Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/48c56d-5727-42ba-80c4-b8c36ecedad8/1/cnib18kOQCfp6lVhz4WmJc4Qscg.roa
File: cnib18kOQCfp6lVhz4WmJc4Qscg.roa (raw, json)
Hash identifier: 29WsgPo6IrtJ1OC04nNW3KGjgpHd3XfgWJen7328b88=
Subject key identifier: 72:78:9B:D7:C9:0E:40:27:E9:EA:55:61:CF:85:A6:25:CE:10:B1:C8
Certificate issuer: /CN=0c6fa156c57c4e885b9e6af8230b654d796a5611
Certificate serial: 019420D617DE1C0920AF921F166D42D446CE
Authority key identifier: 0C:6F:A1:56:C5:7C:4E:88:5B:9E:6A:F8:23:0B:65:4D:79:6A:56:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DG-hVsV8Tohbnmr4IwtlTXlqVhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/48c56d-5727-42ba-80c4-b8c36ecedad8/1/cnib18kOQCfp6lVhz4WmJc4Qscg.roa
Signing time: Wed 01 Jan 2025 07:48:09 +0000
ROA not before: Wed 01 Jan 2025 07:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48391
IP address blocks: 185.23.128.0/24 maxlen: 24
185.23.129.0/24 maxlen: 24
185.23.130.0/24 maxlen: 24
185.23.131.0/24 maxlen: 24
185.115.168.0/24 maxlen: 24
185.115.169.0/24 maxlen: 24
185.115.170.0/24 maxlen: 24
185.115.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/48c56d-5727-42ba-80c4-b8c36ecedad8/1/DG-hVsV8Tohbnmr4IwtlTXlqVhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/48c56d-5727-42ba-80c4-b8c36ecedad8/1/DG-hVsV8Tohbnmr4IwtlTXlqVhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DG-hVsV8Tohbnmr4IwtlTXlqVhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:17:de:1c:09:20:af:92:1f:16:6d:42:d4:46:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c6fa156c57c4e885b9e6af8230b654d796a5611
Validity
Not Before: Jan 1 07:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72789bd7c90e4027e9ea5561cf85a625ce10b1c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:71:39:3e:53:63:e5:ef:c3:17:9d:c5:ed:e0:
82:15:90:46:c9:12:d9:dc:68:b9:0c:94:2f:fa:b6:
d0:64:28:31:23:2b:ae:42:0d:6a:50:16:07:bc:8c:
c0:3f:90:b2:86:43:01:d7:24:5c:66:20:e2:37:93:
c4:74:00:66:f9:63:5f:91:65:c2:ba:76:fd:98:2e:
1b:e3:54:20:66:95:7f:3b:5b:7f:f9:d4:52:37:00:
3f:1d:89:80:18:43:02:07:a5:50:51:f9:12:f8:9e:
b5:eb:17:e6:1b:b9:12:a8:69:e6:af:f4:d6:f6:ee:
f0:73:94:cb:23:9f:ed:b0:5e:ad:ae:13:e1:cc:52:
65:4b:a2:99:e9:f2:0c:18:50:68:71:ea:ae:36:52:
20:f1:b9:87:5d:c9:9c:70:4b:ec:0d:ce:42:70:4d:
1c:c6:3c:8b:d0:fd:b2:2a:f2:2d:a8:15:38:18:d1:
75:1d:b2:87:f3:18:09:12:89:cb:55:be:e7:42:62:
6e:1f:62:37:6a:a0:c1:5c:59:ae:ed:9d:af:cd:8d:
cc:45:82:f7:f9:cb:16:36:bb:1c:4a:76:b8:6b:a8:
38:e3:71:be:30:3d:c5:d9:98:59:0e:ad:36:4c:ea:
a3:c3:bc:30:de:4d:c2:81:5c:0e:e7:3a:f2:a5:60:
6d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:78:9B:D7:C9:0E:40:27:E9:EA:55:61:CF:85:A6:25:CE:10:B1:C8
X509v3 Authority Key Identifier:
keyid:0C:6F:A1:56:C5:7C:4E:88:5B:9E:6A:F8:23:0B:65:4D:79:6A:56:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DG-hVsV8Tohbnmr4IwtlTXlqVhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/48c56d-5727-42ba-80c4-b8c36ecedad8/1/cnib18kOQCfp6lVhz4WmJc4Qscg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/48c56d-5727-42ba-80c4-b8c36ecedad8/1/DG-hVsV8Tohbnmr4IwtlTXlqVhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.128.0/22
185.115.168.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:fa:1f:95:0a:68:d5:0d:be:1d:1a:ad:f8:dd:54:01:ab:b0:
d0:8a:73:df:e0:bf:dd:96:42:41:fd:bc:b9:25:d5:12:02:9d:
70:90:84:48:85:aa:05:50:d5:a3:90:f7:ce:63:38:7f:f4:bb:
af:85:bb:4a:f3:5f:08:00:10:bc:f2:f8:4e:42:22:5a:bb:4f:
92:a8:21:40:0a:95:77:a8:87:b5:ac:d3:ad:4f:b4:5f:0b:c3:
83:1b:d0:ec:c0:9a:05:0c:1f:37:84:4c:5b:00:e1:b8:f7:6c:
2f:b9:f6:13:6b:45:c1:46:11:15:55:fb:ad:c7:b8:33:e3:fa:
b8:96:ad:b6:62:22:3a:ef:c4:da:37:da:c8:55:5a:f7:0c:bd:
e0:9d:40:62:cf:a7:ef:dd:38:a7:c6:34:a5:cd:8e:27:87:7c:
24:96:70:b2:b6:29:7e:0d:76:84:ce:4a:25:c5:1e:66:ac:c0:
fb:ed:12:49:e2:ac:91:6b:75:b2:a2:19:18:f2:b9:71:3d:5f:
ab:27:db:cc:c8:d7:61:2f:15:4e:70:bd:7c:b4:22:e7:a0:da:
f1:fd:fd:e9:7b:03:ed:2a:23:cd:fc:ce:a2:03:10:39:60:19:
57:87:d4:3e:7b:05:10:39:2c:fe:78:ee:48:8a:50:cd:d8:17:
f8:57:f0:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQg1hfeHAkgr5IfFm1C1EbOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNmZhMTU2YzU3YzRlODg1YjllNmFmODIzMGI2NTRkNzk2
YTU2MTEwHhcNMjUwMTAxMDc0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mjc4OWJkN2M5MGU0MDI3ZTllYTU1NjFjZjg1YTYyNWNlMTBiMWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnE5PlNj5e/DF53F7eCCFZBGyRLZ
3Gi5DJQv+rbQZCgxIyuuQg1qUBYHvIzAP5CyhkMB1yRcZiDiN5PEdABm+WNfkWXC
unb9mC4b41QgZpV/O1t/+dRSNwA/HYmAGEMCB6VQUfkS+J616xfmG7kSqGnmr/TW
9u7wc5TLI5/tsF6trhPhzFJlS6KZ6fIMGFBocequNlIg8bmHXcmccEvsDc5CcE0c
xjyL0P2yKvItqBU4GNF1HbKH8xgJEonLVb7nQmJuH2I3aqDBXFmu7Z2vzY3MRYL3
+csWNrscSna4a6g443G+MD3F2ZhZDq02TOqjw7ww3k3CgVwO5zrypWBtOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHJ4m9fJDkAn6epVYc+FpiXOELHIMB8GA1UdIwQY
MBaAFAxvoVbFfE6IW55q+CMLZU15alYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREctaFZzVjhUb2hibm1yNEl3dGxUWGxxVmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80OGM1NmQtNTcyNy00MmJhLTgwYzQt
YjhjMzZlY2VkYWQ4LzEvY25pYjE4a09RQ2ZwNmxWaHo0V21KYzRRc2NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80OGM1NmQtNTcyNy00MmJhLTgwYzQtYjhjMzZlY2VkYWQ4
LzEvREctaFZzVjhUb2hibm1yNEl3dGxUWGxxVmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuReAAwQC
uXOoMA0GCSqGSIb3DQEBCwUAA4IBAQA8+h+VCmjVDb4dGq343VQBq7DQinPf4L/d
lkJB/by5JdUSAp1wkIRIhaoFUNWjkPfOYzh/9LuvhbtK818IABC88vhOQiJau0+S
qCFACpV3qIe1rNOtT7RfC8ODG9DswJoFDB83hExbAOG492wvufYTa0XBRhEVVfut
x7gz4/q4lq22YiI678TaN9rIVVr3DL3gnUBiz6fv3TinxjSlzY4nh3wklnCytil+
DXaEzkolxR5mrMD77RJJ4qyRa3WyohkY8rlxPV+rJ9vMyNdhLxVOcL18tCLnoNrx
/f3pewPtKiPN/M6iAxA5YBlXh9Q+ewUQOSz+eO5IilDN2Bf4V/Ae
-----END CERTIFICATE-----
Generated at Fri Apr 18 01:33:00 2025 by rpki-client