Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/F6rEC-DZF3Bn189GQxLFZdrW9ss.roa
File: F6rEC-DZF3Bn189GQxLFZdrW9ss.roa (raw, json)
Hash identifier: 0wg9QuGJMND5sNEy85LKkdkXbGMFG3a1ulykBXwSpbk=
Subject key identifier: 17:AA:C4:0B:E0:D9:17:70:67:D7:CF:46:43:12:C5:65:DA:D6:F6:CB
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01941F8CA8C5AF73804810A5E34E5BDEF699
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/F6rEC-DZF3Bn189GQxLFZdrW9ss.roa
Signing time: Wed 01 Jan 2025 01:48:19 +0000
ROA not before: Wed 01 Jan 2025 01:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43160
IP address blocks: 185.44.233.0/24 maxlen: 24
185.130.24.0/23 maxlen: 24
185.130.26.0/23 maxlen: 24
185.196.202.0/23 maxlen: 24
185.196.202.0/24 maxlen: 24
185.202.166.0/23 maxlen: 24
185.235.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:a8:c5:af:73:80:48:10:a5:e3:4e:5b:de:f6:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 01:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17aac40be0d9177067d7cf464312c565dad6f6cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:80:30:be:27:d0:d9:b6:e9:85:76:67:2e:aa:
ac:e7:b3:cc:1a:7b:0a:3e:24:8f:d6:1c:e5:52:b5:
09:a1:d9:a9:dd:11:5a:38:81:61:ff:92:be:97:80:
17:f3:0f:2c:d9:09:38:c9:f5:b7:af:87:32:3f:23:
b6:5e:7c:48:d0:40:3d:9b:65:18:9e:b4:e2:e4:41:
e3:f7:22:a8:a7:57:79:c7:83:bf:64:34:ea:7e:ca:
df:94:31:33:d3:5a:8d:49:13:92:89:a1:9a:89:f2:
bb:08:85:02:49:dc:bd:cf:9a:86:ea:7a:d0:28:6c:
36:e6:46:3b:d2:99:75:ac:36:ff:5c:0b:57:7f:3c:
11:f0:19:8c:2c:5b:ac:42:a0:35:e2:dd:9a:08:68:
cf:de:78:06:dd:9e:82:09:96:81:a5:c5:4f:cb:a2:
d4:39:85:06:88:98:19:3f:79:b9:c9:39:f4:20:08:
1d:5e:bd:89:d7:56:17:bc:52:86:f7:f7:ee:29:85:
ad:fb:76:04:94:58:e5:68:85:ba:7a:93:bd:10:25:
dd:c1:64:c5:16:6d:e5:eb:fa:99:95:85:e6:6d:dc:
1f:a4:a9:bd:55:76:ea:30:a3:dc:1f:71:dc:41:08:
6a:bd:0e:73:1a:2b:49:22:12:03:37:12:4d:a8:a3:
25:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:AA:C4:0B:E0:D9:17:70:67:D7:CF:46:43:12:C5:65:DA:D6:F6:CB
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/F6rEC-DZF3Bn189GQxLFZdrW9ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.233.0/24
185.130.24.0/22
185.196.202.0/23
185.202.166.0/23
185.235.103.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:5b:ba:0b:ec:30:43:4b:f3:a2:13:f3:15:be:83:f3:c5:12:
b7:57:a6:53:c7:10:09:1b:b3:c8:a9:1a:32:9c:d9:49:89:da:
d9:b8:04:de:ac:5b:73:be:42:b3:eb:05:3b:63:4e:47:63:b6:
aa:cb:5c:18:c8:33:ac:56:a5:34:8c:7e:60:b4:7b:31:c5:74:
3e:b0:95:80:06:18:a9:e2:f8:23:14:68:af:8d:ea:6f:c9:ce:
aa:07:c2:5b:d1:9c:72:f2:45:4b:be:97:27:f4:c8:f7:07:01:
f7:21:8c:eb:3b:4b:37:02:fb:a9:6f:eb:cb:0b:a3:a2:f1:19:
53:cc:b7:cc:0b:5a:df:10:bc:df:c9:43:56:a4:7d:3e:c7:3a:
3e:38:80:47:96:d5:5e:92:72:2e:38:e5:a0:fb:83:89:49:96:
93:2b:57:9d:a4:e2:a6:30:4f:dd:0a:6c:24:9f:46:f4:17:0e:
f8:d8:ad:70:9f:14:3e:bf:82:57:25:4b:47:ac:2a:92:63:17:
53:c6:7b:45:2b:b2:a2:3e:08:3f:c2:4d:92:b0:db:12:c0:fe:
af:f5:c9:00:34:d9:44:b1:f7:e0:3f:8c:73:90:ac:4b:36:0f:
52:81:66:2d:79:6d:fa:dd:07:df:5f:be:a4:75:96:88:26:3b:
0c:ee:03:64
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQfjKjFr3OASBCl405b3vaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjUwMTAxMDE0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2FhYzQwYmUwZDkxNzcwNjdkN2NmNDY0MzEyYzU2NWRhZDZmNmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4AwvifQ2bbphXZnLqqs57PMGnsK
PiSP1hzlUrUJodmp3RFaOIFh/5K+l4AX8w8s2Qk4yfW3r4cyPyO2XnxI0EA9m2UY
nrTi5EHj9yKop1d5x4O/ZDTqfsrflDEz01qNSROSiaGaifK7CIUCSdy9z5qG6nrQ
KGw25kY70pl1rDb/XAtXfzwR8BmMLFusQqA14t2aCGjP3ngG3Z6CCZaBpcVPy6LU
OYUGiJgZP3m5yTn0IAgdXr2J11YXvFKG9/fuKYWt+3YElFjlaIW6epO9ECXdwWTF
Fm3l6/qZlYXmbdwfpKm9VXbqMKPcH3HcQQhqvQ5zGitJIhIDNxJNqKMl2QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBeqxAvg2RdwZ9fPRkMSxWXa1vbLMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvRjZyRUMtRFpGM0JuMTg5R1F4TEZaZHJXOXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuSzpAwQC
uYIYAwQBucTKAwQBucqmAwQAuetnMA0GCSqGSIb3DQEBCwUAA4IBAQChW7oL7DBD
S/OiE/MVvoPzxRK3V6ZTxxAJG7PIqRoynNlJidrZuATerFtzvkKz6wU7Y05HY7aq
y1wYyDOsVqU0jH5gtHsxxXQ+sJWABhip4vgjFGivjepvyc6qB8Jb0Zxy8kVLvpcn
9Mj3BwH3IYzrO0s3Avupb+vLC6Oi8RlTzLfMC1rfELzfyUNWpH0+xzo+OIBHltVe
knIuOOWg+4OJSZaTK1edpOKmME/dCmwkn0b0Fw742K1wnxQ+v4JXJUtHrCqSYxdT
xntFK7KiPgg/wk2SsNsSwP6v9ckANNlEsffgP4xzkKxLNg9SgWYteW363QffX76k
dZaIJjsM7gNk
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:45:33 2025 by rpki-client