Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/847bc8-f7e6-43e0-a5cf-d3e16a163dd3/1/knjugsz4dO-GRlfWjJa4TPEo8dc.roa
File: knjugsz4dO-GRlfWjJa4TPEo8dc.roa (raw, json)
Hash identifier: pgS04K1pxu870WaArIBezAQBjlsLTOobzOHJ29I84kY=
Subject key identifier: 92:78:EE:82:CC:F8:74:EF:86:46:57:D6:8C:96:B8:4C:F1:28:F1:D7
Certificate issuer: /CN=b90dfc2a651b5efab2c0cd59322d6d3b55906563
Certificate serial: 0194258F330016B7CF0ADC1827819B8F2C9A
Authority key identifier: B9:0D:FC:2A:65:1B:5E:FA:B2:C0:CD:59:32:2D:6D:3B:55:90:65:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uQ38KmUbXvqywM1ZMi1tO1WQZWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/847bc8-f7e6-43e0-a5cf-d3e16a163dd3/1/knjugsz4dO-GRlfWjJa4TPEo8dc.roa
Signing time: Thu 02 Jan 2025 05:48:49 +0000
ROA not before: Thu 02 Jan 2025 05:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198046
IP address blocks: 185.238.173.0/24 maxlen: 24
2a01:ad00:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/847bc8-f7e6-43e0-a5cf-d3e16a163dd3/1/uQ38KmUbXvqywM1ZMi1tO1WQZWM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/847bc8-f7e6-43e0-a5cf-d3e16a163dd3/1/uQ38KmUbXvqywM1ZMi1tO1WQZWM.mft
rsync://rpki.ripe.net/repository/DEFAULT/uQ38KmUbXvqywM1ZMi1tO1WQZWM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Mar 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:33:00:16:b7:cf:0a:dc:18:27:81:9b:8f:2c:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b90dfc2a651b5efab2c0cd59322d6d3b55906563
Validity
Not Before: Jan 2 05:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9278ee82ccf874ef864657d68c96b84cf128f1d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:55:b7:4e:75:93:dc:76:bd:d7:4c:ca:86:9b:
1a:40:c8:cf:ce:5e:e6:60:d8:d5:71:d2:50:55:8a:
d9:0b:ad:22:c5:1a:00:bc:d3:a8:a6:6e:aa:d1:8f:
1f:a6:35:fc:28:30:e4:31:a6:8a:03:51:72:f9:b0:
77:d1:ff:0d:7e:36:80:e5:5b:43:25:ef:5a:39:12:
a0:e5:71:21:42:aa:02:f0:dc:25:12:27:29:44:58:
4b:8b:98:e6:b9:fc:c2:97:18:f1:9c:15:fb:4b:ae:
04:54:71:a6:a2:f3:8f:b2:30:4b:42:5d:7e:d8:a1:
c7:ca:69:61:26:a3:83:cb:ce:aa:cd:71:89:42:a8:
f9:3c:7d:14:a9:49:85:16:20:5f:af:84:bc:8f:3c:
1b:fb:65:28:88:8e:4b:7a:45:f7:42:cb:0e:c4:b7:
7d:8a:60:43:90:f2:78:14:ee:8b:b1:a8:8b:5d:ad:
34:a6:94:2a:e1:69:ff:9a:69:fd:70:b8:f6:73:80:
bb:0c:84:a1:bc:ef:96:9d:b7:75:88:c1:a0:a6:c8:
78:37:b9:b8:31:bb:d4:01:ab:28:89:ca:9e:15:0a:
49:a0:83:73:d7:02:2d:fd:38:0f:da:bc:c6:70:ad:
cc:5a:34:e0:1a:95:56:54:e8:f1:ed:33:4a:36:c0:
7e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:78:EE:82:CC:F8:74:EF:86:46:57:D6:8C:96:B8:4C:F1:28:F1:D7
X509v3 Authority Key Identifier:
keyid:B9:0D:FC:2A:65:1B:5E:FA:B2:C0:CD:59:32:2D:6D:3B:55:90:65:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uQ38KmUbXvqywM1ZMi1tO1WQZWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/847bc8-f7e6-43e0-a5cf-d3e16a163dd3/1/knjugsz4dO-GRlfWjJa4TPEo8dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/847bc8-f7e6-43e0-a5cf-d3e16a163dd3/1/uQ38KmUbXvqywM1ZMi1tO1WQZWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.173.0/24
IPv6:
2a01:ad00:8::/48
Signature Algorithm: sha256WithRSAEncryption
27:19:80:8e:70:44:50:4c:0d:9e:23:45:57:e8:9e:bc:3b:1d:
1b:ba:3b:53:d5:c6:4c:c5:0b:8e:f2:4f:37:aa:c4:e2:fe:3a:
db:19:08:c9:08:7a:bf:68:94:e3:33:37:18:a0:8a:72:27:6a:
33:c0:d2:69:6a:2c:8f:af:71:9c:65:16:ec:b6:34:de:6e:ef:
b0:aa:1f:36:08:aa:e2:32:a4:fa:02:75:6b:af:4c:92:05:b3:
e8:92:fe:11:8b:07:23:5b:a1:e4:4d:df:dc:30:d5:31:29:39:
59:ce:e7:fd:f8:b3:c6:1a:34:52:a9:ba:ac:89:ea:c0:a3:27:
49:94:dd:58:a3:4b:66:78:ea:90:a4:fc:40:31:05:8c:8e:0f:
65:c5:12:64:ad:6f:8a:de:30:22:a0:8f:a5:d2:41:e2:4f:3f:
33:e5:8f:a1:74:5e:51:d8:0c:2a:54:8f:5d:1c:26:5a:f7:94:
9b:be:e7:ac:78:d5:62:2d:7e:c5:28:b5:72:7d:63:96:0b:4f:
f4:4a:5e:93:29:9f:7f:d0:5f:d4:ea:ae:c9:9a:9d:3c:d2:d7:
c0:39:17:1c:72:89:92:28:49:ac:3e:35:ab:7e:da:de:da:cc:
00:33:34:36:8d:1d:a6:9c:e7:4a:41:ef:88:3f:7f:04:98:4c:
33:22:e4:57
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQljzMAFrfPCtwYJ4GbjyyaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MGRmYzJhNjUxYjVlZmFiMmMwY2Q1OTMyMmQ2ZDNiNTU5
MDY1NjMwHhcNMjUwMTAyMDU0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mjc4ZWU4MmNjZjg3NGVmODY0NjU3ZDY4Yzk2Yjg0Y2YxMjhmMWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1W3TnWT3Ha910zKhpsaQMjPzl7m
YNjVcdJQVYrZC60ixRoAvNOopm6q0Y8fpjX8KDDkMaaKA1Fy+bB30f8NfjaA5VtD
Je9aORKg5XEhQqoC8NwlEicpRFhLi5jmufzClxjxnBX7S64EVHGmovOPsjBLQl1+
2KHHymlhJqODy86qzXGJQqj5PH0UqUmFFiBfr4S8jzwb+2UoiI5LekX3QssOxLd9
imBDkPJ4FO6LsaiLXa00ppQq4Wn/mmn9cLj2c4C7DIShvO+Wnbd1iMGgpsh4N7m4
MbvUAasoicqeFQpJoINz1wIt/TgP2rzGcK3MWjTgGpVWVOjx7TNKNsB+sQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJJ47oLM+HTvhkZX1oyWuEzxKPHXMB8GA1UdIwQY
MBaAFLkN/CplG176ssDNWTItbTtVkGVjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVEzOEttVWJYdnF5d00xWk1pMXRPMVdRWldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC84NDdiYzgtZjdlNi00M2UwLWE1Y2Yt
ZDNlMTZhMTYzZGQzLzEva25qdWdzejRkTy1HUmxmV2pKYTRUUEVvOGRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC84NDdiYzgtZjdlNi00M2UwLWE1Y2YtZDNlMTZhMTYzZGQz
LzEvdVEzOEttVWJYdnF5d00xWk1pMXRPMVdRWldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAue6tMA8E
AgACMAkDBwAqAa0AAAgwDQYJKoZIhvcNAQELBQADggEBACcZgI5wRFBMDZ4jRVfo
nrw7HRu6O1PVxkzFC47yTzeqxOL+OtsZCMkIer9olOMzNxiginInajPA0mlqLI+v
cZxlFuy2NN5u77CqHzYIquIypPoCdWuvTJIFs+iS/hGLByNboeRN39ww1TEpOVnO
5/34s8YaNFKpuqyJ6sCjJ0mU3VijS2Z46pCk/EAxBYyOD2XFEmStb4reMCKgj6XS
QeJPPzPlj6F0XlHYDCpUj10cJlr3lJu+56x41WItfsUotXJ9Y5YLT/RKXpMpn3/Q
X9TqrsmanTzS18A5FxxyiZIoSaw+Nat+2t7azAAzNDaNHaac50pB74g/fwSYTDMi
5Fc=
-----END CERTIFICATE-----
Generated at Wed Mar 12 07:46:02 2025 by rpki-client