Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/26c7ff-998e-4131-a747-3c43c3d35ef3/1/t79WdBqxFFntJ1dx66Q8iAsYk1A.roa
File: t79WdBqxFFntJ1dx66Q8iAsYk1A.roa (raw, json)
Hash identifier: Pk/lATHQMHKBJ7PlIPPnor0o8ARLjsDurmPSUe+LfCo=
Subject key identifier: B7:BF:56:74:1A:B1:14:59:ED:27:57:71:EB:A4:3C:88:0B:18:93:50
Certificate issuer: /CN=b48f063d29e910f033becb656e8b9901f69ec974
Certificate serial: 019424B2B5752B4B7D833C6C912F70A1709C
Authority key identifier: B4:8F:06:3D:29:E9:10:F0:33:BE:CB:65:6E:8B:99:01:F6:9E:C9:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tI8GPSnpEPAzvstlbouZAfaeyXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/26c7ff-998e-4131-a747-3c43c3d35ef3/1/t79WdBqxFFntJ1dx66Q8iAsYk1A.roa
Signing time: Thu 02 Jan 2025 01:47:59 +0000
ROA not before: Thu 02 Jan 2025 01:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207013
IP address blocks: 185.168.176.0/24 maxlen: 24
185.168.177.0/24 maxlen: 24
185.168.178.0/24 maxlen: 24
185.168.179.0/24 maxlen: 24
2a0b:ffc0::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/26c7ff-998e-4131-a747-3c43c3d35ef3/1/tI8GPSnpEPAzvstlbouZAfaeyXQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/26c7ff-998e-4131-a747-3c43c3d35ef3/1/tI8GPSnpEPAzvstlbouZAfaeyXQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/tI8GPSnpEPAzvstlbouZAfaeyXQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:b5:75:2b:4b:7d:83:3c:6c:91:2f:70:a1:70:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b48f063d29e910f033becb656e8b9901f69ec974
Validity
Not Before: Jan 2 01:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7bf56741ab11459ed275771eba43c880b189350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a6:89:e8:60:63:4d:fb:c4:99:11:31:34:f7:
69:a5:f6:ba:d3:48:23:56:3c:31:ac:75:55:3d:22:
cd:26:31:02:7c:84:61:61:fc:7e:60:c2:c9:b1:28:
0f:be:ff:f4:69:a4:f9:3a:3a:5a:c5:21:5c:bf:c6:
d4:13:cd:69:70:a7:60:ce:10:57:fa:b7:4d:e4:81:
9c:c5:87:34:e4:59:b3:5f:97:ec:46:ed:b6:7a:69:
d8:81:cc:71:40:d3:21:ee:2d:7d:da:ed:01:02:0c:
29:07:55:ea:ec:20:c5:33:27:27:73:e8:1b:4e:6c:
46:55:b9:0b:33:42:c5:5f:48:7e:1f:44:dc:64:95:
c2:c7:1c:af:74:9d:e1:f5:05:13:9a:ef:7a:a3:f0:
45:c4:4f:58:76:9a:3f:2b:6e:15:c0:c6:92:dc:c9:
1c:5a:75:6f:a5:99:81:de:20:4e:c7:ee:d5:ff:7c:
d6:97:23:6c:c5:1b:96:ba:fe:b4:e4:93:74:ea:b9:
e6:bd:33:17:96:8a:6b:cc:11:83:c2:34:bc:0f:88:
3d:d5:ea:68:70:70:09:66:75:c0:98:3b:cc:6c:e0:
e5:10:9f:27:28:ea:10:95:b8:bb:37:ef:db:42:1c:
9d:6a:2d:df:19:39:b7:68:7b:65:5e:0a:99:dd:74:
e7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:BF:56:74:1A:B1:14:59:ED:27:57:71:EB:A4:3C:88:0B:18:93:50
X509v3 Authority Key Identifier:
keyid:B4:8F:06:3D:29:E9:10:F0:33:BE:CB:65:6E:8B:99:01:F6:9E:C9:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tI8GPSnpEPAzvstlbouZAfaeyXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/26c7ff-998e-4131-a747-3c43c3d35ef3/1/t79WdBqxFFntJ1dx66Q8iAsYk1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/26c7ff-998e-4131-a747-3c43c3d35ef3/1/tI8GPSnpEPAzvstlbouZAfaeyXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.176.0/22
IPv6:
2a0b:ffc0::/40
Signature Algorithm: sha256WithRSAEncryption
62:f1:13:dc:04:d1:f3:e4:2f:cb:20:67:6f:85:74:c3:d0:b0:
92:bc:45:73:cd:a5:a4:85:f8:80:3d:ba:b6:b0:06:67:57:fb:
21:dc:74:69:65:3c:50:b3:a5:b2:b5:bb:2a:9a:fc:d1:c7:7e:
06:33:68:8d:26:c0:91:8b:0c:ac:eb:60:a3:9e:50:66:2e:3f:
a8:f7:39:77:4d:9f:88:7b:72:bb:4f:a0:8e:21:f2:6d:17:e1:
b2:8f:69:0f:54:30:9f:04:90:d5:0d:7e:69:b6:8a:f2:d2:0d:
5b:c6:ee:09:d0:59:07:fd:64:11:dc:ad:fb:5d:21:c2:62:28:
c1:72:73:51:6f:51:5f:48:2f:18:a9:d7:69:72:6b:17:8a:07:
4e:27:2f:20:34:db:e0:69:c5:dd:00:93:e3:6e:ec:0c:db:05:
ea:67:7b:a0:a7:cc:cf:86:97:3c:98:90:43:32:22:52:2d:ed:
35:8d:4a:40:b3:12:ff:f2:c2:f1:db:4c:88:e3:74:74:58:8b:
73:05:fc:dd:7e:06:54:fa:6d:aa:3c:07:74:f8:aa:8e:8a:d5:
37:10:80:68:ec:36:37:7c:bc:c7:d6:2b:e8:89:c4:06:54:cd:
fe:56:b6:cf:6b:dd:8f:84:5b:aa:52:58:ab:b2:b1:2a:a7:be:
5d:46:b5:d6
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQksrV1K0t9gzxskS9woXCcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OGYwNjNkMjllOTEwZjAzM2JlY2I2NTZlOGI5OTAxZjY5
ZWM5NzQwHhcNMjUwMTAyMDE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2JmNTY3NDFhYjExNDU5ZWQyNzU3NzFlYmE0M2M4ODBiMTg5MzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaaJ6GBjTfvEmRExNPdppfa600gj
VjwxrHVVPSLNJjECfIRhYfx+YMLJsSgPvv/0aaT5OjpaxSFcv8bUE81pcKdgzhBX
+rdN5IGcxYc05FmzX5fsRu22emnYgcxxQNMh7i192u0BAgwpB1Xq7CDFMycnc+gb
TmxGVbkLM0LFX0h+H0TcZJXCxxyvdJ3h9QUTmu96o/BFxE9Ydpo/K24VwMaS3Mkc
WnVvpZmB3iBOx+7V/3zWlyNsxRuWuv605JN06rnmvTMXloprzBGDwjS8D4g91epo
cHAJZnXAmDvMbODlEJ8nKOoQlbi7N+/bQhydai3fGTm3aHtlXgqZ3XTnKwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFLe/VnQasRRZ7SdXceukPIgLGJNQMB8GA1UdIwQY
MBaAFLSPBj0p6RDwM77LZW6LmQH2nsl0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEk4R1BTbnBFUEF6dnN0bGJvdVpBZmFleVhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8yNmM3ZmYtOTk4ZS00MTMxLWE3NDct
M2M0M2MzZDM1ZWYzLzEvdDc5V2RCcXhGRm50SjFkeDY2UThpQXNZazFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8yNmM3ZmYtOTk4ZS00MTMxLWE3NDctM2M0M2MzZDM1ZWYz
LzEvdEk4R1BTbnBFUEF6dnN0bGJvdVpBZmFleVhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCuaiwMA4E
AgACMAgDBgAqC//AADANBgkqhkiG9w0BAQsFAAOCAQEAYvET3ATR8+QvyyBnb4V0
w9CwkrxFc82lpIX4gD26trAGZ1f7Idx0aWU8ULOlsrW7Kpr80cd+BjNojSbAkYsM
rOtgo55QZi4/qPc5d02fiHtyu0+gjiHybRfhso9pD1QwnwSQ1Q1+abaK8tINW8bu
CdBZB/1kEdyt+10hwmIowXJzUW9RX0gvGKnXaXJrF4oHTicvIDTb4GnF3QCT427s
DNsF6md7oKfMz4aXPJiQQzIiUi3tNY1KQLMS//LC8dtMiON0dFiLcwX83X4GVPpt
qjwHdPiqjorVNxCAaOw2N3y8x9Yr6InEBlTN/la2z2vdj4RbqlJYq7KxKqe+XUa1
1g==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:47:54 2025 by rpki-client