Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/710934-304b-4f5f-950e-12e8276fdac4/1/yNCFlHdmr6YTD4yj6Ff9apNqyt0.roa
File: yNCFlHdmr6YTD4yj6Ff9apNqyt0.roa (raw, json)
Hash identifier: ZUFB1KnW1iXTKo6shI/8yLUB0t8Kkom2z+qOMPxu0jE=
Subject key identifier: C8:D0:85:94:77:66:AF:A6:13:0F:8C:A3:E8:57:FD:6A:93:6A:CA:DD
Certificate issuer: /CN=987277fc47d848fa5634ce8031a174fc249fa673
Certificate serial: 01947D7461A7413DB33C845C2B1B77BC56A1
Authority key identifier: 98:72:77:FC:47:D8:48:FA:56:34:CE:80:31:A1:74:FC:24:9F:A6:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mHJ3_EfYSPpWNM6AMaF0_CSfpnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/710934-304b-4f5f-950e-12e8276fdac4/1/yNCFlHdmr6YTD4yj6Ff9apNqyt0.roa
Signing time: Sun 19 Jan 2025 07:26:06 +0000
ROA not before: Sun 19 Jan 2025 07:26:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211908
IP address blocks: 185.194.8.0/22 maxlen: 22
185.194.8.0/23 maxlen: 23
185.194.8.0/24 maxlen: 24
185.194.9.0/24 maxlen: 24
185.194.10.0/23 maxlen: 23
185.194.10.0/24 maxlen: 24
185.194.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/710934-304b-4f5f-950e-12e8276fdac4/1/mHJ3_EfYSPpWNM6AMaF0_CSfpnM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/710934-304b-4f5f-950e-12e8276fdac4/1/mHJ3_EfYSPpWNM6AMaF0_CSfpnM.mft
rsync://rpki.ripe.net/repository/DEFAULT/mHJ3_EfYSPpWNM6AMaF0_CSfpnM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7d:74:61:a7:41:3d:b3:3c:84:5c:2b:1b:77:bc:56:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=987277fc47d848fa5634ce8031a174fc249fa673
Validity
Not Before: Jan 19 07:26:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8d085947766afa6130f8ca3e857fd6a936acadd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:fd:64:a2:cf:ad:61:ca:b7:46:9b:8a:34:db:
38:ef:4a:29:fd:c7:35:30:4a:fb:5d:58:a5:96:ee:
95:e9:fc:e7:b4:45:d5:79:cc:77:6d:22:b3:da:4b:
f3:1e:45:1c:99:66:d6:f3:e1:b4:7f:b4:03:0a:9b:
16:40:31:d2:7c:15:80:74:a7:06:bd:85:8c:35:e4:
5f:f9:77:59:49:42:d9:b5:0a:3d:75:5c:da:d8:18:
81:98:c9:c3:46:21:15:95:1d:46:82:42:17:ee:a6:
69:9f:64:41:97:1f:6f:15:db:67:79:44:39:16:e0:
9a:76:48:17:3f:44:75:39:c1:65:16:30:cc:13:b4:
73:75:2d:9e:4b:fd:af:95:b8:05:6a:f5:c0:98:09:
39:93:f4:9a:e0:46:09:ae:be:55:a3:a4:1e:70:18:
23:36:bc:d4:b0:d5:35:73:3c:c7:f9:da:68:03:40:
cc:40:24:18:dc:e4:b0:dd:bd:e2:15:61:d9:df:ff:
c0:c5:13:54:1b:10:a1:f9:5f:c4:41:b7:d7:7f:75:
ac:6e:a3:d4:d5:09:64:cb:7e:40:ee:31:30:a6:6c:
2e:86:c1:2e:e8:10:64:89:d6:64:f8:bc:7c:18:b3:
9c:01:91:fe:c3:59:48:2f:ac:9e:18:b7:90:56:6d:
41:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:D0:85:94:77:66:AF:A6:13:0F:8C:A3:E8:57:FD:6A:93:6A:CA:DD
X509v3 Authority Key Identifier:
keyid:98:72:77:FC:47:D8:48:FA:56:34:CE:80:31:A1:74:FC:24:9F:A6:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mHJ3_EfYSPpWNM6AMaF0_CSfpnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/710934-304b-4f5f-950e-12e8276fdac4/1/yNCFlHdmr6YTD4yj6Ff9apNqyt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/710934-304b-4f5f-950e-12e8276fdac4/1/mHJ3_EfYSPpWNM6AMaF0_CSfpnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.8.0/22
Signature Algorithm: sha256WithRSAEncryption
cb:9b:3d:58:cf:bf:13:cf:0e:48:e7:b4:d5:13:6a:dc:aa:9f:
4b:12:7b:ae:71:cd:5d:de:ea:4e:91:ae:29:c6:f0:57:45:f9:
ef:ed:58:75:17:33:34:bb:5d:44:31:71:02:24:42:26:f2:5b:
1c:4d:bb:a6:76:c3:ab:9d:42:b3:08:9b:c4:2e:22:9b:91:49:
21:05:81:b5:60:c0:7d:a0:03:de:4f:54:8b:d2:2d:a7:2e:2c:
fb:39:d0:87:9b:4d:be:d8:8c:a6:89:4f:90:36:85:e7:e0:3e:
60:ee:97:ff:13:e8:8f:91:d7:10:7d:6c:a8:bc:25:c5:a8:36:
d7:02:e8:cf:ce:1d:f0:4c:19:e0:bc:3c:c0:57:2b:18:8b:60:
ff:ba:0b:48:10:7a:e3:5e:4f:53:19:95:1e:db:dd:58:21:8e:
cf:61:67:db:db:97:4d:4f:23:0f:80:98:37:fc:33:56:b1:09:
c9:2e:2f:c6:4d:1f:92:b9:5c:89:c8:4d:f7:0b:7e:17:46:3b:
ff:e3:1b:34:ee:23:a0:c4:d5:6d:f1:ae:31:c9:cc:6c:22:26:
8d:53:34:ba:4c:e8:60:92:b7:4e:cd:eb:09:89:47:fa:c2:e0:
c6:d0:23:5d:4e:bd:dc:fa:69:92:7a:2c:c8:99:f2:cf:13:e6:
ac:a8:ff:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZR9dGGnQT2zPIRcKxt3vFahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NzI3N2ZjNDdkODQ4ZmE1NjM0Y2U4MDMxYTE3NGZjMjQ5
ZmE2NzMwHhcNMjUwMTE5MDcyNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGQwODU5NDc3NjZhZmE2MTMwZjhjYTNlODU3ZmQ2YTkzNmFjYWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwv1kos+tYcq3RpuKNNs470op/cc1
MEr7XVillu6V6fzntEXVecx3bSKz2kvzHkUcmWbW8+G0f7QDCpsWQDHSfBWAdKcG
vYWMNeRf+XdZSULZtQo9dVza2BiBmMnDRiEVlR1GgkIX7qZpn2RBlx9vFdtneUQ5
FuCadkgXP0R1OcFlFjDME7RzdS2eS/2vlbgFavXAmAk5k/Sa4EYJrr5Vo6QecBgj
NrzUsNU1czzH+dpoA0DMQCQY3OSw3b3iFWHZ3//AxRNUGxCh+V/EQbfXf3WsbqPU
1Qlky35A7jEwpmwuhsEu6BBkidZk+Lx8GLOcAZH+w1lIL6yeGLeQVm1BxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMjQhZR3Zq+mEw+Mo+hX/WqTasrdMB8GA1UdIwQY
MBaAFJhyd/xH2Ej6VjTOgDGhdPwkn6ZzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUhKM19FZllTUHBXTk02QU1hRjBfQ1NmcG5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi83MTA5MzQtMzA0Yi00ZjVmLTk1MGUt
MTJlODI3NmZkYWM0LzEveU5DRmxIZG1yNllURDR5ajZGZjlhcE5xeXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi83MTA5MzQtMzA0Yi00ZjVmLTk1MGUtMTJlODI3NmZkYWM0
LzEvbUhKM19FZllTUHBXTk02QU1hRjBfQ1NmcG5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucIIMA0G
CSqGSIb3DQEBCwUAA4IBAQDLmz1Yz78Tzw5I57TVE2rcqp9LEnuucc1d3upOka4p
xvBXRfnv7Vh1FzM0u11EMXECJEIm8lscTbumdsOrnUKzCJvELiKbkUkhBYG1YMB9
oAPeT1SL0i2nLiz7OdCHm02+2IymiU+QNoXn4D5g7pf/E+iPkdcQfWyovCXFqDbX
AujPzh3wTBngvDzAVysYi2D/ugtIEHrjXk9TGZUe291YIY7PYWfb25dNTyMPgJg3
/DNWsQnJLi/GTR+SuVyJyE33C34XRjv/4xs07iOgxNVt8a4xycxsIiaNUzS6TOhg
krdOzesJiUf6wuDG0CNdTr3c+mmSeizImfLPE+asqP+D
-----END CERTIFICATE-----
Generated at Tue Apr 15 19:58:04 2025 by rpki-client