Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/JOxitDZrH06_7gdJfTN1yzrI7bs.roa
File: JOxitDZrH06_7gdJfTN1yzrI7bs.roa (raw, json)
Hash identifier: I4I1UDRrHD91eVymVzkfYVMUc8wdJt2DaDwRY1upCck=
Subject key identifier: 24:EC:62:B4:36:6B:1F:4E:BF:EE:07:49:7D:33:75:CB:3A:C8:ED:BB
Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial: 0195A85BE5D76CB48588B015CF13A7B3F88D
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/JOxitDZrH06_7gdJfTN1yzrI7bs.roa
Signing time: Tue 18 Mar 2025 08:25:49 +0000
ROA not before: Tue 18 Mar 2025 08:25:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 5.182.164.0/22 maxlen: 22
185.137.56.0/22 maxlen: 22
185.143.0.0/22 maxlen: 22
185.143.140.0/22 maxlen: 22
185.174.212.0/23 maxlen: 23
185.174.212.0/24 maxlen: 24
185.232.172.0/22 maxlen: 22
185.238.144.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.mft
rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 06:58:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a8:5b:e5:d7:6c:b4:85:88:b0:15:cf:13:a7:b3:f8:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Validity
Not Before: Mar 18 08:25:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24ec62b4366b1f4ebfee07497d3375cb3ac8edbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8b:61:45:7e:ef:d1:6d:07:65:c9:a7:37:2b:
fb:ca:d0:97:5f:e3:74:75:1c:eb:e3:03:ac:29:3c:
92:2c:15:e8:05:44:60:4f:ea:39:6d:33:d4:8a:74:
98:34:98:17:69:d3:53:b8:c5:03:8c:4d:9e:ee:2c:
e3:e1:20:17:8e:5e:15:a9:ed:42:b2:44:f8:1e:3b:
33:77:b2:26:7d:69:a5:38:e5:ac:86:ac:a7:2c:93:
1f:cc:2d:45:8f:85:b4:93:2a:8b:c4:1b:65:b2:cd:
7a:fe:a9:32:7b:8f:4e:e9:6b:6c:6c:b2:39:50:b9:
b1:01:cb:5c:f6:ff:44:e8:2c:30:bd:91:8b:1b:6b:
11:b0:12:08:fa:cc:0d:41:01:af:4b:ec:9f:96:22:
34:f2:49:8b:b4:14:db:ac:be:57:d9:ec:2d:dc:33:
2e:0c:43:5e:74:61:cf:a3:1e:ee:55:cb:81:e3:e8:
71:65:2d:28:19:bd:07:57:1b:25:b3:d0:05:db:eb:
35:1c:95:69:4e:40:ca:42:1f:2e:b1:db:03:27:1b:
78:85:f4:1f:ee:97:e4:a4:5d:4e:36:6f:92:6d:d1:
63:c9:0f:63:ed:c7:73:7b:d3:1e:22:72:67:a7:2e:
a1:86:83:4d:e7:00:b1:90:3b:ce:1e:4a:c1:f9:17:
f4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:EC:62:B4:36:6B:1F:4E:BF:EE:07:49:7D:33:75:CB:3A:C8:ED:BB
X509v3 Authority Key Identifier:
keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/JOxitDZrH06_7gdJfTN1yzrI7bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.164.0/22
185.137.56.0/22
185.143.0.0/22
185.143.140.0/22
185.174.212.0/23
185.232.172.0/22
185.238.144.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:19:99:9c:3a:b3:80:68:8b:7f:5b:f8:e3:81:71:34:6b:ef:
04:64:01:7e:c3:4b:9a:96:82:16:38:2c:4f:3a:c5:2a:37:c3:
65:ca:f6:26:3c:de:bb:e9:06:f7:cb:45:1e:cb:d4:da:d7:54:
1a:63:38:09:09:21:30:b5:a8:e6:52:bd:72:e3:d0:4c:73:3c:
f3:40:c1:70:f9:0a:28:a9:86:19:ec:d0:f8:01:eb:68:13:b8:
d2:ed:b2:97:b5:25:e2:76:0c:4b:bb:41:37:f5:38:c3:f9:bc:
a1:60:b6:95:5d:87:02:dc:b7:a7:21:90:1f:ba:71:5c:b3:09:
c9:cb:8d:d9:c1:a2:47:48:b8:85:4b:c6:97:98:ed:86:ed:73:
e1:94:88:85:70:63:e1:9c:b0:e2:4a:5b:bb:34:b8:68:f6:74:
e9:2a:d1:b5:0a:cb:12:b7:98:f9:0c:53:5a:95:73:83:16:b6:
09:a9:02:df:e8:9c:11:70:75:e1:56:5d:8f:30:94:dd:8f:26:
14:85:ea:68:38:ed:45:c0:82:cb:0a:a1:79:be:c1:0e:a2:15:
81:2f:b2:90:87:d1:9a:f5:cf:ce:17:4a:ca:55:c7:ba:38:5b:
81:32:5b:36:56:7b:5a:5e:b7:20:33:00:56:e3:8d:2b:51:22:
ba:0a:d2:23
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZWoW+XXbLSFiLAVzxOns/iNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzM2Y2FmZGRiNmViYjhkN2M3Njk0M2Y0YTI3MWUwMzg1
MTBhYTkwHhcNMjUwMzE4MDgyNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGVjNjJiNDM2NmIxZjRlYmZlZTA3NDk3ZDMzNzVjYjNhYzhlZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYthRX7v0W0HZcmnNyv7ytCXX+N0
dRzr4wOsKTySLBXoBURgT+o5bTPUinSYNJgXadNTuMUDjE2e7izj4SAXjl4Vqe1C
skT4Hjszd7ImfWmlOOWshqynLJMfzC1Fj4W0kyqLxBtlss16/qkye49O6WtsbLI5
ULmxActc9v9E6CwwvZGLG2sRsBII+swNQQGvS+yfliI08kmLtBTbrL5X2ewt3DMu
DENedGHPox7uVcuB4+hxZS0oGb0HVxsls9AF2+s1HJVpTkDKQh8usdsDJxt4hfQf
7pfkpF1ONm+SbdFjyQ9j7cdze9MeInJnpy6hhoNN5wCxkDvOHkrB+Rf0iwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCTsYrQ2ax9Ov+4HSX0zdcs6yO27MB8GA1UdIwQY
MBaAFK5zbK/dtuu418dpQ/SiceA4UQqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2Mt
M2FhMTUwYTkyYWI3LzEvSk94aXREWnJIMDZfN2dkSmZUTjF5enJJN2JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2MtM2FhMTUwYTkyYWI3
LzEvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCBbakAwQC
uYk4AwQCuY8AAwQCuY+MAwQBua7UAwQCueisAwQCue6QMA0GCSqGSIb3DQEBCwUA
A4IBAQBLGZmcOrOAaIt/W/jjgXE0a+8EZAF+w0ualoIWOCxPOsUqN8NlyvYmPN67
6Qb3y0Uey9Ta11QaYzgJCSEwtajmUr1y49BMczzzQMFw+QooqYYZ7ND4AetoE7jS
7bKXtSXidgxLu0E39TjD+byhYLaVXYcC3LenIZAfunFcswnJy43ZwaJHSLiFS8aX
mO2G7XPhlIiFcGPhnLDiSlu7NLho9nTpKtG1CssSt5j5DFNalXODFrYJqQLf6JwR
cHXhVl2PMJTdjyYUhepoOO1FwILLCqF5vsEOohWBL7KQh9Ga9c/OF0rKVce6OFuB
Mls2VntaXrcgMwBW440rUSK6CtIj
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:24:17 2025 by rpki-client