Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/8c0aa8-ad94-47a5-8eee-ef1591afaa86/1/YYdbZAN7pN6TVTepPYBGugFjphQ.roa
File: YYdbZAN7pN6TVTepPYBGugFjphQ.roa (raw, json)
Hash identifier: NsxHuGOHh0xg9XbBNwi/wuinAUzVezbbbYAR6J2U768=
Subject key identifier: 61:87:5B:64:03:7B:A4:DE:93:55:37:A9:3D:80:46:BA:01:63:A6:14
Certificate issuer: /CN=179eb87bdc32793dbfed184a6ffbc14ed15d32a4
Certificate serial: 019425FBFC6B7781079D4B0B2EA31200716D
Authority key identifier: 17:9E:B8:7B:DC:32:79:3D:BF:ED:18:4A:6F:FB:C1:4E:D1:5D:32:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F564e9wyeT2_7RhKb_vBTtFdMqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/8c0aa8-ad94-47a5-8eee-ef1591afaa86/1/YYdbZAN7pN6TVTepPYBGugFjphQ.roa
Signing time: Thu 02 Jan 2025 07:47:38 +0000
ROA not before: Thu 02 Jan 2025 07:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60273
IP address blocks: 81.25.32.0/21 maxlen: 21
81.25.40.0/21 maxlen: 21
91.187.0.0/20 maxlen: 20
91.187.16.0/20 maxlen: 20
109.232.112.0/22 maxlen: 22
109.232.116.0/22 maxlen: 22
185.10.80.0/24 maxlen: 24
185.10.81.0/24 maxlen: 24
185.10.82.0/24 maxlen: 24
185.10.83.0/24 maxlen: 24
185.50.0.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/8c0aa8-ad94-47a5-8eee-ef1591afaa86/1/F564e9wyeT2_7RhKb_vBTtFdMqQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/8c0aa8-ad94-47a5-8eee-ef1591afaa86/1/F564e9wyeT2_7RhKb_vBTtFdMqQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/F564e9wyeT2_7RhKb_vBTtFdMqQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 12:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fb:fc:6b:77:81:07:9d:4b:0b:2e:a3:12:00:71:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=179eb87bdc32793dbfed184a6ffbc14ed15d32a4
Validity
Not Before: Jan 2 07:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61875b64037ba4de935537a93d8046ba0163a614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:45:9c:ea:79:57:17:ef:3e:b4:8f:4a:16:0d:
72:7a:6d:6d:c1:f4:cc:c5:f4:c8:90:3d:e3:b9:1a:
32:11:ac:d4:6d:72:59:c5:85:68:5a:8d:93:88:d0:
35:fb:8b:da:12:0b:35:9e:5d:be:36:02:69:de:16:
bc:c9:f4:bd:c0:7b:7e:06:e1:10:63:4e:0c:00:c3:
17:a6:dd:17:da:a5:ba:70:32:95:f9:96:d7:8f:2e:
1c:26:22:91:7a:5e:58:65:22:06:12:cd:01:47:4a:
50:f0:24:04:21:27:1b:66:07:d0:fa:e9:7f:20:c8:
67:4d:ce:66:f2:4a:76:ad:8a:77:5e:d6:52:86:07:
4c:e0:36:6e:25:d9:d0:bc:15:c9:37:a2:61:40:89:
7f:4e:3c:54:33:f1:86:d5:31:57:8f:e7:02:b0:58:
ae:c5:e6:e4:43:b1:4d:9a:a9:85:dd:cd:ee:60:26:
4c:e9:9e:78:da:be:9d:37:15:8d:7e:eb:e4:a5:41:
c3:d0:2e:67:c2:8a:ac:ad:16:e6:c7:20:32:05:50:
7b:ec:37:5a:53:45:49:cc:13:b6:33:ae:e5:8f:7c:
d5:2a:ac:73:fa:04:2c:d4:9e:26:89:50:b0:6c:39:
a5:d9:75:38:f2:18:55:84:62:4c:d5:af:eb:5c:74:
75:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:87:5B:64:03:7B:A4:DE:93:55:37:A9:3D:80:46:BA:01:63:A6:14
X509v3 Authority Key Identifier:
keyid:17:9E:B8:7B:DC:32:79:3D:BF:ED:18:4A:6F:FB:C1:4E:D1:5D:32:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F564e9wyeT2_7RhKb_vBTtFdMqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/8c0aa8-ad94-47a5-8eee-ef1591afaa86/1/YYdbZAN7pN6TVTepPYBGugFjphQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/8c0aa8-ad94-47a5-8eee-ef1591afaa86/1/F564e9wyeT2_7RhKb_vBTtFdMqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.25.32.0/20
91.187.0.0/19
109.232.112.0/21
185.10.80.0/22
185.50.0.0/22
Signature Algorithm: sha256WithRSAEncryption
36:ce:5d:c1:df:ca:a6:9e:f2:56:fa:a9:5a:a7:2c:dc:1f:a6:
18:be:79:2d:82:8d:f8:d2:e5:f4:a4:4f:08:88:dd:91:78:68:
8a:fd:7c:07:5c:70:9f:1f:ae:e8:16:52:ef:75:91:7a:0c:44:
59:e5:94:52:fa:22:f8:c1:bb:f1:74:ba:e6:69:a8:4f:79:3d:
f3:8f:a3:d9:63:df:94:46:f7:73:df:f8:38:2d:a3:69:36:16:
bd:f5:c1:44:3f:94:45:80:bf:1e:9b:ba:3e:30:63:ce:c8:c3:
54:7a:df:e1:88:d3:35:12:da:af:72:48:56:01:82:5a:53:12:
0c:14:8b:92:20:39:72:43:b8:d1:4d:ed:ca:f9:a0:a8:cd:35:
23:1f:89:b3:de:3e:97:66:9e:b2:c6:d6:49:88:0b:dc:e7:7f:
7e:93:40:ed:47:b1:04:ff:03:c3:eb:31:59:95:83:2a:56:e5:
e1:a1:58:8f:4f:f5:02:ba:52:f0:1b:55:64:dd:84:ec:ee:8b:
4c:57:c8:f7:5f:da:4a:a5:e4:92:f8:58:99:2f:a6:66:0d:7d:
c0:13:c7:e9:ec:e6:02:02:91:79:38:89:fb:b0:ca:08:dc:17:
59:57:d2:8a:88:2e:dd:0d:9d:44:d2:f9:02:03:9f:2e:a8:53:
a1:fa:b3:b0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQl+/xrd4EHnUsLLqMSAHFtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OWViODdiZGMzMjc5M2RiZmVkMTg0YTZmZmJjMTRlZDE1
ZDMyYTQwHhcNMjUwMTAyMDc0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTg3NWI2NDAzN2JhNGRlOTM1NTM3YTkzZDgwNDZiYTAxNjNhNjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA80Wc6nlXF+8+tI9KFg1yem1twfTM
xfTIkD3juRoyEazUbXJZxYVoWo2TiNA1+4vaEgs1nl2+NgJp3ha8yfS9wHt+BuEQ
Y04MAMMXpt0X2qW6cDKV+ZbXjy4cJiKRel5YZSIGEs0BR0pQ8CQEIScbZgfQ+ul/
IMhnTc5m8kp2rYp3XtZShgdM4DZuJdnQvBXJN6JhQIl/TjxUM/GG1TFXj+cCsFiu
xebkQ7FNmqmF3c3uYCZM6Z542r6dNxWNfuvkpUHD0C5nwoqsrRbmxyAyBVB77Dda
U0VJzBO2M67lj3zVKqxz+gQs1J4miVCwbDml2XU48hhVhGJM1a/rXHR1OwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGGHW2QDe6Tek1U3qT2ARroBY6YUMB8GA1UdIwQY
MBaAFBeeuHvcMnk9v+0YSm/7wU7RXTKkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjU2NGU5d3llVDJfN1JoS2JfdkJUdEZkTXFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84YzBhYTgtYWQ5NC00N2E1LThlZWUt
ZWYxNTkxYWZhYTg2LzEvWVlkYlpBTjdwTjZUVlRlcFBZQkd1Z0ZqcGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84YzBhYTgtYWQ5NC00N2E1LThlZWUtZWYxNTkxYWZhYTg2
LzEvRjU2NGU5d3llVDJfN1JoS2JfdkJUdEZkTXFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEURkgAwQF
W7sAAwQDbehwAwQCuQpQAwQCuTIAMA0GCSqGSIb3DQEBCwUAA4IBAQA2zl3B38qm
nvJW+qlapyzcH6YYvnktgo340uX0pE8IiN2ReGiK/XwHXHCfH67oFlLvdZF6DERZ
5ZRS+iL4wbvxdLrmaahPeT3zj6PZY9+URvdz3/g4LaNpNha99cFEP5RFgL8em7o+
MGPOyMNUet/hiNM1EtqvckhWAYJaUxIMFIuSIDlyQ7jRTe3K+aCozTUjH4mz3j6X
Zp6yxtZJiAvc539+k0DtR7EE/wPD6zFZlYMqVuXhoViPT/UCulLwG1Vk3YTs7otM
V8j3X9pKpeSS+FiZL6ZmDX3AE8fp7OYCApF5OIn7sMoI3BdZV9KKiC7dDZ1E0vkC
A58uqFOh+rOw
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:58:50 2025 by rpki-client