Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/32e925-6fe6-4b26-a498-75304f9f5c24/1/T6BmY5F3A76c40Avg5lTJbK0mkw.roa
File: T6BmY5F3A76c40Avg5lTJbK0mkw.roa (raw, json)
Hash identifier: v+5wW5iBlMaLk7U/wCyygoAJ3jQnHxe9Wti6cfnchrc=
Subject key identifier: 4F:A0:66:63:91:77:03:BE:9C:E3:40:2F:83:99:53:25:B2:B4:9A:4C
Certificate issuer: /CN=19f5e04b6555f1e2c92d7a41ac106a75dea928a2
Certificate serial: 019425FDD335F491D15964BFA7CA121F9B22
Authority key identifier: 19:F5:E0:4B:65:55:F1:E2:C9:2D:7A:41:AC:10:6A:75:DE:A9:28:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GfXgS2VV8eLJLXpBrBBqdd6pKKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/32e925-6fe6-4b26-a498-75304f9f5c24/1/T6BmY5F3A76c40Avg5lTJbK0mkw.roa
Signing time: Thu 02 Jan 2025 07:49:39 +0000
ROA not before: Thu 02 Jan 2025 07:49:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204453
IP address blocks: 91.199.54.0/24 maxlen: 24
91.214.126.0/24 maxlen: 24
193.104.170.0/24 maxlen: 24
194.145.202.0/24 maxlen: 24
194.242.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/32e925-6fe6-4b26-a498-75304f9f5c24/1/GfXgS2VV8eLJLXpBrBBqdd6pKKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/32e925-6fe6-4b26-a498-75304f9f5c24/1/GfXgS2VV8eLJLXpBrBBqdd6pKKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/GfXgS2VV8eLJLXpBrBBqdd6pKKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 13:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:d3:35:f4:91:d1:59:64:bf:a7:ca:12:1f:9b:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19f5e04b6555f1e2c92d7a41ac106a75dea928a2
Validity
Not Before: Jan 2 07:49:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4fa06663917703be9ce3402f83995325b2b49a4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8c:51:07:d2:88:22:49:ee:0a:33:4d:f1:f7:
bb:3f:fa:8f:69:cd:2d:48:66:7a:3b:16:a6:37:25:
af:e0:03:2a:01:03:64:26:a8:8f:fa:e0:e6:a6:83:
65:30:e1:6d:3e:9c:fa:6d:ea:ec:60:58:1d:c9:2e:
65:de:5c:4a:c1:36:d8:37:30:94:04:08:ab:41:7c:
fa:bc:4d:ef:cd:a2:84:1e:6e:0b:e3:53:83:20:00:
bb:2c:3b:ba:2c:99:13:49:19:8e:df:15:7d:db:26:
e2:7d:11:95:16:d8:28:18:eb:39:c9:d0:fb:16:5d:
0a:a9:64:72:d0:7f:07:5e:64:42:ed:1a:ad:d1:c3:
7b:95:04:9e:41:0a:e1:2d:50:f9:d7:56:67:67:b8:
f8:8d:0d:29:be:a9:56:69:3c:ec:93:ee:f9:e2:f3:
38:7e:44:19:e8:5c:cf:44:69:dd:19:54:40:4a:3d:
5b:07:1b:eb:aa:d7:d2:b9:3e:83:33:29:2d:a5:31:
21:1b:b3:71:94:32:c3:bc:d2:da:ba:f2:c5:b2:d0:
42:f7:4a:38:7d:1d:81:92:2b:dc:15:0b:21:00:12:
b6:06:ce:11:65:81:79:67:8b:c2:1c:52:0e:1d:2b:
73:ae:63:b6:2f:57:cf:26:5b:55:72:f3:46:25:2c:
29:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:A0:66:63:91:77:03:BE:9C:E3:40:2F:83:99:53:25:B2:B4:9A:4C
X509v3 Authority Key Identifier:
keyid:19:F5:E0:4B:65:55:F1:E2:C9:2D:7A:41:AC:10:6A:75:DE:A9:28:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GfXgS2VV8eLJLXpBrBBqdd6pKKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/32e925-6fe6-4b26-a498-75304f9f5c24/1/T6BmY5F3A76c40Avg5lTJbK0mkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/32e925-6fe6-4b26-a498-75304f9f5c24/1/GfXgS2VV8eLJLXpBrBBqdd6pKKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.54.0/24
91.214.126.0/24
193.104.170.0/24
194.145.202.0/24
194.242.59.0/24
Signature Algorithm: sha256WithRSAEncryption
35:89:af:c6:51:6b:84:61:1d:42:b7:a9:72:12:8c:2f:93:bb:
2c:c7:97:97:98:bf:04:36:6a:c5:ae:02:71:c1:76:89:fa:00:
0b:99:43:31:a4:dc:fb:21:37:c2:27:d5:d9:c8:99:6c:fb:d5:
3b:12:87:cf:b9:33:ea:4a:ce:73:f3:7e:17:03:3c:b2:f5:a0:
78:9d:8e:2d:7f:db:b3:1f:8b:fe:36:f6:65:4e:cd:8b:16:7b:
1b:75:fb:bf:21:c4:84:4f:8a:09:3c:4d:8b:fa:ce:17:e2:00:
67:c2:a1:b5:33:73:46:22:8c:c2:f1:b5:42:d7:61:48:37:3e:
02:57:34:68:2d:06:89:e9:b2:49:0c:62:24:66:7f:bd:03:56:
a9:c7:a5:0a:43:2c:43:1a:d3:a2:39:be:c9:92:b6:b9:18:e3:
54:e7:87:a3:30:a1:2b:31:5f:a1:35:84:a7:bd:ad:d6:13:b6:
24:4d:a2:e8:c7:2d:4a:be:95:fd:19:cb:52:ad:93:8e:83:18:
f4:9d:f8:11:92:1c:c4:84:10:b5:26:1a:a6:65:a9:2b:3d:35:
ca:44:29:ad:bc:d6:58:79:5d:e0:1c:7b:44:9f:8e:7c:7f:1d:
bd:b1:ee:67:4c:70:06:8c:24:98:51:03:7c:05:b3:06:a5:86:
60:01:32:3f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQl/dM19JHRWWS/p8oSH5siMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZjVlMDRiNjU1NWYxZTJjOTJkN2E0MWFjMTA2YTc1ZGVh
OTI4YTIwHhcNMjUwMTAyMDc0OTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmEwNjY2MzkxNzcwM2JlOWNlMzQwMmY4Mzk5NTMyNWIyYjQ5YTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIxRB9KIIknuCjNN8fe7P/qPac0t
SGZ6OxamNyWv4AMqAQNkJqiP+uDmpoNlMOFtPpz6bersYFgdyS5l3lxKwTbYNzCU
BAirQXz6vE3vzaKEHm4L41ODIAC7LDu6LJkTSRmO3xV92ybifRGVFtgoGOs5ydD7
Fl0KqWRy0H8HXmRC7Rqt0cN7lQSeQQrhLVD511ZnZ7j4jQ0pvqlWaTzsk+754vM4
fkQZ6FzPRGndGVRASj1bBxvrqtfSuT6DMyktpTEhG7NxlDLDvNLauvLFstBC90o4
fR2BkivcFQshABK2Bs4RZYF5Z4vCHFIOHStzrmO2L1fPJltVcvNGJSwp+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFE+gZmORdwO+nONAL4OZUyWytJpMMB8GA1UdIwQY
MBaAFBn14EtlVfHiyS16QawQanXeqSiiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZYZ1MyVlY4ZUxKTFhwQnJCQnFkZDZwS0tJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zMmU5MjUtNmZlNi00YjI2LWE0OTgt
NzUzMDRmOWY1YzI0LzEvVDZCbVk1RjNBNzZjNDBBdmc1bFRKYkswbWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zMmU5MjUtNmZlNi00YjI2LWE0OTgtNzUzMDRmOWY1YzI0
LzEvR2ZYZ1MyVlY4ZUxKTFhwQnJCQnFkZDZwS0tJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW8c2AwQA
W9Z+AwQAwWiqAwQAwpHKAwQAwvI7MA0GCSqGSIb3DQEBCwUAA4IBAQA1ia/GUWuE
YR1Ct6lyEowvk7ssx5eXmL8ENmrFrgJxwXaJ+gALmUMxpNz7ITfCJ9XZyJls+9U7
EofPuTPqSs5z834XAzyy9aB4nY4tf9uzH4v+NvZlTs2LFnsbdfu/IcSET4oJPE2L
+s4X4gBnwqG1M3NGIozC8bVC12FINz4CVzRoLQaJ6bJJDGIkZn+9A1apx6UKQyxD
GtOiOb7Jkra5GONU54ejMKErMV+hNYSnva3WE7YkTaLoxy1KvpX9GctSrZOOgxj0
nfgRkhzEhBC1JhqmZakrPTXKRCmtvNZYeV3gHHtEn458fx29se5nTHAGjCSYUQN8
BbMGpYZgATI/
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:52:28 2025 by rpki-client