Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/i9xl1BGjEAWIRyvR7FDaRtUp3sM.roa
File: i9xl1BGjEAWIRyvR7FDaRtUp3sM.roa (raw, json)
Hash identifier: jIIVL6j/6oDSxEFQvBU+uhsuGADZLxaxVVKJQbxIUsg=
Subject key identifier: 8B:DC:65:D4:11:A3:10:05:88:47:2B:D1:EC:50:DA:46:D5:29:DE:C3
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01941F8CBEC75D666AB04068F1398AD3B6C7
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/i9xl1BGjEAWIRyvR7FDaRtUp3sM.roa
Signing time: Wed 01 Jan 2025 01:48:25 +0000
ROA not before: Wed 01 Jan 2025 01:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205512
IP address blocks: 185.93.120.0/22 maxlen: 24
185.120.44.0/22 maxlen: 24
2a06:8f40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 19:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:be:c7:5d:66:6a:b0:40:68:f1:39:8a:d3:b6:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 01:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8bdc65d411a3100588472bd1ec50da46d529dec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:18:8b:b6:6f:e5:63:66:ad:e0:7b:33:c7:f4:
b8:8b:b1:fb:54:22:e2:4e:4d:f9:c9:58:5c:27:83:
a2:2b:e2:65:56:ae:19:be:82:e9:c5:0d:e8:c9:0f:
8e:d9:99:51:d9:e1:12:09:7d:ec:a0:a8:26:8c:16:
b1:17:d0:ef:67:9e:de:47:97:83:a7:29:1a:0c:8e:
73:87:fb:18:d9:32:1e:2b:ba:42:22:00:13:7f:d5:
37:7e:e7:d7:e5:c6:38:ce:a8:87:50:a0:36:7c:4b:
ab:2c:ce:1d:61:ab:03:4a:84:c2:55:1d:16:ca:aa:
2f:eb:9b:8f:0d:3d:47:ec:f8:0d:e6:de:ab:c5:ca:
0d:93:a4:ad:1a:fa:97:ea:a4:67:d0:74:09:db:78:
5d:83:c1:7f:cc:32:1c:1e:09:aa:9b:83:52:ed:1f:
c3:4e:e6:94:2a:34:2d:f7:09:84:04:11:a3:4a:8d:
19:8e:8b:b4:dc:85:30:72:03:b1:74:11:84:96:38:
15:93:e5:8b:ff:f1:7b:e2:51:d1:b0:d9:17:60:d3:
43:f8:91:cf:46:cf:78:69:f5:3f:bc:a0:5c:96:31:
32:73:79:c0:06:cc:4d:dc:76:88:23:3b:df:b7:27:
d2:ed:9d:b9:5b:f3:d2:cf:5c:cd:f0:7d:33:c0:71:
bf:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:DC:65:D4:11:A3:10:05:88:47:2B:D1:EC:50:DA:46:D5:29:DE:C3
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/i9xl1BGjEAWIRyvR7FDaRtUp3sM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.120.0/22
185.120.44.0/22
IPv6:
2a06:8f40::/29
Signature Algorithm: sha256WithRSAEncryption
3b:6d:68:e6:d4:c5:56:1c:e3:84:2d:fd:e4:ea:2c:9d:e2:8d:
c3:9d:0f:89:ea:d9:08:2f:09:42:c2:c3:41:48:df:bc:aa:00:
3c:f0:68:38:d6:71:b8:3c:74:7c:65:9f:50:84:ef:c3:10:35:
6e:f5:68:36:8c:a4:f6:18:cd:fb:a2:6f:15:e1:7f:18:47:24:
cb:87:73:59:d1:34:f1:c7:94:4e:4a:15:a0:58:3a:89:13:91:
61:57:45:bd:80:bb:af:6f:1b:86:cf:3b:c7:f3:d2:c8:b7:2f:
a1:1b:c8:56:86:75:65:45:61:f8:4f:0e:1b:a5:82:23:8b:57:
97:8c:44:c7:a4:c4:40:bf:6b:bd:5b:bc:ad:73:18:d2:d1:14:
42:79:42:34:ef:f9:05:bb:da:17:ff:6f:d5:5c:ba:5f:d4:29:
59:3b:58:32:23:21:3a:7c:f1:ff:45:64:2c:2a:8a:3c:6a:ec:
e4:9a:06:b3:f9:8e:86:35:6c:58:c7:07:00:23:94:be:cc:25:
ea:f1:d6:79:68:e4:8d:61:bc:83:31:3a:a7:20:82:ea:84:86:
9b:03:ec:3c:28:2c:86:8f:b6:f3:7b:bf:31:9f:c0:35:48:6c:
48:3e:5d:1c:44:43:6c:a3:f1:61:7c:ab:e7:ab:13:91:90:21:
97:1e:3c:5c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQfjL7HXWZqsEBo8TmK07bHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjUwMTAxMDE0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmRjNjVkNDExYTMxMDA1ODg0NzJiZDFlYzUwZGE0NmQ1MjlkZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhiLtm/lY2at4Hszx/S4i7H7VCLi
Tk35yVhcJ4OiK+JlVq4ZvoLpxQ3oyQ+O2ZlR2eESCX3soKgmjBaxF9DvZ57eR5eD
pykaDI5zh/sY2TIeK7pCIgATf9U3fufX5cY4zqiHUKA2fEurLM4dYasDSoTCVR0W
yqov65uPDT1H7PgN5t6rxcoNk6StGvqX6qRn0HQJ23hdg8F/zDIcHgmqm4NS7R/D
TuaUKjQt9wmEBBGjSo0Zjou03IUwcgOxdBGEljgVk+WL//F74lHRsNkXYNND+JHP
Rs94afU/vKBcljEyc3nABsxN3HaIIzvftyfS7Z25W/PSz1zN8H0zwHG/JwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIvcZdQRoxAFiEcr0exQ2kbVKd7DMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvaTl4bDFCR2pFQVdJUnl2UjdGRGFSdFVwM3NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuV14AwQC
uXgsMA0EAgACMAcDBQMqBo9AMA0GCSqGSIb3DQEBCwUAA4IBAQA7bWjm1MVWHOOE
Lf3k6iyd4o3DnQ+J6tkILwlCwsNBSN+8qgA88Gg41nG4PHR8ZZ9QhO/DEDVu9Wg2
jKT2GM37om8V4X8YRyTLh3NZ0TTxx5ROShWgWDqJE5FhV0W9gLuvbxuGzzvH89LI
ty+hG8hWhnVlRWH4Tw4bpYIji1eXjETHpMRAv2u9W7ytcxjS0RRCeUI07/kFu9oX
/2/VXLpf1ClZO1gyIyE6fPH/RWQsKoo8auzkmgaz+Y6GNWxYxwcAI5S+zCXq8dZ5
aOSNYbyDMTqnIILqhIabA+w8KCyGj7bze78xn8A1SGxIPl0cRENso/FhfKvnqxOR
kCGXHjxc
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:21:50 2025 by rpki-client