Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/88-pt2hIN1dTOb7W_yyIcsyIKos.roa
File: 88-pt2hIN1dTOb7W_yyIcsyIKos.roa (raw, json)
Hash identifier: rXxfNXMHY0jcVNFeL7a/dvDj6ZDtDB0GLjdB35wLnIg=
Subject key identifier: F3:CF:A9:B7:68:48:37:57:53:39:BE:D6:FF:2C:88:72:CC:88:2A:8B
Certificate issuer: /CN=f67ed4f7d35575281c176cae3ddcbd40cc5c1dd6
Certificate serial: 019421445F50E53E363326ECAAF3B25BB790
Authority key identifier: F6:7E:D4:F7:D3:55:75:28:1C:17:6C:AE:3D:DC:BD:40:CC:5C:1D:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9n7U99NVdSgcF2yuPdy9QMxcHdY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/88-pt2hIN1dTOb7W_yyIcsyIKos.roa
Signing time: Wed 01 Jan 2025 09:48:36 +0000
ROA not before: Wed 01 Jan 2025 09:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50520
IP address blocks: 185.134.112.0/22 maxlen: 22
185.134.112.0/24 maxlen: 24
185.134.113.0/24 maxlen: 24
185.134.114.0/24 maxlen: 24
185.134.115.0/24 maxlen: 24
2a02:fa80::/32 maxlen: 32
2a02:fa80:1::/48 maxlen: 48
2a02:fa80:ca02::/48 maxlen: 48
2a02:fa80:fa80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/9n7U99NVdSgcF2yuPdy9QMxcHdY.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/9n7U99NVdSgcF2yuPdy9QMxcHdY.mft
rsync://rpki.ripe.net/repository/DEFAULT/9n7U99NVdSgcF2yuPdy9QMxcHdY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 04 May 2025 03:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:5f:50:e5:3e:36:33:26:ec:aa:f3:b2:5b:b7:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f67ed4f7d35575281c176cae3ddcbd40cc5c1dd6
Validity
Not Before: Jan 1 09:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3cfa9b7684837575339bed6ff2c8872cc882a8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3c:48:1d:9b:9d:33:6f:70:68:3f:c2:35:97:
76:ad:20:c5:76:b1:35:4c:d5:13:2f:82:5c:41:e0:
f6:f4:41:e7:2b:55:ca:a4:7d:b7:c3:9f:21:50:da:
21:30:8e:a6:c3:51:a1:82:80:0a:6b:12:92:41:f3:
3a:3c:af:f8:16:fa:9b:e0:3f:cc:ce:1d:0d:44:96:
67:69:20:86:7b:f2:75:9d:30:4f:c0:67:bb:0e:33:
74:6f:94:fd:e5:83:93:ec:3c:af:e2:57:02:dc:13:
5c:59:39:f5:9d:de:8b:53:88:7a:a5:63:10:57:6c:
d5:83:57:5e:24:ac:6d:b7:85:76:8c:ec:ba:fa:a9:
0f:4a:ea:d1:60:de:f9:cb:05:9b:df:32:f4:8d:11:
7e:23:f1:98:04:b3:bc:3e:df:2f:36:27:9f:dc:de:
91:3c:c4:94:55:c6:7d:98:63:30:f0:41:48:36:ac:
2d:93:d4:66:2f:9a:43:ee:ae:97:4a:eb:ef:bc:dc:
38:e2:c9:68:01:e2:bc:17:af:eb:5b:67:a3:59:26:
70:a6:30:49:dd:a9:69:12:cb:2d:15:a3:11:af:a5:
ac:a5:fe:77:98:73:82:cf:26:90:e1:3b:16:9d:01:
78:57:07:09:7a:44:2e:57:a7:29:5a:a5:2d:a6:af:
97:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:CF:A9:B7:68:48:37:57:53:39:BE:D6:FF:2C:88:72:CC:88:2A:8B
X509v3 Authority Key Identifier:
keyid:F6:7E:D4:F7:D3:55:75:28:1C:17:6C:AE:3D:DC:BD:40:CC:5C:1D:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9n7U99NVdSgcF2yuPdy9QMxcHdY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/88-pt2hIN1dTOb7W_yyIcsyIKos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/9n7U99NVdSgcF2yuPdy9QMxcHdY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.112.0/22
IPv6:
2a02:fa80::/32
Signature Algorithm: sha256WithRSAEncryption
43:37:f9:39:96:a8:cd:70:d0:83:8a:39:e0:60:30:30:4c:0a:
6d:dd:eb:1a:de:b7:b7:bb:a6:ce:7e:1d:b5:4e:63:ef:ef:8b:
4f:b3:9d:33:a4:b5:f9:e7:00:2a:8b:43:64:f1:38:0c:69:17:
28:b8:b6:45:a2:0c:31:9b:c5:94:80:ab:82:a5:bd:37:e1:ac:
54:13:73:1d:b9:e7:e8:87:e6:e5:f6:96:29:97:7f:a3:2e:94:
0d:40:fe:41:db:d4:c4:1c:42:ea:b3:36:ff:c2:c4:01:75:ac:
5f:da:2e:83:5e:2c:99:a1:75:11:9f:d2:1c:e1:1a:bb:48:7e:
a9:cb:27:1e:81:28:a2:2a:07:8f:ff:b5:0c:6f:6a:e6:7c:94:
ba:f1:77:4c:4f:50:3d:61:8b:65:d6:e8:17:ea:e0:70:70:d9:
c1:8a:01:13:82:53:4f:c4:59:72:dc:35:93:cd:c2:54:24:f5:
ee:2d:cd:19:78:58:d3:e6:21:28:ea:55:0a:30:cb:a9:26:f7:
91:f3:ff:cf:f9:f7:4a:b5:f3:d7:be:38:0c:74:6b:20:35:af:
29:3f:77:89:56:1d:b4:15:1f:19:9f:81:05:13:03:d7:c7:23:
54:95:68:c8:96:1a:96:01:df:55:64:00:5a:ba:2c:bb:b0:58:
df:cb:95:2f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhRF9Q5T42MybsqvOyW7eQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2N2VkNGY3ZDM1NTc1MjgxYzE3NmNhZTNkZGNiZDQwY2M1
YzFkZDYwHhcNMjUwMTAxMDk0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2NmYTliNzY4NDgzNzU3NTMzOWJlZDZmZjJjODg3MmNjODgyYThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTxIHZudM29waD/CNZd2rSDFdrE1
TNUTL4JcQeD29EHnK1XKpH23w58hUNohMI6mw1GhgoAKaxKSQfM6PK/4Fvqb4D/M
zh0NRJZnaSCGe/J1nTBPwGe7DjN0b5T95YOT7Dyv4lcC3BNcWTn1nd6LU4h6pWMQ
V2zVg1deJKxtt4V2jOy6+qkPSurRYN75ywWb3zL0jRF+I/GYBLO8Pt8vNief3N6R
PMSUVcZ9mGMw8EFINqwtk9RmL5pD7q6XSuvvvNw44sloAeK8F6/rW2ejWSZwpjBJ
3alpEsstFaMRr6Wspf53mHOCzyaQ4TsWnQF4VwcJekQuV6cpWqUtpq+XcwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPPPqbdoSDdXUzm+1v8siHLMiCqLMB8GA1UdIwQY
MBaAFPZ+1PfTVXUoHBdsrj3cvUDMXB3WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOW43VTk5TlZkU2djRjJ5dVBkeTlRTXhjSGRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iNjJlNzctMzU3YS00YWFkLWJiMjct
ZjQ0ODVhZWQ3NDI5LzEvODgtcHQyaElOMWRUT2I3V195eUljc3lJS29zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iNjJlNzctMzU3YS00YWFkLWJiMjctZjQ0ODVhZWQ3NDI5
LzEvOW43VTk5TlZkU2djRjJ5dVBkeTlRTXhjSGRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYZwMA0E
AgACMAcDBQAqAvqAMA0GCSqGSIb3DQEBCwUAA4IBAQBDN/k5lqjNcNCDijngYDAw
TApt3esa3re3u6bOfh21TmPv74tPs50zpLX55wAqi0Nk8TgMaRcouLZFogwxm8WU
gKuCpb034axUE3Mduefoh+bl9pYpl3+jLpQNQP5B29TEHELqszb/wsQBdaxf2i6D
XiyZoXURn9Ic4Rq7SH6pyycegSiiKgeP/7UMb2rmfJS68XdMT1A9YYtl1ugX6uBw
cNnBigETglNPxFly3DWTzcJUJPXuLc0ZeFjT5iEo6lUKMMupJveR8//P+fdKtfPX
vjgMdGsgNa8pP3eJVh20FR8Zn4EFEwPXxyNUlWjIlhqWAd9VZABauiy7sFjfy5Uv
-----END CERTIFICATE-----
Generated at Sat May 3 10:59:24 2025 by rpki-client