Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/1-qo2IZfSQe_p35VuNGg4c_fEmc.roa
File: 1-qo2IZfSQe_p35VuNGg4c_fEmc.roa (raw, json)
Hash identifier: ZNytEtjJE3PoSw4fLaCNFgz51wqNOEOmou9bPPKVA2c=
Subject key identifier: D7:EA:A8:D8:86:5F:49:07:BF:A7:7E:55:B8:D1:A0:E1:CF:DF:12:67
Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial: 019427B4F385A297F2FEB40A9ADB3707D09E
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/1-qo2IZfSQe_p35VuNGg4c_fEmc.roa
Signing time: Thu 02 Jan 2025 15:49:17 +0000
ROA not before: Thu 02 Jan 2025 15:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205575
IP address blocks: 185.137.104.0/22 maxlen: 22
185.137.104.0/24 maxlen: 24
185.137.105.0/24 maxlen: 24
185.137.106.0/24 maxlen: 24
185.137.107.0/24 maxlen: 24
185.234.156.0/22 maxlen: 22
185.234.156.0/24 maxlen: 24
185.234.157.0/24 maxlen: 24
185.234.158.0/24 maxlen: 24
185.234.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.mft
rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 16:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:f3:85:a2:97:f2:fe:b4:0a:9a:db:37:07:d0:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Validity
Not Before: Jan 2 15:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7eaa8d8865f4907bfa77e55b8d1a0e1cfdf1267
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:e0:d4:9c:2f:2a:a4:c6:be:67:46:f2:97:92:
84:5b:17:0f:48:f9:ab:d4:a1:05:9e:07:48:d0:d8:
87:9e:de:99:99:12:64:63:0f:c6:06:12:98:60:99:
bd:a1:dc:62:6f:07:a1:b2:6d:c1:7a:ed:49:b1:a8:
b3:00:72:9f:84:8d:45:09:a1:d1:7b:16:1e:8c:28:
d3:41:a3:10:fe:df:29:5e:5f:44:ce:20:2d:ef:ad:
68:6b:82:8e:4c:a9:3c:3b:45:9a:b3:2f:93:c8:0d:
5a:28:d5:42:63:3a:17:3f:f5:24:d3:48:6e:f7:b2:
f6:13:d0:94:12:a9:70:ba:e2:07:4b:31:a4:56:70:
fd:88:04:8d:86:cf:57:ed:ae:78:c0:18:67:66:5d:
cb:8d:d9:17:f9:70:27:b4:3a:32:1a:78:69:46:a7:
4e:1a:12:48:c8:0c:62:66:5b:49:6e:f0:f2:1c:92:
26:e9:b4:84:a3:dd:23:58:8e:e4:ff:86:85:18:e9:
db:4b:f2:04:66:b7:dc:11:64:41:a2:44:f4:95:c9:
91:fb:a9:7f:a6:6c:35:61:19:74:0a:2d:60:3b:ef:
80:7f:e5:f3:8a:2b:cb:78:47:4c:58:de:5e:a8:d5:
a9:20:89:a3:7a:c5:ca:11:69:02:16:50:4f:d1:4c:
0e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:EA:A8:D8:86:5F:49:07:BF:A7:7E:55:B8:D1:A0:E1:CF:DF:12:67
X509v3 Authority Key Identifier:
keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/1-qo2IZfSQe_p35VuNGg4c_fEmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.104.0/22
185.234.156.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:36:d3:34:b9:ed:12:cf:a6:00:f7:9e:14:f9:fe:8d:a3:d1:
be:82:15:be:61:d9:c4:08:c3:b3:40:f1:43:35:fe:38:68:b7:
87:b1:97:69:1e:38:6f:ac:6d:0d:1c:1e:82:9d:f0:70:80:e0:
d7:17:8a:21:5c:ab:7c:d0:29:26:06:7f:f0:74:58:c4:9e:85:
1c:f1:de:8e:c4:66:e2:7c:bf:c8:d8:fc:26:7a:ed:a6:ed:53:
b9:19:eb:4b:b6:45:d4:4f:f1:3b:38:00:66:b6:6d:b2:84:25:
30:f1:d6:ed:3e:a1:a0:d5:c1:0d:4c:46:bc:ae:06:c6:cf:fa:
91:28:76:02:9d:2d:8a:4a:f9:67:55:c9:a3:3f:a8:a9:5c:fe:
11:71:1e:8f:e2:4e:75:46:a9:22:fc:03:53:19:7d:ab:a5:77:
be:b4:00:8e:a9:ce:34:7a:62:e2:ed:1b:f7:e2:9e:a9:7a:93:
ea:39:d1:a6:7c:8f:a4:25:12:e6:e6:e0:df:7b:59:d0:a5:89:
aa:3a:67:92:6a:36:2b:7e:61:7e:4b:ea:d4:3c:4a:91:7f:b7:
e3:c0:eb:fc:c6:01:f8:32:1f:3b:53:84:9d:3f:11:80:87:a1:
f8:05:80:37:24:f3:e9:2d:23:7c:c1:be:6a:9d:41:1a:b9:0d:
4e:99:8d:99
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQntPOFopfy/rQKmts3B9CeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzM2Y2FmZGRiNmViYjhkN2M3Njk0M2Y0YTI3MWUwMzg1
MTBhYTkwHhcNMjUwMTAyMTU0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2VhYThkODg2NWY0OTA3YmZhNzdlNTViOGQxYTBlMWNmZGYxMjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6eDUnC8qpMa+Z0byl5KEWxcPSPmr
1KEFngdI0NiHnt6ZmRJkYw/GBhKYYJm9odxibwehsm3Beu1JsaizAHKfhI1FCaHR
exYejCjTQaMQ/t8pXl9EziAt761oa4KOTKk8O0Wasy+TyA1aKNVCYzoXP/Uk00hu
97L2E9CUEqlwuuIHSzGkVnD9iASNhs9X7a54wBhnZl3LjdkX+XAntDoyGnhpRqdO
GhJIyAxiZltJbvDyHJIm6bSEo90jWI7k/4aFGOnbS/IEZrfcEWRBokT0lcmR+6l/
pmw1YRl0Ci1gO++Af+XziivLeEdMWN5eqNWpIImjesXKEWkCFlBP0UwO/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNfqqNiGX0kHv6d+VbjRoOHP3xJnMB8GA1UdIwQY
MBaAFK5zbK/dtuu418dpQ/SiceA4UQqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2Mt
M2FhMTUwYTkyYWI3LzEvMS1xbzJJWmZTUWVfcDM1VnVOR2c0Y19mRW1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2MtM2FhMTUwYTkyYWI3
LzEvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYloAwQC
ueqcMA0GCSqGSIb3DQEBCwUAA4IBAQBrNtM0ue0Sz6YA954U+f6No9G+ghW+YdnE
CMOzQPFDNf44aLeHsZdpHjhvrG0NHB6CnfBwgODXF4ohXKt80CkmBn/wdFjEnoUc
8d6OxGbifL/I2Pwmeu2m7VO5GetLtkXUT/E7OABmtm2yhCUw8dbtPqGg1cENTEa8
rgbGz/qRKHYCnS2KSvlnVcmjP6ipXP4RcR6P4k51Rqki/ANTGX2rpXe+tACOqc40
emLi7Rv34p6pepPqOdGmfI+kJRLm5uDfe1nQpYmqOmeSajYrfmF+S+rUPEqRf7fj
wOv8xgH4Mh87U4SdPxGAh6H4BYA3JPPpLSN8wb5qnUEauQ1OmY2Z
-----END CERTIFICATE-----
Generated at Sun Apr 20 01:57:35 2025 by rpki-client