Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2acb8f-222f-4473-9205-1390a2d99e0b/1/1-zM-AxIs8xBhVggB7kaXu3nKz6g.roa
File: 1-zM-AxIs8xBhVggB7kaXu3nKz6g.roa (raw, json)
Hash identifier: LftIky1Ihf5BPrdrifEnWJNrxUQ7AoG9kgjyQfCqmf0=
Subject key identifier: FB:33:3E:03:12:2C:F3:10:61:56:08:01:EE:46:97:BB:79:CA:CF:A8
Certificate issuer: /CN=4f73b056f8d0fa996d6833c30b1fd78e7d979ac4
Certificate serial: 0196AB0FA1B0DBA317CC8F7E6844339DEAA5
Authority key identifier: 4F:73:B0:56:F8:D0:FA:99:6D:68:33:C3:0B:1F:D7:8E:7D:97:9A:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T3OwVvjQ-pltaDPDCx_Xjn2XmsQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2acb8f-222f-4473-9205-1390a2d99e0b/1/1-zM-AxIs8xBhVggB7kaXu3nKz6g.roa
Signing time: Wed 07 May 2025 14:04:10 +0000
ROA not before: Wed 07 May 2025 14:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204970
IP address blocks: 185.231.104.0/22 maxlen: 24
185.231.104.0/23 maxlen: 23
185.231.106.0/23 maxlen: 23
2a0c:5b00::/29 maxlen: 29
2a0c:5b00::/30 maxlen: 30
2a0c:5b04::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2acb8f-222f-4473-9205-1390a2d99e0b/1/T3OwVvjQ-pltaDPDCx_Xjn2XmsQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/2acb8f-222f-4473-9205-1390a2d99e0b/1/T3OwVvjQ-pltaDPDCx_Xjn2XmsQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/T3OwVvjQ-pltaDPDCx_Xjn2XmsQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ab:0f:a1:b0:db:a3:17:cc:8f:7e:68:44:33:9d:ea:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f73b056f8d0fa996d6833c30b1fd78e7d979ac4
Validity
Not Before: May 7 14:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb333e03122cf31061560801ee4697bb79cacfa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:95:4d:c1:9a:38:64:8d:1e:e9:e3:65:c7:20:
73:d2:8c:24:f9:c5:b9:d0:b0:8c:33:88:4b:a1:0e:
85:a8:35:3a:18:2d:cf:5f:8b:15:67:1a:1c:3d:4c:
89:96:e8:ff:8d:c4:01:45:8e:91:da:d9:bc:bb:d8:
0a:65:f7:bf:f0:b7:c4:d8:74:46:18:fb:49:8c:70:
99:22:bb:12:cf:c3:e7:28:4b:75:ba:27:70:a1:0f:
8f:96:e0:25:01:22:64:4d:3e:64:5d:3d:5d:25:03:
21:ec:8a:5d:15:d8:25:a6:e1:d0:59:0c:ac:32:97:
23:8a:71:44:26:75:c6:89:4d:8b:97:cb:9b:76:b3:
dc:62:f5:5e:22:d0:c4:c9:aa:2c:a6:ca:fb:eb:12:
65:50:e7:0c:d0:40:e7:c5:26:5e:df:b5:09:2f:8e:
e6:ac:bb:c2:25:ff:5e:5a:81:53:34:39:4a:77:55:
1e:b1:95:d0:6d:ca:e6:6b:9c:a3:19:d3:91:a4:f4:
33:3f:0d:a8:23:75:d4:3e:04:22:e3:dd:6f:70:36:
48:a1:1e:88:9d:a8:ca:fc:2a:8c:b8:88:5d:57:c9:
cc:09:bd:c4:25:91:a1:3e:18:cb:15:bc:31:67:b5:
f9:ec:43:e3:a5:74:d3:80:a5:65:4e:76:93:f3:5e:
2c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:33:3E:03:12:2C:F3:10:61:56:08:01:EE:46:97:BB:79:CA:CF:A8
X509v3 Authority Key Identifier:
keyid:4F:73:B0:56:F8:D0:FA:99:6D:68:33:C3:0B:1F:D7:8E:7D:97:9A:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T3OwVvjQ-pltaDPDCx_Xjn2XmsQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2acb8f-222f-4473-9205-1390a2d99e0b/1/1-zM-AxIs8xBhVggB7kaXu3nKz6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2acb8f-222f-4473-9205-1390a2d99e0b/1/T3OwVvjQ-pltaDPDCx_Xjn2XmsQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.104.0/22
IPv6:
2a0c:5b00::/29
Signature Algorithm: sha256WithRSAEncryption
03:f7:12:02:63:47:1c:c2:6d:08:1a:73:8c:5e:d7:aa:a1:2c:
cc:d2:e8:eb:db:2a:0c:57:dc:cf:74:62:09:b8:31:9f:f2:ea:
d7:3a:c9:df:2a:89:45:ef:73:e0:7b:af:09:be:46:ef:a3:99:
c1:4a:d2:42:aa:71:74:2f:79:d9:8f:de:7a:8b:f7:a1:98:a9:
11:a1:dd:4f:19:5f:58:47:9f:42:e1:21:85:2c:9a:15:d6:50:
f7:21:85:a3:c2:f2:a8:d9:0c:5e:a8:b8:06:e1:3a:b1:b7:2a:
f0:e6:b3:f9:f6:b1:51:be:40:4b:c3:11:d3:ae:d4:57:e9:1f:
84:83:e8:b8:8d:3f:75:f1:3f:5e:66:7e:64:90:fc:4f:1c:2f:
d4:b2:da:06:52:bf:82:63:73:b4:b1:8a:92:08:38:34:29:59:
04:8d:88:48:45:38:87:96:61:a3:c7:93:40:ae:a7:c1:7c:bc:
00:5a:fe:08:35:a7:0a:d4:bb:7d:5c:cb:f4:4f:86:61:25:5f:
3d:b3:a4:47:44:93:8c:e2:a9:cc:a3:bc:2c:83:d5:89:91:b3:
33:47:12:a3:c8:15:97:4a:15:23:85:04:b1:c1:eb:2e:c3:cd:
60:3f:e7:bf:99:4b:b3:ea:aa:50:69:02:43:d0:bb:9c:24:87:
1a:f4:de:39
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZarD6Gw26MXzI9+aEQzneqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmNzNiMDU2ZjhkMGZhOTk2ZDY4MzNjMzBiMWZkNzhlN2Q5
NzlhYzQwHhcNMjUwNTA3MTQwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjMzM2UwMzEyMmNmMzEwNjE1NjA4MDFlZTQ2OTdiYjc5Y2FjZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ZVNwZo4ZI0e6eNlxyBz0owk+cW5
0LCMM4hLoQ6FqDU6GC3PX4sVZxocPUyJluj/jcQBRY6R2tm8u9gKZfe/8LfE2HRG
GPtJjHCZIrsSz8PnKEt1uidwoQ+PluAlASJkTT5kXT1dJQMh7IpdFdglpuHQWQys
MpcjinFEJnXGiU2Ll8ubdrPcYvVeItDEyaospsr76xJlUOcM0EDnxSZe37UJL47m
rLvCJf9eWoFTNDlKd1UesZXQbcrma5yjGdORpPQzPw2oI3XUPgQi491vcDZIoR6I
najK/CqMuIhdV8nMCb3EJZGhPhjLFbwxZ7X57EPjpXTTgKVlTnaT814sLwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPszPgMSLPMQYVYIAe5Gl7t5ys+oMB8GA1UdIwQY
MBaAFE9zsFb40PqZbWgzwwsf1459l5rEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDNPd1Z2alEtcGx0YURQREN4X1hqbjJYbXNRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yYWNiOGYtMjIyZi00NDczLTkyMDUt
MTM5MGEyZDk5ZTBiLzEvMS16TS1BeElzOHhCaFZnZ0I3a2FYdTNuS3o2Zy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2IvMmFjYjhmLTIyMmYtNDQ3My05MjA1LTEzOTBhMmQ5OWUw
Yi8xL1QzT3dWdmpRLXBsdGFEUERDeF9Yam4yWG1zUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnnaDAN
BAIAAjAHAwUDKgxbADANBgkqhkiG9w0BAQsFAAOCAQEAA/cSAmNHHMJtCBpzjF7X
qqEszNLo69sqDFfcz3RiCbgxn/Lq1zrJ3yqJRe9z4HuvCb5G76OZwUrSQqpxdC95
2Y/eeov3oZipEaHdTxlfWEefQuEhhSyaFdZQ9yGFo8LyqNkMXqi4BuE6sbcq8Oaz
+faxUb5AS8MR067UV+kfhIPouI0/dfE/XmZ+ZJD8Txwv1LLaBlK/gmNztLGKkgg4
NClZBI2ISEU4h5Zho8eTQK6nwXy8AFr+CDWnCtS7fVzL9E+GYSVfPbOkR0STjOKp
zKO8LIPViZGzM0cSo8gVl0oVI4UEscHrLsPNYD/nv5lLs+qqUGkCQ9C7nCSHGvTe
OQ==
-----END CERTIFICATE-----
Generated at Sat May 10 17:05:25 2025 by rpki-client