Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/c0b283-88b9-43cd-b08f-a8ea43253ed5/1/awSvsuAzEkNxIrYxJqTZDb_nVnE.roa
File: awSvsuAzEkNxIrYxJqTZDb_nVnE.roa (raw, json)
Hash identifier: 3jZ+yIojuG+AZ6SFsISQRAEfZSYSxHFN/YCIQpbx+o8=
Subject key identifier: 6B:04:AF:B2:E0:33:12:43:71:22:B6:31:26:A4:D9:0D:BF:E7:56:71
Certificate issuer: /CN=1ba8ea3a2288a6af8f64a8383002c74085579a07
Certificate serial: 01942669FF59FF776FE21554CB2189D229F0
Authority key identifier: 1B:A8:EA:3A:22:88:A6:AF:8F:64:A8:38:30:02:C7:40:85:57:9A:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6jqOiKIpq-PZKg4MALHQIVXmgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/c0b283-88b9-43cd-b08f-a8ea43253ed5/1/awSvsuAzEkNxIrYxJqTZDb_nVnE.roa
Signing time: Thu 02 Jan 2025 09:47:48 +0000
ROA not before: Thu 02 Jan 2025 09:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212975
IP address blocks: 185.115.72.0/23 maxlen: 23
185.115.74.0/23 maxlen: 23
2a01:9647::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/c0b283-88b9-43cd-b08f-a8ea43253ed5/1/G6jqOiKIpq-PZKg4MALHQIVXmgc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/c0b283-88b9-43cd-b08f-a8ea43253ed5/1/G6jqOiKIpq-PZKg4MALHQIVXmgc.mft
rsync://rpki.ripe.net/repository/DEFAULT/G6jqOiKIpq-PZKg4MALHQIVXmgc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:69:ff:59:ff:77:6f:e2:15:54:cb:21:89:d2:29:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba8ea3a2288a6af8f64a8383002c74085579a07
Validity
Not Before: Jan 2 09:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b04afb2e03312437122b63126a4d90dbfe75671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:c8:42:6b:30:9a:25:5a:09:e8:68:8b:9b:3c:
43:36:d8:2c:67:1f:04:68:e2:d9:5b:d1:f0:77:bf:
c9:2e:10:89:9d:2c:a3:b3:e3:a3:db:c4:37:b1:c3:
31:ef:45:f7:6d:0a:36:a0:22:8e:78:b4:4c:27:79:
02:a9:df:77:99:30:14:8f:f5:8f:dc:e7:89:a5:2f:
45:aa:20:31:09:70:61:39:d2:de:e7:d3:62:ae:14:
f3:aa:51:d5:4e:d8:fa:75:b8:73:fe:b3:76:84:cd:
ea:c3:e4:35:0e:7c:c8:eb:ef:08:f0:1f:45:fa:b2:
72:86:05:80:eb:e4:1e:eb:05:64:5e:e2:29:9e:df:
bc:98:68:d6:ac:14:61:b5:f9:7f:8f:b7:ea:cf:fc:
61:4b:97:01:60:68:a4:b7:0a:28:9d:75:c1:e2:ab:
44:ea:e0:01:27:e7:31:59:63:20:3a:d6:0c:d9:00:
18:b0:12:a0:6c:c4:84:f3:4e:17:f8:cc:d2:ff:0d:
e4:44:c2:23:11:ff:5a:45:cf:89:14:cb:a5:fc:8e:
6a:ff:50:ea:60:a8:fd:a8:8a:43:db:10:0f:eb:08:
c3:15:7b:b4:fe:75:a7:6a:fd:bc:f4:aa:7b:d1:88:
9e:96:f6:17:31:cd:77:50:50:60:09:62:af:4a:f2:
bf:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:04:AF:B2:E0:33:12:43:71:22:B6:31:26:A4:D9:0D:BF:E7:56:71
X509v3 Authority Key Identifier:
keyid:1B:A8:EA:3A:22:88:A6:AF:8F:64:A8:38:30:02:C7:40:85:57:9A:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6jqOiKIpq-PZKg4MALHQIVXmgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/c0b283-88b9-43cd-b08f-a8ea43253ed5/1/awSvsuAzEkNxIrYxJqTZDb_nVnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/c0b283-88b9-43cd-b08f-a8ea43253ed5/1/G6jqOiKIpq-PZKg4MALHQIVXmgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.72.0/22
IPv6:
2a01:9647::/32
Signature Algorithm: sha256WithRSAEncryption
12:be:a5:21:3e:ed:db:a3:60:94:10:de:a0:77:1b:1e:eb:c7:
73:28:8f:ad:81:76:57:9d:53:31:01:8f:62:c2:f2:18:0c:59:
82:8e:70:f8:03:34:cb:19:b4:e1:90:29:4b:2e:5d:a9:4c:b5:
99:35:b6:fe:1b:71:bb:06:47:95:22:8b:b8:ed:e3:c9:0c:38:
86:ee:b0:52:fc:4e:8f:8c:09:96:ce:b2:75:6a:91:70:96:fd:
ab:15:27:36:74:1b:83:1b:81:41:10:c3:b9:da:4a:2c:2d:a3:
42:3f:9b:65:ac:ee:aa:62:79:64:2e:a5:3d:b0:20:5a:42:40:
f4:5e:ba:00:01:ff:59:3b:c7:0d:9f:4b:3c:31:ba:3d:cf:0d:
c1:68:57:db:88:bf:0b:04:34:c5:6d:94:6c:92:09:a4:10:64:
1d:30:51:97:30:9a:4e:5b:3b:9f:34:39:1a:35:57:8e:ee:8b:
43:df:27:04:c6:27:b4:25:26:69:83:42:35:ff:b5:24:bf:dc:
fd:a5:d1:bf:5f:18:27:55:f3:2b:13:84:da:e2:5e:ad:c9:28:
df:70:6e:32:2d:88:f9:cc:e8:b9:85:66:fb:29:f4:ee:a7:62:
97:1f:95:09:26:6a:fa:59:81:31:53:ce:2e:60:8f:d9:c8:d1:
a2:ad:c5:aa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQmaf9Z/3dv4hVUyyGJ0inwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYThlYTNhMjI4OGE2YWY4ZjY0YTgzODMwMDJjNzQwODU1
NzlhMDcwHhcNMjUwMTAyMDk0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjA0YWZiMmUwMzMxMjQzNzEyMmI2MzEyNmE0ZDkwZGJmZTc1NjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7shCazCaJVoJ6GiLmzxDNtgsZx8E
aOLZW9Hwd7/JLhCJnSyjs+Oj28Q3scMx70X3bQo2oCKOeLRMJ3kCqd93mTAUj/WP
3OeJpS9FqiAxCXBhOdLe59NirhTzqlHVTtj6dbhz/rN2hM3qw+Q1DnzI6+8I8B9F
+rJyhgWA6+Qe6wVkXuIpnt+8mGjWrBRhtfl/j7fqz/xhS5cBYGiktwoonXXB4qtE
6uABJ+cxWWMgOtYM2QAYsBKgbMSE804X+MzS/w3kRMIjEf9aRc+JFMul/I5q/1Dq
YKj9qIpD2xAP6wjDFXu0/nWnav289Kp70YielvYXMc13UFBgCWKvSvK/OwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGsEr7LgMxJDcSK2MSak2Q2/51ZxMB8GA1UdIwQY
MBaAFBuo6joiiKavj2SoODACx0CFV5oHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZqcU9pS0lwcS1QWktnNE1BTEhRSVZYbWdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9jMGIyODMtODhiOS00M2NkLWIwOGYt
YThlYTQzMjUzZWQ1LzEvYXdTdnN1QXpFa054SXJZeEpxVFpEYl9uVm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9jMGIyODMtODhiOS00M2NkLWIwOGYtYThlYTQzMjUzZWQ1
LzEvRzZqcU9pS0lwcS1QWktnNE1BTEhRSVZYbWdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXNIMA0E
AgACMAcDBQAqAZZHMA0GCSqGSIb3DQEBCwUAA4IBAQASvqUhPu3bo2CUEN6gdxse
68dzKI+tgXZXnVMxAY9iwvIYDFmCjnD4AzTLGbThkClLLl2pTLWZNbb+G3G7BkeV
Iou47ePJDDiG7rBS/E6PjAmWzrJ1apFwlv2rFSc2dBuDG4FBEMO52kosLaNCP5tl
rO6qYnlkLqU9sCBaQkD0XroAAf9ZO8cNn0s8Mbo9zw3BaFfbiL8LBDTFbZRskgmk
EGQdMFGXMJpOWzufNDkaNVeO7otD3ycExie0JSZpg0I1/7Ukv9z9pdG/XxgnVfMr
E4Ta4l6tySjfcG4yLYj5zOi5hWb7KfTup2KXH5UJJmr6WYExU84uYI/ZyNGircWq
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:00:23 2025 by rpki-client