Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/AK8oH-hdcdWqkx1j19Sg4WRGU6k.roa
File: AK8oH-hdcdWqkx1j19Sg4WRGU6k.roa (raw, json)
Hash identifier: UL0wVMMPQ6seHx9+E4jjcivFpYmeRRoPs0aDR4HKrBk=
Subject key identifier: 00:AF:28:1F:E8:5D:71:D5:AA:93:1D:63:D7:D4:A0:E1:64:46:53:A9
Certificate issuer: /CN=6f98d1f99e3833ef401d46348eec8b752088c55d
Certificate serial: 01941F8C46C09143C9D9C708CE36B95CAC28
Authority key identifier: 6F:98:D1:F9:9E:38:33:EF:40:1D:46:34:8E:EC:8B:75:20:88:C5:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b5jR-Z44M-9AHUY0juyLdSCIxV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/AK8oH-hdcdWqkx1j19Sg4WRGU6k.roa
Signing time: Wed 01 Jan 2025 01:47:54 +0000
ROA not before: Wed 01 Jan 2025 01:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56600
IP address blocks: 176.126.128.0/21 maxlen: 21
176.126.128.0/24 maxlen: 24
176.126.129.0/24 maxlen: 24
176.126.130.0/24 maxlen: 24
176.126.131.0/24 maxlen: 24
176.126.132.0/24 maxlen: 24
176.126.133.0/24 maxlen: 24
176.126.134.0/24 maxlen: 24
176.126.135.0/24 maxlen: 24
176.126.136.0/21 maxlen: 24
176.126.136.0/24 maxlen: 24
176.126.137.0/24 maxlen: 24
176.126.138.0/24 maxlen: 24
176.126.139.0/24 maxlen: 24
176.126.141.0/24 maxlen: 24
176.126.142.0/24 maxlen: 24
176.126.143.0/24 maxlen: 24
176.126.144.0/21 maxlen: 24
176.126.145.0/24 maxlen: 24
176.126.146.0/24 maxlen: 24
176.126.147.0/24 maxlen: 24
176.126.148.0/24 maxlen: 24
176.126.149.0/24 maxlen: 24
176.126.152.0/22 maxlen: 22
176.126.156.0/23 maxlen: 23
176.126.156.0/24 maxlen: 24
176.126.157.0/24 maxlen: 24
192.162.152.0/22 maxlen: 22
192.162.152.0/24 maxlen: 24
192.162.153.0/24 maxlen: 24
192.162.154.0/24 maxlen: 24
192.162.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/b5jR-Z44M-9AHUY0juyLdSCIxV0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/b5jR-Z44M-9AHUY0juyLdSCIxV0.mft
rsync://rpki.ripe.net/repository/DEFAULT/b5jR-Z44M-9AHUY0juyLdSCIxV0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:46:c0:91:43:c9:d9:c7:08:ce:36:b9:5c:ac:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f98d1f99e3833ef401d46348eec8b752088c55d
Validity
Not Before: Jan 1 01:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00af281fe85d71d5aa931d63d7d4a0e1644653a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:15:80:12:1f:55:35:46:75:e3:36:ea:db:04:
70:65:dc:0c:d1:41:35:25:47:c4:22:c1:17:43:2a:
a7:0a:70:08:60:83:52:2b:83:bc:47:1a:51:1f:cc:
92:e4:b6:c6:9f:ca:43:ae:34:d9:39:b4:7f:a0:cc:
9d:01:4e:35:c3:b1:8a:4c:3e:8d:50:4d:30:8b:c7:
a3:8e:46:ed:06:ff:d4:d1:76:19:d9:cf:9b:44:56:
31:5d:e0:cb:e6:d2:72:87:f9:46:e3:b1:46:0d:c5:
09:1d:d9:9b:11:94:1f:ff:aa:c7:c3:af:36:98:20:
1b:f6:51:cc:ee:fd:8c:ff:e8:2c:58:9f:64:fa:ae:
dc:bc:cf:e2:b2:86:66:07:4c:c0:68:e5:eb:08:84:
63:99:23:f1:70:a0:27:e3:80:67:1d:6b:9d:84:6a:
81:ca:8b:99:3e:c7:6f:50:8a:a5:dd:e4:4c:34:45:
8b:91:33:00:b0:e5:16:b9:d6:4f:66:03:32:7f:2f:
1c:53:35:a0:71:3e:0c:97:ab:ae:eb:09:9c:b0:10:
09:50:69:7a:ee:c6:50:33:21:23:78:1e:63:6c:7b:
2e:5e:25:87:d5:20:18:e4:85:08:45:c8:cd:dd:1d:
ef:d3:9d:87:6b:4f:cb:b0:51:ab:36:21:7e:c6:c9:
11:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:AF:28:1F:E8:5D:71:D5:AA:93:1D:63:D7:D4:A0:E1:64:46:53:A9
X509v3 Authority Key Identifier:
keyid:6F:98:D1:F9:9E:38:33:EF:40:1D:46:34:8E:EC:8B:75:20:88:C5:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5jR-Z44M-9AHUY0juyLdSCIxV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/AK8oH-hdcdWqkx1j19Sg4WRGU6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/b5jR-Z44M-9AHUY0juyLdSCIxV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.128.0-176.126.157.255
192.162.152.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:50:af:3a:01:76:2d:99:9a:ce:68:bc:e5:bf:4f:6f:bb:0e:
05:d2:90:29:2c:10:77:02:e3:07:c0:09:e9:4c:22:ea:24:62:
d1:9d:87:bf:99:03:01:56:3d:c8:59:c4:16:c7:0c:d8:83:48:
75:40:da:d3:7d:d4:36:3d:40:c8:45:b4:83:d4:d1:ae:2b:8a:
b7:4e:6d:28:62:08:89:32:3c:a3:d5:a0:6d:c4:30:21:27:06:
2a:4c:9d:87:e6:08:22:3e:11:33:cc:e0:a7:8b:7a:f8:e2:90:
24:42:ca:a3:b2:da:18:d5:66:c3:4f:68:e6:7b:94:c5:fa:21:
d4:ad:b2:53:b5:76:e9:51:64:13:6e:ae:52:11:81:d8:d3:8b:
00:4a:bb:ed:9f:f7:b6:c4:4e:f1:85:7d:22:8e:ac:7a:a5:34:
0b:7e:3d:1d:c2:76:ab:5d:49:0b:40:0c:39:e2:7a:81:c1:87:
91:8c:3a:41:1a:c3:6e:c1:5d:51:a3:e6:1e:d9:ce:e2:86:59:
93:88:56:da:d1:83:97:15:bf:ef:9d:03:79:a4:0f:28:f6:6b:
2e:d1:94:42:28:4d:a2:31:bc:75:6d:c3:8c:90:ab:7f:28:32:
3e:ea:b7:d4:31:d0:0e:82:19:40:84:be:e2:95:6a:ce:75:82:
8a:e5:48:d9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQfjEbAkUPJ2ccIzja5XKwoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmOThkMWY5OWUzODMzZWY0MDFkNDYzNDhlZWM4Yjc1MjA4
OGM1NWQwHhcNMjUwMTAxMDE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGFmMjgxZmU4NWQ3MWQ1YWE5MzFkNjNkN2Q0YTBlMTY0NDY1M2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihWAEh9VNUZ14zbq2wRwZdwM0UE1
JUfEIsEXQyqnCnAIYINSK4O8RxpRH8yS5LbGn8pDrjTZObR/oMydAU41w7GKTD6N
UE0wi8ejjkbtBv/U0XYZ2c+bRFYxXeDL5tJyh/lG47FGDcUJHdmbEZQf/6rHw682
mCAb9lHM7v2M/+gsWJ9k+q7cvM/isoZmB0zAaOXrCIRjmSPxcKAn44BnHWudhGqB
youZPsdvUIql3eRMNEWLkTMAsOUWudZPZgMyfy8cUzWgcT4Ml6uu6wmcsBAJUGl6
7sZQMyEjeB5jbHsuXiWH1SAY5IUIRcjN3R3v052Ha0/LsFGrNiF+xskRYQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFACvKB/oXXHVqpMdY9fUoOFkRlOpMB8GA1UdIwQY
MBaAFG+Y0fmeODPvQB1GNI7si3UgiMVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjVqUi1aNDRNLTlBSFVZMGp1eUxkU0NJeFYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zYzA4ZjEtOTZlMC00YzU0LWE0NjYt
MDdkNGIxMTVjYzgyLzEvQUs4b0gtaGRjZFdxa3gxajE5U2c0V1JHVTZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8zYzA4ZjEtOTZlMC00YzU0LWE0NjYtMDdkNGIxMTVjYzgy
LzEvYjVqUi1aNDRNLTlBSFVZMGp1eUxkU0NJeFYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAewfoAD
BAGwfpwDBALAopgwDQYJKoZIhvcNAQELBQADggEBAEpQrzoBdi2Zms5ovOW/T2+7
DgXSkCksEHcC4wfACelMIuokYtGdh7+ZAwFWPchZxBbHDNiDSHVA2tN91DY9QMhF
tIPU0a4rirdObShiCIkyPKPVoG3EMCEnBipMnYfmCCI+ETPM4KeLevjikCRCyqOy
2hjVZsNPaOZ7lMX6IdStslO1dulRZBNurlIRgdjTiwBKu+2f97bETvGFfSKOrHql
NAt+PR3CdqtdSQtADDnieoHBh5GMOkEaw27BXVGj5h7ZzuKGWZOIVtrRg5cVv++d
A3mkDyj2ay7RlEIoTaIxvHVtw4yQq38oMj7qt9Qx0A6CGUCEvuKVas51gorlSNk=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:11:25 2025 by rpki-client