Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/opQioO2TMpOVmwJxveNLyzGKMSk.roa
File: opQioO2TMpOVmwJxveNLyzGKMSk.roa (raw, json)
Hash identifier: LF0O0/hHq3oUtM2QfXi8MqhqWH70VnU6W/imjpc7JeE=
Subject key identifier: A2:94:22:A0:ED:93:32:93:95:9B:02:71:BD:E3:4B:CB:31:8A:31:29
Certificate issuer: /CN=06bd30ac3561a1df7fc6b296bf9d29dd5581f1ee
Certificate serial: 019425216C7195033A1896E78F5FC246C390
Authority key identifier: 06:BD:30:AC:35:61:A1:DF:7F:C6:B2:96:BF:9D:29:DD:55:81:F1:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Br0wrDVhod9_xrKWv50p3VWB8e4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/opQioO2TMpOVmwJxveNLyzGKMSk.roa
Signing time: Thu 02 Jan 2025 03:48:54 +0000
ROA not before: Thu 02 Jan 2025 03:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60929
IP address blocks: 185.23.152.0/22 maxlen: 22
185.23.152.0/24 maxlen: 24
185.23.153.0/24 maxlen: 24
185.23.154.0/24 maxlen: 24
185.23.155.0/24 maxlen: 24
2a00:6e20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/Br0wrDVhod9_xrKWv50p3VWB8e4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/Br0wrDVhod9_xrKWv50p3VWB8e4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Br0wrDVhod9_xrKWv50p3VWB8e4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 09:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:6c:71:95:03:3a:18:96:e7:8f:5f:c2:46:c3:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06bd30ac3561a1df7fc6b296bf9d29dd5581f1ee
Validity
Not Before: Jan 2 03:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a29422a0ed933293959b0271bde34bcb318a3129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:10:18:7c:f5:60:91:c5:33:d6:4e:5b:9c:94:
fb:dd:86:f9:d1:30:b5:66:20:c1:b7:ad:dd:41:df:
a3:3e:25:ba:d8:17:8d:c0:a8:ab:a6:c6:a8:43:9d:
58:bd:89:0e:82:f4:30:70:13:7c:0a:f3:2b:c5:76:
0c:0a:d6:dd:bd:bc:c6:78:20:bd:52:d2:54:5a:10:
5d:b8:6b:e9:da:42:8b:59:f0:ce:cc:9e:ab:64:50:
d1:36:4a:51:4b:ea:bd:32:59:a9:05:2f:70:23:03:
c8:69:56:26:7f:d0:6f:64:16:59:88:be:9c:cf:b4:
3b:9e:39:a2:01:34:f7:e1:17:e8:cc:da:aa:bb:46:
82:81:18:9b:0a:ee:14:ac:db:4a:88:e2:96:25:81:
ed:a8:4d:89:68:0c:a5:9b:a2:3b:6e:0f:41:ca:5b:
70:4e:cd:5c:b3:de:71:ee:42:d4:82:b4:5b:1e:a6:
05:0f:bd:25:75:cc:11:f4:ac:34:62:ab:73:d1:dc:
d8:c4:6a:64:9d:52:1f:87:1c:54:9a:ed:e3:2d:02:
ad:43:54:2e:90:14:25:49:30:3a:b4:2f:4a:5c:4c:
47:31:5c:b5:29:05:b5:aa:f8:6a:dc:00:7b:03:84:
4e:71:91:02:e6:a8:a2:03:13:1f:59:2a:f2:69:34:
20:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:94:22:A0:ED:93:32:93:95:9B:02:71:BD:E3:4B:CB:31:8A:31:29
X509v3 Authority Key Identifier:
keyid:06:BD:30:AC:35:61:A1:DF:7F:C6:B2:96:BF:9D:29:DD:55:81:F1:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Br0wrDVhod9_xrKWv50p3VWB8e4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/opQioO2TMpOVmwJxveNLyzGKMSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/Br0wrDVhod9_xrKWv50p3VWB8e4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.152.0/22
IPv6:
2a00:6e20::/32
Signature Algorithm: sha256WithRSAEncryption
51:3f:f4:cb:4d:cd:2a:8d:65:fc:50:1f:4f:f5:40:82:56:66:
d6:2a:46:68:cd:41:be:d3:50:97:4b:e7:9e:b5:61:a0:74:09:
d8:66:30:ae:70:a4:fd:22:e9:21:42:89:0d:bd:a1:17:65:12:
24:29:f8:1e:2a:28:dd:e2:0d:2a:c6:ae:ae:aa:62:90:ff:5e:
39:d3:ac:84:f9:59:85:01:a3:15:cc:b6:1c:80:08:ea:76:73:
e6:97:e6:ca:e0:59:07:36:6a:53:cb:03:02:62:f2:88:f7:17:
7f:aa:1b:37:56:f9:4a:91:4f:df:e6:a1:cf:a2:5d:67:2f:19:
d8:fe:fd:91:cc:bf:2d:f7:bf:fd:59:be:fc:e6:02:29:dd:fe:
b7:42:48:12:90:b4:7e:45:7c:73:75:0b:49:2f:46:96:f2:37:
4f:5f:18:1d:6a:de:f2:bf:80:da:91:ce:ee:cd:5c:6b:f0:37:
ef:5d:f8:a9:89:be:d7:84:a9:90:c3:58:7f:76:47:88:77:78:
c5:89:06:60:3a:77:89:62:8a:20:20:81:53:97:35:f1:20:df:
7f:0a:bf:0f:eb:41:97:27:22:af:6f:fe:57:88:81:64:bc:6f:
0e:e2:42:9a:28:22:e9:33:c9:71:aa:4c:70:d4:c4:08:f0:33:
81:47:fb:eb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIWxxlQM6GJbnj1/CRsOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YmQzMGFjMzU2MWExZGY3ZmM2YjI5NmJmOWQyOWRkNTU4
MWYxZWUwHhcNMjUwMTAyMDM0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjk0MjJhMGVkOTMzMjkzOTU5YjAyNzFiZGUzNGJjYjMxOGEzMTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBAYfPVgkcUz1k5bnJT73Yb50TC1
ZiDBt63dQd+jPiW62BeNwKirpsaoQ51YvYkOgvQwcBN8CvMrxXYMCtbdvbzGeCC9
UtJUWhBduGvp2kKLWfDOzJ6rZFDRNkpRS+q9MlmpBS9wIwPIaVYmf9BvZBZZiL6c
z7Q7njmiATT34RfozNqqu0aCgRibCu4UrNtKiOKWJYHtqE2JaAylm6I7bg9Byltw
Ts1cs95x7kLUgrRbHqYFD70ldcwR9Kw0Yqtz0dzYxGpknVIfhxxUmu3jLQKtQ1Qu
kBQlSTA6tC9KXExHMVy1KQW1qvhq3AB7A4ROcZEC5qiiAxMfWSryaTQgfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKKUIqDtkzKTlZsCcb3jS8sxijEpMB8GA1UdIwQY
MBaAFAa9MKw1YaHff8aylr+dKd1VgfHuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnIwd3JEVmhvZDlfeHJLV3Y1MHAzVldCOGU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hMDFhYjUtODNjMC00ZTE5LTkwOTMt
NzkxNzViMTUxYTUyLzEvb3BRaW9PMlRNcE9WbXdKeHZlTkx5ekdLTVNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hMDFhYjUtODNjMC00ZTE5LTkwOTMtNzkxNzViMTUxYTUy
LzEvQnIwd3JEVmhvZDlfeHJLV3Y1MHAzVldCOGU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuReYMA0E
AgACMAcDBQAqAG4gMA0GCSqGSIb3DQEBCwUAA4IBAQBRP/TLTc0qjWX8UB9P9UCC
VmbWKkZozUG+01CXS+eetWGgdAnYZjCucKT9IukhQokNvaEXZRIkKfgeKijd4g0q
xq6uqmKQ/14506yE+VmFAaMVzLYcgAjqdnPml+bK4FkHNmpTywMCYvKI9xd/qhs3
VvlKkU/f5qHPol1nLxnY/v2RzL8t97/9Wb785gIp3f63QkgSkLR+RXxzdQtJL0aW
8jdPXxgdat7yv4Dakc7uzVxr8DfvXfipib7XhKmQw1h/dkeId3jFiQZgOneJYoog
IIFTlzXxIN9/Cr8P60GXJyKvb/5XiIFkvG8O4kKaKCLpM8lxqkxw1MQI8DOBR/vr
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:45:06 2025 by rpki-client