Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/DEYtMunoUE5dPU2vrqRiqNP359k.roa
File: DEYtMunoUE5dPU2vrqRiqNP359k.roa (raw, json)
Hash identifier: ARCvS2IDdQm74C0g2l6xQADbWv5cu0VC9XsK8oauO4c=
Subject key identifier: 0C:46:2D:32:E9:E8:50:4E:5D:3D:4D:AF:AE:A4:62:A8:D3:F7:E7:D9
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01941F8CB1B98864989605FC29BB1C1E8A3E
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/DEYtMunoUE5dPU2vrqRiqNP359k.roa
Signing time: Wed 01 Jan 2025 01:48:21 +0000
ROA not before: Wed 01 Jan 2025 01:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62332
IP address blocks: 185.39.68.0/22 maxlen: 24
185.42.240.0/22 maxlen: 24
185.86.212.0/22 maxlen: 24
185.120.84.0/22 maxlen: 24
2a04:7cc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:b1:b9:88:64:98:96:05:fc:29:bb:1c:1e:8a:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 01:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c462d32e9e8504e5d3d4dafaea462a8d3f7e7d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8b:b5:74:ce:78:7f:49:9f:dc:43:5b:89:ba:
06:df:4a:d6:1c:a6:d7:8d:94:2c:9c:15:8c:7e:e0:
e1:11:0e:5f:5c:7d:fe:ac:32:94:e4:a8:9f:90:ff:
3b:5c:3b:38:38:0e:2d:3e:42:2c:9b:df:2f:5c:84:
71:5d:59:59:71:74:be:d3:99:38:11:51:92:9e:91:
7a:8a:ea:d7:c7:51:0b:00:90:92:15:29:96:f6:40:
39:ea:e9:25:4e:5c:ee:7a:0f:f6:0d:66:56:25:a9:
9a:8a:3b:41:85:f5:fb:08:10:cb:88:60:c2:02:e4:
f2:2e:02:aa:fc:02:38:a5:3b:1d:31:78:bb:5f:76:
87:eb:95:55:d3:7e:1e:25:86:7c:a5:57:6a:e9:18:
61:88:9d:f4:ba:50:ad:99:37:18:71:de:93:12:91:
c1:85:6c:4e:6c:a4:ef:6e:19:93:53:73:55:2c:fa:
aa:4f:63:65:c9:57:49:ad:58:19:d2:d2:9c:d5:0c:
c2:c8:40:9d:90:19:43:da:60:9c:80:9f:0d:ae:6e:
83:40:92:2c:31:56:1e:06:51:ff:50:74:92:4e:37:
e9:13:5a:08:a1:b4:28:c1:27:b4:52:2d:3a:f9:02:
00:45:ba:2f:d3:34:f5:4a:da:9e:0a:75:ef:55:97:
77:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:46:2D:32:E9:E8:50:4E:5D:3D:4D:AF:AE:A4:62:A8:D3:F7:E7:D9
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/DEYtMunoUE5dPU2vrqRiqNP359k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.68.0/22
185.42.240.0/22
185.86.212.0/22
185.120.84.0/22
IPv6:
2a04:7cc0::/29
Signature Algorithm: sha256WithRSAEncryption
68:43:58:82:bf:f4:65:0e:34:3f:89:55:34:22:1d:aa:3b:41:
ab:49:53:59:64:d2:38:43:3e:b6:0b:ff:25:1a:31:ef:4b:57:
35:07:2f:bc:13:d0:84:f7:9c:24:ec:8b:cb:c0:8f:38:d3:eb:
c8:1b:a1:5c:72:ba:a2:61:51:4a:c3:25:30:c4:92:21:67:e8:
bf:9c:af:4f:61:51:74:d1:3e:b8:50:40:fd:3f:ea:17:63:63:
4b:a9:51:8a:28:ff:69:99:be:e1:18:d9:3f:ef:86:87:f2:c5:
c1:ff:a1:87:88:41:26:b6:bc:82:4a:12:50:25:0d:00:c8:89:
04:72:95:ae:12:1f:54:db:ee:e5:61:48:5f:66:83:8b:bd:39:
81:bc:f1:59:fa:64:f3:9a:93:76:b3:4a:f5:72:a6:4b:a6:6a:
2e:17:26:a3:11:75:3c:c8:f0:64:c2:8b:92:a4:4c:57:84:18:
3f:2a:94:34:29:94:5c:4c:e8:6a:b1:87:e3:56:47:8e:1a:26:
3c:cd:89:50:85:3b:b9:b1:bc:ce:82:86:42:ee:40:5b:dc:c4:
62:e0:94:f6:8f:90:03:d1:83:54:85:9a:36:5c:4f:3f:97:f8:
f7:2b:67:43:fb:a3:3f:e6:67:b2:04:d9:96:60:97:1d:b2:77:
0c:58:c3:a3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQfjLG5iGSYlgX8KbscHoo+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjUwMTAxMDE0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzQ2MmQzMmU5ZTg1MDRlNWQzZDRkYWZhZWE0NjJhOGQzZjdlN2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuou1dM54f0mf3ENbiboG30rWHKbX
jZQsnBWMfuDhEQ5fXH3+rDKU5KifkP87XDs4OA4tPkIsm98vXIRxXVlZcXS+05k4
EVGSnpF6iurXx1ELAJCSFSmW9kA56uklTlzueg/2DWZWJamaijtBhfX7CBDLiGDC
AuTyLgKq/AI4pTsdMXi7X3aH65VV034eJYZ8pVdq6RhhiJ30ulCtmTcYcd6TEpHB
hWxObKTvbhmTU3NVLPqqT2NlyVdJrVgZ0tKc1QzCyECdkBlD2mCcgJ8Nrm6DQJIs
MVYeBlH/UHSSTjfpE1oIobQowSe0Ui06+QIARbov0zT1StqeCnXvVZd38QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAxGLTLp6FBOXT1Nr66kYqjT9+fZMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvREVZdE11bm9VRTVkUFUydnJxUmlxTlAzNTlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuSdEAwQC
uSrwAwQCuVbUAwQCuXhUMA0EAgACMAcDBQMqBHzAMA0GCSqGSIb3DQEBCwUAA4IB
AQBoQ1iCv/RlDjQ/iVU0Ih2qO0GrSVNZZNI4Qz62C/8lGjHvS1c1By+8E9CE95wk
7IvLwI840+vIG6FccrqiYVFKwyUwxJIhZ+i/nK9PYVF00T64UED9P+oXY2NLqVGK
KP9pmb7hGNk/74aH8sXB/6GHiEEmtryCShJQJQ0AyIkEcpWuEh9U2+7lYUhfZoOL
vTmBvPFZ+mTzmpN2s0r1cqZLpmouFyajEXU8yPBkwouSpExXhBg/KpQ0KZRcTOhq
sYfjVkeOGiY8zYlQhTu5sbzOgoZC7kBb3MRi4JT2j5AD0YNUhZo2XE8/l/j3K2dD
+6M/5meyBNmWYJcdsncMWMOj
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:44:15 2025 by rpki-client