Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/CgI8RO9Vbr_Gvqd6nXuf6xUvB3c.roa
File: CgI8RO9Vbr_Gvqd6nXuf6xUvB3c.roa (raw, json)
Hash identifier: Us9A46RLHsNHOICpLUg4c/TsB6QkGJR/YxrWMeUzzMw=
Subject key identifier: 0A:02:3C:44:EF:55:6E:BF:C6:BE:A7:7A:9D:7B:9F:EB:15:2F:07:77
Certificate issuer: /CN=07f2a175be20108641c649553213f212511667a5
Certificate serial: 019425215074DC42E4144683321B2A06542D
Authority key identifier: 07:F2:A1:75:BE:20:10:86:41:C6:49:55:32:13:F2:12:51:16:67:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B_Khdb4gEIZBxklVMhPyElEWZ6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/CgI8RO9Vbr_Gvqd6nXuf6xUvB3c.roa
Signing time: Thu 02 Jan 2025 03:48:47 +0000
ROA not before: Thu 02 Jan 2025 03:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64403
IP address blocks: 185.166.232.0/23 maxlen: 24
185.166.234.0/24 maxlen: 24
185.166.235.0/24 maxlen: 24
2a0b:2200::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/B_Khdb4gEIZBxklVMhPyElEWZ6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/B_Khdb4gEIZBxklVMhPyElEWZ6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/B_Khdb4gEIZBxklVMhPyElEWZ6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:50:74:dc:42:e4:14:46:83:32:1b:2a:06:54:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07f2a175be20108641c649553213f212511667a5
Validity
Not Before: Jan 2 03:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a023c44ef556ebfc6bea77a9d7b9feb152f0777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bf:3e:73:00:47:29:6b:b9:2c:ed:3d:51:97:
e2:20:0f:41:e4:1a:f9:1f:bc:47:7a:81:1c:93:d1:
f9:d5:2a:4d:6b:bc:e8:4e:04:00:8c:e9:d7:37:ff:
73:99:6d:3b:1b:a1:da:26:85:02:87:85:ed:65:8d:
53:14:8e:c7:ab:84:58:4d:61:d6:a5:7d:b6:78:1d:
1e:0c:47:6d:78:a4:7c:31:bc:3c:42:9d:2a:91:93:
59:fb:33:1c:66:7d:cf:91:ad:f2:ee:ca:d0:1f:48:
ac:aa:a0:68:15:64:3e:1b:2c:b1:ff:48:5e:d0:bd:
7c:3f:3f:5a:95:43:ce:9f:10:43:d7:74:69:0a:56:
e9:a2:b2:f4:a3:40:32:4c:35:5c:02:7c:6b:9f:45:
ac:b3:ab:a4:fb:f1:74:bc:28:71:73:ec:56:c3:a6:
3a:87:04:fb:7f:8c:18:11:9c:2b:53:86:59:eb:89:
1d:a7:14:40:52:d4:d7:c6:22:01:eb:b4:3d:ab:c1:
76:af:71:e7:ce:ae:97:95:1a:b6:8a:17:48:e4:f0:
d9:db:5f:ad:61:c8:2e:5a:37:e3:83:4f:b5:c2:fc:
4d:70:b3:9a:bf:d0:2d:1e:9e:a0:ed:b4:09:77:12:
c6:f2:8c:7c:88:ac:d7:6c:dd:98:dc:91:a0:93:10:
fe:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:02:3C:44:EF:55:6E:BF:C6:BE:A7:7A:9D:7B:9F:EB:15:2F:07:77
X509v3 Authority Key Identifier:
keyid:07:F2:A1:75:BE:20:10:86:41:C6:49:55:32:13:F2:12:51:16:67:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_Khdb4gEIZBxklVMhPyElEWZ6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/CgI8RO9Vbr_Gvqd6nXuf6xUvB3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/B_Khdb4gEIZBxklVMhPyElEWZ6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.232.0/22
IPv6:
2a0b:2200::/29
Signature Algorithm: sha256WithRSAEncryption
a9:9c:a5:ea:87:f5:c7:c6:bc:30:bf:12:f2:9b:e7:87:0f:f4:
00:82:e1:42:d2:6e:9f:1a:7d:1d:9c:1a:2a:3d:9c:45:e1:db:
0f:e6:66:1e:e2:2b:6b:db:d4:36:41:8d:77:99:82:65:5f:b0:
f8:a9:6a:4d:71:42:ce:b0:4c:fa:2f:64:ac:f1:9a:3a:75:fa:
eb:b2:5b:f0:6b:c7:6b:d2:8c:91:5b:1e:9c:db:02:10:e8:58:
1f:c1:fb:d8:76:b4:b8:5a:f3:56:1d:8b:a2:66:fa:bd:04:e5:
d6:eb:b3:37:0a:2a:d1:ef:77:aa:8a:aa:c6:3f:74:b7:7c:f3:
8a:d2:b5:59:7b:67:18:b4:28:90:1a:77:b8:06:d7:47:22:fb:
16:de:3d:c6:39:42:25:48:05:79:cd:38:10:d3:6a:45:17:40:
93:88:26:23:62:c0:c7:20:66:ed:46:5d:e4:12:e8:a7:41:65:
96:73:05:23:22:e3:af:12:08:59:0c:3e:fd:d6:f3:12:65:e0:
00:91:11:50:06:1a:ed:33:66:8f:33:1c:20:e7:2c:e9:23:bd:
b2:cc:9c:df:bd:b1:b2:b2:f1:5f:3c:9a:35:7b:20:57:33:28:
ca:bb:a9:75:a6:d8:26:f3:01:c3:b1:b4:43:0c:34:61:ec:ee:
3e:a6:1d:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIVB03ELkFEaDMhsqBlQtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZjJhMTc1YmUyMDEwODY0MWM2NDk1NTMyMTNmMjEyNTEx
NjY3YTUwHhcNMjUwMTAyMDM0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTAyM2M0NGVmNTU2ZWJmYzZiZWE3N2E5ZDdiOWZlYjE1MmYwNzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv78+cwBHKWu5LO09UZfiIA9B5Br5
H7xHeoEck9H51SpNa7zoTgQAjOnXN/9zmW07G6HaJoUCh4XtZY1TFI7Hq4RYTWHW
pX22eB0eDEdteKR8Mbw8Qp0qkZNZ+zMcZn3Pka3y7srQH0isqqBoFWQ+Gyyx/0he
0L18Pz9alUPOnxBD13RpClbporL0o0AyTDVcAnxrn0Wss6uk+/F0vChxc+xWw6Y6
hwT7f4wYEZwrU4ZZ64kdpxRAUtTXxiIB67Q9q8F2r3Hnzq6XlRq2ihdI5PDZ21+t
YcguWjfjg0+1wvxNcLOav9AtHp6g7bQJdxLG8ox8iKzXbN2Y3JGgkxD+EwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAoCPETvVW6/xr6nep17n+sVLwd3MB8GA1UdIwQY
MBaAFAfyoXW+IBCGQcZJVTIT8hJRFmelMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9LaGRiNGdFSVpCeGtsVk1oUHlFbEVXWjZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zNmIwODUtMWE1Yi00YWY5LTg3OGIt
Mzc2NDI2ZmZkNjYyLzEvQ2dJOFJPOVZicl9HdnFkNm5YdWY2eFV2QjNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8zNmIwODUtMWE1Yi00YWY5LTg3OGItMzc2NDI2ZmZkNjYy
LzEvQl9LaGRiNGdFSVpCeGtsVk1oUHlFbEVXWjZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaboMA0E
AgACMAcDBQMqCyIAMA0GCSqGSIb3DQEBCwUAA4IBAQCpnKXqh/XHxrwwvxLym+eH
D/QAguFC0m6fGn0dnBoqPZxF4dsP5mYe4itr29Q2QY13mYJlX7D4qWpNcULOsEz6
L2Ss8Zo6dfrrslvwa8dr0oyRWx6c2wIQ6FgfwfvYdrS4WvNWHYuiZvq9BOXW67M3
CirR73eqiqrGP3S3fPOK0rVZe2cYtCiQGne4BtdHIvsW3j3GOUIlSAV5zTgQ02pF
F0CTiCYjYsDHIGbtRl3kEuinQWWWcwUjIuOvEghZDD791vMSZeAAkRFQBhrtM2aP
Mxwg5yzpI72yzJzfvbGysvFfPJo1eyBXMyjKu6l1ptgm8wHDsbRDDDRh7O4+ph0E
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:47 2025 by rpki-client