Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/ac5Wv-_VhODUkcedLbPF7JyYGxc.roa
File: ac5Wv-_VhODUkcedLbPF7JyYGxc.roa (raw, json)
Hash identifier: 6If3dld/h88JewSAZ5sEjufcA+BJRUhokKAmEZgvW1o=
Subject key identifier: 69:CE:56:BF:EF:D5:84:E0:D4:91:C7:9D:2D:B3:C5:EC:9C:98:1B:17
Certificate issuer: /CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Certificate serial: 0195948AF77DA9F55FCFC350BD2F457E5BDC
Authority key identifier: F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/ac5Wv-_VhODUkcedLbPF7JyYGxc.roa
Signing time: Fri 14 Mar 2025 12:04:49 +0000
ROA not before: Fri 14 Mar 2025 12:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58172
IP address blocks: 85.116.178.0/24 maxlen: 24
85.116.183.0/24 maxlen: 24
85.116.186.0/23 maxlen: 23
85.116.188.0/23 maxlen: 23
91.132.148.0/24 maxlen: 24
91.132.149.0/24 maxlen: 24
91.132.150.0/24 maxlen: 24
91.132.151.0/24 maxlen: 24
91.239.101.0/24 maxlen: 24
128.127.96.0/24 maxlen: 24
128.127.97.0/24 maxlen: 24
128.127.98.0/24 maxlen: 24
128.127.99.0/24 maxlen: 24
128.127.100.0/24 maxlen: 24
128.127.101.0/24 maxlen: 24
128.127.102.0/24 maxlen: 24
128.127.103.0/24 maxlen: 24
178.20.176.0/24 maxlen: 24
178.20.177.0/24 maxlen: 24
178.20.178.0/24 maxlen: 24
178.20.179.0/24 maxlen: 24
178.20.180.0/24 maxlen: 24
178.20.181.0/24 maxlen: 24
178.20.182.0/24 maxlen: 24
178.20.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.mft
rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:8a:f7:7d:a9:f5:5f:cf:c3:50:bd:2f:45:7e:5b:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Validity
Not Before: Mar 14 12:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69ce56bfefd584e0d491c79d2db3c5ec9c981b17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c5:e6:75:20:d7:6d:ae:ef:ff:63:63:9a:f1:
82:0d:95:8d:74:4f:68:41:92:8b:e5:9b:1a:47:e9:
13:74:d0:d3:af:f6:82:da:17:48:a0:bf:58:94:6a:
fd:ba:f9:16:51:68:ca:91:d5:61:23:fd:7d:96:b5:
80:e3:b8:09:65:86:78:94:ea:55:e7:ee:8a:bc:2a:
cd:d0:dc:73:9c:c8:da:db:34:3f:75:96:76:57:7b:
8b:8d:4b:32:a4:9a:55:17:90:32:8d:00:91:e4:64:
a4:0b:f6:48:c4:2a:fb:d6:13:1e:ef:03:91:a8:38:
5f:fa:81:6e:d6:90:a7:2f:1e:21:9e:b5:0b:d4:b1:
d6:6e:8f:a8:01:6a:5c:9e:2f:03:c5:02:22:0a:d2:
fc:9f:8f:6b:37:d3:9d:d4:50:97:8c:6c:f4:d4:d7:
06:0e:18:b1:be:a0:39:5e:7a:58:ec:d8:46:9e:93:
a4:c0:2f:e6:d1:ca:80:d4:2c:cd:cd:f9:41:3c:d1:
f1:75:01:bd:4f:e0:ab:8e:d4:6c:62:0c:e5:05:01:
db:47:ea:bd:de:6a:9a:82:48:07:76:7c:91:ee:07:
af:f5:d1:f5:e4:e9:0a:c1:64:36:4a:d1:b1:86:47:
d4:9d:46:e1:61:cf:a8:06:7f:51:f1:92:4a:71:18:
6d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:CE:56:BF:EF:D5:84:E0:D4:91:C7:9D:2D:B3:C5:EC:9C:98:1B:17
X509v3 Authority Key Identifier:
keyid:F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/ac5Wv-_VhODUkcedLbPF7JyYGxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.178.0/24
85.116.183.0/24
85.116.186.0-85.116.189.255
91.132.148.0/22
91.239.101.0/24
128.127.96.0/21
178.20.176.0/21
Signature Algorithm: sha256WithRSAEncryption
6e:7b:8f:6f:5a:7b:a4:97:d0:ac:03:88:ac:ad:1c:b6:9b:c9:
0d:69:6b:f5:8d:04:ef:13:28:9f:fe:56:4e:03:4a:84:b7:a3:
13:34:ac:8b:42:59:ea:46:e5:8c:6a:41:fd:61:60:ca:e3:de:
9a:61:b4:45:a3:8b:f3:9e:79:30:b5:f4:ab:0e:f4:c7:bd:5b:
e2:95:21:54:88:d1:59:69:5f:0e:b5:9c:e0:d2:f6:ca:64:ba:
55:2f:3f:57:02:dc:a6:f9:b0:6a:75:d3:2a:a0:5e:a7:d8:86:
b9:c6:ef:fd:44:21:54:b6:45:98:d1:23:50:ea:94:80:a6:27:
d3:b6:40:1c:de:54:0c:44:70:ab:9a:af:6c:2c:d1:8e:e0:4c:
c7:f4:b7:f7:fd:f5:83:5c:f4:bd:4d:5f:19:1f:b1:81:a1:3f:
c8:95:1a:6b:8e:28:be:33:de:df:a7:af:78:3f:06:7c:3b:69:
ec:6e:72:77:9e:28:20:bb:63:be:64:63:7a:df:64:90:6c:4b:
35:23:25:12:38:ec:e1:70:61:63:0b:98:6c:47:45:04:e0:50:
cf:53:dd:16:6b:e3:54:fe:58:a9:f1:92:b4:21:6e:92:c3:36:
5b:04:6f:93:1f:ee:f6:b6:1d:1f:4c:32:6e:06:e6:1d:ad:03:
69:35:ef:ef
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZWUivd9qfVfz8NQvS9FflvcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzExMzQxM2QwZGY1YjhmYTA2OTAxMWVlYjEwOWYwNjdi
NTU3OWEwHhcNMjUwMzE0MTIwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWNlNTZiZmVmZDU4NGUwZDQ5MWM3OWQyZGIzYzVlYzljOTgxYjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMXmdSDXba7v/2NjmvGCDZWNdE9o
QZKL5ZsaR+kTdNDTr/aC2hdIoL9YlGr9uvkWUWjKkdVhI/19lrWA47gJZYZ4lOpV
5+6KvCrN0NxznMja2zQ/dZZ2V3uLjUsypJpVF5AyjQCR5GSkC/ZIxCr71hMe7wOR
qDhf+oFu1pCnLx4hnrUL1LHWbo+oAWpcni8DxQIiCtL8n49rN9Od1FCXjGz01NcG
DhixvqA5XnpY7NhGnpOkwC/m0cqA1CzNzflBPNHxdQG9T+CrjtRsYgzlBQHbR+q9
3mqagkgHdnyR7gev9dH15OkKwWQ2StGxhkfUnUbhYc+oBn9R8ZJKcRhtawIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFGnOVr/v1YTg1JHHnS2zxeycmBsXMB8GA1UdIwQY
MBaAFPDBE0E9DfW4+gaQEe6xCfBntVeaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUt
NTAyNjFiMTE5MTZiLzEvYWM1V3YtX1ZoT0RVa2NlZExiUEY3SnlZR3hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUtNTAyNjFiMTE5MTZi
LzEvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAVXSyAwQA
VXS3MAwDBAFVdLoDBAFVdLwDBAJbhJQDBABb72UDBAOAf2ADBAOyFLAwDQYJKoZI
hvcNAQELBQADggEBAG57j29ae6SX0KwDiKytHLabyQ1pa/WNBO8TKJ/+Vk4DSoS3
oxM0rItCWepG5YxqQf1hYMrj3pphtEWji/OeeTC19KsO9Me9W+KVIVSI0VlpXw61
nODS9spkulUvP1cC3Kb5sGp10yqgXqfYhrnG7/1EIVS2RZjRI1DqlICmJ9O2QBze
VAxEcKuar2ws0Y7gTMf0t/f99YNc9L1NXxkfsYGhP8iVGmuOKL4z3t+nr3g/Bnw7
aexucneeKCC7Y75kY3rfZJBsSzUjJRI47OFwYWMLmGxHRQTgUM9T3RZr41T+WKnx
krQhbpLDNlsEb5Mf7va2HR9MMm4G5h2tA2k17+8=
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:23:49 2025 by rpki-client