Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/DTLOnLZIHhlPP7pvWpWEUTLWHQg.roa
File: DTLOnLZIHhlPP7pvWpWEUTLWHQg.roa (raw, json)
Hash identifier: QLz4ZYz1buP6/UJvo5YrZ+4VolEyE3vVmr+8wwogqDA=
Subject key identifier: 0D:32:CE:9C:B6:48:1E:19:4F:3F:BA:6F:5A:95:84:51:32:D6:1D:08
Certificate issuer: /CN=25572e8f93b18a401cfecdf62586783858cc5f14
Certificate serial: 0194228DE0355FF25A269A8E77058A20E229
Authority key identifier: 25:57:2E:8F:93:B1:8A:40:1C:FE:CD:F6:25:86:78:38:58:CC:5F:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JVcuj5OxikAc_s32JYZ4OFjMXxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/DTLOnLZIHhlPP7pvWpWEUTLWHQg.roa
Signing time: Wed 01 Jan 2025 15:48:30 +0000
ROA not before: Wed 01 Jan 2025 15:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197164
IP address blocks: 185.114.124.0/22 maxlen: 24
192.162.228.0/23 maxlen: 24
192.162.230.0/24 maxlen: 24
2001:67c:2274::/48 maxlen: 48
2a06:6f00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/JVcuj5OxikAc_s32JYZ4OFjMXxQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:e0:35:5f:f2:5a:26:9a:8e:77:05:8a:20:e2:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25572e8f93b18a401cfecdf62586783858cc5f14
Validity
Not Before: Jan 1 15:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d32ce9cb6481e194f3fba6f5a95845132d61d08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4f:c1:ab:af:d0:8e:1b:a9:bf:38:fe:e6:8f:
01:08:98:33:16:08:dc:36:26:cb:9b:dd:32:a7:4c:
61:87:ae:63:d3:7d:ef:8e:75:86:06:80:8c:44:83:
42:56:6f:97:5e:25:1b:3b:b5:11:07:3b:5b:17:3f:
60:90:56:7c:19:9a:3a:e8:04:b1:cf:1f:b1:8d:d4:
78:e5:f7:88:d0:16:e3:cf:9d:f7:78:f3:11:a8:9e:
e4:d2:ff:de:9c:2b:c5:da:78:ab:c1:07:bb:23:16:
61:b9:13:30:ff:a6:1d:2d:d3:84:85:fd:44:84:94:
4e:af:be:c6:ca:e7:b9:e7:3c:ff:95:d3:30:61:e9:
10:69:74:dd:40:80:24:b5:46:c9:54:9c:80:a9:27:
86:a9:ae:ea:2f:9b:5a:2e:fe:fe:42:c3:9a:8b:ca:
63:62:34:81:63:10:03:a4:c6:8f:19:18:a4:d5:e2:
9d:8b:e7:9d:48:c6:28:a7:77:79:0c:9f:3a:da:4b:
ff:10:10:80:b6:b3:2c:c1:dc:ed:bd:83:64:e5:0b:
2f:5e:a4:80:e8:8a:b9:3f:c1:e8:1c:94:16:92:94:
83:6f:9c:37:ea:ac:7e:11:c6:0e:74:87:c3:fb:ea:
b2:b4:0d:96:94:20:b0:93:03:41:87:e9:c8:dd:71:
a2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:32:CE:9C:B6:48:1E:19:4F:3F:BA:6F:5A:95:84:51:32:D6:1D:08
X509v3 Authority Key Identifier:
keyid:25:57:2E:8F:93:B1:8A:40:1C:FE:CD:F6:25:86:78:38:58:CC:5F:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JVcuj5OxikAc_s32JYZ4OFjMXxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/DTLOnLZIHhlPP7pvWpWEUTLWHQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.124.0/22
192.162.228.0-192.162.230.255
IPv6:
2001:67c:2274::/48
2a06:6f00::/29
Signature Algorithm: sha256WithRSAEncryption
5b:a0:34:0f:3e:34:9a:b3:ef:cf:af:bc:b5:ba:ea:ca:b9:01:
87:3a:18:09:22:74:e1:7c:55:15:e1:20:e7:9c:62:86:a8:f9:
c2:45:28:b0:2f:a5:eb:bf:21:d4:7e:9e:ef:d8:27:0f:fa:e0:
87:0d:5a:ce:fc:b9:49:8b:e1:57:5f:d2:be:68:46:c0:4f:c9:
d7:09:0c:14:61:19:9c:49:a9:f5:2e:fa:14:a6:97:b2:43:e4:
b3:88:52:a7:62:d6:65:05:a9:6f:e5:d9:f3:0d:b5:a3:b0:b2:
93:91:78:15:bd:7c:03:84:73:fe:1a:a4:b4:7f:61:cf:fb:d4:
92:cb:14:62:38:87:70:93:18:8d:48:80:37:f8:fe:2a:21:80:
23:9f:28:e6:3b:78:0c:53:f4:d1:ca:d0:37:34:90:ae:2a:37:
29:2d:5d:5a:c6:cd:8c:06:9e:ea:f4:bf:72:4a:bd:9b:a5:56:
70:92:c2:39:5f:d7:c9:12:4a:ef:01:5a:41:9e:c2:6f:d6:bf:
b8:6d:0f:cf:56:70:03:c2:5c:0c:a3:8d:a3:57:ab:47:7e:45:
2f:94:ab:a4:25:fc:7c:08:9c:fb:45:85:1a:0a:02:d6:f9:41:
91:8c:c4:7a:5b:8f:11:4f:d9:4d:72:9c:19:df:4d:ad:a2:1b:
dc:6d:fe:40
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQijeA1X/JaJpqOdwWKIOIpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NTcyZThmOTNiMThhNDAxY2ZlY2RmNjI1ODY3ODM4NThj
YzVmMTQwHhcNMjUwMTAxMTU0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDMyY2U5Y2I2NDgxZTE5NGYzZmJhNmY1YTk1ODQ1MTMyZDYxZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApU/Bq6/Qjhupvzj+5o8BCJgzFgjc
NibLm90yp0xhh65j033vjnWGBoCMRINCVm+XXiUbO7URBztbFz9gkFZ8GZo66ASx
zx+xjdR45feI0Bbjz533ePMRqJ7k0v/enCvF2nirwQe7IxZhuRMw/6YdLdOEhf1E
hJROr77Gyue55zz/ldMwYekQaXTdQIAktUbJVJyAqSeGqa7qL5taLv7+QsOai8pj
YjSBYxADpMaPGRik1eKdi+edSMYop3d5DJ862kv/EBCAtrMswdztvYNk5QsvXqSA
6Iq5P8HoHJQWkpSDb5w36qx+EcYOdIfD++qytA2WlCCwkwNBh+nI3XGiJQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFA0yzpy2SB4ZTz+6b1qVhFEy1h0IMB8GA1UdIwQY
MBaAFCVXLo+TsYpAHP7N9iWGeDhYzF8UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlZjdWo1T3hpa0FjX3MzMkpZWjRPRmpNWHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80YjFhMzUtNGE4NC00MTRiLWIwNzMt
NjZkMzVlNTI1MDM5LzEvRFRMT25MWklIaGxQUDdwdldwV0VVVExXSFFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80YjFhMzUtNGE4NC00MTRiLWIwNzMtNjZkMzVlNTI1MDM5
LzEvSlZjdWo1T3hpa0FjX3MzMkpZWjRPRmpNWHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAaBAIAATAUAwQCuXJ8MAwD
BALAouQDBADAouYwFgQCAAIwEAMHACABBnwidAMFAyoGbwAwDQYJKoZIhvcNAQEL
BQADggEBAFugNA8+NJqz78+vvLW66sq5AYc6GAkidOF8VRXhIOecYoao+cJFKLAv
peu/IdR+nu/YJw/64IcNWs78uUmL4Vdf0r5oRsBPydcJDBRhGZxJqfUu+hSml7JD
5LOIUqdi1mUFqW/l2fMNtaOwspOReBW9fAOEc/4apLR/Yc/71JLLFGI4h3CTGI1I
gDf4/iohgCOfKOY7eAxT9NHK0Dc0kK4qNyktXVrGzYwGnur0v3JKvZulVnCSwjlf
18kSSu8BWkGewm/Wv7htD89WcAPCXAyjjaNXq0d+RS+Uq6Ql/HwInPtFhRoKAtb5
QZGMxHpbjxFP2U1ynBnfTa2iG9xt/kA=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:00:49 2025 by rpki-client