Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/834e82-f863-4ca8-8061-f616d9318087/1/YdnfzNQU6p17HNy9eA1Hw53deFE.roa
File: YdnfzNQU6p17HNy9eA1Hw53deFE.roa (raw, json)
Hash identifier: 2Yw8oKr6x9VyLBdNC/o5JNz+v9yyH0gMbVBwfTOD/GE=
Subject key identifier: 61:D9:DF:CC:D4:14:EA:9D:7B:1C:DC:BD:78:0D:47:C3:9D:DD:78:51
Certificate issuer: /CN=f69c7eb86224adb38408847dee4cfc4c4003ad5d
Certificate serial: 019420D5A8E55B9E383771BA4D312390FE8F
Authority key identifier: F6:9C:7E:B8:62:24:AD:B3:84:08:84:7D:EE:4C:FC:4C:40:03:AD:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9px-uGIkrbOECIR97kz8TEADrV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/834e82-f863-4ca8-8061-f616d9318087/1/YdnfzNQU6p17HNy9eA1Hw53deFE.roa
Signing time: Wed 01 Jan 2025 07:47:40 +0000
ROA not before: Wed 01 Jan 2025 07:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199478
IP address blocks: 37.130.144.0/24 maxlen: 24
37.130.145.0/24 maxlen: 24
37.130.146.0/24 maxlen: 24
37.130.147.0/24 maxlen: 24
37.130.148.0/24 maxlen: 24
37.130.149.0/24 maxlen: 24
37.130.150.0/24 maxlen: 24
37.130.151.0/24 maxlen: 24
91.193.152.0/24 maxlen: 24
91.193.153.0/24 maxlen: 24
91.193.154.0/24 maxlen: 24
91.193.155.0/24 maxlen: 24
144.2.164.0/24 maxlen: 24
144.2.165.0/24 maxlen: 24
144.2.166.0/24 maxlen: 24
144.2.167.0/24 maxlen: 24
185.16.208.0/24 maxlen: 24
185.16.209.0/24 maxlen: 24
185.16.210.0/24 maxlen: 24
185.16.211.0/24 maxlen: 24
185.157.152.0/24 maxlen: 24
185.157.153.0/24 maxlen: 24
185.157.154.0/24 maxlen: 24
185.157.155.0/24 maxlen: 24
185.251.104.0/24 maxlen: 24
185.251.105.0/24 maxlen: 24
185.251.106.0/24 maxlen: 24
185.251.107.0/24 maxlen: 24
193.84.19.0/24 maxlen: 24
193.84.30.0/24 maxlen: 24
193.84.70.0/24 maxlen: 24
193.84.74.0/24 maxlen: 24
194.62.158.0/24 maxlen: 24
194.62.159.0/24 maxlen: 24
194.62.190.0/24 maxlen: 24
194.62.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/834e82-f863-4ca8-8061-f616d9318087/1/9px-uGIkrbOECIR97kz8TEADrV0.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/834e82-f863-4ca8-8061-f616d9318087/1/9px-uGIkrbOECIR97kz8TEADrV0.mft
rsync://rpki.ripe.net/repository/DEFAULT/9px-uGIkrbOECIR97kz8TEADrV0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:a8:e5:5b:9e:38:37:71:ba:4d:31:23:90:fe:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f69c7eb86224adb38408847dee4cfc4c4003ad5d
Validity
Not Before: Jan 1 07:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61d9dfccd414ea9d7b1cdcbd780d47c39ddd7851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:69:62:d4:24:50:ea:d2:63:c8:6b:e2:99:2d:
44:47:c7:32:76:6d:bd:6e:8e:77:b0:75:36:43:05:
44:9c:e7:41:f9:e3:b3:0f:55:fa:ab:30:28:15:a0:
a3:f4:5d:d7:e5:01:47:b8:59:e6:a0:38:0b:50:00:
06:02:9a:39:a1:c1:fb:e8:3f:df:e3:26:4d:75:0f:
fe:4f:7b:7d:d0:6e:91:93:ce:7f:2a:35:cd:11:c3:
17:82:93:db:33:9e:86:71:c9:6f:d3:86:10:d6:a3:
7e:f6:15:1c:ce:b4:36:f3:cb:cc:2b:aa:7b:19:f0:
74:8b:bd:f9:62:7c:7c:83:4f:f6:81:f5:c2:78:80:
0e:8e:50:a3:88:a8:6f:d7:c1:9c:bf:55:a5:7c:52:
ce:f3:5f:0f:69:03:d8:3f:fc:60:c1:0e:90:22:29:
f3:89:b4:f6:e0:4a:e3:52:2d:d9:d6:b6:97:da:2f:
f4:fc:06:e2:f5:22:2f:fa:79:d8:7e:da:c4:c3:41:
48:89:ed:8d:da:77:87:99:bd:49:58:89:b9:2c:d4:
f1:20:c6:3e:02:e1:f7:4d:a1:26:87:d8:75:1b:25:
8a:0d:d7:2e:32:45:ce:ef:ec:e4:e3:73:80:d8:f9:
2a:3e:e7:62:b3:c8:7c:72:f1:98:0f:16:51:de:65:
6b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:D9:DF:CC:D4:14:EA:9D:7B:1C:DC:BD:78:0D:47:C3:9D:DD:78:51
X509v3 Authority Key Identifier:
keyid:F6:9C:7E:B8:62:24:AD:B3:84:08:84:7D:EE:4C:FC:4C:40:03:AD:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9px-uGIkrbOECIR97kz8TEADrV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/834e82-f863-4ca8-8061-f616d9318087/1/YdnfzNQU6p17HNy9eA1Hw53deFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/834e82-f863-4ca8-8061-f616d9318087/1/9px-uGIkrbOECIR97kz8TEADrV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.144.0/21
91.193.152.0/22
144.2.164.0/22
185.16.208.0/22
185.157.152.0/22
185.251.104.0/22
193.84.19.0/24
193.84.30.0/24
193.84.70.0/24
193.84.74.0/24
194.62.158.0/23
194.62.190.0/23
Signature Algorithm: sha256WithRSAEncryption
c7:a7:ba:1e:ff:39:ee:b7:58:16:df:ed:e3:b2:6d:8b:f6:fa:
d9:61:4c:08:68:e2:b7:a8:06:46:1b:75:0e:49:fb:ad:7d:c2:
3b:68:5c:25:d9:ff:2a:2d:8e:55:01:6b:f4:89:e0:00:d1:a6:
ac:4f:99:9d:a9:08:a5:37:06:2d:32:7a:ff:c5:59:59:92:16:
2b:91:f7:b0:d0:66:95:de:78:34:96:77:8a:21:92:71:c6:2a:
9d:fc:cd:2d:ab:75:07:24:24:b8:47:5a:3b:7b:87:d6:31:59:
27:17:98:9b:ca:b8:b1:74:98:f3:6a:70:53:bf:6f:f2:02:21:
43:be:16:c0:53:eb:b6:ef:c8:01:a4:bb:ec:de:bd:ff:dd:38:
bb:4a:2c:18:46:43:2f:a4:38:ae:23:c5:f7:a3:9d:98:e6:94:
a4:40:74:d5:5d:b2:63:a4:52:ee:02:78:10:13:45:8f:2a:db:
dd:b8:39:ec:27:68:34:ed:55:3d:bb:91:9c:cc:71:6c:7a:c5:
93:a0:f7:e5:44:07:74:97:fa:6a:5b:48:f5:f1:ca:29:f9:36:
08:e5:c5:3c:a0:3f:b0:dd:45:03:a7:42:17:16:ee:20:b1:86:
c2:96:e0:cf:6e:55:c7:82:5a:1b:c6:ba:28:90:31:21:ac:6f:
53:cb:c6:4d
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZQg1ajlW544N3G6TTEjkP6PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2OWM3ZWI4NjIyNGFkYjM4NDA4ODQ3ZGVlNGNmYzRjNDAw
M2FkNWQwHhcNMjUwMTAxMDc0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWQ5ZGZjY2Q0MTRlYTlkN2IxY2RjYmQ3ODBkNDdjMzlkZGQ3ODUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmli1CRQ6tJjyGvimS1ER8cydm29
bo53sHU2QwVEnOdB+eOzD1X6qzAoFaCj9F3X5QFHuFnmoDgLUAAGApo5ocH76D/f
4yZNdQ/+T3t90G6Rk85/KjXNEcMXgpPbM56Gcclv04YQ1qN+9hUczrQ288vMK6p7
GfB0i735Ynx8g0/2gfXCeIAOjlCjiKhv18Gcv1WlfFLO818PaQPYP/xgwQ6QIinz
ibT24ErjUi3Z1raX2i/0/Abi9SIv+nnYftrEw0FIie2N2neHmb1JWIm5LNTxIMY+
AuH3TaEmh9h1GyWKDdcuMkXO7+zk43OA2PkqPudis8h8cvGYDxZR3mVriwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGHZ38zUFOqdexzcvXgNR8Od3XhRMB8GA1UdIwQY
MBaAFPacfrhiJK2zhAiEfe5M/ExAA61dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXB4LXVHSWtyYk9FQ0lSOTdrejhURUFEclYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy84MzRlODItZjg2My00Y2E4LTgwNjEt
ZjYxNmQ5MzE4MDg3LzEvWWRuZnpOUVU2cDE3SE55OWVBMUh3NTNkZUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy84MzRlODItZjg2My00Y2E4LTgwNjEtZjYxNmQ5MzE4MDg3
LzEvOXB4LXVHSWtyYk9FQ0lSOTdrejhURUFEclYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQDJYKQAwQC
W8GYAwQCkAKkAwQCuRDQAwQCuZ2YAwQCuftoAwQAwVQTAwQAwVQeAwQAwVRGAwQA
wVRKAwQBwj6eAwQBwj6+MA0GCSqGSIb3DQEBCwUAA4IBAQDHp7oe/znut1gW3+3j
sm2L9vrZYUwIaOK3qAZGG3UOSfutfcI7aFwl2f8qLY5VAWv0ieAA0aasT5mdqQil
NwYtMnr/xVlZkhYrkfew0GaV3ng0lneKIZJxxiqd/M0tq3UHJCS4R1o7e4fWMVkn
F5ibyrixdJjzanBTv2/yAiFDvhbAU+u278gBpLvs3r3/3Ti7SiwYRkMvpDiuI8X3
o52Y5pSkQHTVXbJjpFLuAngQE0WPKtvduDnsJ2g07VU9u5GczHFsesWToPflRAd0
l/pqW0j18cop+TYI5cU8oD+w3UUDp0IXFu4gsYbCluDPblXHglobxrookDEhrG9T
y8ZN
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:47:19 2025 by rpki-client