Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/dXP8cJmIFG4IZHCqza00IVtVWSE.roa
File: dXP8cJmIFG4IZHCqza00IVtVWSE.roa (raw, json)
Hash identifier: +w3l3aIBZ9hXLATQFyn+3KPTt55ZaevJCbvRlNbG/wI=
Subject key identifier: 75:73:FC:70:99:88:14:6E:08:64:70:AA:CD:AD:34:21:5B:55:59:21
Certificate issuer: /CN=617cd8d48b5d15667bf131396d4a6c59d7d167c0
Certificate serial: 0196AF1683C6DD66A3D7913306425514A703
Authority key identifier: 61:7C:D8:D4:8B:5D:15:66:7B:F1:31:39:6D:4A:6C:59:D7:D1:67:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/dXP8cJmIFG4IZHCqza00IVtVWSE.roa
Signing time: Thu 08 May 2025 08:50:10 +0000
ROA not before: Thu 08 May 2025 08:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200596
IP address blocks: 85.184.228.0/22 maxlen: 24
135.84.148.0/22 maxlen: 24
147.12.16.0/20 maxlen: 24
185.101.196.0/22 maxlen: 24
2a00:5ea0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 15:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:af:16:83:c6:dd:66:a3:d7:91:33:06:42:55:14:a7:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=617cd8d48b5d15667bf131396d4a6c59d7d167c0
Validity
Not Before: May 8 08:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7573fc709988146e086470aacdad34215b555921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:73:93:fb:5c:5b:e8:da:d2:41:d7:86:aa:fe:
bf:d9:2a:91:cb:15:06:7c:6e:a2:02:4d:52:e1:23:
44:6a:ab:bc:95:77:a6:5c:98:fd:24:f4:c7:f5:49:
d9:c7:45:3c:7e:07:74:08:0c:23:20:e8:a8:4c:d3:
49:55:00:5b:d7:19:53:69:fa:56:af:df:5b:1d:b5:
da:33:89:d6:fd:50:16:29:d1:4c:4e:2f:5d:84:a4:
19:0e:b8:55:2b:06:90:f1:ea:0b:f5:12:8d:15:fc:
ec:29:e2:d9:c1:64:9f:82:70:29:dc:5d:3f:e1:15:
ad:ab:e8:3a:4b:02:bc:13:32:79:f9:dd:0d:83:a1:
cc:b2:15:f1:97:f5:2f:c6:4c:43:41:37:a4:d5:a4:
8a:06:eb:e8:91:a4:7c:d4:38:87:77:64:f8:02:46:
b2:a0:90:d7:f5:32:53:4d:fa:9b:5c:63:55:98:22:
c1:ff:36:2a:c7:ad:65:6a:33:1b:31:8d:40:55:b8:
c1:c6:70:6e:cd:e0:43:fb:1e:eb:87:76:7b:98:9a:
db:10:47:5b:57:d9:27:b7:67:f6:2e:2f:ea:91:48:
1f:c8:b5:5a:bb:9a:a1:41:26:e1:f6:01:13:06:69:
45:aa:e7:7d:ab:a7:7d:e9:04:d9:28:da:39:a3:fb:
8f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:73:FC:70:99:88:14:6E:08:64:70:AA:CD:AD:34:21:5B:55:59:21
X509v3 Authority Key Identifier:
keyid:61:7C:D8:D4:8B:5D:15:66:7B:F1:31:39:6D:4A:6C:59:D7:D1:67:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/dXP8cJmIFG4IZHCqza00IVtVWSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.184.228.0/22
135.84.148.0/22
147.12.16.0/20
185.101.196.0/22
IPv6:
2a00:5ea0::/29
Signature Algorithm: sha256WithRSAEncryption
0c:8f:dc:a4:19:e0:f2:2a:06:cf:31:c1:eb:c6:f8:80:c8:5b:
6e:26:58:1f:18:c8:b7:27:db:cf:2d:5d:72:21:af:fc:ce:24:
df:1c:12:de:83:00:22:65:91:6a:3d:a0:d3:4d:eb:fd:36:5a:
5a:c9:d9:e4:2f:c5:8c:e6:ee:7c:fe:a3:bf:9a:62:0a:9d:32:
3a:3b:b8:55:a4:c5:26:27:6f:cd:8e:28:77:ea:e3:1c:11:ce:
c2:59:f9:b5:89:cd:2a:3b:5e:05:08:95:57:ea:07:a6:88:99:
3f:02:c3:98:2d:d5:8b:b8:6e:8c:bb:0f:83:74:bd:92:ec:aa:
8a:6f:c3:12:2d:0a:40:a6:40:29:ce:de:a3:7a:9e:08:de:bd:
83:04:77:d6:4f:06:d8:80:47:9b:99:3b:27:5a:7c:45:e8:2e:
90:6f:1d:b0:6b:20:72:37:c3:56:42:fa:f1:5a:04:f3:84:99:
e2:10:ef:b6:ee:88:6f:39:70:06:8c:35:eb:2d:6d:e0:d1:a4:
d0:80:c9:12:75:51:fe:46:14:8b:09:c5:87:58:2b:41:44:64:
e5:4e:e6:14:e2:15:7d:3f:8e:8f:03:e0:d6:02:46:90:aa:d9:
89:39:81:a6:dd:e2:ca:9f:ed:56:0f:7a:af:12:1c:9b:a9:7f:
d3:97:61:2e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZavFoPG3Waj15EzBkJVFKcDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxN2NkOGQ0OGI1ZDE1NjY3YmYxMzEzOTZkNGE2YzU5ZDdk
MTY3YzAwHhcNMjUwNTA4MDg1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTczZmM3MDk5ODgxNDZlMDg2NDcwYWFjZGFkMzQyMTViNTU1OTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3OT+1xb6NrSQdeGqv6/2SqRyxUG
fG6iAk1S4SNEaqu8lXemXJj9JPTH9UnZx0U8fgd0CAwjIOioTNNJVQBb1xlTafpW
r99bHbXaM4nW/VAWKdFMTi9dhKQZDrhVKwaQ8eoL9RKNFfzsKeLZwWSfgnAp3F0/
4RWtq+g6SwK8EzJ5+d0Ng6HMshXxl/UvxkxDQTek1aSKBuvokaR81DiHd2T4Akay
oJDX9TJTTfqbXGNVmCLB/zYqx61lajMbMY1AVbjBxnBuzeBD+x7rh3Z7mJrbEEdb
V9knt2f2Li/qkUgfyLVau5qhQSbh9gETBmlFqud9q6d96QTZKNo5o/uPSwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHVz/HCZiBRuCGRwqs2tNCFbVVkhMB8GA1UdIwQY
MBaAFGF82NSLXRVme/ExOW1KbFnX0WfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVh6WTFJdGRGV1o3OFRFNWJVcHNXZGZSWjhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8xMDVlMjMtNmNlNi00Y2UwLTkzZmEt
YmY2ZTk3ZGRkMDc5LzEvZFhQOGNKbUlGRzRJWkhDcXphMDBJVnRWV1NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8xMDVlMjMtNmNlNi00Y2UwLTkzZmEtYmY2ZTk3ZGRkMDc5
LzEvWVh6WTFJdGRGV1o3OFRFNWJVcHNXZGZSWjhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCVbjkAwQC
h1SUAwQEkwwQAwQCuWXEMA0EAgACMAcDBQMqAF6gMA0GCSqGSIb3DQEBCwUAA4IB
AQAMj9ykGeDyKgbPMcHrxviAyFtuJlgfGMi3J9vPLV1yIa/8ziTfHBLegwAiZZFq
PaDTTev9NlpaydnkL8WM5u58/qO/mmIKnTI6O7hVpMUmJ2/Njih36uMcEc7CWfm1
ic0qO14FCJVX6gemiJk/AsOYLdWLuG6Muw+DdL2S7KqKb8MSLQpApkApzt6jep4I
3r2DBHfWTwbYgEebmTsnWnxF6C6Qbx2wayByN8NWQvrxWgTzhJniEO+27ohvOXAG
jDXrLW3g0aTQgMkSdVH+RhSLCcWHWCtBRGTlTuYU4hV9P46PA+DWAkaQqtmJOYGm
3eLKn+1WD3qvEhybqX/Tl2Eu
-----END CERTIFICATE-----
Generated at Thu May 8 23:02:14 2025 by rpki-client