Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/czNjbES-rzTswymSCBmw3KHYJOs.roa
File: czNjbES-rzTswymSCBmw3KHYJOs.roa (raw, json)
Hash identifier: 2dbgomaSrH59bUspUw25mJnEGhaijXZbqq7YeOg6UkE=
Subject key identifier: 73:33:63:6C:44:BE:AF:34:EC:C3:29:92:08:19:B0:DC:A1:D8:24:EB
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019422202BB503D0A7B848CE4F82DC6B6A80
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/czNjbES-rzTswymSCBmw3KHYJOs.roa
Signing time: Wed 01 Jan 2025 13:48:41 +0000
ROA not before: Wed 01 Jan 2025 13:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60609
IP address blocks: 185.150.76.0/24 maxlen: 24
185.150.78.0/23 maxlen: 23
194.26.174.0/23 maxlen: 23
194.26.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 21:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:2b:b5:03:d0:a7:b8:48:ce:4f:82:dc:6b:6a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7333636c44beaf34ecc329920819b0dca1d824eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:95:b3:eb:3f:6e:13:ce:63:68:ba:9d:22:99:
02:97:86:73:6c:f3:f7:14:79:a3:51:56:e6:e2:88:
88:e9:23:ca:3c:51:36:92:12:d4:83:d8:e3:05:5b:
17:3d:61:76:13:2f:90:18:f2:dd:f0:6e:4c:bf:11:
2d:60:6e:32:7d:b1:ab:21:07:27:bd:b2:c3:75:05:
a7:4f:5a:04:f2:74:7a:07:33:e6:a1:e6:03:aa:f5:
6c:27:b4:7a:01:c1:ac:2b:16:94:2f:48:74:77:36:
61:2f:bc:fe:3d:02:05:11:5b:48:ad:b7:1b:4b:c5:
3f:77:2e:99:3c:ff:b8:59:b5:14:f4:61:4a:b4:38:
d5:ba:a4:e0:5f:34:8d:48:ce:f4:c4:3d:27:cd:3a:
88:d1:26:05:56:1c:42:a2:3c:89:1c:8d:6e:ff:b3:
6d:2e:66:1d:c7:04:59:ce:37:d9:e4:2e:fe:f8:3d:
96:76:9f:5a:35:b9:56:f7:5f:65:7a:d9:8b:10:36:
13:87:7c:d0:a3:b8:7b:2a:e7:3c:98:b5:69:c7:3a:
7e:49:15:38:64:de:3b:f6:04:64:f2:c6:80:c7:d6:
32:6a:7d:e2:d7:4d:76:9d:4e:98:c6:93:04:da:d2:
1f:44:3c:0b:c8:ae:02:c9:4f:59:2a:69:52:b1:e2:
da:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:33:63:6C:44:BE:AF:34:EC:C3:29:92:08:19:B0:DC:A1:D8:24:EB
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/czNjbES-rzTswymSCBmw3KHYJOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.76.0/24
185.150.78.0/23
194.26.174.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:68:79:ed:87:0c:8e:8c:32:a5:40:fc:84:2c:c8:ba:46:0e:
bd:4c:1f:4c:1d:0a:aa:51:c0:e8:83:23:c0:94:ca:f3:d4:e7:
29:8e:2f:3b:34:40:40:6d:e7:da:3d:39:52:d5:36:7c:93:ab:
74:31:b4:b0:43:d7:5c:2d:c0:6d:7a:1b:e7:11:69:28:85:f2:
44:cb:4b:86:47:a4:47:bd:76:0c:cf:55:b6:69:80:83:eb:62:
0d:76:17:70:2f:31:ff:be:bf:0f:8d:5d:6f:27:c5:b5:a3:83:
dc:78:f3:a9:f5:2a:88:8d:5f:9e:a0:82:28:fd:b3:3f:c3:c4:
5d:41:85:69:58:5f:f4:61:d1:e7:7a:da:25:b2:02:03:c7:eb:
81:32:f2:12:52:e9:9d:1b:94:2b:a8:38:27:8e:21:da:5d:eb:
f1:58:0b:39:29:10:68:5e:08:e8:c6:fa:ed:fb:93:f5:5c:21:
21:a2:20:c6:cd:a6:58:ff:d7:00:85:02:0d:c3:65:ae:a0:62:
08:55:0d:8a:61:7a:e6:ec:67:d0:3f:9a:11:c7:14:cf:40:34:
89:00:97:9c:c8:a7:20:9b:45:7c:76:27:09:ec:1d:15:f5:90:
c8:d2:c7:be:86:b2:ce:e6:f2:3e:a4:63:5b:57:17:94:3d:65:
e2:8f:4a:33
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiICu1A9CnuEjOT4Lca2qAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzMzNjM2YzQ0YmVhZjM0ZWNjMzI5OTIwODE5YjBkY2ExZDgyNGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5Wz6z9uE85jaLqdIpkCl4ZzbPP3
FHmjUVbm4oiI6SPKPFE2khLUg9jjBVsXPWF2Ey+QGPLd8G5MvxEtYG4yfbGrIQcn
vbLDdQWnT1oE8nR6BzPmoeYDqvVsJ7R6AcGsKxaUL0h0dzZhL7z+PQIFEVtIrbcb
S8U/dy6ZPP+4WbUU9GFKtDjVuqTgXzSNSM70xD0nzTqI0SYFVhxCojyJHI1u/7Nt
LmYdxwRZzjfZ5C7++D2Wdp9aNblW919letmLEDYTh3zQo7h7Kuc8mLVpxzp+SRU4
ZN479gRk8saAx9Yyan3i1012nU6YxpME2tIfRDwLyK4CyU9ZKmlSseLavQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHMzY2xEvq807MMpkggZsNyh2CTrMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvY3pOamJFUy1yelRzd3ltU0NCbXczS0hZSk9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuZZMAwQB
uZZOAwQBwhquMA0GCSqGSIb3DQEBCwUAA4IBAQA+aHnthwyOjDKlQPyELMi6Rg69
TB9MHQqqUcDogyPAlMrz1Ocpji87NEBAbefaPTlS1TZ8k6t0MbSwQ9dcLcBtehvn
EWkohfJEy0uGR6RHvXYMz1W2aYCD62INdhdwLzH/vr8PjV1vJ8W1o4PcePOp9SqI
jV+eoIIo/bM/w8RdQYVpWF/0YdHnetolsgIDx+uBMvISUumdG5QrqDgnjiHaXevx
WAs5KRBoXgjoxvrt+5P1XCEhoiDGzaZY/9cAhQINw2WuoGIIVQ2KYXrm7GfQP5oR
xxTPQDSJAJecyKcgm0V8dicJ7B0V9ZDI0se+hrLO5vI+pGNbVxeUPWXij0oz
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:47:18 2025 by rpki-client