Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6b1151-b05a-4a02-a883-0f5f09b2eb14/1/tWQPgt2ULgR-XHuKbKbtwnO0yt4.roa
File: tWQPgt2ULgR-XHuKbKbtwnO0yt4.roa (raw, json)
Hash identifier: FTezREACVvewvxdnyIiPFrHTxEp8/emPQ8i+6JCdMYw=
Subject key identifier: B5:64:0F:82:DD:94:2E:04:7E:5C:7B:8A:6C:A6:ED:C2:73:B4:CA:DE
Certificate issuer: /CN=521a30077223c25c6f37dcf59480778c0b5b1068
Certificate serial: 019425FC64875DB7532FF613436D78F11D65
Authority key identifier: 52:1A:30:07:72:23:C2:5C:6F:37:DC:F5:94:80:77:8C:0B:5B:10:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UhowB3IjwlxvN9z1lIB3jAtbEGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6b1151-b05a-4a02-a883-0f5f09b2eb14/1/tWQPgt2ULgR-XHuKbKbtwnO0yt4.roa
Signing time: Thu 02 Jan 2025 07:48:05 +0000
ROA not before: Thu 02 Jan 2025 07:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207846
IP address blocks: 185.194.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/6b1151-b05a-4a02-a883-0f5f09b2eb14/1/UhowB3IjwlxvN9z1lIB3jAtbEGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/6b1151-b05a-4a02-a883-0f5f09b2eb14/1/UhowB3IjwlxvN9z1lIB3jAtbEGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/UhowB3IjwlxvN9z1lIB3jAtbEGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 01:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:64:87:5d:b7:53:2f:f6:13:43:6d:78:f1:1d:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521a30077223c25c6f37dcf59480778c0b5b1068
Validity
Not Before: Jan 2 07:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5640f82dd942e047e5c7b8a6ca6edc273b4cade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b1:70:31:0a:b6:32:4c:63:e5:5b:36:8b:7c:
59:bb:e8:a7:0d:7a:c0:f6:c4:db:37:b8:64:93:26:
d4:d2:2d:63:8c:ca:79:cc:97:e4:00:cf:ea:6b:9d:
d5:91:3b:9e:ac:f7:7e:a6:65:e4:bf:b3:c6:19:24:
19:c3:20:47:c0:d4:c4:5d:eb:f1:b4:bb:9e:f7:a1:
e9:d2:b5:54:98:ed:e8:b7:18:26:25:59:82:38:c6:
33:c2:02:7d:92:5d:ef:12:6e:d0:16:73:06:68:97:
48:22:c0:16:60:ec:21:93:f0:ad:f8:35:d9:d5:02:
d8:52:42:37:d4:b2:c0:97:54:bd:87:db:f2:0a:e3:
be:16:3a:07:51:d0:d0:d7:67:ec:7e:0d:ff:c3:80:
3a:3f:b1:ef:d9:fd:e2:81:11:c1:12:8c:53:34:19:
87:cd:05:d1:cf:7b:1b:6d:85:88:f1:61:98:96:f5:
a8:a7:b4:db:e7:53:1b:4e:51:0c:97:18:d8:de:df:
cc:6a:21:ce:c6:03:ac:83:32:19:0f:5e:07:15:a5:
4f:4e:7f:66:fa:45:04:ee:0b:44:4a:93:fa:5c:88:
09:b9:5a:c0:56:5e:0b:e4:3f:c6:ed:d5:cc:76:ca:
29:e5:9c:1c:5e:86:4e:5d:c1:96:94:1b:68:27:d8:
ac:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:64:0F:82:DD:94:2E:04:7E:5C:7B:8A:6C:A6:ED:C2:73:B4:CA:DE
X509v3 Authority Key Identifier:
keyid:52:1A:30:07:72:23:C2:5C:6F:37:DC:F5:94:80:77:8C:0B:5B:10:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UhowB3IjwlxvN9z1lIB3jAtbEGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6b1151-b05a-4a02-a883-0f5f09b2eb14/1/tWQPgt2ULgR-XHuKbKbtwnO0yt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6b1151-b05a-4a02-a883-0f5f09b2eb14/1/UhowB3IjwlxvN9z1lIB3jAtbEGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.114.0/24
Signature Algorithm: sha256WithRSAEncryption
95:af:6a:ef:b7:71:b7:fc:ea:85:1f:0c:5e:dc:04:f6:93:e4:
3e:8b:c2:76:b1:71:a8:53:5e:c8:53:07:f3:5b:aa:76:a3:df:
6d:75:38:b9:d0:5d:1d:61:0e:21:c7:97:1c:ec:f2:f2:c3:12:
bd:a7:b2:a8:ed:ae:e5:60:69:e9:35:a9:ab:e5:45:f9:61:aa:
78:07:bc:f2:a8:34:b8:cf:73:1c:bf:d3:3c:8b:86:f7:ed:fb:
82:4d:26:1f:5b:fc:99:84:0a:ea:6b:5a:d7:77:92:66:24:f7:
18:db:44:6c:fc:dc:3d:b7:dc:06:d5:a9:d7:74:6e:eb:5b:4d:
79:6b:9a:01:aa:d0:6b:98:71:01:c5:b8:dd:2a:94:25:82:46:
d7:87:e1:78:69:ea:50:4a:7f:fb:a9:14:85:12:c7:63:4c:f3:
aa:28:98:2b:da:4e:cd:87:59:33:15:0b:7e:78:62:18:4c:4d:
4a:78:55:d3:df:19:ed:48:c3:19:aa:7b:a9:05:96:52:d3:98:
77:6e:24:b4:68:c6:19:ef:5d:08:a8:6a:74:24:ec:8a:a4:2c:
bd:dc:d9:3d:fa:1b:93:3a:14:e4:fc:ee:cf:97:ed:0d:9c:58:
7c:da:a0:f4:e5:72:e5:34:01:22:45:e7:22:23:fe:27:8b:33:
86:7f:6c:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/GSHXbdTL/YTQ2148R1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWEzMDA3NzIyM2MyNWM2ZjM3ZGNmNTk0ODA3NzhjMGI1
YjEwNjgwHhcNMjUwMTAyMDc0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTY0MGY4MmRkOTQyZTA0N2U1YzdiOGE2Y2E2ZWRjMjczYjRjYWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLFwMQq2Mkxj5Vs2i3xZu+inDXrA
9sTbN7hkkybU0i1jjMp5zJfkAM/qa53VkTuerPd+pmXkv7PGGSQZwyBHwNTEXevx
tLue96Hp0rVUmO3otxgmJVmCOMYzwgJ9kl3vEm7QFnMGaJdIIsAWYOwhk/Ct+DXZ
1QLYUkI31LLAl1S9h9vyCuO+FjoHUdDQ12fsfg3/w4A6P7Hv2f3igRHBEoxTNBmH
zQXRz3sbbYWI8WGYlvWop7Tb51MbTlEMlxjY3t/MaiHOxgOsgzIZD14HFaVPTn9m
+kUE7gtESpP6XIgJuVrAVl4L5D/G7dXMdsop5ZwcXoZOXcGWlBtoJ9is3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLVkD4LdlC4Eflx7imym7cJztMreMB8GA1UdIwQY
MBaAFFIaMAdyI8Jcbzfc9ZSAd4wLWxBoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWhvd0IzSWp3bHh2Tjl6MWxJQjNqQXRiRUdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82YjExNTEtYjA1YS00YTAyLWE4ODMt
MGY1ZjA5YjJlYjE0LzEvdFdRUGd0MlVMZ1ItWEh1S2JLYnR3bk8weXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82YjExNTEtYjA1YS00YTAyLWE4ODMtMGY1ZjA5YjJlYjE0
LzEvVWhvd0IzSWp3bHh2Tjl6MWxJQjNqQXRiRUdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucJyMA0G
CSqGSIb3DQEBCwUAA4IBAQCVr2rvt3G3/OqFHwxe3AT2k+Q+i8J2sXGoU17IUwfz
W6p2o99tdTi50F0dYQ4hx5cc7PLywxK9p7Ko7a7lYGnpNamr5UX5Yap4B7zyqDS4
z3Mcv9M8i4b37fuCTSYfW/yZhArqa1rXd5JmJPcY20Rs/Nw9t9wG1anXdG7rW015
a5oBqtBrmHEBxbjdKpQlgkbXh+F4aepQSn/7qRSFEsdjTPOqKJgr2k7Nh1kzFQt+
eGIYTE1KeFXT3xntSMMZqnupBZZS05h3biS0aMYZ710IqGp0JOyKpCy93Nk9+huT
OhTk/O7Pl+0NnFh82qD05XLlNAEiReciI/4nizOGf2w5
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:01:46 2025 by rpki-client