Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/R8VY5MGVdE17A_2z_8Qznz96tZE.roa
File: R8VY5MGVdE17A_2z_8Qznz96tZE.roa (raw, json)
Hash identifier: Y6Us+zb47DyfsgxnI70nrLZEznsAibIlmNM0YizAwAI=
Subject key identifier: 47:C5:58:E4:C1:95:74:4D:7B:03:FD:B3:FF:C4:33:9F:3F:7A:B5:91
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01941F8CA46345423769545C6E0AC8D3BB29
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/R8VY5MGVdE17A_2z_8Qznz96tZE.roa
Signing time: Wed 01 Jan 2025 01:48:18 +0000
ROA not before: Wed 01 Jan 2025 01:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20048
IP address blocks: 185.119.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:a4:63:45:42:37:69:54:5c:6e:0a:c8:d3:bb:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 01:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47c558e4c195744d7b03fdb3ffc4339f3f7ab591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:15:ba:2e:d9:35:f1:31:ca:e3:1a:5a:7f:cd:
51:30:48:e1:c5:e9:2c:52:4c:ee:ca:9c:39:4c:cf:
e7:68:12:19:27:9f:b2:3c:ad:35:01:bd:0d:00:f4:
5f:91:77:2a:b1:1a:3e:ec:a4:a1:9c:94:09:bd:57:
46:e1:aa:58:d9:46:9e:6d:01:9e:74:87:4f:81:a0:
1c:35:5b:69:d0:f2:b3:fd:c9:d2:56:6f:3d:cb:aa:
c9:18:f0:d4:50:bd:37:90:b1:b3:f0:00:4b:19:36:
42:69:30:a2:ac:e6:b0:5a:89:71:b0:d3:36:5f:1e:
da:3a:0f:3d:07:49:47:c2:8d:3f:d8:48:ff:94:5b:
d1:89:a8:5c:dd:4f:81:a3:cc:1b:78:16:e2:da:ad:
6f:97:60:32:3d:66:83:c9:b9:be:37:d0:e1:66:3c:
60:e1:93:b7:62:0f:2a:f0:74:a9:d4:d8:aa:e5:d8:
66:d6:24:83:e5:0b:76:c7:ad:25:44:56:f1:24:d3:
3d:0c:1d:e0:ee:dc:c5:e0:fb:65:26:9c:9d:5d:8f:
0c:b2:fb:b5:27:61:60:15:15:5f:de:05:cd:07:3e:
65:cd:58:93:71:01:7d:6e:aa:c1:df:36:5a:8e:b3:
45:82:85:87:16:fe:93:63:d1:48:22:2e:8c:07:b5:
ee:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:C5:58:E4:C1:95:74:4D:7B:03:FD:B3:FF:C4:33:9F:3F:7A:B5:91
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/R8VY5MGVdE17A_2z_8Qznz96tZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.236.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:a6:0f:21:af:b0:f2:ab:f9:b6:51:72:09:46:ed:2d:c7:cc:
fc:48:5e:76:5c:59:45:62:c6:04:6c:f2:fb:31:2f:8b:91:97:
5b:a8:7c:52:43:a5:01:4f:b5:18:fc:3b:4e:c1:31:29:42:35:
f4:63:61:07:b5:3b:8d:0a:71:f5:4d:6a:3c:43:bc:ed:cf:72:
d2:e0:c6:0f:9e:08:b9:ee:0d:7a:c3:ae:4c:2c:41:53:b6:b8:
f0:3e:9d:52:11:92:94:38:82:a3:88:5c:87:df:6a:f4:ff:9d:
c7:f8:c3:c0:51:9e:df:13:de:26:70:bb:51:a3:3f:50:b2:2b:
b4:ca:11:c6:2e:c8:6e:a3:a5:78:95:e0:94:fb:aa:68:f9:7a:
e1:1f:07:ef:9b:e6:9a:60:3b:cd:89:f5:4a:5b:19:66:59:5d:
1c:08:86:b7:a8:9a:33:87:5a:0a:56:b1:78:a7:8c:a7:27:9b:
28:df:d5:62:d7:7a:93:7a:5f:78:dd:f5:f0:75:cc:91:71:6d:
a0:a8:8a:82:c4:16:4b:93:c6:18:98:46:78:43:f2:48:73:aa:
5f:a7:e9:84:c2:0a:16:24:bf:a9:11:86:14:ff:d4:b5:9f:66:
29:c5:28:de:db:e9:85:ae:c9:6b:51:6f:14:50:9c:59:c3:9a:
df:1e:8b:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjKRjRUI3aVRcbgrI07spMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjUwMTAxMDE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2M1NThlNGMxOTU3NDRkN2IwM2ZkYjNmZmM0MzM5ZjNmN2FiNTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5xW6Ltk18THK4xpaf81RMEjhxeks
Ukzuypw5TM/naBIZJ5+yPK01Ab0NAPRfkXcqsRo+7KShnJQJvVdG4apY2UaebQGe
dIdPgaAcNVtp0PKz/cnSVm89y6rJGPDUUL03kLGz8ABLGTZCaTCirOawWolxsNM2
Xx7aOg89B0lHwo0/2Ej/lFvRiahc3U+Bo8wbeBbi2q1vl2AyPWaDybm+N9DhZjxg
4ZO3Yg8q8HSp1Niq5dhm1iSD5Qt2x60lRFbxJNM9DB3g7tzF4PtlJpydXY8Msvu1
J2FgFRVf3gXNBz5lzViTcQF9bqrB3zZajrNFgoWHFv6TY9FIIi6MB7XueQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEfFWOTBlXRNewP9s//EM58/erWRMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvUjhWWTVNR1ZkRTE3QV8yel84UXpuejk2dFpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXfsMA0G
CSqGSIb3DQEBCwUAA4IBAQAtpg8hr7Dyq/m2UXIJRu0tx8z8SF52XFlFYsYEbPL7
MS+LkZdbqHxSQ6UBT7UY/DtOwTEpQjX0Y2EHtTuNCnH1TWo8Q7ztz3LS4MYPngi5
7g16w65MLEFTtrjwPp1SEZKUOIKjiFyH32r0/53H+MPAUZ7fE94mcLtRoz9Qsiu0
yhHGLshuo6V4leCU+6po+XrhHwfvm+aaYDvNifVKWxlmWV0cCIa3qJozh1oKVrF4
p4ynJ5so39Vi13qTel943fXwdcyRcW2gqIqCxBZLk8YYmEZ4Q/JIc6pfp+mEwgoW
JL+pEYYU/9S1n2YpxSje2+mFrslrUW8UUJxZw5rfHotv
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:48:46 2025 by rpki-client