Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/8RdHWy89S0SPyXAK0Q-ziqGUbZY.roa
File: 8RdHWy89S0SPyXAK0Q-ziqGUbZY.roa (raw, json)
Hash identifier: d1ycV4RmfVj0RcEpvEaSFBR+9LaDnf9JfBLsBWzYGqg=
Subject key identifier: F1:17:47:5B:2F:3D:4B:44:8F:C9:70:0A:D1:0F:B3:8A:A1:94:6D:96
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D710E3459D9005E1816BE0DE641937
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/8RdHWy89S0SPyXAK0Q-ziqGUbZY.roa
Signing time: Wed 01 Jan 2025 21:48:04 +0000
ROA not before: Wed 01 Jan 2025 21:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51765
IP address blocks: 82.115.220.0/24 maxlen: 24
185.103.110.0/24 maxlen: 24
185.112.82.0/24 maxlen: 24
185.117.118.0/24 maxlen: 24
185.204.1.0/24 maxlen: 24
185.212.149.0/24 maxlen: 24
185.217.196.0/23 maxlen: 23
185.217.196.0/24 maxlen: 24
185.221.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:10:e3:45:9d:90:05:e1:81:6b:e0:de:64:19:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f117475b2f3d4b448fc9700ad10fb38aa1946d96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f0:86:09:42:13:d1:67:65:2d:32:f5:3f:30:
53:ab:44:ae:a2:5a:37:14:5f:a5:66:be:77:a6:c4:
1e:35:a4:e1:b0:f3:aa:ca:95:4b:9e:38:06:86:3e:
8a:d0:e9:e0:b9:f0:15:f3:c1:7d:2e:ad:15:40:f3:
63:b1:fd:31:dc:08:a0:1b:34:53:89:c5:a3:84:f2:
bb:c7:7d:15:e6:c3:8a:54:29:e2:12:6e:25:46:fe:
96:74:e1:4e:4f:fa:60:aa:a7:b6:0e:30:4a:f8:e8:
74:6b:5d:fe:f8:f8:df:1a:59:07:62:6a:ed:c9:66:
15:45:8b:fd:6b:57:e7:7f:18:5d:a7:be:87:ae:79:
b9:26:9c:11:07:75:90:c7:cb:87:7f:d0:66:88:d7:
b9:a3:7d:43:ab:e6:c9:a5:76:87:e1:82:99:b7:14:
d8:da:79:50:da:ca:79:93:c7:5c:f9:9c:ae:2f:d6:
76:d6:5b:72:45:25:f6:b4:8e:d3:c0:31:5c:73:17:
58:b0:1d:3d:8d:16:5c:93:52:c5:1a:cb:82:c6:72:
02:95:b8:48:a0:14:5f:c6:be:82:2b:48:47:23:43:
19:8b:8b:e7:f3:11:c5:33:7a:3a:33:75:1c:46:ae:
3a:b3:75:e6:96:c4:45:42:9b:b9:5e:fd:49:f2:fd:
62:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:17:47:5B:2F:3D:4B:44:8F:C9:70:0A:D1:0F:B3:8A:A1:94:6D:96
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/8RdHWy89S0SPyXAK0Q-ziqGUbZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.220.0/24
185.103.110.0/24
185.112.82.0/24
185.117.118.0/24
185.204.1.0/24
185.212.149.0/24
185.217.196.0/23
185.221.163.0/24
Signature Algorithm: sha256WithRSAEncryption
15:47:cb:ce:bd:1d:f0:fe:c6:02:92:9c:a2:70:5c:6e:e2:68:
d2:b6:1b:a7:18:70:47:f1:d7:1a:8f:77:6d:3a:2a:0e:aa:de:
2e:06:59:37:06:e3:9b:30:8d:01:03:47:f1:52:11:4b:f8:a5:
a5:8c:87:e8:3f:11:53:1e:d7:bd:34:9d:2e:15:c2:d2:e0:86:
9f:f9:14:15:9a:ba:a3:81:82:fb:fc:2b:8a:c3:c8:29:59:2e:
6d:49:d0:d9:dd:73:11:47:3a:c1:4d:d0:d0:aa:20:03:8f:df:
43:ff:67:7f:af:08:dc:ba:c6:a9:31:5b:02:7e:68:0a:07:35:
d5:12:a2:c9:5b:6a:11:24:ef:80:d2:9a:0c:a2:c9:d8:ce:bf:
53:dd:d7:46:58:9f:47:8e:88:f0:f5:dc:a7:42:30:09:f8:fc:
47:96:f6:bd:c9:ad:b7:a7:ac:c9:1c:16:60:90:22:ae:1a:b6:
a5:8b:8f:cd:99:5a:a4:81:2a:94:cd:ba:23:be:1c:7d:9e:29:
af:95:c4:0d:6e:54:6a:f1:e9:c6:bd:f5:27:54:a3:df:5e:af:
4c:d5:bb:fa:d7:fe:81:47:d0:1e:4a:2b:96:25:51:48:5c:40:
c0:13:e7:8b:16:d8:7d:0b:0f:f0:c6:0c:34:e4:33:48:0c:cf:
1f:7e:e2:d9
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQj1xDjRZ2QBeGBa+DeZBk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTE3NDc1YjJmM2Q0YjQ0OGZjOTcwMGFkMTBmYjM4YWExOTQ2ZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvCGCUIT0WdlLTL1PzBTq0Suolo3
FF+lZr53psQeNaThsPOqypVLnjgGhj6K0OngufAV88F9Lq0VQPNjsf0x3AigGzRT
icWjhPK7x30V5sOKVCniEm4lRv6WdOFOT/pgqqe2DjBK+Oh0a13++PjfGlkHYmrt
yWYVRYv9a1fnfxhdp76Hrnm5JpwRB3WQx8uHf9BmiNe5o31Dq+bJpXaH4YKZtxTY
2nlQ2sp5k8dc+ZyuL9Z21ltyRSX2tI7TwDFccxdYsB09jRZck1LFGsuCxnIClbhI
oBRfxr6CK0hHI0MZi4vn8xHFM3o6M3UcRq46s3XmlsRFQpu5Xv1J8v1iZQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPEXR1svPUtEj8lwCtEPs4qhlG2WMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvOFJkSFd5ODlTMFNQeVhBSzBRLXppcUdVYlpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUnPcAwQA
uWduAwQAuXBSAwQAuXV2AwQAucwBAwQAudSVAwQBudnEAwQAud2jMA0GCSqGSIb3
DQEBCwUAA4IBAQAVR8vOvR3w/sYCkpyicFxu4mjSthunGHBH8dcaj3dtOioOqt4u
Blk3BuObMI0BA0fxUhFL+KWljIfoPxFTHte9NJ0uFcLS4Iaf+RQVmrqjgYL7/CuK
w8gpWS5tSdDZ3XMRRzrBTdDQqiADj99D/2d/rwjcusapMVsCfmgKBzXVEqLJW2oR
JO+A0poMosnYzr9T3ddGWJ9Hjojw9dynQjAJ+PxHlva9ya23p6zJHBZgkCKuGral
i4/NmVqkgSqUzbojvhx9nimvlcQNblRq8enGvfUnVKPfXq9M1bv61/6BR9AeSiuW
JVFIXEDAE+eLFth9Cw/wxgw05DNIDM8ffuLZ
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:20:53 2025 by rpki-client