Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/344d24-2e11-466d-8ade-38e846148c78/1/CSSEySfg-kMM1glbJN0lrihqMrE.roa
File: CSSEySfg-kMM1glbJN0lrihqMrE.roa (raw, json)
Hash identifier: i80/t4BIajLc8cgICSb9zNCBrmIiB9z2e81bg2ShuPY=
Subject key identifier: 09:24:84:C9:27:E0:FA:43:0C:D6:09:5B:24:DD:25:AE:28:6A:32:B1
Certificate issuer: /CN=1aa0a328c6fe0f1bca5e6599042dff59e513b25d
Certificate serial: 01959537FEFF1BD2355C80DC91331D0489DA
Authority key identifier: 1A:A0:A3:28:C6:FE:0F:1B:CA:5E:65:99:04:2D:FF:59:E5:13:B2:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GqCjKMb-DxvKXmWZBC3_WeUTsl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/344d24-2e11-466d-8ade-38e846148c78/1/CSSEySfg-kMM1glbJN0lrihqMrE.roa
Signing time: Fri 14 Mar 2025 15:13:49 +0000
ROA not before: Fri 14 Mar 2025 15:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210771
IP address blocks: 185.208.144.0/24 maxlen: 24
185.208.145.0/24 maxlen: 24
185.208.147.0/24 maxlen: 24
185.252.5.0/24 maxlen: 24
185.252.6.0/24 maxlen: 24
185.252.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/344d24-2e11-466d-8ade-38e846148c78/1/GqCjKMb-DxvKXmWZBC3_WeUTsl0.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/344d24-2e11-466d-8ade-38e846148c78/1/GqCjKMb-DxvKXmWZBC3_WeUTsl0.mft
rsync://rpki.ripe.net/repository/DEFAULT/GqCjKMb-DxvKXmWZBC3_WeUTsl0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 06:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:95:37:fe:ff:1b:d2:35:5c:80:dc:91:33:1d:04:89:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aa0a328c6fe0f1bca5e6599042dff59e513b25d
Validity
Not Before: Mar 14 15:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=092484c927e0fa430cd6095b24dd25ae286a32b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:58:ee:0f:a2:55:d4:31:8d:33:27:ac:91:c9:
68:e8:63:87:e6:0b:b5:5f:dd:89:79:96:ab:4d:b2:
14:0a:ab:e1:8e:90:d1:c9:56:7b:db:3a:e7:e6:d5:
18:a2:e8:f1:b6:d4:e6:43:cf:68:25:94:ef:44:f6:
ad:bc:4b:d0:59:c1:bd:c5:75:8c:db:4f:bb:0b:44:
31:06:5e:4e:11:8b:b6:c2:c7:a1:1e:e2:e4:ca:9a:
05:8d:8d:6f:3a:33:cf:da:a0:3a:3b:9a:0d:69:52:
10:95:8d:3c:37:73:a1:b7:59:27:17:7c:33:b6:bb:
8d:5d:28:98:07:63:cd:75:8b:71:98:4d:ed:35:e3:
8e:9b:3d:9b:79:03:98:29:1d:02:41:1b:c1:9a:0a:
92:18:1f:c1:b7:5d:84:03:71:dd:82:8f:5f:d7:82:
95:53:12:2a:67:fa:48:1d:62:c9:70:79:be:9c:26:
94:3f:e1:bd:73:85:65:a3:c0:7a:9b:93:21:3a:48:
28:77:ca:e6:19:6a:40:8a:dc:15:b4:d6:b5:fa:59:
e7:b7:7a:fa:e2:c8:bc:4b:cb:bd:ed:25:78:03:60:
50:b4:e9:d9:70:e9:87:e2:54:5a:54:81:f4:c1:36:
fc:46:f2:f7:a7:6d:5e:c9:0b:40:e3:a0:57:d9:fe:
5b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:24:84:C9:27:E0:FA:43:0C:D6:09:5B:24:DD:25:AE:28:6A:32:B1
X509v3 Authority Key Identifier:
keyid:1A:A0:A3:28:C6:FE:0F:1B:CA:5E:65:99:04:2D:FF:59:E5:13:B2:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GqCjKMb-DxvKXmWZBC3_WeUTsl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/344d24-2e11-466d-8ade-38e846148c78/1/CSSEySfg-kMM1glbJN0lrihqMrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/344d24-2e11-466d-8ade-38e846148c78/1/GqCjKMb-DxvKXmWZBC3_WeUTsl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.144.0/23
185.208.147.0/24
185.252.5.0-185.252.7.255
Signature Algorithm: sha256WithRSAEncryption
5b:ec:fb:85:2b:0e:bf:b7:b3:44:2d:13:54:5b:a1:d3:94:0f:
8c:47:44:1d:93:13:14:2f:b2:f6:d5:51:e4:6e:02:6d:fd:81:
6b:50:05:7b:5c:bf:4f:2a:35:2d:c7:a2:6e:ac:bc:cd:cb:6e:
1e:7c:9e:95:d6:8b:33:b0:a0:07:a3:89:b0:3c:51:7b:d1:37:
c3:72:e0:bd:57:5a:8e:94:67:0c:1e:18:53:37:17:e7:9b:ee:
81:d2:a8:86:4f:ea:c0:f5:1b:93:c2:fa:49:db:06:b0:e7:70:
ce:35:66:1c:dd:88:37:20:dc:47:bf:6a:60:ea:8c:fd:f3:31:
4c:60:ad:d2:ab:5b:2e:b9:41:2e:16:bd:e5:b9:e0:9a:c2:8c:
7c:c5:2f:3a:68:ee:51:19:c0:97:d9:c2:74:19:ac:6a:d6:4c:
79:f7:b6:02:ad:6f:d8:95:ea:01:7e:b8:63:af:b1:4f:d7:2a:
47:44:85:99:9a:63:5f:9c:c5:df:06:a5:ec:c2:48:5c:1f:b2:
e4:29:f9:7f:4f:6c:d6:8b:47:3e:4f:d6:d8:48:01:bd:dc:b9:
12:2d:6e:18:e4:fa:8f:1d:79:38:2c:bc:bd:bf:01:cd:85:e8:
ae:e5:04:86:0b:ec:78:8c:0c:30:88:9d:e4:eb:b7:a8:b0:4b:
8a:f7:25:24
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZWVN/7/G9I1XIDckTMdBInaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYTBhMzI4YzZmZTBmMWJjYTVlNjU5OTA0MmRmZjU5ZTUx
M2IyNWQwHhcNMjUwMzE0MTUxMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTI0ODRjOTI3ZTBmYTQzMGNkNjA5NWIyNGRkMjVhZTI4NmEzMmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ljuD6JV1DGNMyeskclo6GOH5gu1
X92JeZarTbIUCqvhjpDRyVZ72zrn5tUYoujxttTmQ89oJZTvRPatvEvQWcG9xXWM
20+7C0QxBl5OEYu2wsehHuLkypoFjY1vOjPP2qA6O5oNaVIQlY08N3Oht1knF3wz
truNXSiYB2PNdYtxmE3tNeOOmz2beQOYKR0CQRvBmgqSGB/Bt12EA3Hdgo9f14KV
UxIqZ/pIHWLJcHm+nCaUP+G9c4Vlo8B6m5MhOkgod8rmGWpAitwVtNa1+lnnt3r6
4si8S8u97SV4A2BQtOnZcOmH4lRaVIH0wTb8RvL3p21eyQtA46BX2f5b5QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAkkhMkn4PpDDNYJWyTdJa4oajKxMB8GA1UdIwQY
MBaAFBqgoyjG/g8byl5lmQQt/1nlE7JdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3FDaktNYi1EeHZLWG1XWkJDM19XZVVUc2wwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zNDRkMjQtMmUxMS00NjZkLThhZGUt
MzhlODQ2MTQ4Yzc4LzEvQ1NTRXlTZmcta01NMWdsYkpOMGxyaWhxTXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zNDRkMjQtMmUxMS00NjZkLThhZGUtMzhlODQ2MTQ4Yzc4
LzEvR3FDaktNYi1EeHZLWG1XWkJDM19XZVVUc2wwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBudCQAwQA
udCTMAwDBAC5/AUDBAO5/AAwDQYJKoZIhvcNAQELBQADggEBAFvs+4UrDr+3s0Qt
E1RbodOUD4xHRB2TExQvsvbVUeRuAm39gWtQBXtcv08qNS3Hom6svM3Lbh58npXW
izOwoAejibA8UXvRN8Ny4L1XWo6UZwweGFM3F+eb7oHSqIZP6sD1G5PC+knbBrDn
cM41ZhzdiDcg3Ee/amDqjP3zMUxgrdKrWy65QS4WveW54JrCjHzFLzpo7lEZwJfZ
wnQZrGrWTHn3tgKtb9iV6gF+uGOvsU/XKkdEhZmaY1+cxd8GpezCSFwfsuQp+X9P
bNaLRz5P1thIAb3cuRItbhjk+o8deTgsvL2/Ac2F6K7lBIYL7HiMDDCIneTrt6iw
S4r3JSQ=
-----END CERTIFICATE-----
Generated at Mon Apr 28 16:00:21 2025 by rpki-client