Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/0fae2f-2691-4c7e-a018-99d7252f5be0/1/a7s4IVc6pbucBFcHXkR0racHnFI.roa
File: a7s4IVc6pbucBFcHXkR0racHnFI.roa (raw, json)
Hash identifier: 8KV2P9IHJpLQQ3jZXVSSowUOoz10VVeNpPastctIMEs=
Subject key identifier: 6B:BB:38:21:57:3A:A5:BB:9C:04:57:07:5E:44:74:AD:A7:07:9C:52
Certificate issuer: /CN=ac7be92dbfe3856156406fa725e15df5988e5c10
Certificate serial: 019420D62EF62A505AFCDA198E4FFF97703B
Authority key identifier: AC:7B:E9:2D:BF:E3:85:61:56:40:6F:A7:25:E1:5D:F5:98:8E:5C:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rHvpLb_jhWFWQG-nJeFd9ZiOXBA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/0fae2f-2691-4c7e-a018-99d7252f5be0/1/a7s4IVc6pbucBFcHXkR0racHnFI.roa
Signing time: Wed 01 Jan 2025 07:48:15 +0000
ROA not before: Wed 01 Jan 2025 07:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60999
IP address blocks: 185.90.168.0/22 maxlen: 22
185.90.168.0/24 maxlen: 24
185.90.169.0/24 maxlen: 24
185.90.170.0/24 maxlen: 24
185.90.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/0fae2f-2691-4c7e-a018-99d7252f5be0/1/rHvpLb_jhWFWQG-nJeFd9ZiOXBA.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/0fae2f-2691-4c7e-a018-99d7252f5be0/1/rHvpLb_jhWFWQG-nJeFd9ZiOXBA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rHvpLb_jhWFWQG-nJeFd9ZiOXBA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 07:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:2e:f6:2a:50:5a:fc:da:19:8e:4f:ff:97:70:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac7be92dbfe3856156406fa725e15df5988e5c10
Validity
Not Before: Jan 1 07:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bbb3821573aa5bb9c0457075e4474ada7079c52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:78:c7:9d:91:38:6e:1f:16:cf:2b:d1:f3:57:
17:6c:e1:f3:59:fd:a7:1e:88:73:57:cd:fb:fa:0f:
e1:0e:e4:fb:ac:64:a7:62:f0:79:9d:9e:2e:4d:dc:
08:0c:1f:69:e5:b6:b5:67:21:77:03:9c:9e:51:62:
01:f8:2c:4d:19:ff:e3:36:18:ae:53:66:38:8a:97:
76:f4:a5:ad:36:c0:e7:25:15:52:fb:c4:98:fd:a5:
ca:6c:f0:33:93:23:1f:a7:e9:37:5d:cc:3e:f6:67:
5f:c2:27:18:46:86:76:ff:79:50:fa:ee:e7:7a:e0:
fc:e1:8f:73:88:f8:1c:1f:21:53:43:9b:bf:12:32:
8a:98:93:1d:da:91:da:42:f8:85:39:de:9c:8d:a3:
28:33:7f:b1:3e:fa:8e:68:5f:02:da:13:de:56:c7:
e0:16:d5:55:78:a7:64:e5:84:00:fb:39:74:4b:9f:
16:13:d2:74:35:51:cc:db:61:2f:75:85:8e:1d:08:
21:ea:9e:3d:85:1d:91:93:74:f1:db:e4:db:35:a6:
ad:de:6c:8b:76:68:ff:98:75:db:47:bb:ea:bf:e4:
77:d7:11:2c:d6:38:09:43:c8:ea:79:ca:2c:81:05:
d7:fe:c9:1a:bf:04:c9:71:b3:18:d9:51:d6:2f:aa:
31:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:BB:38:21:57:3A:A5:BB:9C:04:57:07:5E:44:74:AD:A7:07:9C:52
X509v3 Authority Key Identifier:
keyid:AC:7B:E9:2D:BF:E3:85:61:56:40:6F:A7:25:E1:5D:F5:98:8E:5C:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHvpLb_jhWFWQG-nJeFd9ZiOXBA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0fae2f-2691-4c7e-a018-99d7252f5be0/1/a7s4IVc6pbucBFcHXkR0racHnFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0fae2f-2691-4c7e-a018-99d7252f5be0/1/rHvpLb_jhWFWQG-nJeFd9ZiOXBA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.168.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:69:2c:89:f7:ff:3d:9a:88:10:cb:ae:81:16:bd:f0:00:4f:
01:60:35:79:a7:bd:32:1b:37:bb:27:a5:ed:aa:9b:54:13:72:
3c:b3:01:2b:e9:f0:db:b9:bf:39:4a:8d:2b:9a:af:4a:9a:ab:
9e:6b:76:b4:0e:37:64:56:2e:5b:ef:36:f4:f8:47:56:62:c0:
12:b6:b8:6a:d1:ab:c7:d2:8d:bc:77:e2:a7:43:2b:7a:43:30:
e5:ba:c2:fa:fa:33:1e:ba:91:a2:66:f1:a8:41:72:97:0a:6a:
3b:25:2a:fe:74:f4:10:f6:8d:6a:76:73:c9:eb:18:7e:da:1a:
be:69:5a:75:07:dc:63:de:7c:ba:39:a7:65:31:41:a8:55:36:
9b:d4:0c:1f:9c:14:d0:a1:40:2c:a3:fb:07:87:3b:1c:c2:cb:
fe:8a:72:b1:46:b5:32:e1:77:dd:46:8b:95:02:47:f6:b5:b0:
0e:c4:00:bb:24:6c:ad:f3:d6:2b:e4:2e:90:91:55:1b:b7:9b:
8f:96:23:f5:6c:8e:b5:ea:fd:3a:2a:02:1e:33:e7:af:61:0f:
bd:b4:5e:db:8f:76:bb:93:b8:e6:96:29:7a:99:b0:3d:de:33:
c1:5f:be:5a:68:c8:6b:5b:ec:3b:13:6b:c4:5a:17:7b:b2:8f:
da:48:ca:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1i72KlBa/NoZjk//l3A7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjN2JlOTJkYmZlMzg1NjE1NjQwNmZhNzI1ZTE1ZGY1OTg4
ZTVjMTAwHhcNMjUwMTAxMDc0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmJiMzgyMTU3M2FhNWJiOWMwNDU3MDc1ZTQ0NzRhZGE3MDc5YzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3jHnZE4bh8WzyvR81cXbOHzWf2n
HohzV837+g/hDuT7rGSnYvB5nZ4uTdwIDB9p5ba1ZyF3A5yeUWIB+CxNGf/jNhiu
U2Y4ipd29KWtNsDnJRVS+8SY/aXKbPAzkyMfp+k3Xcw+9mdfwicYRoZ2/3lQ+u7n
euD84Y9ziPgcHyFTQ5u/EjKKmJMd2pHaQviFOd6cjaMoM3+xPvqOaF8C2hPeVsfg
FtVVeKdk5YQA+zl0S58WE9J0NVHM22EvdYWOHQgh6p49hR2Rk3Tx2+TbNaat3myL
dmj/mHXbR7vqv+R31xEs1jgJQ8jqecosgQXX/skavwTJcbMY2VHWL6oxpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGu7OCFXOqW7nARXB15EdK2nB5xSMB8GA1UdIwQY
MBaAFKx76S2/44VhVkBvpyXhXfWYjlwQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckh2cExiX2poV0ZXUUctbkplRmQ5WmlPWEJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8wZmFlMmYtMjY5MS00YzdlLWEwMTgt
OTlkNzI1MmY1YmUwLzEvYTdzNElWYzZwYnVjQkZjSFhrUjByYWNIbkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8wZmFlMmYtMjY5MS00YzdlLWEwMTgtOTlkNzI1MmY1YmUw
LzEvckh2cExiX2poV0ZXUUctbkplRmQ5WmlPWEJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVqoMA0G
CSqGSIb3DQEBCwUAA4IBAQAcaSyJ9/89mogQy66BFr3wAE8BYDV5p70yGze7J6Xt
qptUE3I8swEr6fDbub85So0rmq9Kmquea3a0DjdkVi5b7zb0+EdWYsAStrhq0avH
0o28d+KnQyt6QzDlusL6+jMeupGiZvGoQXKXCmo7JSr+dPQQ9o1qdnPJ6xh+2hq+
aVp1B9xj3ny6OadlMUGoVTab1AwfnBTQoUAso/sHhzscwsv+inKxRrUy4XfdRouV
Akf2tbAOxAC7JGyt89Yr5C6QkVUbt5uPliP1bI616v06KgIeM+evYQ+9tF7bj3a7
k7jmlil6mbA93jPBX75aaMhrW+w7E2vEWhd7so/aSMoX
-----END CERTIFICATE-----
Generated at Mon Apr 28 16:01:33 2025 by rpki-client