Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/hJb28BPhkPKFBgqvGsU8_1tv0Q4.roa
File: hJb28BPhkPKFBgqvGsU8_1tv0Q4.roa (raw, json)
Hash identifier: VXcAvS0yl0OmKbIx5rn61FhcJXudPrnwGtfqe8chNNI=
Subject key identifier: 84:96:F6:F0:13:E1:90:F2:85:06:0A:AF:1A:C5:3C:FF:5B:6F:D1:0E
Certificate issuer: /CN=a3e2161d7f01fa6fd0842c211080633f3ed36ba5
Certificate serial: 01942444EEBB3F1387ACEECD220AAB9FA637
Authority key identifier: A3:E2:16:1D:7F:01:FA:6F:D0:84:2C:21:10:80:63:3F:3E:D3:6B:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/hJb28BPhkPKFBgqvGsU8_1tv0Q4.roa
Signing time: Wed 01 Jan 2025 23:48:04 +0000
ROA not before: Wed 01 Jan 2025 23:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34984
IP address blocks: 185.131.48.0/24 maxlen: 24
185.131.49.0/24 maxlen: 24
185.131.50.0/24 maxlen: 24
185.131.51.0/24 maxlen: 24
185.241.136.0/24 maxlen: 24
185.241.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:ee:bb:3f:13:87:ac:ee:cd:22:0a:ab:9f:a6:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3e2161d7f01fa6fd0842c211080633f3ed36ba5
Validity
Not Before: Jan 1 23:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8496f6f013e190f285060aaf1ac53cff5b6fd10e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:32:bd:32:83:04:64:a0:72:d2:fa:ab:52:cf:
65:bb:c1:f6:f5:58:84:8c:b8:b0:f2:ec:32:dc:d7:
5e:34:7c:64:b9:2d:8d:74:61:03:a5:d4:a5:f8:cf:
ba:7b:36:6f:b9:b2:9a:2e:34:9d:c2:96:3d:9d:02:
f4:b2:6c:11:a2:9d:4e:87:8e:fe:a8:0e:e7:92:be:
97:59:99:e3:ac:31:d8:49:69:7d:73:f8:bf:23:0b:
fd:21:bf:eb:b4:38:fb:ee:b8:2c:6a:3c:ed:2b:8f:
ac:a4:98:dc:cb:7c:00:74:8a:53:bf:7e:6d:96:5f:
d6:c1:e3:3f:79:29:1a:bc:5d:b1:e1:81:33:11:df:
5a:ee:41:11:b7:e6:19:f8:54:d5:4d:a6:7c:b7:d5:
8e:fe:3d:8d:d3:58:43:8d:7b:11:f2:69:db:05:fa:
3d:ef:a1:eb:98:d2:75:e6:f3:20:0b:87:d1:a2:38:
09:4b:66:ab:8a:f7:67:00:bc:ae:da:d1:8b:5c:c8:
12:8c:59:40:38:ae:b9:ce:d6:da:2e:5b:af:7a:64:
d7:86:af:0f:e9:e3:50:c5:8c:ff:59:81:af:d5:87:
df:b3:9c:8d:63:e3:6c:b6:82:de:48:c7:81:ed:e2:
2a:22:9c:56:01:78:a4:3b:d2:fa:7f:e8:aa:e9:8d:
d8:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:96:F6:F0:13:E1:90:F2:85:06:0A:AF:1A:C5:3C:FF:5B:6F:D1:0E
X509v3 Authority Key Identifier:
keyid:A3:E2:16:1D:7F:01:FA:6F:D0:84:2C:21:10:80:63:3F:3E:D3:6B:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/hJb28BPhkPKFBgqvGsU8_1tv0Q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.48.0/22
185.241.136.0/23
Signature Algorithm: sha256WithRSAEncryption
47:fa:47:d8:23:4c:6c:0e:43:fb:f4:a7:1a:66:7d:13:e0:44:
1c:3e:4b:95:08:47:31:6e:32:fa:bc:54:56:4d:c5:e6:0c:77:
98:09:52:7d:e8:15:16:14:ff:33:cd:0e:b0:e5:da:f0:98:a0:
e8:1a:2f:6e:e6:f4:04:c1:25:ac:58:1c:77:cd:d8:bc:c2:b2:
7c:a6:e3:71:e4:6d:5c:6a:e2:9d:be:11:82:95:46:c2:e6:ce:
c4:b5:a5:a8:58:2f:a0:55:ff:31:2f:a8:83:a5:3d:4e:b7:d6:
db:26:d9:8a:5e:f5:d9:e7:ac:d7:a8:b5:98:a0:a2:18:e3:39:
5a:1b:4a:f5:1f:25:74:06:e0:e0:38:2d:dc:2b:54:2b:0a:b9:
0a:5f:af:06:9d:af:14:24:5b:7f:b7:c4:6b:87:38:99:4b:74:
3d:92:6c:97:ba:99:2c:5c:bd:bb:03:aa:64:95:a6:c1:b4:62:
00:b0:8b:14:ec:a7:c9:b5:5d:47:b7:c6:79:53:b9:52:ef:11:
64:79:2f:7d:7e:43:48:15:12:96:a9:36:6b:c8:7b:fd:2d:7b:
fd:18:f1:6e:9a:c8:92:cb:e6:1d:b6:26:a3:4f:18:18:7b:7b:
9c:30:1c:5e:1c:89:d1:13:83:cb:06:f8:b0:8c:a3:e0:f7:dd:
38:b3:bb:5d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRO67PxOHrO7NIgqrn6Y3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZTIxNjFkN2YwMWZhNmZkMDg0MmMyMTEwODA2MzNmM2Vk
MzZiYTUwHhcNMjUwMTAxMjM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDk2ZjZmMDEzZTE5MGYyODUwNjBhYWYxYWM1M2NmZjViNmZkMTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzK9MoMEZKBy0vqrUs9lu8H29ViE
jLiw8uwy3NdeNHxkuS2NdGEDpdSl+M+6ezZvubKaLjSdwpY9nQL0smwRop1Oh47+
qA7nkr6XWZnjrDHYSWl9c/i/Iwv9Ib/rtDj77rgsajztK4+spJjcy3wAdIpTv35t
ll/WweM/eSkavF2x4YEzEd9a7kERt+YZ+FTVTaZ8t9WO/j2N01hDjXsR8mnbBfo9
76HrmNJ15vMgC4fRojgJS2arivdnALyu2tGLXMgSjFlAOK65ztbaLluvemTXhq8P
6eNQxYz/WYGv1Yffs5yNY+NstoLeSMeB7eIqIpxWAXikO9L6f+iq6Y3YLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFISW9vAT4ZDyhQYKrxrFPP9bb9EOMB8GA1UdIwQY
MBaAFKPiFh1/Afpv0IQsIRCAYz8+02ulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvby1JV0hYOEItbV9RaEN3aEVJQmpQejdUYTZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi82YTY0ZWEtOWYxZS00YjQzLWJmMmEt
N2UwMzQwZWM5NjY3LzEvaEpiMjhCUGhrUEtGQmdxdkdzVThfMXR2MFE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi82YTY0ZWEtOWYxZS00YjQzLWJmMmEtN2UwMzQwZWM5NjY3
LzEvby1JV0hYOEItbV9RaEN3aEVJQmpQejdUYTZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYMwAwQB
ufGIMA0GCSqGSIb3DQEBCwUAA4IBAQBH+kfYI0xsDkP79KcaZn0T4EQcPkuVCEcx
bjL6vFRWTcXmDHeYCVJ96BUWFP8zzQ6w5drwmKDoGi9u5vQEwSWsWBx3zdi8wrJ8
puNx5G1cauKdvhGClUbC5s7EtaWoWC+gVf8xL6iDpT1Ot9bbJtmKXvXZ56zXqLWY
oKIY4zlaG0r1HyV0BuDgOC3cK1QrCrkKX68Gna8UJFt/t8RrhziZS3Q9kmyXupks
XL27A6pklabBtGIAsIsU7KfJtV1Ht8Z5U7lS7xFkeS99fkNIFRKWqTZryHv9LXv9
GPFumsiSy+YdtiajTxgYe3ucMBxeHInRE4PLBviwjKPg9904s7td
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:33:47 2025 by rpki-client