Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/0iLUxeXNyLeCeJPOBWFetpkhzr8.roa
File: 0iLUxeXNyLeCeJPOBWFetpkhzr8.roa (raw, json)
Hash identifier: GzvKjvrXUQtFRvTqnLO3SZbgmgXYnbU1huTzG2YJ5xg=
Subject key identifier: D2:22:D4:C5:E5:CD:C8:B7:82:78:93:CE:05:61:5E:B6:99:21:CE:BF
Certificate issuer: /CN=3558bb47de354e09e0fc2cb2c1fa14d71d926ee8
Certificate serial: 0194221F6DBD15849A5716DA6FAA482EFDAC
Authority key identifier: 35:58:BB:47:DE:35:4E:09:E0:FC:2C:B2:C1:FA:14:D7:1D:92:6E:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NVi7R941Tgng_CyywfoU1x2Sbug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/0iLUxeXNyLeCeJPOBWFetpkhzr8.roa
Signing time: Wed 01 Jan 2025 13:47:52 +0000
ROA not before: Wed 01 Jan 2025 13:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56548
IP address blocks: 185.188.114.0/24 maxlen: 24
185.188.115.0/24 maxlen: 24
185.199.208.0/24 maxlen: 24
185.199.210.0/24 maxlen: 24
185.199.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/NVi7R941Tgng_CyywfoU1x2Sbug.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/NVi7R941Tgng_CyywfoU1x2Sbug.mft
rsync://rpki.ripe.net/repository/DEFAULT/NVi7R941Tgng_CyywfoU1x2Sbug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:6d:bd:15:84:9a:57:16:da:6f:aa:48:2e:fd:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3558bb47de354e09e0fc2cb2c1fa14d71d926ee8
Validity
Not Before: Jan 1 13:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d222d4c5e5cdc8b7827893ce05615eb69921cebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c7:08:22:a9:d7:8d:b5:de:39:64:da:c1:c3:
1b:73:9a:6a:9f:2f:ac:97:56:51:0e:20:86:16:b8:
ed:60:30:76:73:20:e6:ed:b8:b5:9b:4f:94:36:3a:
1b:b1:9a:d7:f9:1e:22:0c:8b:7a:a4:9d:a6:ae:2a:
22:89:b9:45:79:11:32:65:13:6d:b3:6c:4d:10:8a:
53:5c:59:e5:62:c9:e6:b8:0d:e7:33:db:23:11:3f:
cd:e1:2d:d2:12:e9:28:7c:50:ac:18:0b:58:98:d8:
54:50:14:7b:cc:bd:bc:07:61:07:73:0b:26:c6:a0:
bb:bf:84:10:59:2a:7b:3a:32:04:dc:24:03:fb:ae:
f8:bd:e6:36:30:9d:1e:3b:77:15:95:71:c3:62:00:
79:39:13:d1:58:5e:20:cc:7d:5b:e2:ca:2f:cf:20:
9b:5c:54:a3:51:1d:6b:ab:69:49:81:4a:04:e1:93:
54:da:b1:2a:ae:0a:1e:40:df:ff:26:3b:e0:d8:1c:
48:5b:05:01:94:04:41:37:ea:34:29:8c:80:c2:bf:
ce:39:f2:df:ad:57:11:78:78:94:d7:c6:c3:cd:35:
15:61:19:3f:3f:df:c8:36:cd:b5:40:51:f8:32:f7:
83:2a:64:3e:e0:f9:71:b3:7e:ff:af:13:f9:a4:0e:
90:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:22:D4:C5:E5:CD:C8:B7:82:78:93:CE:05:61:5E:B6:99:21:CE:BF
X509v3 Authority Key Identifier:
keyid:35:58:BB:47:DE:35:4E:09:E0:FC:2C:B2:C1:FA:14:D7:1D:92:6E:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NVi7R941Tgng_CyywfoU1x2Sbug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/0iLUxeXNyLeCeJPOBWFetpkhzr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/NVi7R941Tgng_CyywfoU1x2Sbug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.114.0/23
185.199.208.0/24
185.199.210.0/23
Signature Algorithm: sha256WithRSAEncryption
53:90:55:a9:1b:90:c6:8b:8c:4d:e2:f7:81:81:51:dc:65:4e:
cc:9c:ff:31:6d:1c:cb:e6:24:ed:4f:04:9d:ab:c2:d9:e2:79:
aa:a2:74:62:6d:63:fc:42:40:9f:25:ac:87:61:b8:5f:75:b3:
b2:5f:8e:fe:4c:1c:94:ed:9a:2f:e6:7f:38:38:6e:5b:91:23:
fc:fb:06:e9:22:9a:10:81:c0:26:28:bf:ea:cd:65:af:ef:41:
2b:0a:c8:df:72:dd:e4:bc:05:30:9d:63:c1:a7:e3:87:69:3f:
85:3a:00:15:f7:c1:ab:34:05:e2:18:84:bb:9d:d3:0d:8a:10:
65:d6:4d:30:cc:8d:9d:86:a7:0e:94:09:c5:7f:40:f9:5e:e5:
6e:f1:1c:2d:4f:40:77:02:01:cb:9e:8f:a6:1f:35:9b:10:af:
04:a5:08:55:a5:4f:1d:d0:33:a1:8d:5c:ff:0e:8d:f0:a3:18:
2f:ce:b2:42:33:98:ee:64:2a:9c:c1:49:8b:be:e0:e4:0c:32:
37:b4:44:11:f7:31:c2:83:9d:12:09:23:b5:51:cf:27:55:db:
36:9c:22:d4:2f:11:08:60:18:0f:20:42:63:65:dd:bb:43:91:
7a:7b:da:e6:c7:f3:e4:13:a3:51:ab:dc:bd:ba:f7:2d:64:24:
69:aa:d5:ac
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiH229FYSaVxbab6pILv2sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NThiYjQ3ZGUzNTRlMDllMGZjMmNiMmMxZmExNGQ3MWQ5
MjZlZTgwHhcNMjUwMTAxMTM0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjIyZDRjNWU1Y2RjOGI3ODI3ODkzY2UwNTYxNWViNjk5MjFjZWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMcIIqnXjbXeOWTawcMbc5pqny+s
l1ZRDiCGFrjtYDB2cyDm7bi1m0+UNjobsZrX+R4iDIt6pJ2mrioiiblFeREyZRNt
s2xNEIpTXFnlYsnmuA3nM9sjET/N4S3SEukofFCsGAtYmNhUUBR7zL28B2EHcwsm
xqC7v4QQWSp7OjIE3CQD+674veY2MJ0eO3cVlXHDYgB5ORPRWF4gzH1b4sovzyCb
XFSjUR1rq2lJgUoE4ZNU2rEqrgoeQN//Jjvg2BxIWwUBlARBN+o0KYyAwr/OOfLf
rVcReHiU18bDzTUVYRk/P9/INs21QFH4MveDKmQ+4Plxs37/rxP5pA6Q2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNIi1MXlzci3gniTzgVhXraZIc6/MB8GA1UdIwQY
MBaAFDVYu0feNU4J4PwsssH6FNcdkm7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlZpN1I5NDFUZ25nX0N5eXdmb1UxeDJTYnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9hMGZhY2EtZGI3Zi00ZWQ4LWIxMWEt
ZWVjNDZjYTgyYTMzLzEvMGlMVXhlWE55TGVDZUpQT0JXRmV0cGtoenI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9hMGZhY2EtZGI3Zi00ZWQ4LWIxMWEtZWVjNDZjYTgyYTMz
LzEvTlZpN1I5NDFUZ25nX0N5eXdmb1UxeDJTYnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBubxyAwQA
ucfQAwQBucfSMA0GCSqGSIb3DQEBCwUAA4IBAQBTkFWpG5DGi4xN4veBgVHcZU7M
nP8xbRzL5iTtTwSdq8LZ4nmqonRibWP8QkCfJayHYbhfdbOyX47+TByU7Zov5n84
OG5bkSP8+wbpIpoQgcAmKL/qzWWv70ErCsjfct3kvAUwnWPBp+OHaT+FOgAV98Gr
NAXiGIS7ndMNihBl1k0wzI2dhqcOlAnFf0D5XuVu8RwtT0B3AgHLno+mHzWbEK8E
pQhVpU8d0DOhjVz/Do3woxgvzrJCM5juZCqcwUmLvuDkDDI3tEQR9zHCg50SCSO1
Uc8nVds2nCLULxEIYBgPIEJjZd27Q5F6e9rmx/PkE6NRq9y9uvctZCRpqtWs
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:24 2025 by rpki-client