Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/t3M7z1JSBD8Q7WoPXe-4lwRwP0o.roa
File: t3M7z1JSBD8Q7WoPXe-4lwRwP0o.roa (raw, json)
Hash identifier: Ma9IKDafWmYW+0db5CJJALbT4DDcq6VABVAzS/LJzQY=
Subject key identifier: B7:73:3B:CF:52:52:04:3F:10:ED:6A:0F:5D:EF:B8:97:04:70:3F:4A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01942220265E9BB27F35317A5D458A08C424
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/t3M7z1JSBD8Q7WoPXe-4lwRwP0o.roa
Signing time: Wed 01 Jan 2025 13:48:39 +0000
ROA not before: Wed 01 Jan 2025 13:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49600
IP address blocks: 185.121.12.0/24 maxlen: 24
185.121.15.0/24 maxlen: 24
185.196.43.0/24 maxlen: 24
185.230.54.0/23 maxlen: 23
185.230.55.0/24 maxlen: 24
185.232.205.0/24 maxlen: 24
193.17.183.0/24 maxlen: 24
193.37.64.0/24 maxlen: 24
193.37.65.0/24 maxlen: 24
194.35.41.0/24 maxlen: 24
194.35.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:26:5e:9b:b2:7f:35:31:7a:5d:45:8a:08:c4:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7733bcf5252043f10ed6a0f5defb89704703f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:fe:1c:41:3c:cd:cd:fb:e2:9e:e2:1f:2e:40:
9c:75:4c:e6:04:00:92:88:a2:ca:6f:86:a4:bc:18:
29:ca:2c:61:89:2f:e1:d9:72:47:50:15:17:6f:1b:
73:13:f5:4e:53:5e:61:f5:c8:ac:94:8a:4e:7a:f2:
c2:d6:f7:c1:99:15:2a:90:09:e1:8c:82:51:89:c1:
18:6d:31:af:40:da:0b:fb:ae:f3:7a:00:97:35:db:
39:96:e2:dd:c6:fa:1c:dc:74:a0:c5:f6:a8:d3:e7:
83:51:41:34:27:40:de:72:c4:b7:55:5b:51:14:fd:
d7:d6:17:d6:dc:d0:41:99:1e:15:a4:d3:45:b2:6e:
97:7a:8b:44:5e:e4:c6:b8:6a:0a:51:ca:79:e1:21:
91:a6:f5:1c:10:5e:35:46:1f:c7:ea:43:86:4a:c8:
55:2a:d6:8e:45:11:f1:18:f5:88:fd:83:b7:e1:34:
72:a3:8a:e2:4d:bf:7b:de:71:21:7e:79:89:ce:a2:
b1:30:94:08:28:56:46:d3:f2:69:eb:ed:3e:92:2f:
0e:0c:00:25:0b:7b:44:03:00:39:10:03:3f:0b:0d:
f7:18:35:c3:24:73:55:f9:1a:9b:50:27:a2:7c:bf:
48:30:35:2f:b8:b2:2a:ae:87:e2:c3:46:c6:16:fe:
94:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:73:3B:CF:52:52:04:3F:10:ED:6A:0F:5D:EF:B8:97:04:70:3F:4A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/t3M7z1JSBD8Q7WoPXe-4lwRwP0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.12.0/24
185.121.15.0/24
185.196.43.0/24
185.230.54.0/23
185.232.205.0/24
193.17.183.0/24
193.37.64.0/23
194.35.41.0-194.35.42.255
Signature Algorithm: sha256WithRSAEncryption
14:ef:2a:3d:79:d2:1e:5f:26:c3:bd:34:2e:fc:04:fc:94:66:
a5:c3:b7:a8:e1:ae:5d:f3:9f:da:28:c8:a2:c0:6c:1f:50:5f:
54:1a:cc:2c:fc:8f:dd:bd:7b:a5:74:af:45:29:73:49:a2:19:
8c:6f:eb:82:32:f8:ff:cd:86:e0:c9:4c:60:ab:50:f4:17:28:
9e:08:58:29:fe:6f:02:bb:ef:7f:82:45:79:ee:f8:e2:9a:eb:
0e:16:00:41:9b:8f:1f:b9:d1:99:17:bc:ea:0f:ce:ca:3b:f1:
11:75:a4:a8:19:6a:75:59:37:dd:05:16:0b:95:cf:06:b1:66:
a3:17:3d:5d:04:80:a6:f9:b0:5c:b6:88:4d:31:87:a2:31:bc:
f4:1b:07:ff:a1:12:65:38:bf:e7:c7:a3:0b:da:28:d0:54:0a:
f0:e7:7b:36:a9:a0:c4:4a:2f:a8:08:5b:a3:23:a3:16:04:88:
4e:dc:ed:d6:0a:3b:d6:cf:ef:ec:70:6c:28:9e:31:1f:e7:75:
8d:da:b0:c6:73:d5:7a:21:e6:b1:9b:7b:64:ef:d3:b8:59:fe:
a6:98:af:94:24:7e:bb:f1:4b:a6:06:1d:38:04:06:f8:26:95:
18:84:97:3f:d8:7a:de:d6:e1:5a:77:dc:fb:5e:4a:47:b4:e7:
c3:69:82:ef
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZQiICZem7J/NTF6XUWKCMQkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzczM2JjZjUyNTIwNDNmMTBlZDZhMGY1ZGVmYjg5NzA0NzAzZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyv4cQTzNzfvinuIfLkCcdUzmBACS
iKLKb4akvBgpyixhiS/h2XJHUBUXbxtzE/VOU15h9cislIpOevLC1vfBmRUqkAnh
jIJRicEYbTGvQNoL+67zegCXNds5luLdxvoc3HSgxfao0+eDUUE0J0DecsS3VVtR
FP3X1hfW3NBBmR4VpNNFsm6XeotEXuTGuGoKUcp54SGRpvUcEF41Rh/H6kOGSshV
KtaORRHxGPWI/YO34TRyo4riTb973nEhfnmJzqKxMJQIKFZG0/Jp6+0+ki8ODAAl
C3tEAwA5EAM/Cw33GDXDJHNV+RqbUCeifL9IMDUvuLIqrofiw0bGFv6UTQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFLdzO89SUgQ/EO1qD13vuJcEcD9KMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdDNNN3oxSlNCRDhRN1dvUFhlLTRsd1J3UDBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAuXkMAwQA
uXkPAwQAucQrAwQBueY2AwQAuejNAwQAwRG3AwQBwSVAMAwDBADCIykDBADCIyow
DQYJKoZIhvcNAQELBQADggEBABTvKj150h5fJsO9NC78BPyUZqXDt6jhrl3zn9oo
yKLAbB9QX1QazCz8j929e6V0r0Upc0miGYxv64Iy+P/NhuDJTGCrUPQXKJ4IWCn+
bwK773+CRXnu+OKa6w4WAEGbjx+50ZkXvOoPzso78RF1pKgZanVZN90FFguVzwax
ZqMXPV0EgKb5sFy2iE0xh6IxvPQbB/+hEmU4v+fHowvaKNBUCvDnezapoMRKL6gI
W6MjoxYEiE7c7dYKO9bP7+xwbCieMR/ndY3asMZz1Xoh5rGbe2Tv07hZ/qaYr5Qk
frvxS6YGHTgEBvgmlRiElz/Yet7W4Vp33PteSke058Npgu8=
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:28:25 2025 by rpki-client