Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/7b8513-f189-4330-b6f0-d0d258e4b435/1/yQgmgvQc_zoWSzqSU_Jv0P1q3MI.roa
File: yQgmgvQc_zoWSzqSU_Jv0P1q3MI.roa (raw, json)
Hash identifier: 5+4u/xRZxAnli4CKdBW1paOkXTRYuiJAT5ksmVQ4GNU=
Subject key identifier: C9:08:26:82:F4:1C:FF:3A:16:4B:3A:92:53:F2:6F:D0:FD:6A:DC:C2
Certificate issuer: /CN=4bf3fb8ff8ddafda89db39705f78f6418efd1fed
Certificate serial: 0194244559D723C3461A9EC982ED8A3EDF69
Authority key identifier: 4B:F3:FB:8F:F8:DD:AF:DA:89:DB:39:70:5F:78:F6:41:8E:FD:1F:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S_P7j_jdr9qJ2zlwX3j2QY79H-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/7b8513-f189-4330-b6f0-d0d258e4b435/1/yQgmgvQc_zoWSzqSU_Jv0P1q3MI.roa
Signing time: Wed 01 Jan 2025 23:48:32 +0000
ROA not before: Wed 01 Jan 2025 23:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57976
IP address blocks: 5.42.160.0/19 maxlen: 24
37.244.0.0/18 maxlen: 24
137.221.64.0/18 maxlen: 24
185.60.112.0/22 maxlen: 24
2a04:e800::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/7b8513-f189-4330-b6f0-d0d258e4b435/1/S_P7j_jdr9qJ2zlwX3j2QY79H-0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/7b8513-f189-4330-b6f0-d0d258e4b435/1/S_P7j_jdr9qJ2zlwX3j2QY79H-0.mft
rsync://rpki.ripe.net/repository/DEFAULT/S_P7j_jdr9qJ2zlwX3j2QY79H-0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:43:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:59:d7:23:c3:46:1a:9e:c9:82:ed:8a:3e:df:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bf3fb8ff8ddafda89db39705f78f6418efd1fed
Validity
Not Before: Jan 1 23:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9082682f41cff3a164b3a9253f26fd0fd6adcc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:02:eb:c9:f2:ef:ad:96:9f:53:c0:14:f2:70:
15:07:b0:ef:db:b7:85:b9:b9:55:d2:51:fc:2a:12:
9b:ca:01:35:91:8a:b8:d7:b9:46:1c:9d:ac:ea:74:
21:fb:43:7e:0f:71:ec:21:9d:3d:47:3a:ad:28:28:
7b:29:14:1b:ee:f0:ff:4e:18:c6:56:28:3e:11:66:
61:d9:94:da:6b:8a:e2:a0:04:b5:a9:0c:ba:d3:c3:
9e:80:b0:95:d4:2c:1b:6f:0c:d9:0b:ea:ae:9d:d8:
40:5c:cc:fb:96:7d:1f:2b:c2:95:a9:b9:cf:f4:a2:
c2:8c:11:97:97:3a:af:5f:cd:3e:bd:b9:8e:76:93:
d3:12:5d:d9:57:76:70:af:bc:95:53:d5:e2:e6:2d:
6f:10:8e:99:81:1a:8a:df:e0:19:a7:77:df:0f:60:
00:87:53:b3:c2:4e:85:bc:3e:e4:d1:f2:8d:56:7e:
ea:e8:e9:fc:e8:56:4a:51:b7:26:47:80:5b:e6:35:
c2:f0:b9:da:d5:35:b5:6d:69:b7:0a:49:11:41:e4:
2a:3b:b5:54:c0:a9:c9:83:02:ec:db:77:a2:f5:d7:
0a:02:06:97:7c:1c:ab:d0:f5:17:74:9e:22:ba:8e:
81:c1:0d:ce:f5:ae:04:1c:31:f6:16:af:46:91:b8:
c0:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:08:26:82:F4:1C:FF:3A:16:4B:3A:92:53:F2:6F:D0:FD:6A:DC:C2
X509v3 Authority Key Identifier:
keyid:4B:F3:FB:8F:F8:DD:AF:DA:89:DB:39:70:5F:78:F6:41:8E:FD:1F:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S_P7j_jdr9qJ2zlwX3j2QY79H-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7b8513-f189-4330-b6f0-d0d258e4b435/1/yQgmgvQc_zoWSzqSU_Jv0P1q3MI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7b8513-f189-4330-b6f0-d0d258e4b435/1/S_P7j_jdr9qJ2zlwX3j2QY79H-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.160.0/19
37.244.0.0/18
137.221.64.0/18
185.60.112.0/22
IPv6:
2a04:e800::/29
Signature Algorithm: sha256WithRSAEncryption
8d:ee:fd:12:49:f5:60:21:a9:39:37:2c:ce:30:12:74:3b:07:
f5:e7:12:00:eb:16:20:06:d0:bd:96:87:30:65:68:ce:7f:73:
6e:d0:e8:c9:78:8b:b3:09:05:3f:3b:28:31:a6:f8:3a:51:68:
e9:b5:2b:03:0b:a0:aa:bb:91:12:44:de:18:06:92:8f:4b:0c:
9d:a8:b0:d5:e5:b6:47:d7:07:12:28:18:9a:68:26:48:9f:bc:
f4:35:6b:85:f8:7b:07:92:84:5c:e4:19:0a:2d:d1:e9:4c:3d:
77:32:d1:5a:b7:4c:d2:f2:23:cb:29:cf:e4:19:c6:09:e1:7d:
f3:09:9f:b3:44:19:0b:ca:9e:5d:14:01:3b:b9:46:b3:ce:e2:
87:f1:5e:65:94:06:76:8a:4b:25:39:52:a7:3e:d0:47:f2:be:
62:cb:b6:c5:47:92:8b:c6:b3:75:3b:19:48:1d:65:a9:61:d9:
55:ba:30:5f:0a:58:a7:86:0f:b8:2a:7d:dd:65:a9:41:bd:e4:
13:ad:34:29:44:3a:7d:d4:b8:74:89:62:c0:ea:85:fe:56:b2:
02:36:34:26:ef:1f:69:50:96:66:d5:27:1c:26:c9:a1:6f:a2:
96:2d:ac:68:9c:c9:1d:3c:c1:71:54:05:b8:06:f0:76:9f:04:
f4:07:b6:8a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQkRVnXI8NGGp7Jgu2KPt9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZjNmYjhmZjhkZGFmZGE4OWRiMzk3MDVmNzhmNjQxOGVm
ZDFmZWQwHhcNMjUwMTAxMjM0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTA4MjY4MmY0MWNmZjNhMTY0YjNhOTI1M2YyNmZkMGZkNmFkY2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgLryfLvrZafU8AU8nAVB7Dv27eF
ublV0lH8KhKbygE1kYq417lGHJ2s6nQh+0N+D3HsIZ09RzqtKCh7KRQb7vD/ThjG
Vig+EWZh2ZTaa4rioAS1qQy608OegLCV1CwbbwzZC+qundhAXMz7ln0fK8KVqbnP
9KLCjBGXlzqvX80+vbmOdpPTEl3ZV3Zwr7yVU9Xi5i1vEI6ZgRqK3+AZp3ffD2AA
h1Ozwk6FvD7k0fKNVn7q6On86FZKUbcmR4Bb5jXC8Lna1TW1bWm3CkkRQeQqO7VU
wKnJgwLs23ei9dcKAgaXfByr0PUXdJ4iuo6BwQ3O9a4EHDH2Fq9GkbjAJQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMkIJoL0HP86Fks6klPyb9D9atzCMB8GA1UdIwQY
MBaAFEvz+4/43a/aids5cF949kGO/R/tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU19QN2pfamRyOXFKMnpsd1gzajJRWTc5SC0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS83Yjg1MTMtZjE4OS00MzMwLWI2ZjAt
ZDBkMjU4ZTRiNDM1LzEveVFnbWd2UWNfem9XU3pxU1VfSnYwUDFxM01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS83Yjg1MTMtZjE4OS00MzMwLWI2ZjAtZDBkMjU4ZTRiNDM1
LzEvU19QN2pfamRyOXFKMnpsd1gzajJRWTc5SC0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFBSqgAwQG
JfQAAwQGid1AAwQCuTxwMA0EAgACMAcDBQMqBOgAMA0GCSqGSIb3DQEBCwUAA4IB
AQCN7v0SSfVgIak5NyzOMBJ0Owf15xIA6xYgBtC9locwZWjOf3Nu0OjJeIuzCQU/
Oygxpvg6UWjptSsDC6Cqu5ESRN4YBpKPSwydqLDV5bZH1wcSKBiaaCZIn7z0NWuF
+HsHkoRc5BkKLdHpTD13MtFat0zS8iPLKc/kGcYJ4X3zCZ+zRBkLyp5dFAE7uUaz
zuKH8V5llAZ2ikslOVKnPtBH8r5iy7bFR5KLxrN1OxlIHWWpYdlVujBfClinhg+4
Kn3dZalBveQTrTQpRDp91Lh0iWLA6oX+VrICNjQm7x9pUJZm1SccJsmhb6KWLaxo
nMkdPMFxVAW4BvB2nwT0B7aK
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:21:15 2025 by rpki-client