Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/c5fc54-74c2-4f3d-95c1-44023c3b784e/1/8ugHhLiToKwnzK4NKapWEcPlKh0.roa
File: 8ugHhLiToKwnzK4NKapWEcPlKh0.roa (raw, json)
Hash identifier: 4E0a2T2uUeIhUUG04lFzaUEsCu56I9vGRdi00E/gn7k=
Subject key identifier: F2:E8:07:84:B8:93:A0:AC:27:CC:AE:0D:29:AA:56:11:C3:E5:2A:1D
Certificate issuer: /CN=26d9a16c2fa7d4c370b5325214be4420b611f1f9
Certificate serial: 01942825F245C69C08A10E57E5DBD10D1D7C
Authority key identifier: 26:D9:A1:6C:2F:A7:D4:C3:70:B5:32:52:14:BE:44:20:B6:11:F1:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JtmhbC-n1MNwtTJSFL5EILYR8fk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/c5fc54-74c2-4f3d-95c1-44023c3b784e/1/8ugHhLiToKwnzK4NKapWEcPlKh0.roa
Signing time: Thu 02 Jan 2025 17:52:43 +0000
ROA not before: Thu 02 Jan 2025 17:52:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205202
IP address blocks: 185.225.97.0/24 maxlen: 24
185.225.98.0/24 maxlen: 24
185.225.99.0/24 maxlen: 24
2a0d:ac00::/48 maxlen: 48
2a0d:ac00:2::/48 maxlen: 48
2a0d:ac00:6::/48 maxlen: 48
2a0d:ac00:7::/48 maxlen: 48
2a0d:ac00:1000::/48 maxlen: 48
2a0d:ac00:1002::/48 maxlen: 48
2a0d:ac00:1006::/48 maxlen: 48
2a0d:ac00:1007::/48 maxlen: 48
2a0d:ac00:dc01::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/c5fc54-74c2-4f3d-95c1-44023c3b784e/1/JtmhbC-n1MNwtTJSFL5EILYR8fk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/c5fc54-74c2-4f3d-95c1-44023c3b784e/1/JtmhbC-n1MNwtTJSFL5EILYR8fk.mft
rsync://rpki.ripe.net/repository/DEFAULT/JtmhbC-n1MNwtTJSFL5EILYR8fk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:f2:45:c6:9c:08:a1:0e:57:e5:db:d1:0d:1d:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26d9a16c2fa7d4c370b5325214be4420b611f1f9
Validity
Not Before: Jan 2 17:52:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2e80784b893a0ac27ccae0d29aa5611c3e52a1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9f:a3:78:0a:6a:6c:ce:59:c5:50:71:ef:e5:
80:43:56:8c:7c:69:ba:c5:eb:cd:5e:e7:86:d7:3d:
38:4b:f0:de:dc:88:97:09:40:8e:08:87:57:02:1d:
22:13:a7:0f:0e:bf:76:e8:5f:de:75:55:e7:5b:ef:
10:44:cf:65:83:8d:f1:76:82:2d:92:05:f8:c7:41:
cf:25:05:12:73:bb:70:7a:f8:16:0f:1a:88:70:9e:
46:a4:a7:f0:33:f0:ba:ca:5b:09:51:aa:81:3d:bc:
36:2e:87:da:b7:a9:5d:51:c8:90:d7:da:3c:a2:6b:
07:68:f7:51:10:44:54:df:68:0c:31:03:e6:17:e3:
4c:29:e1:dc:06:5a:10:3e:04:0d:03:ca:f7:0b:36:
db:4f:22:cf:a4:6a:bd:d0:cd:ff:ab:89:d7:ea:77:
b9:3a:12:07:51:e1:4b:12:53:de:50:25:b4:10:ba:
f3:1b:3c:f3:4b:8a:29:8f:3b:ef:d2:69:69:4f:99:
08:a5:2c:7b:f1:51:e1:97:04:18:cd:3d:0c:f9:5c:
e5:82:4f:b0:e2:c2:9d:77:e3:03:22:1d:b0:af:ba:
35:5d:b0:61:9e:19:e0:2d:b1:b4:82:c8:cd:a6:55:
24:ed:b0:15:a8:f0:de:d6:a9:32:ad:ef:49:7e:8f:
e0:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:E8:07:84:B8:93:A0:AC:27:CC:AE:0D:29:AA:56:11:C3:E5:2A:1D
X509v3 Authority Key Identifier:
keyid:26:D9:A1:6C:2F:A7:D4:C3:70:B5:32:52:14:BE:44:20:B6:11:F1:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JtmhbC-n1MNwtTJSFL5EILYR8fk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/c5fc54-74c2-4f3d-95c1-44023c3b784e/1/8ugHhLiToKwnzK4NKapWEcPlKh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/c5fc54-74c2-4f3d-95c1-44023c3b784e/1/JtmhbC-n1MNwtTJSFL5EILYR8fk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.97.0-185.225.99.255
IPv6:
2a0d:ac00::/48
2a0d:ac00:2::/48
2a0d:ac00:6::/47
2a0d:ac00:1000::/48
2a0d:ac00:1002::/48
2a0d:ac00:1006::/47
2a0d:ac00:dc01::/48
Signature Algorithm: sha256WithRSAEncryption
80:f8:c0:75:7a:80:cc:7d:44:4c:d8:81:17:fb:d1:a1:65:c3:
cc:4f:ba:1a:ff:d4:0c:23:31:68:ea:68:f1:ab:b3:71:59:48:
eb:74:df:7d:59:66:6e:f0:0b:86:fd:49:41:d8:ea:68:bf:a2:
34:54:3c:4d:7d:47:15:98:4b:25:6b:83:16:fa:bb:c9:c4:c8:
56:09:6f:a5:f3:9c:65:52:46:27:5d:83:e2:ea:75:cd:04:23:
7b:f7:2c:c8:10:81:09:3d:7d:ab:11:9e:3a:bb:46:39:07:6d:
2f:59:49:4e:19:90:a8:f1:b0:fa:e8:cc:f0:63:3f:92:ac:55:
83:e8:d0:f8:63:a3:dc:d1:9b:20:fa:6b:b2:6d:b5:29:7b:18:
ae:60:74:01:da:e4:2c:f9:b9:3c:81:b1:b1:4c:65:6f:b0:7e:
2a:4c:ff:06:48:b8:d6:6d:88:30:41:98:6e:68:92:6e:af:0b:
d7:4f:44:4b:70:3b:b7:99:13:0b:ac:1e:07:68:24:09:82:e1:
9c:ea:8c:99:c7:d1:ec:30:28:f8:96:7b:69:45:d3:d4:8a:e5:
d2:f9:51:83:1a:91:c3:0b:ee:fe:5e:4d:5d:55:58:21:27:12:
8a:1d:b6:26:90:20:4f:f2:6e:d1:af:d1:83:b2:e7:c9:c7:1a:
42:29:14:b4
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAZQoJfJFxpwIoQ5X5dvRDR18MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ZDlhMTZjMmZhN2Q0YzM3MGI1MzI1MjE0YmU0NDIwYjYx
MWYxZjkwHhcNMjUwMTAyMTc1MjQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmU4MDc4NGI4OTNhMGFjMjdjY2FlMGQyOWFhNTYxMWMzZTUyYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmp+jeApqbM5ZxVBx7+WAQ1aMfGm6
xevNXueG1z04S/De3IiXCUCOCIdXAh0iE6cPDr926F/edVXnW+8QRM9lg43xdoIt
kgX4x0HPJQUSc7twevgWDxqIcJ5GpKfwM/C6ylsJUaqBPbw2Lofat6ldUciQ19o8
omsHaPdREERU32gMMQPmF+NMKeHcBloQPgQNA8r3CzbbTyLPpGq90M3/q4nX6ne5
OhIHUeFLElPeUCW0ELrzGzzzS4opjzvv0mlpT5kIpSx78VHhlwQYzT0M+Vzlgk+w
4sKdd+MDIh2wr7o1XbBhnhngLbG0gsjNplUk7bAVqPDe1qkyre9Jfo/g3wIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFPLoB4S4k6CsJ8yuDSmqVhHD5SodMB8GA1UdIwQY
MBaAFCbZoWwvp9TDcLUyUhS+RCC2EfH5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnRtaGJDLW4xTU53dFRKU0ZMNUVJTFlSOGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9jNWZjNTQtNzRjMi00ZjNkLTk1YzEt
NDQwMjNjM2I3ODRlLzEvOHVnSGhMaVRvS3dueks0TkthcFdFY1BsS2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9jNWZjNTQtNzRjMi00ZjNkLTk1YzEtNDQwMjNjM2I3ODRl
LzEvSnRtaGJDLW4xTU53dFRKU0ZMNUVJTFlSOGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTAUBAIAATAOMAwDBAC54WED
BAK54WAwRQQCAAIwPwMHACoNrAAAAAMHACoNrAAAAgMHASoNrAAABgMHACoNrAAQ
AAMHACoNrAAQAgMHASoNrAAQBgMHACoNrADcATANBgkqhkiG9w0BAQsFAAOCAQEA
gPjAdXqAzH1ETNiBF/vRoWXDzE+6Gv/UDCMxaOpo8auzcVlI63TffVlmbvALhv1J
QdjqaL+iNFQ8TX1HFZhLJWuDFvq7ycTIVglvpfOcZVJGJ12D4up1zQQje/csyBCB
CT19qxGeOrtGOQdtL1lJThmQqPGw+ujM8GM/kqxVg+jQ+GOj3NGbIPprsm21KXsY
rmB0AdrkLPm5PIGxsUxlb7B+Kkz/Bki41m2IMEGYbmiSbq8L109ES3A7t5kTC6we
B2gkCYLhnOqMmcfR7DAo+JZ7aUXT1Irl0vlRgxqRwwvu/l5NXVVYIScSih22JpAg
T/Ju0a/Rg7LnyccaQikUtA==
-----END CERTIFICATE-----
Generated at Wed Apr 16 21:59:45 2025 by rpki-client