Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/822dc4-78e8-4801-b734-f1e55f537c87/1/jDb6CVt7LMESu9TedWHpv82vXzQ.roa
File: jDb6CVt7LMESu9TedWHpv82vXzQ.roa (raw, json)
Hash identifier: zvLg2bIhHSdnpMeV4b2spjUGOYu0nN5hkdLuTlMfXXA=
Subject key identifier: 8C:36:FA:09:5B:7B:2C:C1:12:BB:D4:DE:75:61:E9:BF:CD:AF:5F:34
Certificate issuer: /CN=6fdab32dfd6e5bc699e7bf36e818298dc7fbb246
Certificate serial: 019420682FE68B557C5494EBDDFCF5D65BA7
Authority key identifier: 6F:DA:B3:2D:FD:6E:5B:C6:99:E7:BF:36:E8:18:29:8D:C7:FB:B2:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b9qzLf1uW8aZ57826Bgpjcf7skY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/822dc4-78e8-4801-b734-f1e55f537c87/1/jDb6CVt7LMESu9TedWHpv82vXzQ.roa
Signing time: Wed 01 Jan 2025 05:48:06 +0000
ROA not before: Wed 01 Jan 2025 05:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209344
IP address blocks: 185.133.200.0/22 maxlen: 22
185.133.200.0/23 maxlen: 23
185.133.200.0/24 maxlen: 24
185.133.201.0/24 maxlen: 24
185.133.202.0/23 maxlen: 23
185.133.202.0/24 maxlen: 24
185.133.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/822dc4-78e8-4801-b734-f1e55f537c87/1/b9qzLf1uW8aZ57826Bgpjcf7skY.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/822dc4-78e8-4801-b734-f1e55f537c87/1/b9qzLf1uW8aZ57826Bgpjcf7skY.mft
rsync://rpki.ripe.net/repository/DEFAULT/b9qzLf1uW8aZ57826Bgpjcf7skY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:2f:e6:8b:55:7c:54:94:eb:dd:fc:f5:d6:5b:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fdab32dfd6e5bc699e7bf36e818298dc7fbb246
Validity
Not Before: Jan 1 05:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c36fa095b7b2cc112bbd4de7561e9bfcdaf5f34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ac:2b:88:e5:b3:46:89:99:e6:3c:36:77:3f:
47:75:0b:13:fe:b3:61:cb:85:f3:d9:61:1b:88:83:
00:7e:2e:fa:c7:d6:a8:19:d5:4b:f8:82:a6:7b:94:
cd:f2:bc:f1:75:5f:73:47:d3:e3:46:57:01:1c:a1:
64:a4:48:7c:0d:d9:2d:a6:dc:b3:18:35:e3:88:29:
93:c2:c3:24:6f:e7:41:8d:db:53:16:2d:c9:1d:42:
39:7b:50:fc:63:1f:f8:91:e3:2d:d8:f1:0e:38:69:
3b:4f:10:48:f5:28:f1:25:31:f5:eb:65:c0:78:b6:
9b:75:78:2d:3e:b8:0c:e4:e1:30:a4:4c:6f:67:87:
73:72:58:eb:b3:3f:17:0d:fe:0b:0d:bb:41:94:9c:
98:9c:9b:53:03:c6:63:19:8a:2e:2c:6c:88:0f:bd:
0a:84:30:82:db:f5:06:db:5d:ec:46:9b:b2:ab:9b:
d0:c4:ba:dc:f7:96:93:4c:08:c1:1a:31:ed:74:69:
bf:ac:4e:9c:fc:a5:1f:32:cf:fd:2e:ff:73:d7:ba:
a1:50:76:d9:c1:dc:b3:c3:85:40:14:aa:8c:ca:98:
c5:1f:e7:bc:9e:fe:48:e4:9a:47:47:66:a6:29:13:
4c:7e:dd:61:04:4d:36:a7:a0:57:d8:d7:cc:e2:66:
d1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:36:FA:09:5B:7B:2C:C1:12:BB:D4:DE:75:61:E9:BF:CD:AF:5F:34
X509v3 Authority Key Identifier:
keyid:6F:DA:B3:2D:FD:6E:5B:C6:99:E7:BF:36:E8:18:29:8D:C7:FB:B2:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9qzLf1uW8aZ57826Bgpjcf7skY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/822dc4-78e8-4801-b734-f1e55f537c87/1/jDb6CVt7LMESu9TedWHpv82vXzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/822dc4-78e8-4801-b734-f1e55f537c87/1/b9qzLf1uW8aZ57826Bgpjcf7skY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.200.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:31:c8:ac:6f:fc:26:d0:29:74:85:3a:39:32:55:1f:1d:0d:
c8:fc:d9:cd:a0:71:71:b8:50:f9:30:bd:dc:c4:58:ae:4e:01:
5e:1c:46:9f:2e:14:73:a0:f5:1d:1e:d6:55:c2:d3:60:97:bc:
b6:97:23:c5:a7:38:d6:40:e1:fe:05:3f:9d:bd:f4:b8:91:88:
04:da:5b:04:1c:8b:a5:18:e8:c8:ca:0f:23:a7:b2:05:c3:bd:
7b:54:5e:77:b5:68:41:aa:c9:49:86:7f:d2:b4:fc:e7:9a:38:
e6:b6:d6:c4:95:9f:e6:f8:3b:86:90:9e:8d:a7:aa:e2:36:17:
70:2d:4e:4e:38:13:01:27:d5:ec:17:31:55:22:49:d3:55:69:
e4:f6:ec:5e:c5:44:e6:ca:21:7d:0b:aa:84:48:6d:eb:e4:c0:
47:7d:ee:0f:3c:36:0a:22:3a:f5:de:a1:19:60:1c:8d:67:5b:
1d:8a:13:97:f3:50:0f:b9:b4:13:06:8c:a3:08:d1:68:da:c8:
c7:e4:3c:e5:9b:8e:c8:91:cb:1a:23:2b:66:4c:58:da:d0:bd:
93:1c:04:f6:b8:da:65:87:00:38:b3:36:d2:1e:52:49:57:50:
c4:7f:15:1e:3b:1b:50:91:94:b5:55:09:de:bb:25:a0:48:ba:
8a:65:08:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaC/mi1V8VJTr3fz11lunMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZGFiMzJkZmQ2ZTViYzY5OWU3YmYzNmU4MTgyOThkYzdm
YmIyNDYwHhcNMjUwMTAxMDU0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzM2ZmEwOTViN2IyY2MxMTJiYmQ0ZGU3NTYxZTliZmNkYWY1ZjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxawriOWzRomZ5jw2dz9HdQsT/rNh
y4Xz2WEbiIMAfi76x9aoGdVL+IKme5TN8rzxdV9zR9PjRlcBHKFkpEh8Ddktptyz
GDXjiCmTwsMkb+dBjdtTFi3JHUI5e1D8Yx/4keMt2PEOOGk7TxBI9SjxJTH162XA
eLabdXgtPrgM5OEwpExvZ4dzcljrsz8XDf4LDbtBlJyYnJtTA8ZjGYouLGyID70K
hDCC2/UG213sRpuyq5vQxLrc95aTTAjBGjHtdGm/rE6c/KUfMs/9Lv9z17qhUHbZ
wdyzw4VAFKqMypjFH+e8nv5I5JpHR2amKRNMft1hBE02p6BX2NfM4mbRxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIw2+glbeyzBErvU3nVh6b/Nr180MB8GA1UdIwQY
MBaAFG/asy39blvGmee/NugYKY3H+7JGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjlxekxmMXVXOGFaNTc4MjZCZ3BqY2Y3c2tZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84MjJkYzQtNzhlOC00ODAxLWI3MzQt
ZjFlNTVmNTM3Yzg3LzEvakRiNkNWdDdMTUVTdTlUZWRXSHB2ODJ2WHpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC84MjJkYzQtNzhlOC00ODAxLWI3MzQtZjFlNTVmNTM3Yzg3
LzEvYjlxekxmMXVXOGFaNTc4MjZCZ3BqY2Y3c2tZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYXIMA0G
CSqGSIb3DQEBCwUAA4IBAQCtMcisb/wm0Cl0hTo5MlUfHQ3I/NnNoHFxuFD5ML3c
xFiuTgFeHEafLhRzoPUdHtZVwtNgl7y2lyPFpzjWQOH+BT+dvfS4kYgE2lsEHIul
GOjIyg8jp7IFw717VF53tWhBqslJhn/StPznmjjmttbElZ/m+DuGkJ6Np6riNhdw
LU5OOBMBJ9XsFzFVIknTVWnk9uxexUTmyiF9C6qESG3r5MBHfe4PPDYKIjr13qEZ
YByNZ1sdihOX81APubQTBoyjCNFo2sjH5Dzlm47IkcsaIytmTFja0L2THAT2uNpl
hwA4szbSHlJJV1DEfxUeOxtQkZS1VQneuyWgSLqKZQiJ
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:00:18 2025 by rpki-client