Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/URz6VBEBARWru2pwN9on0fqVD_8.roa
File: URz6VBEBARWru2pwN9on0fqVD_8.roa (raw, json)
Hash identifier: 9b/lI/zwvoC+7Oni/t6kARR6u3owQnT+bWIMpu3veFA=
Subject key identifier: 51:1C:FA:54:11:01:01:15:AB:BB:6A:70:37:DA:27:D1:FA:95:0F:FF
Certificate issuer: /CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Certificate serial: 0194AF02D764FF532878CAEFC58C5069F041
Authority key identifier: A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/URz6VBEBARWru2pwN9on0fqVD_8.roa
Signing time: Tue 28 Jan 2025 22:23:06 +0000
ROA not before: Tue 28 Jan 2025 22:23:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48158
IP address blocks: 146.255.208.0/22 maxlen: 24
146.255.212.0/22 maxlen: 24
146.255.216.0/21 maxlen: 24
176.58.38.0/23 maxlen: 24
176.58.39.0/24 maxlen: 24
176.58.40.0/23 maxlen: 24
176.58.41.0/24 maxlen: 24
176.58.42.0/24 maxlen: 24
176.58.43.0/24 maxlen: 24
176.58.45.0/24 maxlen: 24
176.58.46.0/24 maxlen: 24
176.58.47.0/24 maxlen: 24
176.58.48.0/23 maxlen: 23
176.58.50.0/24 maxlen: 24
176.58.52.0/24 maxlen: 24
176.58.53.0/24 maxlen: 24
176.58.54.0/24 maxlen: 24
176.58.55.0/24 maxlen: 24
176.58.56.0/24 maxlen: 24
176.58.57.0/24 maxlen: 24
185.190.190.0/24 maxlen: 24
212.124.96.0/22 maxlen: 24
212.124.100.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:af:02:d7:64:ff:53:28:78:ca:ef:c5:8c:50:69:f0:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Validity
Not Before: Jan 28 22:23:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=511cfa5411010115abbb6a7037da27d1fa950fff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2f:1f:09:76:81:bc:1e:e7:75:7f:53:a6:07:
de:1b:5d:1f:16:fa:01:ba:af:ed:81:9a:2e:30:71:
06:0f:ba:9c:fd:d5:6b:b0:04:11:12:cf:80:40:f9:
c2:c4:c9:dc:e1:8a:51:d1:a2:a4:1e:ec:df:3a:07:
ab:54:a3:d8:29:92:53:b1:98:9c:83:99:c9:5d:89:
5f:ce:47:f5:26:5b:12:25:d3:72:b1:88:15:cb:ef:
3b:6b:1c:3d:30:d8:c8:59:9f:dc:ca:ab:6b:6a:9a:
ea:8c:18:91:50:f2:63:b8:f0:59:c2:de:34:4e:17:
83:ef:b5:39:e9:e1:5c:32:78:fc:4a:82:66:4e:b9:
7a:3d:79:ee:20:77:a7:7e:20:ea:c8:cd:51:bd:51:
51:2d:60:f1:12:27:26:8c:91:79:61:5f:ae:8e:24:
93:06:20:53:f2:9b:30:7d:d8:74:bb:27:5a:91:ca:
d0:63:37:3c:c7:60:10:2b:9e:9f:ff:de:cc:e7:87:
d0:33:9e:0c:49:27:3c:73:5a:7f:dc:36:eb:80:f8:
38:7f:b9:6e:0e:26:9e:f2:ea:ff:9f:dc:98:87:fe:
ad:ce:9e:77:43:84:fd:f1:e0:df:49:8f:a6:dc:e8:
ad:3d:9a:70:15:b4:21:91:5f:b3:e6:4a:90:55:11:
0b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:1C:FA:54:11:01:01:15:AB:BB:6A:70:37:DA:27:D1:FA:95:0F:FF
X509v3 Authority Key Identifier:
keyid:A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/URz6VBEBARWru2pwN9on0fqVD_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.255.208.0/20
176.58.38.0-176.58.43.255
176.58.45.0-176.58.50.255
176.58.52.0-176.58.57.255
185.190.190.0/24
212.124.96.0/21
Signature Algorithm: sha256WithRSAEncryption
8c:0b:a8:9f:be:30:8b:3f:f5:d1:8f:a3:5d:70:49:9a:a0:6f:
d5:c1:a2:69:bd:64:6a:90:5b:57:37:50:7a:3a:26:6e:07:f1:
f6:e2:76:06:4e:a6:56:df:5c:62:59:fb:51:41:67:6b:5e:ce:
02:21:80:39:59:61:36:c7:f2:f1:7a:ed:57:d3:0f:5f:76:0d:
34:98:bf:d6:21:4e:90:a6:80:3d:ba:76:23:29:15:ac:3d:a9:
85:73:af:ff:c2:20:c3:f8:7b:a8:26:8b:29:e4:58:76:b9:f3:
7b:d2:82:1a:7b:06:da:51:51:ed:9e:02:03:b2:b4:7f:ba:4d:
32:7d:e1:cb:70:62:2d:cd:8e:a1:98:5e:a5:12:5c:d0:9f:e9:
47:31:a3:88:9a:4e:17:c5:47:1a:1e:a4:9e:53:0d:97:d3:ae:
63:ef:f3:50:05:49:d9:d3:c9:88:ea:54:94:27:57:84:a9:90:
e9:f7:c9:2c:3f:55:19:9a:b6:64:62:b4:72:7d:6d:37:07:8e:
b6:ef:c9:a2:61:f2:63:7f:91:44:b5:97:56:16:fd:2b:4d:92:
87:6d:38:07:0a:24:86:c1:43:87:df:b4:b5:8e:a2:c5:b3:d5:
d3:3c:96:8c:54:59:24:71:35:a2:e8:4b:45:ab:27:47:d1:9b:
0f:29:a4:ad
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZSvAtdk/1MoeMrvxYxQafBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjc0ZDU4ODRhNTBhODRlMDdkYmRmNjc5OGRkY2JiOWNj
MjAzMmUwHhcNMjUwMTI4MjIyMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTFjZmE1NDExMDEwMTE1YWJiYjZhNzAzN2RhMjdkMWZhOTUwZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtS8fCXaBvB7ndX9TpgfeG10fFvoB
uq/tgZouMHEGD7qc/dVrsAQREs+AQPnCxMnc4YpR0aKkHuzfOgerVKPYKZJTsZic
g5nJXYlfzkf1JlsSJdNysYgVy+87axw9MNjIWZ/cyqtraprqjBiRUPJjuPBZwt40
TheD77U56eFcMnj8SoJmTrl6PXnuIHenfiDqyM1RvVFRLWDxEicmjJF5YV+ujiST
BiBT8pswfdh0uydakcrQYzc8x2AQK56f/97M54fQM54MSSc8c1p/3DbrgPg4f7lu
Diae8ur/n9yYh/6tzp53Q4T98eDfSY+m3OitPZpwFbQhkV+z5kqQVRELDQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFFEc+lQRAQEVq7tqcDfaJ9H6lQ//MB8GA1UdIwQY
MBaAFKNnTViEpQqE4H299nmN3LucwgMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTct
OWUyMjBmMDRhOTAxLzEvVVJ6NlZCRUJBUldydTJwd045b24wZnFWRF84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTctOWUyMjBmMDRhOTAx
LzEvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQEkv/QMAwD
BAGwOiYDBAKwOigwDAMEALA6LQMEALA6MjAMAwQCsDo0AwQBsDo4AwQAub6+AwQD
1HxgMA0GCSqGSIb3DQEBCwUAA4IBAQCMC6ifvjCLP/XRj6NdcEmaoG/VwaJpvWRq
kFtXN1B6OiZuB/H24nYGTqZW31xiWftRQWdrXs4CIYA5WWE2x/Lxeu1X0w9fdg00
mL/WIU6QpoA9unYjKRWsPamFc6//wiDD+HuoJosp5Fh2ufN70oIaewbaUVHtngID
srR/uk0yfeHLcGItzY6hmF6lElzQn+lHMaOImk4XxUcaHqSeUw2X065j7/NQBUnZ
08mI6lSUJ1eEqZDp98ksP1UZmrZkYrRyfW03B46278miYfJjf5FEtZdWFv0rTZKH
bTgHCiSGwUOH37S1jqLFs9XTPJaMVFkkcTWi6EtFqydH0ZsPKaSt
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:32:33 2025 by rpki-client