Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/4a7901-85d8-43ea-adb2-799910c1545f/1/1J8y1mQKbllZPdpNvAX7bscmWlI.roa
File: 1J8y1mQKbllZPdpNvAX7bscmWlI.roa (raw, json)
Hash identifier: jhx/+OmQQVqiCuyQX4gR49r4SoPl20ExxxakSlp8D6M=
Subject key identifier: D4:9F:32:D6:64:0A:6E:59:59:3D:DA:4D:BC:05:FB:6E:C7:26:5A:52
Certificate issuer: /CN=9f5d5b7f792644ff7072a43acc9c865194be4adc
Certificate serial: 0194FE99D7A14732CF77B32456FD79DDCB01
Authority key identifier: 9F:5D:5B:7F:79:26:44:FF:70:72:A4:3A:CC:9C:86:51:94:BE:4A:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n11bf3kmRP9wcqQ6zJyGUZS-Stw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/4a7901-85d8-43ea-adb2-799910c1545f/1/1J8y1mQKbllZPdpNvAX7bscmWlI.roa
Signing time: Thu 13 Feb 2025 09:18:02 +0000
ROA not before: Thu 13 Feb 2025 09:18:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34766
IP address blocks: 185.138.56.0/22 maxlen: 22
185.138.56.0/24 maxlen: 24
185.138.57.0/24 maxlen: 24
2a07:a80::/29 maxlen: 29
2a07:a80::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/4a7901-85d8-43ea-adb2-799910c1545f/1/n11bf3kmRP9wcqQ6zJyGUZS-Stw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/4a7901-85d8-43ea-adb2-799910c1545f/1/n11bf3kmRP9wcqQ6zJyGUZS-Stw.mft
rsync://rpki.ripe.net/repository/DEFAULT/n11bf3kmRP9wcqQ6zJyGUZS-Stw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fe:99:d7:a1:47:32:cf:77:b3:24:56:fd:79:dd:cb:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f5d5b7f792644ff7072a43acc9c865194be4adc
Validity
Not Before: Feb 13 09:18:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d49f32d6640a6e59593dda4dbc05fb6ec7265a52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1e:28:1d:41:c2:02:e0:95:71:97:1c:d6:97:
dd:0e:06:95:2a:ac:38:16:ce:eb:bf:ea:b8:d6:e9:
72:36:1b:2f:25:38:72:1a:73:79:1e:50:da:97:01:
56:cb:9f:21:3e:32:91:6b:6c:86:bd:35:95:7d:77:
94:fc:27:62:e9:02:03:6a:f7:e7:bc:83:df:4d:52:
fb:af:af:c9:ee:87:f8:d4:be:c8:2b:77:cd:60:e6:
7c:97:a1:44:4a:e5:b1:47:05:7f:e0:60:e1:e2:c2:
5d:c8:f2:fd:75:8f:75:ef:ea:ce:81:8e:f8:8e:9c:
10:c0:1f:4a:3e:92:fb:5c:f4:cb:25:7f:c8:26:00:
7a:f1:3d:d2:c0:c1:f5:88:79:7f:c0:a7:d9:a7:11:
1c:eb:cb:6b:e1:26:57:d2:2f:77:f5:3c:52:d2:6b:
7d:e5:28:f2:04:b9:0b:39:80:10:16:b9:52:c9:0f:
66:24:0f:df:4f:25:56:bc:a7:e4:b6:be:5b:cd:d1:
52:8b:ea:0a:9c:f0:ab:ff:18:fc:a1:cf:0b:1a:fa:
64:a3:ee:4a:98:cf:1a:51:b9:e4:02:b9:dd:4c:35:
45:9e:be:a6:43:83:dc:38:bc:a4:22:86:59:53:ec:
5e:4d:51:6d:e6:83:7f:ee:db:6b:11:07:b9:1e:14:
92:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:9F:32:D6:64:0A:6E:59:59:3D:DA:4D:BC:05:FB:6E:C7:26:5A:52
X509v3 Authority Key Identifier:
keyid:9F:5D:5B:7F:79:26:44:FF:70:72:A4:3A:CC:9C:86:51:94:BE:4A:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n11bf3kmRP9wcqQ6zJyGUZS-Stw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/4a7901-85d8-43ea-adb2-799910c1545f/1/1J8y1mQKbllZPdpNvAX7bscmWlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/4a7901-85d8-43ea-adb2-799910c1545f/1/n11bf3kmRP9wcqQ6zJyGUZS-Stw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.56.0/22
IPv6:
2a07:a80::/29
Signature Algorithm: sha256WithRSAEncryption
97:2e:06:f7:e8:0b:44:c9:6b:67:89:f3:45:f2:20:c3:ca:c7:
bd:86:11:99:32:b7:8d:ae:c6:e6:e9:54:36:9f:74:04:fc:9d:
f4:6f:fd:2e:87:0c:7b:35:b8:88:31:1e:f3:47:1d:03:02:32:
9c:e5:fe:08:66:f9:f1:a7:ff:73:01:e5:38:42:05:0e:d1:79:
3e:f1:81:5a:38:20:8c:dc:2e:89:bb:46:d3:6b:1b:0d:7e:57:
54:70:a8:00:20:75:8f:cb:66:52:d8:ab:39:ec:3d:cb:41:b7:
26:43:52:c7:0a:f6:c1:b8:74:78:42:62:a6:23:59:d3:2f:b7:
61:bd:a5:a2:8a:0c:e1:f9:a4:4f:d4:bf:ab:f9:51:64:1d:44:
13:8b:19:47:4c:20:9f:ed:51:02:0d:ee:16:e4:6a:8e:ee:70:
b6:d1:41:06:fd:80:5a:b1:64:09:cc:e0:68:17:f1:29:23:76:
eb:b3:79:82:05:f5:f8:94:d9:40:5e:ed:51:52:8c:ed:c5:a9:
39:ab:06:91:71:4d:d0:49:5c:ee:93:79:fa:ae:96:cd:d2:93:
cf:f3:56:1f:ce:94:b3:17:0b:94:bc:92:3f:a0:5b:cd:bf:aa:
d2:98:24:33:ea:75:ab:bf:96:50:ea:66:68:6b:78:59:0e:e9:
ed:c2:40:22
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZT+mdehRzLPd7MkVv153csBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNWQ1YjdmNzkyNjQ0ZmY3MDcyYTQzYWNjOWM4NjUxOTRi
ZTRhZGMwHhcNMjUwMjEzMDkxODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDlmMzJkNjY0MGE2ZTU5NTkzZGRhNGRiYzA1ZmI2ZWM3MjY1YTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvB4oHUHCAuCVcZcc1pfdDgaVKqw4
Fs7rv+q41ulyNhsvJThyGnN5HlDalwFWy58hPjKRa2yGvTWVfXeU/Cdi6QIDavfn
vIPfTVL7r6/J7of41L7IK3fNYOZ8l6FESuWxRwV/4GDh4sJdyPL9dY917+rOgY74
jpwQwB9KPpL7XPTLJX/IJgB68T3SwMH1iHl/wKfZpxEc68tr4SZX0i939TxS0mt9
5SjyBLkLOYAQFrlSyQ9mJA/fTyVWvKfktr5bzdFSi+oKnPCr/xj8oc8LGvpko+5K
mM8aUbnkArndTDVFnr6mQ4PcOLykIoZZU+xeTVFt5oN/7ttrEQe5HhSSswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNSfMtZkCm5ZWT3aTbwF+27HJlpSMB8GA1UdIwQY
MBaAFJ9dW395JkT/cHKkOsychlGUvkrcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjExYmYza21SUDl3Y3FRNnpKeUdVWlMtU3R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80YTc5MDEtODVkOC00M2VhLWFkYjIt
Nzk5OTEwYzE1NDVmLzEvMUo4eTFtUUtibGxaUGRwTnZBWDdic2NtV2xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80YTc5MDEtODVkOC00M2VhLWFkYjItNzk5OTEwYzE1NDVm
LzEvbjExYmYza21SUDl3Y3FRNnpKeUdVWlMtU3R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYo4MA0E
AgACMAcDBQMqBwqAMA0GCSqGSIb3DQEBCwUAA4IBAQCXLgb36AtEyWtnifNF8iDD
yse9hhGZMreNrsbm6VQ2n3QE/J30b/0uhwx7NbiIMR7zRx0DAjKc5f4IZvnxp/9z
AeU4QgUO0Xk+8YFaOCCM3C6Ju0bTaxsNfldUcKgAIHWPy2ZS2Ks57D3LQbcmQ1LH
CvbBuHR4QmKmI1nTL7dhvaWiigzh+aRP1L+r+VFkHUQTixlHTCCf7VECDe4W5GqO
7nC20UEG/YBasWQJzOBoF/EpI3brs3mCBfX4lNlAXu1RUoztxak5qwaRcU3QSVzu
k3n6rpbN0pPP81YfzpSzFwuUvJI/oFvNv6rSmCQz6nWrv5ZQ6mZoa3hZDuntwkAi
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:20 2025 by rpki-client