Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/pIvBgTa21ZIrbNAe93h6ywfLfqU.roa
File: pIvBgTa21ZIrbNAe93h6ywfLfqU.roa (raw, json)
Hash identifier: 4TvmPBfwBLS029TBaeYbv9kyWoozw1GEP3VDLEg1dFk=
Subject key identifier: A4:8B:C1:81:36:B6:D5:92:2B:6C:D0:1E:F7:78:7A:CB:07:CB:7E:A5
Certificate issuer: /CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Certificate serial: 01941F8C85AD4683E2D2EC00D0E435942BF4
Authority key identifier: C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/pIvBgTa21ZIrbNAe93h6ywfLfqU.roa
Signing time: Wed 01 Jan 2025 01:48:10 +0000
ROA not before: Wed 01 Jan 2025 01:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197726
IP address blocks: 195.123.176.0/24 maxlen: 24
195.123.178.0/24 maxlen: 24
195.123.179.0/24 maxlen: 24
195.123.187.0/24 maxlen: 24
195.123.188.0/24 maxlen: 24
195.123.189.0/24 maxlen: 24
195.123.190.0/24 maxlen: 24
195.123.191.0/24 maxlen: 24
195.123.193.0/24 maxlen: 24
195.123.194.0/24 maxlen: 24
195.123.195.0/24 maxlen: 24
195.123.196.0/22 maxlen: 22
195.123.248.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 03:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:85:ad:46:83:e2:d2:ec:00:d0:e4:35:94:2b:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Validity
Not Before: Jan 1 01:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a48bc18136b6d5922b6cd01ef7787acb07cb7ea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:87:1a:02:26:11:ad:bb:1d:c6:a0:23:50:3f:
1f:e8:95:f1:5a:c0:7d:58:93:ee:5a:f3:95:a2:d1:
14:af:46:e9:d7:de:dd:f5:b5:e8:55:8d:13:4b:37:
d4:35:3a:a6:39:42:af:20:3a:47:58:41:a2:42:47:
cd:f4:92:cc:45:8b:6a:1c:47:22:4c:73:da:e9:96:
91:53:b1:62:d9:d4:65:06:9e:66:47:6e:3e:3e:c4:
3b:b1:30:85:9e:df:e6:63:97:fa:f7:f4:ee:e5:83:
95:fa:5b:f6:07:68:64:36:48:05:6c:1f:31:d7:22:
d6:c7:47:ec:dd:7b:60:69:f3:51:50:64:7c:33:7a:
03:c8:35:22:d2:bc:1e:f3:94:e6:5d:4e:ad:32:82:
db:84:87:0c:94:3c:10:63:28:70:9d:b5:f3:df:d1:
22:cc:e6:6a:3c:ce:62:55:1e:51:8f:69:57:81:c8:
fd:5c:46:93:96:a9:e8:53:28:21:43:7d:d0:26:77:
22:53:bc:e2:79:e7:26:94:d2:88:35:2a:14:04:38:
28:b7:b2:f9:e2:6c:b7:e2:86:40:66:2f:10:80:1e:
73:48:dc:f8:41:e2:ff:47:76:36:3b:91:82:e8:a8:
b1:23:32:cb:91:4c:5c:9d:69:b8:ef:6d:c6:19:f1:
92:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:8B:C1:81:36:B6:D5:92:2B:6C:D0:1E:F7:78:7A:CB:07:CB:7E:A5
X509v3 Authority Key Identifier:
keyid:C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/pIvBgTa21ZIrbNAe93h6ywfLfqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.123.176.0/24
195.123.178.0/23
195.123.187.0-195.123.191.255
195.123.193.0-195.123.199.255
195.123.248.0/22
Signature Algorithm: sha256WithRSAEncryption
98:4c:86:b0:31:e9:25:71:2e:7b:ee:a0:22:b7:63:b7:3e:0a:
16:49:47:73:ad:99:d1:8b:9b:06:e9:17:6a:d6:b0:a1:a6:cf:
30:25:a6:9b:2b:18:d3:06:08:c0:78:b0:77:df:bc:f7:5c:d8:
e9:e9:ae:7f:a4:31:f7:d8:3a:84:11:4b:e1:1d:4b:fc:0a:7f:
4b:c3:7f:aa:4b:10:ca:66:79:f5:e3:fa:29:0d:25:3a:3f:64:
a3:84:c3:3b:6b:4f:c8:be:56:b9:3e:7c:71:d9:99:ae:a0:29:
ae:91:93:1c:8a:f2:60:71:14:1d:a5:6c:97:25:5b:8d:58:c0:
3f:77:88:a7:5d:d8:d9:e0:4f:64:43:b6:9e:25:83:11:d9:8d:
07:5a:58:36:51:57:39:b9:30:1c:5c:9e:53:ec:70:28:dc:df:
81:48:f7:a0:b5:8f:8f:19:d1:d4:5e:e0:ca:55:4e:75:71:15:
14:79:bb:be:b4:4c:63:2e:09:0c:d0:ff:9e:9a:6b:65:b0:77:
7d:62:32:4e:01:c9:f4:60:a4:71:4e:cd:88:0a:cf:40:55:2f:
67:68:72:9f:0e:90:b0:b5:8c:87:6a:07:84:18:f5:25:ee:2e:
9d:14:43:d8:c9:66:07:2f:9f:e6:e9:a5:f1:96:b4:81:4a:00:
2a:31:d2:65
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQfjIWtRoPi0uwA0OQ1lCv0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDVhZGM1YzQyNjJkZmY2YjNmM2U2MDY4MzBjN2Y5NzFk
NzY2Y2UwHhcNMjUwMTAxMDE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDhiYzE4MTM2YjZkNTkyMmI2Y2QwMWVmNzc4N2FjYjA3Y2I3ZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIcaAiYRrbsdxqAjUD8f6JXxWsB9
WJPuWvOVotEUr0bp197d9bXoVY0TSzfUNTqmOUKvIDpHWEGiQkfN9JLMRYtqHEci
THPa6ZaRU7Fi2dRlBp5mR24+PsQ7sTCFnt/mY5f69/Tu5YOV+lv2B2hkNkgFbB8x
1yLWx0fs3XtgafNRUGR8M3oDyDUi0rwe85TmXU6tMoLbhIcMlDwQYyhwnbXz39Ei
zOZqPM5iVR5Rj2lXgcj9XEaTlqnoUyghQ33QJnciU7zieecmlNKINSoUBDgot7L5
4my34oZAZi8QgB5zSNz4QeL/R3Y2O5GC6KixIzLLkUxcnWm4723GGfGSFwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFKSLwYE2ttWSK2zQHvd4essHy36lMB8GA1UdIwQY
MBaAFMEFrcXEJi3/az8+YGgwx/lx12bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODkt
NTE1ODQ1ZTZjMzE3LzEvcEl2QmdUYTIxWklyYk5BZTkzaDZ5d2ZMZnFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODktNTE1ODQ1ZTZjMzE3
LzEvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQAw3uwAwQB
w3uyMAwDBADDe7sDBAbDe4AwDAMEAMN7wQMEA8N7wAMEAsN7+DANBgkqhkiG9w0B
AQsFAAOCAQEAmEyGsDHpJXEue+6gIrdjtz4KFklHc62Z0YubBukXatawoabPMCWm
mysY0wYIwHiwd9+891zY6emuf6Qx99g6hBFL4R1L/Ap/S8N/qksQymZ59eP6KQ0l
Oj9ko4TDO2tPyL5WuT58cdmZrqAprpGTHIryYHEUHaVslyVbjVjAP3eIp13Y2eBP
ZEO2niWDEdmNB1pYNlFXObkwHFyeU+xwKNzfgUj3oLWPjxnR1F7gylVOdXEVFHm7
vrRMYy4JDND/npprZbB3fWIyTgHJ9GCkcU7NiArPQFUvZ2hynw6QsLWMh2oHhBj1
Je4unRRD2MlmBy+f5uml8Za0gUoAKjHSZQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:50:45 2025 by rpki-client