Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1q15TtXvytVHjStfX_lL9tV9DVs.roa
File: 1q15TtXvytVHjStfX_lL9tV9DVs.roa (raw, json)
Hash identifier: w5d7SYBHMqnm/Qqyb8nFvT3J808OFmfopT33zLcfmNQ=
Subject key identifier: D6:AD:79:4E:D5:EF:CA:D5:47:8D:2B:5F:5F:F9:4B:F6:D5:7D:0D:5B
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01968A871657650986B381C8814646E2C098
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1q15TtXvytVHjStfX_lL9tV9DVs.roa
Signing time: Thu 01 May 2025 06:27:10 +0000
ROA not before: Thu 01 May 2025 06:27:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203061
IP address blocks: 185.239.244.0/24 maxlen: 24
185.239.246.0/23 maxlen: 23
185.244.105.0/24 maxlen: 24
185.246.236.0/22 maxlen: 24
185.254.16.0/24 maxlen: 24
185.254.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 22:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8a:87:16:57:65:09:86:b3:81:c8:81:46:46:e2:c0:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: May 1 06:27:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6ad794ed5efcad5478d2b5f5ff94bf6d57d0d5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1f:0b:dd:bc:cf:20:87:d0:37:eb:a5:0b:0b:
ad:35:d9:cd:fc:de:c2:d0:9b:a6:3d:26:39:fc:74:
2b:c8:48:fa:9e:21:ef:22:bd:5d:f9:74:c7:c4:25:
1a:12:c4:09:79:c4:b3:2a:15:6b:4e:6c:3b:6b:c4:
d9:d3:3f:eb:cd:e9:b5:fc:61:0a:8a:b5:b0:78:2a:
d1:b4:fc:54:62:a6:97:4f:22:8a:7b:de:f9:68:0e:
55:60:af:19:34:3b:4a:c0:f3:fb:c8:4a:ef:73:8c:
33:c4:a1:cf:ae:e6:9b:cc:15:ab:7f:f1:c9:00:27:
3c:2f:6a:a2:08:05:28:c6:eb:e2:e8:14:e1:f7:d4:
91:e9:4a:e1:28:97:bf:f5:5d:9b:0e:49:d6:be:80:
3d:49:09:a6:f9:67:b5:ec:f6:b9:49:48:fd:5e:26:
50:cf:f7:80:0c:65:ca:f3:93:52:c3:29:5c:b3:3c:
ba:42:16:96:f8:be:30:1d:85:c0:74:69:96:3d:ff:
af:3b:9f:db:a6:63:6e:b9:c2:99:1f:2f:c2:3d:82:
13:19:fa:92:33:e3:df:a9:a3:0d:f9:01:02:ae:e4:
1a:5c:55:bb:b3:47:74:c4:9b:d0:e3:61:fa:50:5b:
6f:0c:f4:da:a1:c9:f6:28:40:06:84:48:b1:78:0b:
55:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:AD:79:4E:D5:EF:CA:D5:47:8D:2B:5F:5F:F9:4B:F6:D5:7D:0D:5B
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1q15TtXvytVHjStfX_lL9tV9DVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.244.0/24
185.239.246.0/23
185.244.105.0/24
185.246.236.0/22
185.254.16.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:4c:1e:8a:d1:41:50:e9:6a:68:18:a5:8f:20:aa:a3:e3:4d:
99:08:9c:ea:30:cb:38:16:84:1a:9a:d9:11:95:8c:28:af:30:
32:14:03:6e:50:31:82:6c:9f:8a:de:5d:a2:ad:8f:72:66:83:
96:f9:4d:9a:27:b7:65:39:84:40:5d:46:ba:be:2b:ca:e6:f1:
73:cf:77:c6:fe:50:aa:4c:07:7d:6d:7e:b3:f6:79:ca:5c:a7:
0f:e0:93:7e:91:f0:ed:2e:ec:d4:44:b8:06:7e:75:d7:97:87:
0f:20:88:50:be:30:d4:1c:f9:de:03:c0:83:a8:cb:71:11:69:
78:2a:19:63:88:62:c1:e0:41:5a:fe:a7:bf:d0:ef:b5:ee:22:
e0:91:97:c7:12:89:93:8d:49:96:47:29:b9:45:f8:54:47:14:
1e:83:7d:64:a1:a7:df:0e:8e:4b:dd:94:f1:ec:6b:24:d4:e9:
fb:4b:e5:9e:c4:31:f5:6a:91:94:21:a4:ae:9b:42:ec:39:fa:
51:68:b2:58:52:6c:5f:35:7b:95:75:60:e0:49:67:8a:6c:53:
96:5c:89:87:ba:4b:03:bc:8e:ed:e1:12:cc:1a:3a:1d:0b:ca:
9b:78:cb:fb:c9:0b:8d:41:93:b2:a8:85:92:e2:0c:0c:94:06:
af:98:f2:38
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZaKhxZXZQmGs4HIgUZG4sCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNTAxMDYyNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmFkNzk0ZWQ1ZWZjYWQ1NDc4ZDJiNWY1ZmY5NGJmNmQ1N2QwZDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtR8L3bzPIIfQN+ulCwutNdnN/N7C
0JumPSY5/HQryEj6niHvIr1d+XTHxCUaEsQJecSzKhVrTmw7a8TZ0z/rzem1/GEK
irWweCrRtPxUYqaXTyKKe975aA5VYK8ZNDtKwPP7yErvc4wzxKHPruabzBWrf/HJ
ACc8L2qiCAUoxuvi6BTh99SR6UrhKJe/9V2bDknWvoA9SQmm+We17Pa5SUj9XiZQ
z/eADGXK85NSwylcszy6QhaW+L4wHYXAdGmWPf+vO5/bpmNuucKZHy/CPYITGfqS
M+PfqaMN+QECruQaXFW7s0d0xJvQ42H6UFtvDPTaocn2KEAGhEixeAtV5wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNateU7V78rVR40rX1/5S/bVfQ1bMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvMXExNVR0WHZ5dFZIalN0ZlhfbEw5dFY5RFZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAue/0AwQB
ue/2AwQAufRpAwQCufbsAwQBuf4QMA0GCSqGSIb3DQEBCwUAA4IBAQCxTB6K0UFQ
6WpoGKWPIKqj402ZCJzqMMs4FoQamtkRlYworzAyFANuUDGCbJ+K3l2irY9yZoOW
+U2aJ7dlOYRAXUa6vivK5vFzz3fG/lCqTAd9bX6z9nnKXKcP4JN+kfDtLuzURLgG
fnXXl4cPIIhQvjDUHPneA8CDqMtxEWl4KhljiGLB4EFa/qe/0O+17iLgkZfHEomT
jUmWRym5RfhURxQeg31koaffDo5L3ZTx7Gsk1On7S+WexDH1apGUIaSum0LsOfpR
aLJYUmxfNXuVdWDgSWeKbFOWXImHuksDvI7t4RLMGjodC8qbeMv7yQuNQZOyqIWS
4gwMlAavmPI4
-----END CERTIFICATE-----
Generated at Wed May 14 06:46:18 2025 by rpki-client