Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/22b0fe-9dc8-4bef-a299-30097a246a9c/1/G1B5f1Zo9mXXkjO8qvbHOoggkQk.roa
File: G1B5f1Zo9mXXkjO8qvbHOoggkQk.roa (raw, json)
Hash identifier: aEmK04Ia5XU5AnX1t6+4/7AVUK1sMbT5CaQWCjlA0q4=
Subject key identifier: 1B:50:79:7F:56:68:F6:65:D7:92:33:BC:AA:F6:C7:3A:88:20:91:09
Certificate issuer: /CN=708612e8703a660889ca0f457cf1b4d8a0d53b4d
Certificate serial: 019686E890CB4EFABDA4D0D50F951F6E6745
Authority key identifier: 70:86:12:E8:70:3A:66:08:89:CA:0F:45:7C:F1:B4:D8:A0:D5:3B:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cIYS6HA6ZgiJyg9FfPG02KDVO00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/22b0fe-9dc8-4bef-a299-30097a246a9c/1/G1B5f1Zo9mXXkjO8qvbHOoggkQk.roa
Signing time: Wed 30 Apr 2025 13:35:10 +0000
ROA not before: Wed 30 Apr 2025 13:35:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35064
IP address blocks: 85.119.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/22b0fe-9dc8-4bef-a299-30097a246a9c/1/cIYS6HA6ZgiJyg9FfPG02KDVO00.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/22b0fe-9dc8-4bef-a299-30097a246a9c/1/cIYS6HA6ZgiJyg9FfPG02KDVO00.mft
rsync://rpki.ripe.net/repository/DEFAULT/cIYS6HA6ZgiJyg9FfPG02KDVO00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:86:e8:90:cb:4e:fa:bd:a4:d0:d5:0f:95:1f:6e:67:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=708612e8703a660889ca0f457cf1b4d8a0d53b4d
Validity
Not Before: Apr 30 13:35:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b50797f5668f665d79233bcaaf6c73a88209109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:25:ae:ce:98:bb:e5:e4:e0:7c:69:7d:e6:8c:
aa:b9:37:2f:b7:9b:4a:ea:52:68:7f:d8:7f:dd:a6:
ac:88:9d:af:04:cf:e3:f8:d4:58:df:53:02:23:95:
ed:82:9a:e5:50:62:d7:74:42:7d:88:70:fa:ef:9c:
89:af:83:82:e1:7d:5c:d6:5f:aa:a5:33:30:a4:30:
d5:1b:a2:d7:2e:0f:40:75:9e:92:bb:e1:8f:85:cf:
88:93:44:ee:65:f4:6e:b8:7a:57:b2:60:da:b6:55:
9d:cb:96:07:a0:9d:fa:37:14:5f:63:b2:ab:bb:00:
86:5b:2f:1f:47:28:04:2b:64:7e:90:90:b3:d3:4c:
94:4f:91:27:4d:11:d5:9b:c5:1b:c5:4b:9a:e4:ae:
1b:99:40:50:8d:6b:20:a3:ec:1c:95:a7:cb:7e:c8:
3b:20:fd:98:ee:fc:05:79:b0:b8:45:20:e3:2e:21:
56:b7:c6:cb:a8:ef:b9:38:f8:e2:1f:02:24:92:19:
1c:4f:51:34:55:09:30:6c:02:fc:11:0b:a4:bc:79:
df:27:6c:80:20:ec:05:c4:33:ff:37:d9:28:b6:c1:
84:b1:65:22:fa:c8:3f:51:e1:70:cb:23:5d:76:7e:
10:20:2b:55:8a:fd:b9:cb:22:18:43:84:d7:69:97:
49:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:50:79:7F:56:68:F6:65:D7:92:33:BC:AA:F6:C7:3A:88:20:91:09
X509v3 Authority Key Identifier:
keyid:70:86:12:E8:70:3A:66:08:89:CA:0F:45:7C:F1:B4:D8:A0:D5:3B:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cIYS6HA6ZgiJyg9FfPG02KDVO00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/22b0fe-9dc8-4bef-a299-30097a246a9c/1/G1B5f1Zo9mXXkjO8qvbHOoggkQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/22b0fe-9dc8-4bef-a299-30097a246a9c/1/cIYS6HA6ZgiJyg9FfPG02KDVO00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.18.0/24
Signature Algorithm: sha256WithRSAEncryption
71:8f:71:aa:a1:de:48:20:10:03:49:9b:86:af:8e:fe:d5:e8:
0b:28:c6:ba:eb:8f:5e:b9:b6:f1:70:db:3e:39:06:20:e0:7c:
15:21:20:ad:29:30:03:e8:18:e7:af:c2:ab:48:ff:df:00:52:
ee:17:53:a6:f3:21:eb:97:17:33:f0:4d:ec:ed:4c:78:2e:95:
3f:5f:af:be:a6:58:62:ef:9e:18:80:8a:be:79:d6:e7:01:25:
a4:49:81:61:69:7e:9b:61:d6:1f:3f:d7:9e:ca:86:3f:3f:b3:
b6:76:99:98:8b:f3:ef:1e:de:c4:2d:50:4e:88:6b:6a:e9:91:
1b:ae:1c:e9:7e:f5:ca:09:f0:8d:1f:be:b0:f3:bc:26:63:b8:
0c:4e:bb:d1:d0:21:2a:2d:38:24:ad:18:82:0a:b5:de:d4:b4:
85:9a:ca:41:72:02:39:b2:37:20:16:43:83:5e:22:f1:80:1b:
b7:55:81:c8:ff:dc:ba:e9:7b:f7:da:5f:5f:71:c7:52:ed:89:
a8:de:c8:9f:b4:2e:89:e7:1f:09:a8:06:6b:c4:de:46:7e:a7:
96:fc:85:fa:a3:86:c5:e9:e8:35:2b:de:42:ba:bb:8b:35:ba:
b2:d3:39:99:54:99:4c:79:93:b5:28:21:0e:4a:15:a3:0d:a1:
65:6f:9d:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaG6JDLTvq9pNDVD5UfbmdFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwODYxMmU4NzAzYTY2MDg4OWNhMGY0NTdjZjFiNGQ4YTBk
NTNiNGQwHhcNMjUwNDMwMTMzNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjUwNzk3ZjU2NjhmNjY1ZDc5MjMzYmNhYWY2YzczYTg4MjA5MTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCWuzpi75eTgfGl95oyquTcvt5tK
6lJof9h/3aasiJ2vBM/j+NRY31MCI5XtgprlUGLXdEJ9iHD675yJr4OC4X1c1l+q
pTMwpDDVG6LXLg9AdZ6Su+GPhc+Ik0TuZfRuuHpXsmDatlWdy5YHoJ36NxRfY7Kr
uwCGWy8fRygEK2R+kJCz00yUT5EnTRHVm8UbxUua5K4bmUBQjWsgo+wclafLfsg7
IP2Y7vwFebC4RSDjLiFWt8bLqO+5OPjiHwIkkhkcT1E0VQkwbAL8EQukvHnfJ2yA
IOwFxDP/N9kotsGEsWUi+sg/UeFwyyNddn4QICtViv25yyIYQ4TXaZdJywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBtQeX9WaPZl15IzvKr2xzqIIJEJMB8GA1UdIwQY
MBaAFHCGEuhwOmYIicoPRXzxtNig1TtNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0lZUzZIQTZaZ2lKeWc5RmZQRzAyS0RWTzAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yMmIwZmUtOWRjOC00YmVmLWEyOTkt
MzAwOTdhMjQ2YTljLzEvRzFCNWYxWm85bVhYa2pPOHF2YkhPb2dna1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yMmIwZmUtOWRjOC00YmVmLWEyOTktMzAwOTdhMjQ2YTlj
LzEvY0lZUzZIQTZaZ2lKeWc5RmZQRzAyS0RWTzAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXcSMA0G
CSqGSIb3DQEBCwUAA4IBAQBxj3Gqod5IIBADSZuGr47+1egLKMa6649eubbxcNs+
OQYg4HwVISCtKTAD6Bjnr8KrSP/fAFLuF1Om8yHrlxcz8E3s7Ux4LpU/X6++plhi
754YgIq+edbnASWkSYFhaX6bYdYfP9eeyoY/P7O2dpmYi/PvHt7ELVBOiGtq6ZEb
rhzpfvXKCfCNH76w87wmY7gMTrvR0CEqLTgkrRiCCrXe1LSFmspBcgI5sjcgFkOD
XiLxgBu3VYHI/9y66Xv32l9fccdS7Ymo3siftC6J5x8JqAZrxN5GfqeW/IX6o4bF
6eg1K95CuruLNbqy0zmZVJlMeZO1KCEOShWjDaFlb50E
-----END CERTIFICATE-----
Generated at Sat May 10 09:56:23 2025 by rpki-client