Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/AThGgouxKv8fc_GjPfk1KTqcYJ8.roa
File: AThGgouxKv8fc_GjPfk1KTqcYJ8.roa (raw, json)
Hash identifier: pBwVTlstihKQTv02WIHNb7H+18sdn98VZXnJD5bJ+rM=
Subject key identifier: 01:38:46:82:8B:B1:2A:FF:1F:73:F1:A3:3D:F9:35:29:3A:9C:60:9F
Certificate issuer: /CN=0384e88fb79a3776cb0583e2b67a0bec6dfc68b8
Certificate serial: 01967EC3E92420F97A418BACCF2C3BF9FA53
Authority key identifier: 03:84:E8:8F:B7:9A:37:76:CB:05:83:E2:B6:7A:0B:EC:6D:FC:68:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A4Toj7eaN3bLBYPitnoL7G38aLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/AThGgouxKv8fc_GjPfk1KTqcYJ8.roa
Signing time: Mon 28 Apr 2025 23:38:10 +0000
ROA not before: Mon 28 Apr 2025 23:38:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6753
IP address blocks: 176.118.193.0/24 maxlen: 24
185.53.249.0/24 maxlen: 24
185.115.205.0/24 maxlen: 24
192.35.206.0/24 maxlen: 24
198.135.220.0/24 maxlen: 24
212.11.93.0/24 maxlen: 24
212.104.211.0/24 maxlen: 24
2a0c:a300::/29 maxlen: 29
2a12:ea80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/A4Toj7eaN3bLBYPitnoL7G38aLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/A4Toj7eaN3bLBYPitnoL7G38aLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/A4Toj7eaN3bLBYPitnoL7G38aLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 15 May 2025 14:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7e:c3:e9:24:20:f9:7a:41:8b:ac:cf:2c:3b:f9:fa:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0384e88fb79a3776cb0583e2b67a0bec6dfc68b8
Validity
Not Before: Apr 28 23:38:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=013846828bb12aff1f73f1a33df935293a9c609f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d5:17:2e:ff:50:b0:86:5d:18:ea:c6:be:39:
08:bc:fe:03:09:2e:c6:20:10:68:22:55:3a:4b:dd:
86:fb:aa:f0:8d:1b:f5:b4:bb:ec:b9:06:11:89:29:
08:ec:dd:7c:63:26:4e:52:09:73:cc:8c:58:ef:01:
e4:93:ea:ab:1b:4f:65:73:a8:a8:97:21:fe:5c:3a:
2b:33:77:a7:09:1e:6d:ab:8c:e5:20:36:27:ec:71:
c1:c1:ee:3e:5a:03:5b:09:68:34:32:b2:e5:1b:92:
5b:e6:3d:2f:82:7d:98:fd:a8:e4:00:5c:20:3f:d5:
fd:b5:d0:e7:72:bd:ed:14:9d:f5:99:c7:99:a9:07:
a7:c1:33:4f:71:e6:f4:ab:e6:0e:67:78:02:37:0d:
5e:83:c6:3a:06:d8:0e:b3:5b:54:1f:4f:9e:95:92:
24:a3:1d:74:d2:fd:50:4f:d7:08:b1:64:cc:b4:a4:
ab:f0:ee:72:f8:28:5b:4f:22:b4:ba:9f:1f:1f:c2:
1e:79:92:f3:9a:a9:cf:b0:31:e4:c5:18:77:81:3a:
df:32:7b:88:4a:49:9e:8b:7f:19:4c:b6:79:be:5f:
79:e7:4a:6f:64:ff:5e:5f:b1:33:b2:6f:f4:8f:df:
de:a6:0a:20:71:6d:05:0d:16:b3:6e:65:2e:eb:71:
e0:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:38:46:82:8B:B1:2A:FF:1F:73:F1:A3:3D:F9:35:29:3A:9C:60:9F
X509v3 Authority Key Identifier:
keyid:03:84:E8:8F:B7:9A:37:76:CB:05:83:E2:B6:7A:0B:EC:6D:FC:68:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A4Toj7eaN3bLBYPitnoL7G38aLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/AThGgouxKv8fc_GjPfk1KTqcYJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/A4Toj7eaN3bLBYPitnoL7G38aLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.118.193.0/24
185.53.249.0/24
185.115.205.0/24
192.35.206.0/24
198.135.220.0/24
212.11.93.0/24
212.104.211.0/24
IPv6:
2a0c:a300::/29
2a12:ea80::/29
Signature Algorithm: sha256WithRSAEncryption
4d:96:df:c4:8e:a3:71:b6:d0:6f:35:17:8d:d3:6d:87:28:03:
9b:c0:a0:7b:b1:27:79:d7:40:bc:93:5a:97:e6:01:45:30:67:
44:f9:6c:dc:00:ef:75:71:c5:58:41:59:83:07:cc:e8:5e:62:
f6:a9:3c:da:24:34:7b:31:4b:37:e3:f8:9e:47:d2:f9:ae:fc:
8a:2f:56:d0:a4:23:89:78:27:ef:a8:d9:4b:0f:eb:27:57:9a:
7a:8f:f6:55:d7:32:56:73:5b:49:46:f3:7e:ca:8a:db:0b:d7:
da:9c:5f:8f:8c:fc:35:a4:f2:13:c4:fb:a0:db:cd:02:4d:70:
eb:78:94:23:32:f2:9a:4a:de:5a:e3:ce:a7:c0:9b:5b:2e:4a:
7f:57:4a:86:cb:55:41:3b:44:02:ec:38:3f:e8:36:ea:06:2c:
f0:d5:64:3e:1e:01:8f:0f:18:1c:f4:ab:53:e1:d1:16:5d:a3:
1d:6f:6e:33:b1:1d:ac:3a:8f:6e:c4:86:2a:48:55:62:47:97:
f4:e3:b2:cd:c5:c5:fd:35:2f:1c:69:8a:0e:f6:e5:d0:1f:62:
3c:cc:a9:ec:b1:c2:0a:fa:2f:ef:30:b0:ed:a5:5e:b6:f6:0a:
d8:25:d5:59:92:1a:c1:e5:7f:92:15:c5:ce:86:e3:ed:f0:14:
af:9e:0c:91
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZZ+w+kkIPl6QYuszyw7+fpTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzODRlODhmYjc5YTM3NzZjYjA1ODNlMmI2N2EwYmVjNmRm
YzY4YjgwHhcNMjUwNDI4MjMzODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTM4NDY4MjhiYjEyYWZmMWY3M2YxYTMzZGY5MzUyOTNhOWM2MDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNUXLv9QsIZdGOrGvjkIvP4DCS7G
IBBoIlU6S92G+6rwjRv1tLvsuQYRiSkI7N18YyZOUglzzIxY7wHkk+qrG09lc6io
lyH+XDorM3enCR5tq4zlIDYn7HHBwe4+WgNbCWg0MrLlG5Jb5j0vgn2Y/ajkAFwg
P9X9tdDncr3tFJ31mceZqQenwTNPceb0q+YOZ3gCNw1eg8Y6BtgOs1tUH0+elZIk
ox100v1QT9cIsWTMtKSr8O5y+ChbTyK0up8fH8IeeZLzmqnPsDHkxRh3gTrfMnuI
Skmei38ZTLZ5vl9550pvZP9eX7Ezsm/0j9/epgogcW0FDRazbmUu63HgcwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFAE4RoKLsSr/H3Pxoz35NSk6nGCfMB8GA1UdIwQY
MBaAFAOE6I+3mjd2ywWD4rZ6C+xt/Gi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTRUb2o3ZWFOM2JMQllQaXRub0w3RzM4YUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS83YTAxNTEtY2UyMC00OGU2LTkwNTMt
MzMzYTM4NGQ0MTdkLzEvQVRoR2dvdXhLdjhmY19HalBmazFLVHFjWUo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS83YTAxNTEtY2UyMC00OGU2LTkwNTMtMzMzYTM4NGQ0MTdk
LzEvQTRUb2o3ZWFOM2JMQllQaXRub0w3RzM4YUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQAsHbBAwQA
uTX5AwQAuXPNAwQAwCPOAwQAxofcAwQA1AtdAwQA1GjTMBQEAgACMA4DBQMqDKMA
AwUDKhLqgDANBgkqhkiG9w0BAQsFAAOCAQEATZbfxI6jcbbQbzUXjdNthygDm8Cg
e7EneddAvJNal+YBRTBnRPls3ADvdXHFWEFZgwfM6F5i9qk82iQ0ezFLN+P4nkfS
+a78ii9W0KQjiXgn76jZSw/rJ1eaeo/2VdcyVnNbSUbzfsqK2wvX2pxfj4z8NaTy
E8T7oNvNAk1w63iUIzLymkreWuPOp8CbWy5Kf1dKhstVQTtEAuw4P+g26gYs8NVk
Ph4Bjw8YHPSrU+HRFl2jHW9uM7EdrDqPbsSGKkhVYkeX9OOyzcXF/TUvHGmKDvbl
0B9iPMyp7LHCCvov7zCw7aVetvYK2CXVWZIaweV/khXFzobj7fAUr54MkQ==
-----END CERTIFICATE-----
Generated at Wed May 14 20:38:09 2025 by rpki-client