:36:2c:1e:
ca:fb:15:d0:f6:56:42:0f:ac:76:11:c3:33:db:2e:
a6:2c:c2:37:2f:60:28:9b:05:d5:17:1f:b4:91:cd:
b0:51:78:76:aa:ea:d8:7f:51:7e:58:c2:fc:fd:9d:
80:99:da:4d:75:9d:df:71:08:bc:91:10:dc:a2:3e:
de:27:35:b0:e2:de:57:1b:2d:c8:e6:13:4d:da:92:
fe:ab:5e:4e:54:ea:12:e2:7d:a0:f7:04:fb:cc:59:
30:bb:17:d0:ac:56:84:dc:34:31:d3:1b:37:8f:63:
03:41:cd:47:c1:8f:4a:b9:d4:53:c2:53:06:94:a2:
0a:8b:c5:f4:58:f8:e9:41:53:9a:dc:bb:49:e5:89:
e2:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:F3:BF:88:8A:72:00:8F:51:7A:13:9B:AB:EA:4E:A5:A7:5B:D0:E7
X509v3 Authority Key Identifier:
keyid:A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/4_O_iIpyAI9RehObq-pOpadb0Oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.176.0/22
IPv6:
2a0f:c9c0::/29
Signature Algorithm: sha256WithRSAEncryption
05:27:c7:e3:f3:bb:72:3f:5a:df:ab:47:d8:ea:75:05:99:9e:
f7:47:10:60:a4:85:a8:e9:30:a8:ea:f1:51:6f:da:0a:21:df:
78:13:b7:17:28:12:23:58:59:aa:14:44:f8:ad:76:43:f7:cd:
ff:8e:4b:4d:48:41:35:fe:aa:76:d8:75:61:e7:5f:3e:28:65:
58:a6:6e:79:d2:f0:d1:e6:d8:43:c2:73:46:dc:bb:73:49:ac:
e2:16:c6:31:07:01:f4:3e:d5:da:9f:01:e9:c6:0a:a0:7b:26:
f9:19:84:22:d4:9a:21:cc:db:67:a1:15:bd:0b:c7:1c:95:e5:
bb:24:9f:be:d1:e7:f7:69:f4:01:af:35:4d:f7:65:31:02:93:
fc:fa:63:8a:8f:46:a1:de:75:16:d0:48:82:ae:89:d5:67:2c:
97:80:2a:40:89:23:bf:ba:bf:ec:82:32:c5:25:2c:35:7c:4b:
a1:80:55:e5:1b:2c:8c:00:43:79:c3:54:0c:ab:71:34:d2:c3:
7a:01:b7:81:42:f3:c5:3f:df:9d:e7:18:f4:fc:0b:ed:be:c4:
d7:df:28:70:0b:33:30:22:94:05:67:d9:f9:88:6d:9a:92:64:
df:28:a0:d8:31:88:ab:c1:58:77:59:df:fa:34:1a:5d:ab:a8:
e2:ba:d9:b5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntSB2wp+iq/rKe544VkCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2Nzg1NzczZGYzMTNiOTE3MTFiZjZiYzViMTQ5ZWNjMjQ2
YjllODkwHhcNMjUwMTAyMTU0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2YzYmY4ODhhNzIwMDhmNTE3YTEzOWJhYmVhNGVhNWE3NWJkMGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PznrTm9XUxwBHPIYUwvTPXG87v5
3lAjFhxw9UK11rZbaFR71zSkO0nrbek5KAijQInCeSpko/2CFyFh2kaVKgv2TUCx
9wibkFEarmK3OfYWvE4WRz0UKUIQgrUowOyY4SWTX3a0fkieg60pX+KElEaNkUg2
LB7K+xXQ9lZCD6x2EcMz2y6mLMI3L2AomwXVFx+0kc2wUXh2qurYf1F+WML8/Z2A
mdpNdZ3fcQi8kRDcoj7eJzWw4t5XGy3I5hNN2pL+q15OVOoS4n2g9wT7zFkwuxfQ
rFaE3DQx0xs3j2MDQc1HwY9KudRTwlMGlKIKi8X0WPjpQVOa3LtJ5YniHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOPzv4iKcgCPUXoTm6vqTqWnW9DnMB8GA1UdIwQY
MBaAFKZ4V3PfMTuRcRv2vFsUnswka56JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hZTkyMTEtYzUyZC00ODBkLWE1OTEt
ZDc1ODY5YzBjNzFlLzEvNF9PX2lJcHlBSTlSZWhPYnEtcE9wYWRiME9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hZTkyMTEtYzUyZC00ODBkLWE1OTEtZDc1ODY5YzBjNzFl
LzEvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCue+wMA0E
AgACMAcDBQMqD8nAMA0GCSqGSIb3DQEBCwUAA4IBAQAFJ8fj87tyP1rfq0fY6nUF
mZ73RxBgpIWo6TCo6vFRb9oKId94E7cXKBIjWFmqFET4rXZD983/jktNSEE1/qp2
2HVh518+KGVYpm550vDR5thDwnNG3LtzSaziFsYxBwH0PtXanwHpxgqgeyb5GYQi
1JohzNtnoRW9C8ccleW7JJ++0ef3afQBrzVN92UxApP8+mOKj0ah3nUW0EiCronV
ZyyXgCpAiSO/ur/sgjLFJSw1fEuhgFXlGyyMAEN5w1QMq3E00sN6AbeBQvPFP9+d
5xj0/AvtvsTX3yhwCzMwIpQFZ9n5iG2akmTfKKDYMYirwVh3Wd/6NBpdq6jiutm1
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:27:30 2025 by rpki-client