Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/8VHFK74OMKQnD381WiG3ZZR7ozs.roa
File: 8VHFK74OMKQnD381WiG3ZZR7ozs.roa (raw, json)
Hash identifier: B7p/Hrvwz47SgwLmobk1ZKXWoI4oqfm1r3I4SkLnjp4=
Subject key identifier: F1:51:C5:2B:BE:0E:30:A4:27:0F:7F:35:5A:21:B7:65:94:7B:A3:3B
Certificate issuer: /CN=e319d0cd65593d969e8d45382a194aaa73c0ff8c
Certificate serial: 0194895FD492F20C6E9657DC0105C4562C1A
Authority key identifier: E3:19:D0:CD:65:59:3D:96:9E:8D:45:38:2A:19:4A:AA:73:C0:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xnQzWVZPZaejUU4KhlKqnPA_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/8VHFK74OMKQnD381WiG3ZZR7ozs.roa
Signing time: Tue 21 Jan 2025 14:59:06 +0000
ROA not before: Tue 21 Jan 2025 14:59:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206943
IP address blocks: 31.42.128.0/20 maxlen: 20
31.42.144.0/20 maxlen: 20
178.159.64.0/20 maxlen: 20
178.218.128.0/22 maxlen: 22
178.218.132.0/22 maxlen: 22
178.218.136.0/21 maxlen: 21
185.102.48.0/22 maxlen: 23
185.171.28.0/23 maxlen: 23
185.171.30.0/23 maxlen: 23
185.183.88.0/23 maxlen: 23
185.183.90.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/4xnQzWVZPZaejUU4KhlKqnPA_4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/4xnQzWVZPZaejUU4KhlKqnPA_4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/4xnQzWVZPZaejUU4KhlKqnPA_4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:89:5f:d4:92:f2:0c:6e:96:57:dc:01:05:c4:56:2c:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e319d0cd65593d969e8d45382a194aaa73c0ff8c
Validity
Not Before: Jan 21 14:59:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f151c52bbe0e30a4270f7f355a21b765947ba33b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:6a:37:45:8b:f5:0c:88:64:8a:39:0a:c9:3c:
c6:a6:24:46:8d:e6:dc:98:51:96:14:e5:10:94:a6:
62:57:b4:ed:b6:c3:71:e1:08:af:d6:02:63:e3:ee:
eb:49:77:41:75:51:17:94:18:77:67:18:39:ab:a6:
97:31:a7:d7:42:80:9f:1b:35:a9:20:77:f4:1b:ce:
ac:0d:ac:7d:cd:fa:2b:0a:86:2f:a7:24:d7:1b:46:
85:60:5c:df:b5:8c:9d:d6:20:4b:6b:8a:82:6d:31:
d8:0d:e9:c0:85:a2:91:f8:4d:22:76:e0:66:63:3c:
64:a0:7b:24:e5:43:39:46:10:39:cc:f9:cf:54:e5:
b3:69:a2:f8:15:7e:7d:70:02:20:e4:43:4f:b1:a9:
8f:e7:7f:a2:2f:f2:d6:94:ab:bb:b9:76:2f:23:08:
84:90:89:f7:5e:ed:9a:ad:56:97:ce:7d:a1:e4:da:
1c:b8:95:10:c1:4a:c6:8d:1d:fa:e9:43:68:7f:52:
ad:c0:58:2d:a4:24:5f:27:39:8a:25:d2:0b:8a:e3:
c9:2e:4d:ba:1c:56:9d:a4:16:b2:a5:c5:f6:35:89:
3e:6c:dc:a0:12:8d:25:e4:6d:fb:f7:53:f8:e0:55:
c7:33:20:98:c3:3e:cd:45:49:2b:ab:81:d0:11:d0:
f7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:51:C5:2B:BE:0E:30:A4:27:0F:7F:35:5A:21:B7:65:94:7B:A3:3B
X509v3 Authority Key Identifier:
keyid:E3:19:D0:CD:65:59:3D:96:9E:8D:45:38:2A:19:4A:AA:73:C0:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xnQzWVZPZaejUU4KhlKqnPA_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/8VHFK74OMKQnD381WiG3ZZR7ozs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/4xnQzWVZPZaejUU4KhlKqnPA_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.128.0/19
178.159.64.0/20
178.218.128.0/20
185.102.48.0/22
185.171.28.0/22
185.183.88.0/22
Signature Algorithm: sha256WithRSAEncryption
20:92:af:60:44:fd:63:da:7f:2f:12:eb:59:67:5e:e3:b5:f6:
f3:39:98:e5:fe:32:9e:0f:79:83:2e:fb:9f:af:60:b0:a8:86:
a3:c6:b3:2e:5f:6b:26:93:e7:4a:31:75:a6:d5:cf:c4:78:6f:
d0:e7:6e:22:b4:97:64:50:da:27:fd:71:5d:91:2a:23:10:e7:
68:a9:e3:d5:dd:ac:7a:24:52:db:fb:77:e4:dd:fc:1f:6f:cd:
65:d7:32:17:e7:2e:aa:c1:ca:4c:00:be:41:93:8f:fa:80:72:
7a:06:28:9b:3d:8f:3d:67:2d:29:4a:c7:98:2e:ff:d1:37:30:
86:2e:46:c4:31:60:35:d2:19:d8:e2:e0:c7:bc:6d:74:84:dd:
b8:c4:6f:52:e9:99:50:e9:0a:2e:cf:41:4a:35:60:2d:32:d3:
51:ac:a6:5d:e7:2d:33:1f:ce:0d:c5:77:4a:b0:5f:a8:a3:9e:
21:ca:bb:88:4d:79:b0:60:fc:5d:5f:63:1b:01:e0:0c:5e:ee:
df:54:a8:74:e2:ad:b8:48:45:11:23:b7:ee:7f:ab:34:bf:8f:
1a:00:90:39:16:32:13:72:e4:c8:48:d3:2d:e8:4c:59:9b:a8:
53:48:b0:af:52:97:36:83:20:46:4f:11:eb:77:ed:7b:c2:60:
80:e3:dc:d5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZSJX9SS8gxullfcAQXEViwaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTlkMGNkNjU1OTNkOTY5ZThkNDUzODJhMTk0YWFhNzNj
MGZmOGMwHhcNMjUwMTIxMTQ1OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTUxYzUyYmJlMGUzMGE0MjcwZjdmMzU1YTIxYjc2NTk0N2JhMzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Go3RYv1DIhkijkKyTzGpiRGjebc
mFGWFOUQlKZiV7TttsNx4Qiv1gJj4+7rSXdBdVEXlBh3Zxg5q6aXMafXQoCfGzWp
IHf0G86sDax9zforCoYvpyTXG0aFYFzftYyd1iBLa4qCbTHYDenAhaKR+E0iduBm
YzxkoHsk5UM5RhA5zPnPVOWzaaL4FX59cAIg5ENPsamP53+iL/LWlKu7uXYvIwiE
kIn3Xu2arVaXzn2h5NocuJUQwUrGjR366UNof1KtwFgtpCRfJzmKJdILiuPJLk26
HFadpBaypcX2NYk+bNygEo0l5G3791P44FXHMyCYwz7NRUkrq4HQEdD3fQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPFRxSu+DjCkJw9/NVoht2WUe6M7MB8GA1UdIwQY
MBaAFOMZ0M1lWT2Wno1FOCoZSqpzwP+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhuUXpXVlpQWmFlalVVNEtobEtxblBBXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hZTg2OWMtODEyYy00Y2Q2LWJhZjkt
MjE3Y2Y5Mzg0NWJjLzEvOFZIRks3NE9NS1FuRDM4MVdpRzNaWlI3b3pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9hZTg2OWMtODEyYy00Y2Q2LWJhZjktMjE3Y2Y5Mzg0NWJj
LzEvNHhuUXpXVlpQWmFlalVVNEtobEtxblBBXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFHyqAAwQE
sp9AAwQEstqAAwQCuWYwAwQCuascAwQCubdYMA0GCSqGSIb3DQEBCwUAA4IBAQAg
kq9gRP1j2n8vEutZZ17jtfbzOZjl/jKeD3mDLvufr2CwqIajxrMuX2smk+dKMXWm
1c/EeG/Q524itJdkUNon/XFdkSojEOdoqePV3ax6JFLb+3fk3fwfb81l1zIX5y6q
wcpMAL5Bk4/6gHJ6BiibPY89Zy0pSseYLv/RNzCGLkbEMWA10hnY4uDHvG10hN24
xG9S6ZlQ6Qouz0FKNWAtMtNRrKZd5y0zH84NxXdKsF+oo54hyruITXmwYPxdX2Mb
AeAMXu7fVKh04q24SEURI7fuf6s0v48aAJA5FjITcuTISNMt6ExZm6hTSLCvUpc2
gyBGTxHrd+17wmCA49zV
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:30:41 2025 by rpki-client