Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/4a293b-4c41-428c-9287-bd98b3e90e43/1/xIsbgd-1jNIqLfaxvWsXTolM4hw.roa
File: xIsbgd-1jNIqLfaxvWsXTolM4hw.roa (raw, json)
Hash identifier: IbSWm3FdPDBzLYRsZr3IBY9SNHNxrtPl7LMS9I121XU=
Subject key identifier: C4:8B:1B:81:DF:B5:8C:D2:2A:2D:F6:B1:BD:6B:17:4E:89:4C:E2:1C
Certificate issuer: /CN=1bdbc41144448065313ef0b82e1ccf7ae6ea5720
Certificate serial: 0194252183B98093068005B505593B9BFFBD
Authority key identifier: 1B:DB:C4:11:44:44:80:65:31:3E:F0:B8:2E:1C:CF:7A:E6:EA:57:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G9vEEUREgGUxPvC4LhzPeubqVyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/4a293b-4c41-428c-9287-bd98b3e90e43/1/xIsbgd-1jNIqLfaxvWsXTolM4hw.roa
Signing time: Thu 02 Jan 2025 03:49:00 +0000
ROA not before: Thu 02 Jan 2025 03:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13101
IP address blocks: 80.66.192.0/22 maxlen: 22
113.30.180.0/22 maxlen: 22
113.30.220.0/22 maxlen: 22
185.152.144.0/22 maxlen: 22
185.181.128.0/22 maxlen: 22
217.26.232.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/4a293b-4c41-428c-9287-bd98b3e90e43/1/G9vEEUREgGUxPvC4LhzPeubqVyA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/4a293b-4c41-428c-9287-bd98b3e90e43/1/G9vEEUREgGUxPvC4LhzPeubqVyA.mft
rsync://rpki.ripe.net/repository/DEFAULT/G9vEEUREgGUxPvC4LhzPeubqVyA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:83:b9:80:93:06:80:05:b5:05:59:3b:9b:ff:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bdbc41144448065313ef0b82e1ccf7ae6ea5720
Validity
Not Before: Jan 2 03:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c48b1b81dfb58cd22a2df6b1bd6b174e894ce21c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:27:d2:85:70:0d:ea:5b:90:dd:8e:09:38:c4:
7f:9c:73:30:12:d0:92:2c:fd:42:84:4d:a2:cf:20:
b1:18:10:13:f3:e7:1e:a9:12:fb:0d:11:05:dc:c2:
1b:42:db:f1:0e:76:cd:1d:e7:73:e0:ed:33:ad:d3:
78:70:6c:da:14:cf:64:ca:19:21:c3:16:09:67:63:
46:49:b3:ec:9b:40:b3:bd:3b:99:9b:60:72:a0:e1:
84:5b:ae:31:5b:f2:73:a8:61:21:25:13:b1:1c:07:
9d:ff:24:bd:89:35:69:c9:47:fe:5d:79:e1:e2:74:
a3:06:8c:1f:14:03:cd:b9:c2:42:ab:cd:c5:fa:72:
c4:b2:eb:85:36:9d:ce:f9:3a:1f:d9:0d:f0:49:b1:
87:90:a6:42:19:0d:ce:4f:5a:12:0f:f1:54:26:a5:
37:d3:79:f6:f3:15:4f:e6:76:63:ff:87:7d:47:3f:
f1:e5:cf:e9:e1:15:27:e8:5d:9b:74:26:60:ac:34:
74:ec:dc:bb:a1:25:2a:dc:48:de:21:a1:ec:84:a7:
e3:98:00:04:be:7d:20:e5:b3:79:ef:a0:92:1c:5c:
66:e4:ed:7e:89:92:0a:62:0d:55:59:8f:61:22:85:
00:04:83:9f:74:c1:91:00:39:04:d4:08:a3:12:78:
3d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:8B:1B:81:DF:B5:8C:D2:2A:2D:F6:B1:BD:6B:17:4E:89:4C:E2:1C
X509v3 Authority Key Identifier:
keyid:1B:DB:C4:11:44:44:80:65:31:3E:F0:B8:2E:1C:CF:7A:E6:EA:57:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G9vEEUREgGUxPvC4LhzPeubqVyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4a293b-4c41-428c-9287-bd98b3e90e43/1/xIsbgd-1jNIqLfaxvWsXTolM4hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4a293b-4c41-428c-9287-bd98b3e90e43/1/G9vEEUREgGUxPvC4LhzPeubqVyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.192.0/22
113.30.180.0/22
113.30.220.0/22
185.152.144.0/22
185.181.128.0/22
217.26.232.0/21
Signature Algorithm: sha256WithRSAEncryption
39:45:ff:86:9b:57:84:4f:39:dc:bc:aa:d1:49:2e:e6:c9:83:
44:98:84:e4:67:70:23:78:5a:f2:ee:74:f4:d5:64:67:3d:c0:
82:3c:99:04:be:a3:64:ef:9d:f2:1a:1e:54:11:5f:08:a1:85:
bd:27:01:cf:24:bc:ee:11:a9:5f:78:bd:a5:3a:05:25:55:8d:
ca:02:e6:1b:f1:24:63:f7:b0:79:7c:ef:00:bb:ca:45:88:41:
6d:d9:28:52:f8:66:1d:ad:f5:70:7c:43:5a:d2:05:07:7e:86:
e8:4a:8a:ad:10:f6:2a:60:b3:09:0b:b1:c4:f5:5d:56:84:ae:
f6:1f:21:85:56:4b:e3:d2:fe:ad:3a:9f:12:02:00:ed:7a:29:
75:16:76:1b:03:80:33:7c:37:70:f0:e4:7f:cf:41:ea:c5:e2:
ab:d5:db:74:d1:86:38:73:90:c6:fd:8d:53:fd:47:2b:fa:33:
08:09:a1:1f:f9:9a:18:a9:40:d8:43:d4:dc:de:57:58:5f:ce:
a0:15:95:a9:ff:79:6d:4f:cc:e3:74:77:6c:23:6b:dd:3e:e6:
18:6f:4e:b0:63:1b:8f:33:be:51:2b:bf:83:d8:54:e1:a2:dd:
32:b0:c9:6c:9a:4d:e6:d3:71:3b:25:f9:37:d3:2c:0c:60:9a:
60:b1:a7:53
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQlIYO5gJMGgAW1BVk7m/+9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZGJjNDExNDQ0NDgwNjUzMTNlZjBiODJlMWNjZjdhZTZl
YTU3MjAwHhcNMjUwMTAyMDM0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDhiMWI4MWRmYjU4Y2QyMmEyZGY2YjFiZDZiMTc0ZTg5NGNlMjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCfShXAN6luQ3Y4JOMR/nHMwEtCS
LP1ChE2izyCxGBAT8+ceqRL7DREF3MIbQtvxDnbNHedz4O0zrdN4cGzaFM9kyhkh
wxYJZ2NGSbPsm0CzvTuZm2ByoOGEW64xW/JzqGEhJROxHAed/yS9iTVpyUf+XXnh
4nSjBowfFAPNucJCq83F+nLEsuuFNp3O+Tof2Q3wSbGHkKZCGQ3OT1oSD/FUJqU3
03n28xVP5nZj/4d9Rz/x5c/p4RUn6F2bdCZgrDR07Ny7oSUq3EjeIaHshKfjmAAE
vn0g5bN576CSHFxm5O1+iZIKYg1VWY9hIoUABIOfdMGRADkE1AijEng9/wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMSLG4HftYzSKi32sb1rF06JTOIcMB8GA1UdIwQY
MBaAFBvbxBFERIBlMT7wuC4cz3rm6lcgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzl2RUVVUkVnR1V4UHZDNExoelBldWJxVnlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80YTI5M2ItNGM0MS00MjhjLTkyODct
YmQ5OGIzZTkwZTQzLzEveElzYmdkLTFqTklxTGZheHZXc1hUb2xNNGh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy80YTI5M2ItNGM0MS00MjhjLTkyODctYmQ5OGIzZTkwZTQz
LzEvRzl2RUVVUkVnR1V4UHZDNExoelBldWJxVnlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCUELAAwQC
cR60AwQCcR7cAwQCuZiQAwQCubWAAwQD2RroMA0GCSqGSIb3DQEBCwUAA4IBAQA5
Rf+Gm1eETzncvKrRSS7myYNEmITkZ3AjeFry7nT01WRnPcCCPJkEvqNk753yGh5U
EV8IoYW9JwHPJLzuEalfeL2lOgUlVY3KAuYb8SRj97B5fO8Au8pFiEFt2ShS+GYd
rfVwfENa0gUHfoboSoqtEPYqYLMJC7HE9V1WhK72HyGFVkvj0v6tOp8SAgDteil1
FnYbA4AzfDdw8OR/z0HqxeKr1dt00YY4c5DG/Y1T/Ucr+jMICaEf+ZoYqUDYQ9Tc
3ldYX86gFZWp/3ltT8zjdHdsI2vdPuYYb06wYxuPM75RK7+D2FThot0ysMlsmk3m
03E7Jfk30ywMYJpgsadT
-----END CERTIFICATE-----
Generated at Tue Apr 15 20:53:09 2025 by rpki-client