Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/IvJ7HvT-6tCK5GKbaPNyk54ml9M.roa
File: IvJ7HvT-6tCK5GKbaPNyk54ml9M.roa (raw, json)
Hash identifier: 7zWh/VLAgd5GsVxZJpmQ4YamOZV0jGAf5fVHM29zO30=
Subject key identifier: 22:F2:7B:1E:F4:FE:EA:D0:8A:E4:62:9B:68:F3:72:93:9E:26:97:D3
Certificate issuer: /CN=92686c852f36fbe9fc8be77c409b5226a6ee54d5
Certificate serial: 0194221FA1EAFFD2165E95DBCBD74EDF0962
Authority key identifier: 92:68:6C:85:2F:36:FB:E9:FC:8B:E7:7C:40:9B:52:26:A6:EE:54:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmhshS82--n8i-d8QJtSJqbuVNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/IvJ7HvT-6tCK5GKbaPNyk54ml9M.roa
Signing time: Wed 01 Jan 2025 13:48:05 +0000
ROA not before: Wed 01 Jan 2025 13:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33848
IP address blocks: 84.21.32.0/19 maxlen: 27
141.36.0.0/16 maxlen: 27
147.12.96.0/19 maxlen: 27
185.152.96.0/22 maxlen: 27
192.109.218.0/24 maxlen: 27
2a00:4980::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/kmhshS82--n8i-d8QJtSJqbuVNU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/kmhshS82--n8i-d8QJtSJqbuVNU.mft
rsync://rpki.ripe.net/repository/DEFAULT/kmhshS82--n8i-d8QJtSJqbuVNU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:a1:ea:ff:d2:16:5e:95:db:cb:d7:4e:df:09:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92686c852f36fbe9fc8be77c409b5226a6ee54d5
Validity
Not Before: Jan 1 13:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22f27b1ef4feead08ae4629b68f372939e2697d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:19:2f:0b:e0:f9:3d:08:ad:06:14:3a:03:f2:
2c:d8:86:73:27:a2:0c:a1:88:98:2c:f2:b1:57:35:
2a:2c:75:59:a6:07:e2:8e:8b:fd:78:6e:33:ab:84:
c5:8d:f0:5b:2d:9d:5e:89:0b:ed:35:e2:f9:80:37:
7f:28:4d:fe:c4:92:b4:b6:1e:43:74:cf:53:85:d8:
d6:32:6a:22:c4:23:3e:a8:fb:93:2f:35:04:1c:53:
53:ca:80:f5:e5:b3:ab:c6:9a:08:44:9c:f5:ad:93:
b0:50:16:4e:0f:75:70:8d:62:0d:92:6f:81:4d:5f:
14:26:54:5d:f2:57:64:09:56:90:bd:b3:76:9e:f1:
1f:fa:38:06:6b:07:85:e5:a8:fa:77:d8:9e:ca:36:
5a:55:8e:ed:d6:d3:87:61:de:1c:e9:73:c0:bd:01:
90:41:63:9f:66:5e:8b:21:9c:96:30:d4:5f:13:e9:
62:d5:b2:14:11:e2:bf:95:9c:51:67:a6:c6:a7:57:
5d:9d:20:dc:95:42:87:6e:05:b4:87:44:54:b7:19:
52:eb:ba:5e:8f:11:c2:40:0b:6c:86:83:2b:26:81:
e7:88:52:31:87:60:8a:13:b3:f5:ee:3f:88:9c:29:
96:1f:c9:60:7d:1b:83:07:16:a2:da:4f:3e:93:0f:
df:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:F2:7B:1E:F4:FE:EA:D0:8A:E4:62:9B:68:F3:72:93:9E:26:97:D3
X509v3 Authority Key Identifier:
keyid:92:68:6C:85:2F:36:FB:E9:FC:8B:E7:7C:40:9B:52:26:A6:EE:54:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmhshS82--n8i-d8QJtSJqbuVNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/IvJ7HvT-6tCK5GKbaPNyk54ml9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/kmhshS82--n8i-d8QJtSJqbuVNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.32.0/19
141.36.0.0/16
147.12.96.0/19
185.152.96.0/22
192.109.218.0/24
IPv6:
2a00:4980::/29
Signature Algorithm: sha256WithRSAEncryption
28:f3:0e:c7:3b:07:3c:20:58:65:6c:73:1d:f3:ae:11:79:0e:
5f:59:4d:10:73:90:c2:ae:5d:47:3b:5c:5a:d7:bf:eb:e2:28:
52:6b:39:ba:af:c8:26:15:09:89:e2:06:35:21:6b:3c:6b:10:
1b:35:0c:aa:8b:fa:c0:96:b5:ea:f6:74:69:21:79:db:d0:b6:
05:f4:f4:4e:5e:50:16:aa:db:a5:df:1a:0a:53:5e:34:f7:91:
87:ae:c9:57:fa:a3:3c:02:35:b3:3b:45:83:33:89:81:0e:97:
d0:64:e9:3e:66:75:19:78:87:d5:94:9e:38:87:cd:10:61:ef:
c1:0c:d1:11:9b:fe:78:2d:4b:10:be:1a:25:2c:b9:41:67:11:
15:ac:f2:dd:c4:b5:44:94:66:48:7e:e6:33:e6:08:29:14:cf:
f6:2a:7f:56:e8:73:94:29:dd:e5:11:16:61:73:86:92:f1:8f:
d4:0d:3e:3e:c1:9d:72:d7:f5:d1:2c:31:d0:a9:f3:11:63:17:
8e:81:b7:57:43:a4:53:ce:8a:d3:b8:40:e3:3b:1e:c1:34:97:
e6:73:88:7f:51:33:53:13:9d:d1:c8:4f:bd:9a:73:8b:e9:b3:
fc:88:da:f1:fd:03:9b:22:b3:92:b2:54:6a:b9:fd:0a:56:18:
31:3f:c6:22
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQiH6Hq/9IWXpXby9dO3wliMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNjg2Yzg1MmYzNmZiZTlmYzhiZTc3YzQwOWI1MjI2YTZl
ZTU0ZDUwHhcNMjUwMTAxMTM0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmYyN2IxZWY0ZmVlYWQwOGFlNDYyOWI2OGYzNzI5MzllMjY5N2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBkvC+D5PQitBhQ6A/Is2IZzJ6IM
oYiYLPKxVzUqLHVZpgfijov9eG4zq4TFjfBbLZ1eiQvtNeL5gDd/KE3+xJK0th5D
dM9ThdjWMmoixCM+qPuTLzUEHFNTyoD15bOrxpoIRJz1rZOwUBZOD3VwjWINkm+B
TV8UJlRd8ldkCVaQvbN2nvEf+jgGaweF5aj6d9ieyjZaVY7t1tOHYd4c6XPAvQGQ
QWOfZl6LIZyWMNRfE+li1bIUEeK/lZxRZ6bGp1ddnSDclUKHbgW0h0RUtxlS67pe
jxHCQAtshoMrJoHniFIxh2CKE7P17j+InCmWH8lgfRuDBxai2k8+kw/fkQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCLyex70/urQiuRim2jzcpOeJpfTMB8GA1UdIwQY
MBaAFJJobIUvNvvp/IvnfECbUiam7lTVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva21oc2hTODItLW44aS1kOFFKdFNKcWJ1Vk5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9kNTU5YjItNGIzMy00ZjhkLTlkMjEt
YmE3MWZiZGIwMzc0LzEvSXZKN0h2VC02dENLNUdLYmFQTnlrNTRtbDlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9kNTU5YjItNGIzMy00ZjhkLTlkMjEtYmE3MWZiZGIwMzc0
LzEva21oc2hTODItLW44aS1kOFFKdFNKcWJ1Vk5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwQFVBUgAwMA
jSQDBAWTDGADBAK5mGADBADAbdowDQQCAAIwBwMFAyoASYAwDQYJKoZIhvcNAQEL
BQADggEBACjzDsc7BzwgWGVscx3zrhF5Dl9ZTRBzkMKuXUc7XFrXv+viKFJrObqv
yCYVCYniBjUhazxrEBs1DKqL+sCWter2dGkhedvQtgX09E5eUBaq26XfGgpTXjT3
kYeuyVf6ozwCNbM7RYMziYEOl9Bk6T5mdRl4h9WUnjiHzRBh78EM0RGb/ngtSxC+
GiUsuUFnERWs8t3EtUSUZkh+5jPmCCkUz/Yqf1boc5Qp3eURFmFzhpLxj9QNPj7B
nXLX9dEsMdCp8xFjF46Bt1dDpFPOitO4QOM7HsE0l+ZziH9RM1MTndHIT72ac4vp
s/yI2vH9A5sis5KyVGq5/QpWGDE/xiI=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:48:25 2025 by rpki-client