Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/885457-70f2-4410-be7c-81476dbab144/1/auoQhH7aBJnI1g3L4GojEkAsQQY.roa
File: auoQhH7aBJnI1g3L4GojEkAsQQY.roa (raw, json)
Hash identifier: gWIiP5OtZwTCpaoFewi8x05lW349LkZSfT6+AFOcha0=
Subject key identifier: 6A:EA:10:84:7E:DA:04:99:C8:D6:0D:CB:E0:6A:23:12:40:2C:41:06
Certificate issuer: /CN=77dda2ad098c6a7814fb258b469b0d84ce24c4a7
Certificate serial: 019424B3E203FBDEBF73FAEBC53C6ACB3B04
Authority key identifier: 77:DD:A2:AD:09:8C:6A:78:14:FB:25:8B:46:9B:0D:84:CE:24:C4:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d92irQmMangU-yWLRpsNhM4kxKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/885457-70f2-4410-be7c-81476dbab144/1/auoQhH7aBJnI1g3L4GojEkAsQQY.roa
Signing time: Thu 02 Jan 2025 01:49:16 +0000
ROA not before: Thu 02 Jan 2025 01:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197648
IP address blocks: 91.217.246.0/24 maxlen: 24
91.223.208.0/24 maxlen: 24
185.106.100.0/22 maxlen: 22
185.106.100.0/24 maxlen: 24
185.106.101.0/24 maxlen: 24
185.106.102.0/24 maxlen: 24
185.106.103.0/24 maxlen: 24
185.205.184.0/22 maxlen: 22
185.205.184.0/24 maxlen: 24
185.205.185.0/24 maxlen: 24
185.205.186.0/24 maxlen: 24
185.205.187.0/24 maxlen: 24
2a06:3c80::/29 maxlen: 29
2a0c:5cc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/885457-70f2-4410-be7c-81476dbab144/1/d92irQmMangU-yWLRpsNhM4kxKc.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/885457-70f2-4410-be7c-81476dbab144/1/d92irQmMangU-yWLRpsNhM4kxKc.mft
rsync://rpki.ripe.net/repository/DEFAULT/d92irQmMangU-yWLRpsNhM4kxKc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:e2:03:fb:de:bf:73:fa:eb:c5:3c:6a:cb:3b:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77dda2ad098c6a7814fb258b469b0d84ce24c4a7
Validity
Not Before: Jan 2 01:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6aea10847eda0499c8d60dcbe06a2312402c4106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:31:f0:0e:b8:a5:27:a9:d9:3d:69:2e:52:f4:
60:2f:42:7b:b8:61:36:26:77:9b:17:57:11:27:ad:
1a:6e:5e:aa:db:5e:83:56:5b:5b:f9:61:c5:a0:02:
0e:65:2c:a1:53:98:75:d8:a5:9a:bf:6f:c9:52:f4:
1f:4d:e4:70:13:2a:0c:23:5d:a2:f7:e5:d7:ed:8d:
90:b8:61:1d:7c:74:8e:71:ae:d1:96:b3:33:aa:ba:
94:98:d6:e7:27:3b:53:30:d5:4c:f8:44:5b:6c:ff:
c7:28:0e:40:9f:e2:ab:d3:d9:dc:28:80:0c:32:ab:
d3:8d:fa:8f:74:79:c6:43:e8:d5:7a:92:7d:51:eb:
9d:40:70:75:0c:c4:44:dd:3f:00:ed:2d:24:0c:3c:
d2:f6:8a:27:e8:03:9d:78:52:f2:45:5a:c0:74:45:
c4:87:6f:af:51:91:87:d0:2d:17:b2:80:d8:f1:36:
25:01:76:0b:24:77:46:f2:76:17:bb:b5:77:2f:72:
8f:e5:fa:8a:6e:9a:3a:e1:b3:77:04:34:40:fb:67:
ba:78:97:b3:6a:66:2a:87:7b:da:28:3e:ad:c8:bd:
ba:fa:70:57:91:96:0f:af:2d:50:83:bd:09:8f:02:
4c:c2:f6:4e:89:37:b0:f3:95:44:66:5b:a4:b1:5a:
cb:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:EA:10:84:7E:DA:04:99:C8:D6:0D:CB:E0:6A:23:12:40:2C:41:06
X509v3 Authority Key Identifier:
keyid:77:DD:A2:AD:09:8C:6A:78:14:FB:25:8B:46:9B:0D:84:CE:24:C4:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d92irQmMangU-yWLRpsNhM4kxKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/885457-70f2-4410-be7c-81476dbab144/1/auoQhH7aBJnI1g3L4GojEkAsQQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/885457-70f2-4410-be7c-81476dbab144/1/d92irQmMangU-yWLRpsNhM4kxKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.246.0/24
91.223.208.0/24
185.106.100.0/22
185.205.184.0/22
IPv6:
2a06:3c80::/29
2a0c:5cc0::/29
Signature Algorithm: sha256WithRSAEncryption
3d:db:0e:fe:5a:e2:e4:34:5b:36:ef:4c:6d:72:7c:e0:b8:c4:
dc:e3:b4:20:b9:9b:b2:c0:d2:8d:01:f3:09:28:3c:17:43:72:
1e:64:1f:0b:0e:a6:6d:8f:04:4e:6a:d5:ed:2a:ab:49:98:80:
c7:f7:ee:1d:f1:4f:10:58:bb:79:f2:b7:f2:aa:bd:02:7d:7a:
ed:6a:08:05:6b:82:06:f0:bf:38:89:2c:7c:d7:86:b5:1b:fe:
24:e2:c8:1b:ba:1e:d1:d1:82:c3:a2:30:7f:0b:00:27:b1:06:
f0:f1:b6:78:a9:1b:c6:8f:97:0d:f8:e4:7c:81:98:f9:10:3e:
ca:43:ac:19:77:51:23:11:e7:77:bc:75:2a:e6:df:64:b5:44:
6b:cf:77:cf:cd:eb:f4:aa:e8:92:7e:26:2b:e5:ba:a3:94:26:
b9:f1:6f:31:4e:de:da:ab:48:0f:4a:3a:d5:67:2b:0c:47:d8:
a0:e0:41:54:95:65:e6:2a:28:78:d4:79:9d:d4:18:84:f2:45:
86:55:69:ac:8c:27:00:28:2c:78:bc:8c:8e:15:fd:4f:ae:23:
4a:d2:4c:2f:88:ba:1c:83:0d:51:ff:e5:9f:f0:83:2c:0e:97:
92:fb:05:e8:cf:cb:34:c6:52:72:d6:de:35:92:67:0d:eb:21:
84:76:16:e7
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQks+ID+96/c/rrxTxqyzsEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZGRhMmFkMDk4YzZhNzgxNGZiMjU4YjQ2OWIwZDg0Y2Uy
NGM0YTcwHhcNMjUwMTAyMDE0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWVhMTA4NDdlZGEwNDk5YzhkNjBkY2JlMDZhMjMxMjQwMmM0MTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTHwDrilJ6nZPWkuUvRgL0J7uGE2
JnebF1cRJ60abl6q216DVltb+WHFoAIOZSyhU5h12KWav2/JUvQfTeRwEyoMI12i
9+XX7Y2QuGEdfHSOca7RlrMzqrqUmNbnJztTMNVM+ERbbP/HKA5An+Kr09ncKIAM
MqvTjfqPdHnGQ+jVepJ9UeudQHB1DMRE3T8A7S0kDDzS9oon6AOdeFLyRVrAdEXE
h2+vUZGH0C0XsoDY8TYlAXYLJHdG8nYXu7V3L3KP5fqKbpo64bN3BDRA+2e6eJez
amYqh3vaKD6tyL26+nBXkZYPry1Qg70JjwJMwvZOiTew85VEZluksVrL0wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFGrqEIR+2gSZyNYNy+BqIxJALEEGMB8GA1UdIwQY
MBaAFHfdoq0JjGp4FPsli0abDYTOJMSnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDkyaXJRbU1hbmdVLXlXTFJwc05oTTRreEtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC84ODU0NTctNzBmMi00NDEwLWJlN2Mt
ODE0NzZkYmFiMTQ0LzEvYXVvUWhIN2FCSm5JMWczTDRHb2pFa0FzUVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC84ODU0NTctNzBmMi00NDEwLWJlN2MtODE0NzZkYmFiMTQ0
LzEvZDkyaXJRbU1hbmdVLXlXTFJwc05oTTRreEtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQAW9n2AwQA
W9/QAwQCuWpkAwQCuc24MBQEAgACMA4DBQMqBjyAAwUDKgxcwDANBgkqhkiG9w0B
AQsFAAOCAQEAPdsO/lri5DRbNu9MbXJ84LjE3OO0ILmbssDSjQHzCSg8F0NyHmQf
Cw6mbY8ETmrV7SqrSZiAx/fuHfFPEFi7efK38qq9An167WoIBWuCBvC/OIksfNeG
tRv+JOLIG7oe0dGCw6IwfwsAJ7EG8PG2eKkbxo+XDfjkfIGY+RA+ykOsGXdRIxHn
d7x1KubfZLVEa893z83r9Krokn4mK+W6o5QmufFvMU7e2qtID0o61WcrDEfYoOBB
VJVl5iooeNR5ndQYhPJFhlVprIwnACgseLyMjhX9T64jStJML4i6HIMNUf/ln/CD
LA6XkvsF6M/LNMZSctbeNZJnDeshhHYW5w==
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:46:26 2025 by rpki-client