Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/B5kdDxNFhlA9AT3PyqFkTX6RY6M.roa
File: B5kdDxNFhlA9AT3PyqFkTX6RY6M.roa (raw, json)
Hash identifier: Xin+IDogu4+kKllgKutdfXdJm2piOKuXIHOph9bE8Zw=
Subject key identifier: 07:99:1D:0F:13:45:86:50:3D:01:3D:CF:CA:A1:64:4D:7E:91:63:A3
Certificate issuer: /CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Certificate serial: 019529A1784AB42C97E2A68608E0504F0E8E
Authority key identifier: 46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/B5kdDxNFhlA9AT3PyqFkTX6RY6M.roa
Signing time: Fri 21 Feb 2025 17:50:02 +0000
ROA not before: Fri 21 Feb 2025 17:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3257
IP address blocks: 146.19.50.0/24 maxlen: 24
185.214.166.0/24 maxlen: 24
185.253.3.0/24 maxlen: 24
194.26.218.0/24 maxlen: 24
213.134.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/RotZLzEQvGw1JJqCcaDawamssM4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/RotZLzEQvGw1JJqCcaDawamssM4.mft
rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 02:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:29:a1:78:4a:b4:2c:97:e2:a6:86:08:e0:50:4f:0e:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Validity
Not Before: Feb 21 17:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07991d0f134586503d013dcfcaa1644d7e9163a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f5:d7:1e:f4:62:3f:3b:10:16:50:7b:27:fd:
12:54:5e:51:6e:5a:4e:73:f0:ce:d5:b6:6b:bf:4d:
09:82:c0:c1:34:4f:cd:47:ca:bd:eb:e7:3a:c2:38:
25:ee:26:4e:2e:b2:db:b2:eb:3b:c1:83:68:05:93:
65:79:23:77:7e:4e:7d:90:9c:29:bf:75:d0:31:8d:
29:36:96:4d:1d:4a:79:95:48:7d:5f:d4:ab:0a:35:
a6:1f:e4:87:16:f3:d6:d3:3a:3c:6a:7b:42:7e:f9:
1f:5e:72:6f:1a:24:d4:17:6f:ec:ed:ef:0f:0f:67:
12:1b:90:ad:a9:5c:9c:50:d2:ef:ae:c6:38:93:68:
9a:9c:7c:b9:92:56:ef:9f:bf:75:e3:49:90:d6:b4:
41:13:be:27:f2:f4:f5:dc:b7:66:f8:76:55:6d:de:
f0:f2:30:92:ff:6b:39:1f:69:6f:a3:9c:17:64:ef:
10:e5:d4:b4:08:7d:0b:02:a1:f9:e4:71:d8:ac:82:
3a:74:52:80:d5:f5:8f:4d:9b:d7:3c:6e:9a:fe:01:
79:2b:ca:b1:5f:4a:c5:f4:c3:4e:69:67:cf:a7:6d:
73:d6:e8:0a:6c:80:95:58:4e:c2:62:3c:f3:4a:f9:
b1:dc:07:ef:c0:41:82:6c:9f:94:54:2d:98:96:4d:
38:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:99:1D:0F:13:45:86:50:3D:01:3D:CF:CA:A1:64:4D:7E:91:63:A3
X509v3 Authority Key Identifier:
keyid:46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/B5kdDxNFhlA9AT3PyqFkTX6RY6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/RotZLzEQvGw1JJqCcaDawamssM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.50.0/24
185.214.166.0/24
185.253.3.0/24
194.26.218.0/24
213.134.25.0/24
Signature Algorithm: sha256WithRSAEncryption
af:20:19:78:97:08:bd:a4:d1:2a:a3:84:6b:09:dd:22:5f:49:
ff:25:fc:13:d2:6c:46:54:30:a2:11:34:43:65:cc:9f:fc:e0:
b5:5a:bb:35:91:6a:ff:de:a4:1f:85:48:9e:c3:c6:8b:c2:9a:
e0:f9:1c:77:30:da:7e:6b:0e:04:7e:6c:cd:6e:84:10:17:aa:
ce:62:67:9e:c5:c3:9c:70:1e:be:9d:e7:c3:9b:6e:e4:af:89:
f0:f0:e5:8f:9a:0a:30:75:f2:54:12:12:a1:d6:c7:ed:71:81:
62:f5:97:ed:a5:92:99:d9:f1:9c:a3:77:16:66:ae:d6:f1:30:
d1:88:79:71:1a:d3:27:b2:86:9c:6b:ad:9d:08:38:e3:98:77:
a1:d9:84:4e:51:93:15:c5:a0:bf:00:16:3a:57:2d:21:ab:1f:
43:6e:cf:d0:0d:1b:58:3d:4d:d5:11:9d:d0:44:6c:86:a7:a5:
19:cf:ad:c0:cc:ed:88:8b:26:48:03:01:47:2b:18:33:16:fb:
7c:8b:72:b6:0a:af:4e:af:e8:5e:37:c4:92:6f:0a:de:ec:ff:
51:89:8f:a4:7f:c1:f7:2a:98:0a:14:33:2e:9e:40:fa:c4:de:
2a:91:fe:e4:9a:dd:12:cc:c0:10:fd:5b:d2:91:2b:66:1f:cb:
3e:95:b6:2a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZUpoXhKtCyX4qaGCOBQTw6OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGI1OTJmMzExMGJjNmMzNTI0OWE4MjcxYTBkYWMxYTlh
Y2IwY2UwHhcNMjUwMjIxMTc1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzk5MWQwZjEzNDU4NjUwM2QwMTNkY2ZjYWExNjQ0ZDdlOTE2M2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/XXHvRiPzsQFlB7J/0SVF5RblpO
c/DO1bZrv00JgsDBNE/NR8q96+c6wjgl7iZOLrLbsus7wYNoBZNleSN3fk59kJwp
v3XQMY0pNpZNHUp5lUh9X9SrCjWmH+SHFvPW0zo8antCfvkfXnJvGiTUF2/s7e8P
D2cSG5CtqVycUNLvrsY4k2ianHy5klbvn79140mQ1rRBE74n8vT13Ldm+HZVbd7w
8jCS/2s5H2lvo5wXZO8Q5dS0CH0LAqH55HHYrII6dFKA1fWPTZvXPG6a/gF5K8qx
X0rF9MNOaWfPp21z1ugKbICVWE7CYjzzSvmx3AfvwEGCbJ+UVC2Ylk04dQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAeZHQ8TRYZQPQE9z8qhZE1+kWOjMB8GA1UdIwQY
MBaAFEaLWS8xELxsNSSagnGg2sGprLDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTct
MDUwMzc0OWFkZWEwLzEvQjVrZER4TkZobEE5QVQzUHlxRmtUWDZSWTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTctMDUwMzc0OWFkZWEw
LzEvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAkhMyAwQA
udamAwQAuf0DAwQAwhraAwQA1YYZMA0GCSqGSIb3DQEBCwUAA4IBAQCvIBl4lwi9
pNEqo4RrCd0iX0n/JfwT0mxGVDCiETRDZcyf/OC1Wrs1kWr/3qQfhUiew8aLwprg
+Rx3MNp+aw4EfmzNboQQF6rOYmeexcOccB6+nefDm27kr4nw8OWPmgowdfJUEhKh
1sftcYFi9ZftpZKZ2fGco3cWZq7W8TDRiHlxGtMnsoaca62dCDjjmHeh2YROUZMV
xaC/ABY6Vy0hqx9Dbs/QDRtYPU3VEZ3QRGyGp6UZz63AzO2IiyZIAwFHKxgzFvt8
i3K2Cq9Or+heN8SSbwre7P9RiY+kf8H3KpgKFDMunkD6xN4qkf7kmt0SzMAQ/VvS
kStmH8s+lbYq
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:10:50 2025 by rpki-client