Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/42bd5d-4c3e-43f4-a857-7e709af057d5/1/on6c4T5uruUZ19cPvyYxdOa3Uo4.roa
File: on6c4T5uruUZ19cPvyYxdOa3Uo4.roa (raw, json)
Hash identifier: DzOTGbti7Ycex9SFmllizCyD+Zg7ddBWN0hhpKZi1gA=
Subject key identifier: A2:7E:9C:E1:3E:6E:AE:E5:19:D7:D7:0F:BF:26:31:74:E6:B7:52:8E
Certificate issuer: /CN=83876bfbb5ae8cfe116bb5f5f2864a116213aa4f
Certificate serial: 0194228E18E4871D1EA478953A6910A06603
Authority key identifier: 83:87:6B:FB:B5:AE:8C:FE:11:6B:B5:F5:F2:86:4A:11:62:13:AA:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g4dr-7WujP4Ra7X18oZKEWITqk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/42bd5d-4c3e-43f4-a857-7e709af057d5/1/on6c4T5uruUZ19cPvyYxdOa3Uo4.roa
Signing time: Wed 01 Jan 2025 15:48:45 +0000
ROA not before: Wed 01 Jan 2025 15:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207520
IP address blocks: 185.211.40.0/24 maxlen: 24
188.116.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/42bd5d-4c3e-43f4-a857-7e709af057d5/1/g4dr-7WujP4Ra7X18oZKEWITqk8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/42bd5d-4c3e-43f4-a857-7e709af057d5/1/g4dr-7WujP4Ra7X18oZKEWITqk8.mft
rsync://rpki.ripe.net/repository/DEFAULT/g4dr-7WujP4Ra7X18oZKEWITqk8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:18:e4:87:1d:1e:a4:78:95:3a:69:10:a0:66:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83876bfbb5ae8cfe116bb5f5f2864a116213aa4f
Validity
Not Before: Jan 1 15:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a27e9ce13e6eaee519d7d70fbf263174e6b7528e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:51:6b:6d:52:5a:3b:0e:2b:98:9d:63:38:78:
b9:39:23:ff:3b:2e:4c:46:e9:55:5f:6f:80:a5:13:
4f:62:bb:4b:92:d0:1d:2c:87:6d:1d:b7:c1:4b:03:
70:d0:46:7f:37:d3:71:78:91:e9:e7:1e:dc:78:83:
b3:1f:fd:bb:8f:ba:ef:33:f4:79:a5:86:fd:a7:34:
81:39:10:39:0d:bd:22:70:c6:0c:2c:4d:a8:19:b0:
a6:d2:0a:1c:85:d6:b5:65:08:c9:ac:a4:c1:c7:bb:
1e:74:13:63:74:f7:de:fe:81:54:e7:30:ab:0e:08:
68:96:35:09:03:a6:53:3e:df:51:f4:cf:ae:d6:44:
91:86:04:04:45:7e:6c:29:c1:95:34:84:9a:3a:23:
d1:e7:2e:2f:d3:28:c5:5d:c5:ea:79:c2:21:7a:81:
ef:53:f1:39:3f:35:01:5e:c6:15:88:78:20:09:ac:
7b:5a:13:1f:40:a1:8b:09:a5:70:51:7b:07:c9:67:
ee:78:76:78:45:f8:18:b5:fe:37:a4:d2:d2:58:60:
f0:1d:b9:58:d4:49:48:75:67:82:98:67:7f:d2:63:
62:36:4a:a8:8a:ef:08:77:3e:19:a4:68:c7:a7:fe:
84:70:f3:4b:fa:27:c2:c0:9a:84:91:62:2d:03:04:
64:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:7E:9C:E1:3E:6E:AE:E5:19:D7:D7:0F:BF:26:31:74:E6:B7:52:8E
X509v3 Authority Key Identifier:
keyid:83:87:6B:FB:B5:AE:8C:FE:11:6B:B5:F5:F2:86:4A:11:62:13:AA:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g4dr-7WujP4Ra7X18oZKEWITqk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/42bd5d-4c3e-43f4-a857-7e709af057d5/1/on6c4T5uruUZ19cPvyYxdOa3Uo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/42bd5d-4c3e-43f4-a857-7e709af057d5/1/g4dr-7WujP4Ra7X18oZKEWITqk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.40.0/24
188.116.41.0/24
Signature Algorithm: sha256WithRSAEncryption
37:34:d4:10:aa:c2:30:72:d1:4b:8a:eb:b9:0d:8c:57:8f:e7:
2a:02:d9:24:f7:b1:c3:8b:41:b5:f7:64:87:a1:e0:c4:13:d4:
65:44:c1:b0:f6:49:19:cc:8d:9a:3c:59:80:04:bc:ca:83:59:
e6:77:bc:4a:86:08:f4:63:c7:95:bb:86:76:3b:4a:92:ff:8f:
f0:99:9d:4a:c5:50:48:07:33:4d:11:81:e7:5d:e5:c5:4a:3e:
ec:29:dc:9d:de:e7:2d:69:66:69:f6:a7:2c:7c:2c:a2:89:b1:
0f:b6:43:c8:44:74:b8:66:56:69:c8:c7:da:f0:a0:48:fc:48:
1e:60:31:1c:fc:e0:0e:0c:c3:db:79:ad:33:fa:29:7e:9d:74:
79:14:4f:5a:81:2d:c3:f4:72:f8:df:19:92:f8:98:04:82:0c:
02:94:0a:a9:46:40:f0:01:fd:b2:df:00:2d:74:49:5a:58:75:
30:5b:c5:74:22:58:bd:47:21:18:3c:76:96:0d:2f:44:4e:22:
4a:0f:53:05:f9:e5:aa:9a:10:3b:85:d5:30:c3:57:e8:00:d6:
3e:b7:ca:5e:98:4e:9a:4e:1d:41:03:e2:69:06:1d:41:c8:f9:
23:e3:0d:14:54:28:e6:31:56:0e:41:62:e0:02:27:7c:66:49:
e8:9f:9c:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijhjkhx0epHiVOmkQoGYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzODc2YmZiYjVhZThjZmUxMTZiYjVmNWYyODY0YTExNjIx
M2FhNGYwHhcNMjUwMTAxMTU0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjdlOWNlMTNlNmVhZWU1MTlkN2Q3MGZiZjI2MzE3NGU2Yjc1MjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1FrbVJaOw4rmJ1jOHi5OSP/Oy5M
RulVX2+ApRNPYrtLktAdLIdtHbfBSwNw0EZ/N9NxeJHp5x7ceIOzH/27j7rvM/R5
pYb9pzSBORA5Db0icMYMLE2oGbCm0gochda1ZQjJrKTBx7sedBNjdPfe/oFU5zCr
DgholjUJA6ZTPt9R9M+u1kSRhgQERX5sKcGVNISaOiPR5y4v0yjFXcXqecIheoHv
U/E5PzUBXsYViHggCax7WhMfQKGLCaVwUXsHyWfueHZ4RfgYtf43pNLSWGDwHblY
1ElIdWeCmGd/0mNiNkqoiu8Idz4ZpGjHp/6EcPNL+ifCwJqEkWItAwRkSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKJ+nOE+bq7lGdfXD78mMXTmt1KOMB8GA1UdIwQY
MBaAFIOHa/u1roz+EWu19fKGShFiE6pPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzRkci03V3VqUDRSYTdYMThvWktFV0lUcWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80MmJkNWQtNGMzZS00M2Y0LWE4NTct
N2U3MDlhZjA1N2Q1LzEvb242YzRUNXVydVVaMTljUHZ5WXhkT2EzVW80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS80MmJkNWQtNGMzZS00M2Y0LWE4NTctN2U3MDlhZjA1N2Q1
LzEvZzRkci03V3VqUDRSYTdYMThvWktFV0lUcWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudMoAwQA
vHQpMA0GCSqGSIb3DQEBCwUAA4IBAQA3NNQQqsIwctFLiuu5DYxXj+cqAtkk97HD
i0G192SHoeDEE9RlRMGw9kkZzI2aPFmABLzKg1nmd7xKhgj0Y8eVu4Z2O0qS/4/w
mZ1KxVBIBzNNEYHnXeXFSj7sKdyd3uctaWZp9qcsfCyiibEPtkPIRHS4ZlZpyMfa
8KBI/EgeYDEc/OAODMPbea0z+il+nXR5FE9agS3D9HL43xmS+JgEggwClAqpRkDw
Af2y3wAtdElaWHUwW8V0Ili9RyEYPHaWDS9ETiJKD1MF+eWqmhA7hdUww1foANY+
t8pemE6aTh1BA+JpBh1ByPkj4w0UVCjmMVYOQWLgAid8Zknon5xb
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:56:32 2025 by rpki-client