Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/f9SSHAY0ScyW5AZG3u-f0ngGXZc.roa
File: f9SSHAY0ScyW5AZG3u-f0ngGXZc.roa (raw, json)
Hash identifier: rDOXQ0c3zQtm3V3iG9O7bIWJmbqXnEDJDT0mmOn7+8Y=
Subject key identifier: 7F:D4:92:1C:06:34:49:CC:96:E4:06:46:DE:EF:9F:D2:78:06:5D:97
Certificate issuer: /CN=dfb8ff2f3a0bfc41eadc18af9e52acd100524149
Certificate serial: 01941FFA9E99450730042937A9E961AB4853
Authority key identifier: DF:B8:FF:2F:3A:0B:FC:41:EA:DC:18:AF:9E:52:AC:D1:00:52:41:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/37j_LzoL_EHq3BivnlKs0QBSQUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/f9SSHAY0ScyW5AZG3u-f0ngGXZc.roa
Signing time: Wed 01 Jan 2025 03:48:25 +0000
ROA not before: Wed 01 Jan 2025 03:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52129
IP address blocks: 185.132.180.0/22 maxlen: 22
185.132.180.0/24 maxlen: 24
185.132.181.0/24 maxlen: 24
185.132.182.0/24 maxlen: 24
185.132.183.0/24 maxlen: 24
2a0a:2b00::/44 maxlen: 44
2a0a:2b00:10::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/37j_LzoL_EHq3BivnlKs0QBSQUk.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/37j_LzoL_EHq3BivnlKs0QBSQUk.mft
rsync://rpki.ripe.net/repository/DEFAULT/37j_LzoL_EHq3BivnlKs0QBSQUk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:9e:99:45:07:30:04:29:37:a9:e9:61:ab:48:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfb8ff2f3a0bfc41eadc18af9e52acd100524149
Validity
Not Before: Jan 1 03:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fd4921c063449cc96e40646deef9fd278065d97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:24:0b:5e:69:c5:32:33:05:9c:33:12:07:50:
8c:90:30:fe:2a:1f:40:f7:cf:71:9c:c5:94:a5:34:
26:71:fe:9c:77:c1:cd:91:4f:da:9e:2b:3c:a1:49:
61:05:54:f8:79:70:03:9a:3f:96:47:8b:4b:a8:2f:
41:4b:b2:74:a5:42:a5:b6:c2:00:4a:0c:d0:c5:22:
10:b0:82:86:8f:7a:f1:91:04:00:6b:f7:1d:81:70:
9c:4f:da:db:58:81:9c:4f:ce:5d:71:74:84:fe:02:
ac:39:ba:b2:b5:86:74:00:35:76:a4:d8:37:5d:38:
c3:de:77:bb:b9:66:c9:c3:8a:3d:93:63:6a:f6:6d:
ad:1a:9a:5f:2a:e0:12:91:d8:f1:c5:2b:b5:7b:18:
81:ba:50:98:5a:c7:ac:21:de:4a:1b:ee:25:dc:97:
0e:81:78:ab:07:55:d2:49:ee:dd:0b:67:17:ab:7d:
4f:49:72:f9:57:b1:af:41:c6:a3:cf:54:17:47:df:
ac:5d:6c:dc:35:29:23:e8:39:70:f6:14:94:69:f8:
a5:57:3c:b5:65:b5:8a:19:85:e6:49:8e:e7:25:4f:
6c:35:bf:81:f8:b6:eb:33:d2:d2:6a:b3:a2:de:49:
4e:fa:73:af:b7:1d:69:fb:09:00:53:08:47:90:be:
dc:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:D4:92:1C:06:34:49:CC:96:E4:06:46:DE:EF:9F:D2:78:06:5D:97
X509v3 Authority Key Identifier:
keyid:DF:B8:FF:2F:3A:0B:FC:41:EA:DC:18:AF:9E:52:AC:D1:00:52:41:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/37j_LzoL_EHq3BivnlKs0QBSQUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/f9SSHAY0ScyW5AZG3u-f0ngGXZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/37j_LzoL_EHq3BivnlKs0QBSQUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.180.0/22
IPv6:
2a0a:2b00::/43
Signature Algorithm: sha256WithRSAEncryption
22:5b:69:d4:6f:3d:f5:b8:7d:37:c9:eb:f8:c2:56:79:d8:27:
0a:d5:da:34:05:08:6d:a9:ee:45:f7:d3:f0:b5:03:1a:0e:d0:
8f:62:37:68:86:12:36:51:a0:fa:30:b1:0f:69:ba:c2:56:07:
3b:f4:92:3a:9f:14:06:95:5b:f0:e4:58:03:3f:52:1d:d0:a4:
95:58:c6:07:a9:de:c7:e4:47:a0:a6:d9:00:36:6b:f5:99:f3:
ca:31:f6:ad:1c:a9:fa:8e:96:0a:de:ed:a3:ff:94:aa:3a:5c:
c0:cf:fe:10:00:b8:e9:f2:e5:78:0b:0d:31:a8:f1:a3:ec:31:
51:d5:ce:35:6f:76:fd:b4:38:ea:e0:69:d1:bb:d5:69:d6:70:
cf:1a:c9:16:06:d0:fd:b0:89:98:ed:66:fd:67:62:dc:d6:41:
26:b3:b9:73:13:15:fc:f3:a7:ab:e3:35:2c:1a:eb:db:dc:e2:
b7:a0:cf:d6:24:a0:87:6b:ae:a0:36:cd:ca:51:0c:db:44:83:
6b:a8:2e:01:69:14:89:04:77:bc:2e:f9:f8:d1:94:36:af:f5:
76:dd:6b:c8:0f:14:78:7b:03:1e:0a:4a:4a:95:1f:96:d6:31:
88:b0:b9:a5:57:08:34:75:a8:46:89:77:7a:e6:29:06:52:b6:
35:f4:b7:d2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQf+p6ZRQcwBCk3qelhq0hTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYjhmZjJmM2EwYmZjNDFlYWRjMThhZjllNTJhY2QxMDA1
MjQxNDkwHhcNMjUwMTAxMDM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmQ0OTIxYzA2MzQ0OWNjOTZlNDA2NDZkZWVmOWZkMjc4MDY1ZDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiQLXmnFMjMFnDMSB1CMkDD+Kh9A
989xnMWUpTQmcf6cd8HNkU/anis8oUlhBVT4eXADmj+WR4tLqC9BS7J0pUKltsIA
SgzQxSIQsIKGj3rxkQQAa/cdgXCcT9rbWIGcT85dcXSE/gKsObqytYZ0ADV2pNg3
XTjD3ne7uWbJw4o9k2Nq9m2tGppfKuASkdjxxSu1exiBulCYWsesId5KG+4l3JcO
gXirB1XSSe7dC2cXq31PSXL5V7GvQcajz1QXR9+sXWzcNSkj6Dlw9hSUafilVzy1
ZbWKGYXmSY7nJU9sNb+B+LbrM9LSarOi3klO+nOvtx1p+wkAUwhHkL7cNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH/UkhwGNEnMluQGRt7vn9J4Bl2XMB8GA1UdIwQY
MBaAFN+4/y86C/xB6twYr55SrNEAUkFJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzdqX0x6b0xfRUhxM0Jpdm5sS3MwUUJTUVVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC82Yjg3YWYtYTIxMi00ODBkLWE0ZDQt
YTNkZjNiNjljZTVhLzEvZjlTU0hBWTBTY3lXNUFaRzN1LWYwbmdHWFpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC82Yjg3YWYtYTIxMi00ODBkLWE0ZDQtYTNkZjNiNjljZTVh
LzEvMzdqX0x6b0xfRUhxM0Jpdm5sS3MwUUJTUVVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuYS0MA8E
AgACMAkDBwUqCisAAAAwDQYJKoZIhvcNAQELBQADggEBACJbadRvPfW4fTfJ6/jC
VnnYJwrV2jQFCG2p7kX30/C1AxoO0I9iN2iGEjZRoPowsQ9pusJWBzv0kjqfFAaV
W/DkWAM/Uh3QpJVYxgep3sfkR6Cm2QA2a/WZ88ox9q0cqfqOlgre7aP/lKo6XMDP
/hAAuOny5XgLDTGo8aPsMVHVzjVvdv20OOrgadG71WnWcM8ayRYG0P2wiZjtZv1n
YtzWQSazuXMTFfzzp6vjNSwa69vc4regz9YkoIdrrqA2zcpRDNtEg2uoLgFpFIkE
d7wu+fjRlDav9Xbda8gPFHh7Ax4KSkqVH5bWMYiwuaVXCDR1qEaJd3rmKQZStjX0
t9I=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:40:07 2025 by rpki-client