Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/AuGSVrNkGgUtthLzU1YbunCRJmA.roa
File: AuGSVrNkGgUtthLzU1YbunCRJmA.roa (raw, json)
Hash identifier: N+p3SVnY5s1RjPh5Td733eJn6W460syQCiw/MVZ+pqA=
Subject key identifier: 02:E1:92:56:B3:64:1A:05:2D:B6:12:F3:53:56:1B:BA:70:91:26:60
Certificate issuer: /CN=dcf85c36c696d5db2cbb48fd43e821737ee34227
Certificate serial: 019426D95183932215C2D81F29CE9C6F146C
Authority key identifier: DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/AuGSVrNkGgUtthLzU1YbunCRJmA.roa
Signing time: Thu 02 Jan 2025 11:49:23 +0000
ROA not before: Thu 02 Jan 2025 11:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207174
IP address blocks: 5.181.240.0/22 maxlen: 24
185.49.192.0/22 maxlen: 24
185.211.212.0/22 maxlen: 24
185.249.108.0/22 maxlen: 24
2a01:a260::/32 maxlen: 48
2a0b:6b40::/29 maxlen: 48
2a0c:240::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft
rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:51:83:93:22:15:c2:d8:1f:29:ce:9c:6f:14:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcf85c36c696d5db2cbb48fd43e821737ee34227
Validity
Not Before: Jan 2 11:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02e19256b3641a052db612f353561bba70912660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:08:a4:3f:46:aa:82:8b:60:29:77:ae:7d:66:
b8:52:fa:c6:2a:e2:74:d9:83:00:f7:5e:bf:15:c6:
6a:70:29:17:b3:08:b6:cf:e4:06:56:61:2a:27:e3:
e5:32:57:a6:6a:6e:9e:06:25:26:39:d6:e5:f5:f1:
50:19:3f:94:ea:2e:69:f7:8d:f8:13:51:2d:13:7b:
f4:b1:ae:00:f5:53:44:be:69:37:cb:e7:b0:03:2e:
a6:e1:f1:ff:70:3a:1a:50:d9:23:3c:c7:42:5c:b3:
13:63:8d:e4:ae:1c:32:da:86:e3:ad:1b:f6:d7:8c:
3a:92:64:dd:39:50:9a:56:75:de:14:d7:33:62:39:
da:21:4d:2c:ab:cc:5e:b8:e2:26:88:13:fb:b9:75:
69:45:13:41:d1:2d:67:45:4e:a7:cc:a7:b3:c9:62:
3c:18:32:2f:1b:b7:80:79:a6:b4:46:39:fa:25:3f:
29:30:c8:e3:ac:d8:29:4b:4e:50:a5:e3:e5:b0:79:
1d:9b:9c:17:bb:cb:d4:4a:06:4e:8d:a9:ea:7b:93:
3a:20:aa:a3:e5:29:f3:47:7d:3d:dd:91:e8:26:07:
a6:89:5e:1f:b7:2f:fd:f8:f7:df:6d:4f:67:cb:e0:
13:0a:37:35:b4:de:ed:ff:ca:bb:a0:22:5e:a0:2d:
e8:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:E1:92:56:B3:64:1A:05:2D:B6:12:F3:53:56:1B:BA:70:91:26:60
X509v3 Authority Key Identifier:
keyid:DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/AuGSVrNkGgUtthLzU1YbunCRJmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.240.0/22
185.49.192.0/22
185.211.212.0/22
185.249.108.0/22
IPv6:
2a01:a260::/32
2a0b:6b40::/29
2a0c:240::/29
Signature Algorithm: sha256WithRSAEncryption
5f:62:93:4d:96:04:35:26:f0:2e:8b:ba:29:1f:7d:39:be:88:
41:82:55:6e:b1:67:20:00:35:a5:41:66:f6:2a:1e:47:23:b4:
7f:e6:bd:1a:a3:21:76:fa:08:7e:e1:0e:8e:4b:61:26:de:6d:
9f:96:0c:69:06:cd:03:b7:48:12:a6:7c:44:ad:74:a4:6d:b0:
cd:bd:f8:60:66:8e:55:20:27:57:51:33:e0:7a:10:c1:fb:0b:
ac:2e:cd:8d:2f:22:80:a4:4c:89:59:cf:71:ab:f6:fe:b5:a3:
29:52:e7:f0:aa:de:4a:3b:11:7c:94:94:38:85:f1:55:ad:27:
6b:06:7c:23:07:51:17:1e:b3:78:8d:60:40:25:be:a9:08:4d:
0a:1b:2c:67:47:4d:2f:c4:47:e5:f0:46:05:4c:5a:d1:a2:f5:
9f:4f:d1:15:e8:5a:59:93:a1:40:29:81:6e:76:fa:c9:18:51:
ac:05:33:e1:92:db:67:9e:c4:0f:5f:86:49:60:0c:4c:bf:da:
27:c5:d4:b6:05:ff:a0:76:4e:d4:c9:18:6a:32:e2:c3:0f:f2:
e7:41:8e:70:dc:de:4c:b7:45:8e:a1:f4:4d:ca:1c:39:5f:eb:
00:fc:11:e0:a7:6d:7a:81:d3:62:dd:e1:e9:13:46:b6:47:57:
73:75:e2:95
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQm2VGDkyIVwtgfKc6cbxRsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZjg1YzM2YzY5NmQ1ZGIyY2JiNDhmZDQzZTgyMTczN2Vl
MzQyMjcwHhcNMjUwMTAyMTE0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmUxOTI1NmIzNjQxYTA1MmRiNjEyZjM1MzU2MWJiYTcwOTEyNjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QikP0aqgotgKXeufWa4UvrGKuJ0
2YMA916/FcZqcCkXswi2z+QGVmEqJ+PlMlemam6eBiUmOdbl9fFQGT+U6i5p9434
E1EtE3v0sa4A9VNEvmk3y+ewAy6m4fH/cDoaUNkjPMdCXLMTY43krhwy2objrRv2
14w6kmTdOVCaVnXeFNczYjnaIU0sq8xeuOImiBP7uXVpRRNB0S1nRU6nzKezyWI8
GDIvG7eAeaa0Rjn6JT8pMMjjrNgpS05QpePlsHkdm5wXu8vUSgZOjanqe5M6IKqj
5SnzR3093ZHoJgemiV4fty/9+PffbU9ny+ATCjc1tN7t/8q7oCJeoC3oYwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFALhklazZBoFLbYS81NWG7pwkSZgMB8GA1UdIwQY
MBaAFNz4XDbGltXbLLtI/UPoIXN+40InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9jZmJjNjItNWQ1NC00MzI3LWIwNzIt
MGY1MmY4NjcxNzhkLzEvQXVHU1ZyTmtHZ1V0dGhMelUxWWJ1bkNSSm1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9jZmJjNjItNWQ1NC00MzI3LWIwNzItMGY1MmY4NjcxNzhk
LzEvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQCBbXwAwQC
uTHAAwQCudPUAwQCuflsMBsEAgACMBUDBQAqAaJgAwUDKgtrQAMFAyoMAkAwDQYJ
KoZIhvcNAQELBQADggEBAF9ik02WBDUm8C6LuikffTm+iEGCVW6xZyAANaVBZvYq
HkcjtH/mvRqjIXb6CH7hDo5LYSbebZ+WDGkGzQO3SBKmfEStdKRtsM29+GBmjlUg
J1dRM+B6EMH7C6wuzY0vIoCkTIlZz3Gr9v61oylS5/Cq3ko7EXyUlDiF8VWtJ2sG
fCMHURces3iNYEAlvqkITQobLGdHTS/ER+XwRgVMWtGi9Z9P0RXoWlmToUApgW52
+skYUawFM+GS22eexA9fhklgDEy/2ifF1LYF/6B2TtTJGGoy4sMP8udBjnDc3ky3
RY6h9E3KHDlf6wD8EeCnbXqB02Ld4ekTRrZHV3N14pU=
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:36:57 2025 by rpki-client