Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d52eac-c7e2-4881-88e3-471d42c2d806/1/1PfCogsrcmO4yMFx3i7dWcicxiM.roa
File: 1PfCogsrcmO4yMFx3i7dWcicxiM.roa (raw, json)
Hash identifier: QSA42PQDSQu+Rjvywm1NdoufERvHtIOdqRGsBA5DYb0=
Subject key identifier: D4:F7:C2:A2:0B:2B:72:63:B8:C8:C1:71:DE:2E:DD:59:C8:9C:C6:23
Certificate issuer: /CN=49179e7cf60488c3ef5b770d21aeb147da4c7cee
Certificate serial: 01942521F175F20363309DF982C92E20FC17
Authority key identifier: 49:17:9E:7C:F6:04:88:C3:EF:5B:77:0D:21:AE:B1:47:DA:4C:7C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SReefPYEiMPvW3cNIa6xR9pMfO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d52eac-c7e2-4881-88e3-471d42c2d806/1/1PfCogsrcmO4yMFx3i7dWcicxiM.roa
Signing time: Thu 02 Jan 2025 03:49:28 +0000
ROA not before: Thu 02 Jan 2025 03:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44400
IP address blocks: 185.204.180.0/22 maxlen: 22
185.204.180.0/24 maxlen: 24
185.204.181.0/24 maxlen: 24
185.204.182.0/24 maxlen: 24
185.204.183.0/24 maxlen: 24
2a0a:fbc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/d52eac-c7e2-4881-88e3-471d42c2d806/1/SReefPYEiMPvW3cNIa6xR9pMfO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/d52eac-c7e2-4881-88e3-471d42c2d806/1/SReefPYEiMPvW3cNIa6xR9pMfO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/SReefPYEiMPvW3cNIa6xR9pMfO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:f1:75:f2:03:63:30:9d:f9:82:c9:2e:20:fc:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49179e7cf60488c3ef5b770d21aeb147da4c7cee
Validity
Not Before: Jan 2 03:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4f7c2a20b2b7263b8c8c171de2edd59c89cc623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f4:30:28:55:40:69:9a:69:f7:69:d8:2f:eb:
a6:be:26:f2:62:de:c1:32:9e:36:95:83:38:91:3a:
f4:61:9c:63:ef:1c:f5:c4:a1:41:15:7f:fe:13:aa:
55:e2:8e:45:f7:0d:1e:79:58:86:af:1f:31:5a:3e:
20:e8:e1:3a:c7:c7:e1:d9:25:5e:ce:20:10:a9:e0:
dd:9b:45:1b:13:09:8d:ae:39:1e:65:71:16:e7:7f:
f8:12:6f:5d:83:e7:58:a9:88:c3:44:db:f8:54:1a:
bf:05:9e:1f:de:ce:77:01:c7:c8:2e:44:2f:43:39:
1e:38:ef:93:d5:64:6f:91:d2:92:d3:f5:aa:05:38:
87:b6:5b:0e:6b:da:c2:5d:72:7c:32:8d:73:e9:5d:
70:d9:ab:9f:83:3b:3c:44:e9:72:02:2d:c6:a0:94:
98:d1:ad:a6:48:02:3b:70:af:75:4a:d1:65:ba:4c:
c7:7e:39:dd:4e:c0:64:0b:e9:9d:4e:64:98:b5:9f:
b1:51:c2:00:5e:69:06:d1:c5:88:43:89:fa:f4:83:
5d:34:e0:59:a0:3e:66:fb:dd:d4:26:76:19:38:3b:
ed:a5:a3:5a:0c:e7:f3:b2:17:ae:26:0c:09:24:79:
55:07:0e:da:8c:75:41:8b:f2:0e:c0:cb:bb:49:c2:
30:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:F7:C2:A2:0B:2B:72:63:B8:C8:C1:71:DE:2E:DD:59:C8:9C:C6:23
X509v3 Authority Key Identifier:
keyid:49:17:9E:7C:F6:04:88:C3:EF:5B:77:0D:21:AE:B1:47:DA:4C:7C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SReefPYEiMPvW3cNIa6xR9pMfO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d52eac-c7e2-4881-88e3-471d42c2d806/1/1PfCogsrcmO4yMFx3i7dWcicxiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d52eac-c7e2-4881-88e3-471d42c2d806/1/SReefPYEiMPvW3cNIa6xR9pMfO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.180.0/22
IPv6:
2a0a:fbc0::/29
Signature Algorithm: sha256WithRSAEncryption
4a:e9:17:83:61:79:84:85:7d:e3:c6:55:55:bd:77:0e:e1:99:
79:b3:88:75:50:a9:5a:ea:5d:14:57:f6:7b:fb:76:94:e6:fd:
aa:78:73:a8:dd:a2:8c:a6:2c:08:74:f1:b4:c9:dc:8d:3b:3a:
10:a2:7c:71:58:d9:97:b9:52:34:8c:c1:cd:41:ac:bd:55:93:
31:de:49:11:4f:c4:d0:1d:f4:c4:69:54:50:25:6a:7e:92:6c:
f2:19:e7:74:9c:a4:69:58:39:0c:5a:57:64:98:95:54:e1:38:
48:08:3f:20:32:b2:9a:9a:a6:2a:60:fa:56:ee:ae:7e:d4:dc:
24:c4:98:14:e8:18:06:65:dc:70:09:92:0a:0f:b4:4c:46:42:
69:b8:81:80:02:86:af:09:e8:6f:89:f5:df:85:fa:68:3a:0c:
80:6b:d1:fc:e9:9f:64:bb:97:2a:01:16:f4:80:5d:35:82:1c:
49:e4:13:e5:fc:91:32:57:4c:ba:96:05:a5:ba:ff:c4:5c:08:
77:ec:10:eb:90:3c:12:53:02:c0:1e:64:25:b4:f6:cc:41:d1:
be:eb:81:a9:ed:95:23:81:4e:4c:b3:ee:cc:9c:c9:62:ff:34:
ab:44:9e:db:4d:27:ea:9b:12:06:07:1f:87:2e:39:dc:6d:e4:
91:f8:22:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIfF18gNjMJ35gskuIPwXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MTc5ZTdjZjYwNDg4YzNlZjViNzcwZDIxYWViMTQ3ZGE0
YzdjZWUwHhcNMjUwMTAyMDM0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGY3YzJhMjBiMmI3MjYzYjhjOGMxNzFkZTJlZGQ1OWM4OWNjNjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vQwKFVAaZpp92nYL+umvibyYt7B
Mp42lYM4kTr0YZxj7xz1xKFBFX/+E6pV4o5F9w0eeViGrx8xWj4g6OE6x8fh2SVe
ziAQqeDdm0UbEwmNrjkeZXEW53/4Em9dg+dYqYjDRNv4VBq/BZ4f3s53AcfILkQv
QzkeOO+T1WRvkdKS0/WqBTiHtlsOa9rCXXJ8Mo1z6V1w2aufgzs8ROlyAi3GoJSY
0a2mSAI7cK91StFlukzHfjndTsBkC+mdTmSYtZ+xUcIAXmkG0cWIQ4n69INdNOBZ
oD5m+93UJnYZODvtpaNaDOfzsheuJgwJJHlVBw7ajHVBi/IOwMu7ScIwcQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNT3wqILK3JjuMjBcd4u3VnInMYjMB8GA1UdIwQY
MBaAFEkXnnz2BIjD71t3DSGusUfaTHzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1JlZWZQWUVpTVB2VzNjTklhNnhSOXBNZk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kNTJlYWMtYzdlMi00ODgxLTg4ZTMt
NDcxZDQyYzJkODA2LzEvMVBmQ29nc3JjbU80eU1GeDNpN2RXY2ljeGlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kNTJlYWMtYzdlMi00ODgxLTg4ZTMtNDcxZDQyYzJkODA2
LzEvU1JlZWZQWUVpTVB2VzNjTklhNnhSOXBNZk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucy0MA0E
AgACMAcDBQMqCvvAMA0GCSqGSIb3DQEBCwUAA4IBAQBK6ReDYXmEhX3jxlVVvXcO
4Zl5s4h1UKla6l0UV/Z7+3aU5v2qeHOo3aKMpiwIdPG0ydyNOzoQonxxWNmXuVI0
jMHNQay9VZMx3kkRT8TQHfTEaVRQJWp+kmzyGed0nKRpWDkMWldkmJVU4ThICD8g
MrKamqYqYPpW7q5+1NwkxJgU6BgGZdxwCZIKD7RMRkJpuIGAAoavCehvifXfhfpo
OgyAa9H86Z9ku5cqARb0gF01ghxJ5BPl/JEyV0y6lgWluv/EXAh37BDrkDwSUwLA
HmQltPbMQdG+64Gp7ZUjgU5Ms+7MnMli/zSrRJ7bTSfqmxIGBx+HLjncbeSR+CJ3
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:32:37 2025 by rpki-client