Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/CBiODbhkfA8pquq1a462Y8zBxfk.roa
File: CBiODbhkfA8pquq1a462Y8zBxfk.roa (raw, json)
Hash identifier: tqoKmW2W4/hm6OTTGtYbwqEY7og1wM0EuBkSzNxx7Lw=
Subject key identifier: 08:18:8E:0D:B8:64:7C:0F:29:AA:EA:B5:6B:8E:B6:63:CC:C1:C5:F9
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0195658909851F7B140242DB1B3C5C7924B6
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/CBiODbhkfA8pquq1a462Y8zBxfk.roa
Signing time: Wed 05 Mar 2025 09:00:34 +0000
ROA not before: Wed 05 Mar 2025 09:00:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61400
IP address blocks: 185.39.205.0/24 maxlen: 24
2a09:6281::/32 maxlen: 32
2a09:6282::/32 maxlen: 32
2a09:6283::/32 maxlen: 32
2a09:6287::/32 maxlen: 32
2a09:e2c0::/32 maxlen: 32
2a09:e2c1::/32 maxlen: 32
2a09:e2c2::/32 maxlen: 32
2a09:e2c3::/32 maxlen: 32
2a09:e2c4::/32 maxlen: 32
2a09:e2c5::/32 maxlen: 32
2a09:e2c6::/32 maxlen: 32
2a09:e2c7::/32 maxlen: 32
2a10:4102::/32 maxlen: 32
2a10:4106::/32 maxlen: 32
2a11:4b45::/32 maxlen: 32
2a12:1e80::/32 maxlen: 32
2a12:1e81::/32 maxlen: 32
2a12:1e82::/32 maxlen: 32
2a12:1e83::/32 maxlen: 32
2a12:1e84::/32 maxlen: 32
2a12:1e85::/32 maxlen: 32
2a12:1e86::/32 maxlen: 32
2a12:1e87::/32 maxlen: 32
2a12:c300::/30 maxlen: 30
2a12:c300::/32 maxlen: 32
2a12:c301::/32 maxlen: 32
2a12:c302::/32 maxlen: 32
2a12:c303::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:65:89:09:85:1f:7b:14:02:42:db:1b:3c:5c:79:24:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Mar 5 09:00:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08188e0db8647c0f29aaeab56b8eb663ccc1c5f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:12:9b:17:80:61:ca:1c:3a:56:1e:d4:18:83:
fa:ef:39:5e:7c:5f:71:01:50:b6:e2:de:a5:59:fc:
9c:5a:4e:7a:01:2d:6a:5e:85:29:0f:59:8a:a1:72:
06:73:1f:da:e8:21:ea:d9:07:c1:74:91:6c:c1:02:
d2:86:56:e5:8c:44:46:37:cb:75:45:a1:61:0b:0a:
17:b8:ab:9d:70:57:35:5d:4e:56:de:5f:51:e1:66:
47:d6:3a:2f:5a:89:12:62:9d:d3:b9:9b:8d:fd:78:
d1:de:28:52:16:95:83:e5:4b:f0:63:09:d9:87:fc:
66:72:73:10:82:e3:35:f7:ee:f2:7e:df:99:14:fe:
23:c6:01:ae:a5:f1:62:69:d1:24:67:f4:2b:5b:b6:
9b:e3:f8:da:3b:ee:08:84:29:e5:96:0e:69:42:f6:
30:e2:0f:c2:c4:7a:84:ee:54:08:e5:f6:7b:b2:00:
28:da:ab:b4:df:c8:d6:34:a9:1c:d9:d7:38:d4:58:
2c:02:bf:bd:0c:84:d6:c7:e9:e6:e1:dc:56:49:bc:
05:fb:36:a8:54:81:86:05:d7:d4:05:1e:d2:c8:a5:
fb:be:25:39:df:81:8f:fc:cf:e8:7a:60:7f:3d:94:
04:25:4a:17:97:4e:06:ae:54:79:9d:3b:ac:d2:78:
6f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:18:8E:0D:B8:64:7C:0F:29:AA:EA:B5:6B:8E:B6:63:CC:C1:C5:F9
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/CBiODbhkfA8pquq1a462Y8zBxfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.205.0/24
IPv6:
2a09:6281::-2a09:6283:ffff:ffff:ffff:ffff:ffff:ffff
2a09:6287::/32
2a09:e2c0::/29
2a10:4102::/32
2a10:4106::/32
2a11:4b45::/32
2a12:1e80::/29
2a12:c300::/30
Signature Algorithm: sha256WithRSAEncryption
2a:fd:45:f6:ab:d1:6c:6c:7b:c4:fb:1b:34:1e:d2:c8:3b:f2:
13:c5:a3:de:85:24:ed:e8:eb:bc:10:90:f0:24:e2:c4:61:94:
8e:96:0d:3a:40:36:30:2a:96:3a:ff:d2:1c:18:f3:a7:cb:7d:
d6:66:d7:4a:b4:9c:96:55:02:40:6d:87:3e:8d:3a:f9:e1:a4:
f0:a2:4a:2b:c4:8e:c5:42:da:ee:83:4c:80:0f:30:14:05:b4:
dc:e6:05:99:f1:77:59:60:54:6b:6b:32:9b:a9:38:f5:cd:6e:
96:0d:38:4c:73:fe:a5:58:0c:99:e7:c6:96:86:9a:33:3a:0d:
59:f1:a1:21:08:21:4c:82:47:b9:77:df:a1:c4:ed:20:00:e2:
30:14:40:57:fd:f0:cd:5e:f7:5a:8f:5b:1f:47:71:e4:ee:b3:
c2:7c:9f:f4:ef:57:a6:87:8e:a0:41:41:e8:e2:52:d4:4a:8a:
67:5b:1f:3c:30:74:22:d6:a4:12:76:17:b1:61:e7:99:3f:29:
c3:62:2f:fd:50:e8:1d:e3:ba:c9:01:df:05:72:6b:af:e8:b6:
e3:b6:7b:54:88:c6:d1:90:28:33:bb:2e:8a:e2:3f:5b:de:3a:
ff:1b:7a:07:b7:af:c0:ef:67:57:f1:fb:1a:6d:91:58:69:89:
09:25:77:39
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZVliQmFH3sUAkLbGzxceSS2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMzA1MDkwMDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODE4OGUwZGI4NjQ3YzBmMjlhYWVhYjU2YjhlYjY2M2NjYzFjNWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBKbF4Bhyhw6Vh7UGIP67zlefF9x
AVC24t6lWfycWk56AS1qXoUpD1mKoXIGcx/a6CHq2QfBdJFswQLShlbljERGN8t1
RaFhCwoXuKudcFc1XU5W3l9R4WZH1jovWokSYp3TuZuN/XjR3ihSFpWD5UvwYwnZ
h/xmcnMQguM19+7yft+ZFP4jxgGupfFiadEkZ/QrW7ab4/jaO+4IhCnllg5pQvYw
4g/CxHqE7lQI5fZ7sgAo2qu038jWNKkc2dc41FgsAr+9DITWx+nm4dxWSbwF+zao
VIGGBdfUBR7SyKX7viU534GP/M/oemB/PZQEJUoXl04GrlR5nTus0nhvnQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFAgYjg24ZHwPKarqtWuOtmPMwcX5MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvQ0JpT0RiaGtmQThwcXVxMWE0NjJZOHpCeGZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzAMBAIAATAGAwQAuSfNMEcE
AgACMEEwDgMFACoJYoEDBQIqCWKAAwUAKglihwMFAyoJ4sADBQAqEEECAwUAKhBB
BgMFACoRS0UDBQMqEh6AAwUCKhLDADANBgkqhkiG9w0BAQsFAAOCAQEAKv1F9qvR
bGx7xPsbNB7SyDvyE8Wj3oUk7ejrvBCQ8CTixGGUjpYNOkA2MCqWOv/SHBjzp8t9
1mbXSrScllUCQG2HPo06+eGk8KJKK8SOxULa7oNMgA8wFAW03OYFmfF3WWBUa2sy
m6k49c1ulg04THP+pVgMmefGloaaMzoNWfGhIQghTIJHuXffocTtIADiMBRAV/3w
zV73Wo9bH0dx5O6zwnyf9O9XpoeOoEFB6OJS1EqKZ1sfPDB0ItakEnYXsWHnmT8p
w2Iv/VDoHeO6yQHfBXJrr+i247Z7VIjG0ZAoM7suiuI/W946/xt6B7evwO9nV/H7
Gm2RWGmJCSV3OQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:09:06 2025 by rpki-client