Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/b11764-be65-49f1-b42c-b7a8b7c12eee/1/gP8qEhtADxz-fNyyU3vcu8NYBMU.roa
File: gP8qEhtADxz-fNyyU3vcu8NYBMU.roa (raw, json)
Hash identifier: UQJK4mMNNX6B898sPio2JOjeNiXhgW4l71UxZw7LEXo=
Subject key identifier: 80:FF:2A:12:1B:40:0F:1C:FE:7C:DC:B2:53:7B:DC:BB:C3:58:04:C5
Certificate issuer: /CN=7b2711150910dcd1b1c7ab531448bd8321fc1c36
Certificate serial: 019424B27DB2A9B88C3AB1FDCBBCC2D27E06
Authority key identifier: 7B:27:11:15:09:10:DC:D1:B1:C7:AB:53:14:48:BD:83:21:FC:1C:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eycRFQkQ3NGxx6tTFEi9gyH8HDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/b11764-be65-49f1-b42c-b7a8b7c12eee/1/gP8qEhtADxz-fNyyU3vcu8NYBMU.roa
Signing time: Thu 02 Jan 2025 01:47:44 +0000
ROA not before: Thu 02 Jan 2025 01:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207029
IP address blocks: 185.85.24.0/22 maxlen: 22
185.85.24.0/23 maxlen: 23
185.85.26.0/23 maxlen: 23
185.134.8.0/22 maxlen: 22
185.134.8.0/23 maxlen: 23
185.134.10.0/23 maxlen: 23
185.210.112.0/22 maxlen: 22
185.210.112.0/23 maxlen: 23
185.210.114.0/23 maxlen: 23
213.226.104.0/22 maxlen: 22
213.226.104.0/23 maxlen: 23
213.226.106.0/23 maxlen: 23
2a05:a580::/29 maxlen: 29
2a06:ea00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/b11764-be65-49f1-b42c-b7a8b7c12eee/1/eycRFQkQ3NGxx6tTFEi9gyH8HDY.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/b11764-be65-49f1-b42c-b7a8b7c12eee/1/eycRFQkQ3NGxx6tTFEi9gyH8HDY.mft
rsync://rpki.ripe.net/repository/DEFAULT/eycRFQkQ3NGxx6tTFEi9gyH8HDY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:7d:b2:a9:b8:8c:3a:b1:fd:cb:bc:c2:d2:7e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b2711150910dcd1b1c7ab531448bd8321fc1c36
Validity
Not Before: Jan 2 01:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80ff2a121b400f1cfe7cdcb2537bdcbbc35804c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a9:54:d9:f6:f1:43:16:75:e3:13:87:1e:c7:
2b:bb:7f:07:a2:05:09:1b:c3:f0:81:ae:57:4d:42:
30:d6:94:ff:d9:b9:93:a1:11:ad:87:33:39:93:da:
fd:f0:4a:1a:a9:a9:f1:5d:5b:28:8a:78:a5:8c:e3:
80:ad:ac:98:cf:07:6c:1c:12:2b:6a:1a:a4:ed:44:
6c:12:2f:98:e6:d6:90:f6:6f:aa:e0:05:61:a0:5b:
0b:94:b4:13:9d:f4:ac:4a:34:92:c3:0f:74:7a:0d:
9f:0d:14:3b:0f:9f:80:ca:c7:d3:ce:0a:f1:a7:e1:
a5:01:d6:c6:85:10:8a:b0:46:a5:ac:c0:d5:8d:62:
96:d2:53:0d:be:a4:58:2d:43:1a:3b:16:e8:80:fe:
f9:b6:35:22:44:30:93:a7:bb:f0:16:5a:90:1b:ae:
4b:38:d8:98:ca:09:bc:61:51:af:22:da:e9:8c:18:
f3:ba:17:2a:23:a8:93:fa:9b:04:17:4c:0a:7f:e6:
8e:a1:ee:32:cd:72:8b:08:93:d4:40:ae:bd:d1:5a:
50:64:13:75:5b:67:a9:d4:5d:dc:45:ea:fe:88:7f:
b5:66:c3:a4:b3:7f:59:ea:8f:22:f4:ed:c6:5e:59:
c6:18:0d:52:9e:25:3e:58:d1:d4:87:4d:96:3c:ec:
e3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:FF:2A:12:1B:40:0F:1C:FE:7C:DC:B2:53:7B:DC:BB:C3:58:04:C5
X509v3 Authority Key Identifier:
keyid:7B:27:11:15:09:10:DC:D1:B1:C7:AB:53:14:48:BD:83:21:FC:1C:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eycRFQkQ3NGxx6tTFEi9gyH8HDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/b11764-be65-49f1-b42c-b7a8b7c12eee/1/gP8qEhtADxz-fNyyU3vcu8NYBMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/b11764-be65-49f1-b42c-b7a8b7c12eee/1/eycRFQkQ3NGxx6tTFEi9gyH8HDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.24.0/22
185.134.8.0/22
185.210.112.0/22
213.226.104.0/22
IPv6:
2a05:a580::/29
2a06:ea00::/29
Signature Algorithm: sha256WithRSAEncryption
5c:62:4f:fb:68:c8:fe:ad:35:ae:c7:0e:03:2c:1e:86:4d:eb:
4e:80:71:b0:d2:45:3a:1e:55:0a:6e:a4:ad:8b:62:39:12:3f:
96:f0:35:0a:d6:ed:30:76:19:95:89:96:eb:90:b6:e4:a6:97:
72:b9:6c:f1:ad:5b:b6:c8:61:78:95:f3:8f:da:0c:8b:d3:cf:
68:4d:68:2e:ad:13:41:e1:c9:b2:3b:b8:ed:eb:ea:8d:9f:e1:
50:a4:c8:37:d4:e5:72:a1:91:ed:e7:a2:d4:17:aa:f4:f9:aa:
53:ba:b1:0b:08:c5:34:f9:50:f0:c6:98:7a:87:af:16:df:87:
de:85:d8:bf:c7:e2:4f:b2:84:a7:60:8b:ec:d8:e7:e4:74:2a:
ae:f0:03:8f:93:ad:38:ee:bd:df:cd:80:a5:49:0c:25:df:1f:
d9:79:80:ce:17:6d:7c:d4:02:f5:af:b3:d5:0e:bb:d0:3a:be:
33:81:99:aa:f5:fc:ad:9a:61:14:a9:61:c1:db:e5:c4:ce:a8:
a7:ce:f6:7d:72:8b:f7:57:53:fc:81:51:68:42:6c:1f:bc:5a:
e1:f6:0c:c2:ea:96:8e:a8:80:6d:72:1c:e4:5b:38:ca:7a:00:
fa:67:4f:d1:86:ac:75:2c:73:f7:00:65:44:1c:3c:5d:e1:ab:
15:72:d2:94
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQksn2yqbiMOrH9y7zC0n4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMjcxMTE1MDkxMGRjZDFiMWM3YWI1MzE0NDhiZDgzMjFm
YzFjMzYwHhcNMjUwMTAyMDE0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGZmMmExMjFiNDAwZjFjZmU3Y2RjYjI1MzdiZGNiYmMzNTgwNGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0alU2fbxQxZ14xOHHscru38HogUJ
G8Pwga5XTUIw1pT/2bmToRGthzM5k9r98EoaqanxXVsoiniljOOArayYzwdsHBIr
ahqk7URsEi+Y5taQ9m+q4AVhoFsLlLQTnfSsSjSSww90eg2fDRQ7D5+AysfTzgrx
p+GlAdbGhRCKsEalrMDVjWKW0lMNvqRYLUMaOxbogP75tjUiRDCTp7vwFlqQG65L
ONiYygm8YVGvItrpjBjzuhcqI6iT+psEF0wKf+aOoe4yzXKLCJPUQK690VpQZBN1
W2ep1F3cRer+iH+1ZsOks39Z6o8i9O3GXlnGGA1SniU+WNHUh02WPOzjkQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFID/KhIbQA8c/nzcslN73LvDWATFMB8GA1UdIwQY
MBaAFHsnERUJENzRscerUxRIvYMh/Bw2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXljUkZRa1EzTkd4eDZ0VEZFaTlneUg4SERZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9iMTE3NjQtYmU2NS00OWYxLWI0MmMt
YjdhOGI3YzEyZWVlLzEvZ1A4cUVodEFEeHotZk55eVUzdmN1OE5ZQk1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9iMTE3NjQtYmU2NS00OWYxLWI0MmMtYjdhOGI3YzEyZWVl
LzEvZXljUkZRa1EzTkd4eDZ0VEZFaTlneUg4SERZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCuVUYAwQC
uYYIAwQCudJwAwQC1eJoMBQEAgACMA4DBQMqBaWAAwUDKgbqADANBgkqhkiG9w0B
AQsFAAOCAQEAXGJP+2jI/q01rscOAywehk3rToBxsNJFOh5VCm6krYtiORI/lvA1
CtbtMHYZlYmW65C25KaXcrls8a1btshheJXzj9oMi9PPaE1oLq0TQeHJsju47evq
jZ/hUKTIN9TlcqGR7eei1Beq9PmqU7qxCwjFNPlQ8MaYeoevFt+H3oXYv8fiT7KE
p2CL7Njn5HQqrvADj5OtOO69382ApUkMJd8f2XmAzhdtfNQC9a+z1Q670Dq+M4GZ
qvX8rZphFKlhwdvlxM6op872fXKL91dT/IFRaEJsH7xa4fYMwuqWjqiAbXIc5Fs4
ynoA+mdP0YasdSxz9wBlRBw8XeGrFXLSlA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:06 2025 by rpki-client