Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/4c9206-95cb-4324-ab88-1e6577ca172d/1/cD_mZgVZwLPlXPcv17kJI-LgBr4.roa
File: cD_mZgVZwLPlXPcv17kJI-LgBr4.roa (raw, json)
Hash identifier: KNwGHjS6BluwkxT0qyW7BxgZYc1pPDj7oHyq37oQR90=
Subject key identifier: 70:3F:E6:66:05:59:C0:B3:E5:5C:F7:2F:D7:B9:09:23:E2:E0:06:BE
Certificate issuer: /CN=e1df5852af905b415fdf53e32876f57a74d6c1f0
Certificate serial: 019422FB125082281E3F46AF713F063A12EF
Authority key identifier: E1:DF:58:52:AF:90:5B:41:5F:DF:53:E3:28:76:F5:7A:74:D6:C1:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4d9YUq-QW0Ff31PjKHb1enTWwfA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/4c9206-95cb-4324-ab88-1e6577ca172d/1/cD_mZgVZwLPlXPcv17kJI-LgBr4.roa
Signing time: Wed 01 Jan 2025 17:47:47 +0000
ROA not before: Wed 01 Jan 2025 17:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8220
IP address blocks: 90.152.0.0/18 maxlen: 18
90.152.64.0/18 maxlen: 18
90.152.64.0/19 maxlen: 19
90.152.96.0/19 maxlen: 19
95.175.192.0/20 maxlen: 20
95.175.208.0/20 maxlen: 20
212.36.32.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/4c9206-95cb-4324-ab88-1e6577ca172d/1/4d9YUq-QW0Ff31PjKHb1enTWwfA.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/4c9206-95cb-4324-ab88-1e6577ca172d/1/4d9YUq-QW0Ff31PjKHb1enTWwfA.mft
rsync://rpki.ripe.net/repository/DEFAULT/4d9YUq-QW0Ff31PjKHb1enTWwfA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 23:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:12:50:82:28:1e:3f:46:af:71:3f:06:3a:12:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1df5852af905b415fdf53e32876f57a74d6c1f0
Validity
Not Before: Jan 1 17:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=703fe6660559c0b3e55cf72fd7b90923e2e006be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0e:45:54:af:ad:3d:92:5b:7e:b1:4e:6b:4f:
7e:2a:df:be:92:b4:aa:c2:45:29:c5:e5:26:fa:67:
42:05:30:54:24:de:19:2d:37:40:d8:34:a4:00:65:
71:02:d4:ca:50:65:6b:fc:15:9c:41:68:f9:6e:52:
3d:80:7e:dd:f1:fa:fd:6f:09:17:27:70:41:66:b6:
b6:ed:b8:71:8d:0f:2f:28:35:bd:df:eb:c7:a6:2f:
e8:75:ca:fa:63:85:e2:50:3a:36:d3:b0:a7:d4:2f:
6b:d9:22:8d:e5:63:34:e2:23:c2:e6:cd:87:4a:58:
5a:28:ec:f4:ec:11:ef:e7:b4:72:02:3b:2e:df:78:
59:ab:b1:ba:ee:58:76:b6:ac:d1:7e:75:67:95:ef:
6b:d2:6b:1d:0d:91:3c:63:5c:25:62:bd:54:ff:eb:
7c:57:70:df:1b:35:12:72:c1:c9:42:6f:f2:6f:2a:
9a:de:6e:8d:22:a1:15:79:47:ab:09:79:e3:3e:61:
2c:59:5c:0e:df:27:bd:9d:f9:df:7b:07:02:6c:88:
33:91:77:ca:0b:84:c4:f1:93:87:1e:ce:f1:94:20:
27:ac:26:ad:24:30:8a:f3:89:d0:71:5e:58:29:e1:
40:a8:9f:dc:58:82:53:63:2d:8e:ce:db:64:d1:f7:
98:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:3F:E6:66:05:59:C0:B3:E5:5C:F7:2F:D7:B9:09:23:E2:E0:06:BE
X509v3 Authority Key Identifier:
keyid:E1:DF:58:52:AF:90:5B:41:5F:DF:53:E3:28:76:F5:7A:74:D6:C1:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d9YUq-QW0Ff31PjKHb1enTWwfA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/4c9206-95cb-4324-ab88-1e6577ca172d/1/cD_mZgVZwLPlXPcv17kJI-LgBr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/4c9206-95cb-4324-ab88-1e6577ca172d/1/4d9YUq-QW0Ff31PjKHb1enTWwfA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.152.0.0/17
95.175.192.0/19
212.36.32.0/19
Signature Algorithm: sha256WithRSAEncryption
8e:0a:88:83:ac:5e:9d:75:6d:47:e5:d0:7a:6f:d8:75:10:c4:
63:e9:b0:06:96:93:a3:4d:9e:4a:b4:a1:a2:bb:55:30:44:bf:
ba:0e:8f:68:64:1a:ed:70:99:a3:40:95:a8:d6:1f:38:1b:f6:
24:3d:60:a6:73:ac:e7:76:a8:20:24:8d:8a:1b:a2:b6:90:eb:
52:9b:a7:c0:05:c8:6f:1f:be:88:79:40:3f:67:a8:1a:bf:f8:
c5:1f:d3:7a:ac:2f:c7:14:b7:d6:c7:1f:86:30:7c:a0:98:66:
e7:fb:a9:2a:ab:30:34:65:5f:31:39:ba:0e:b7:26:b0:c8:67:
fc:79:51:6b:bd:6f:00:e3:97:5e:66:59:99:c1:35:77:34:48:
18:ff:35:15:c0:28:8b:83:d0:f7:45:fe:a7:2f:44:52:5b:c2:
0e:6f:ad:0a:5b:3f:47:38:9c:50:e4:ab:71:1a:d6:eb:ca:72:
ea:c6:5a:ec:d1:1e:e3:6b:20:ea:35:1b:a2:f2:20:ae:d4:20:
3c:de:b6:91:af:61:6e:47:9c:77:0f:fd:4b:95:cd:e2:e2:5b:
25:47:6f:bf:0b:2e:4f:8f:dc:0b:ce:03:0f:5c:1b:e4:b6:75:
d8:4e:5e:24:82:21:94:a0:f1:0a:71:38:7f:9e:84:b9:a1:fc:
99:4a:01:65
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQi+xJQgigeP0avcT8GOhLvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZGY1ODUyYWY5MDViNDE1ZmRmNTNlMzI4NzZmNTdhNzRk
NmMxZjAwHhcNMjUwMTAxMTc0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDNmZTY2NjA1NTljMGIzZTU1Y2Y3MmZkN2I5MDkyM2UyZTAwNmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQ5FVK+tPZJbfrFOa09+Kt++krSq
wkUpxeUm+mdCBTBUJN4ZLTdA2DSkAGVxAtTKUGVr/BWcQWj5blI9gH7d8fr9bwkX
J3BBZra27bhxjQ8vKDW93+vHpi/odcr6Y4XiUDo207Cn1C9r2SKN5WM04iPC5s2H
SlhaKOz07BHv57RyAjsu33hZq7G67lh2tqzRfnVnle9r0msdDZE8Y1wlYr1U/+t8
V3DfGzUScsHJQm/ybyqa3m6NIqEVeUerCXnjPmEsWVwO3ye9nfnfewcCbIgzkXfK
C4TE8ZOHHs7xlCAnrCatJDCK84nQcV5YKeFAqJ/cWIJTYy2Ozttk0feYywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHA/5mYFWcCz5Vz3L9e5CSPi4Aa+MB8GA1UdIwQY
MBaAFOHfWFKvkFtBX99T4yh29Xp01sHwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGQ5WVVxLVFXMEZmMzFQaktIYjFlblRXd2ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80YzkyMDYtOTVjYi00MzI0LWFiODgt
MWU2NTc3Y2ExNzJkLzEvY0RfbVpnVlp3TFBsWFBjdjE3a0pJLUxnQnI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80YzkyMDYtOTVjYi00MzI0LWFiODgtMWU2NTc3Y2ExNzJk
LzEvNGQ5WVVxLVFXMEZmMzFQaktIYjFlblRXd2ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQHWpgAAwQF
X6/AAwQF1CQgMA0GCSqGSIb3DQEBCwUAA4IBAQCOCoiDrF6ddW1H5dB6b9h1EMRj
6bAGlpOjTZ5KtKGiu1UwRL+6Do9oZBrtcJmjQJWo1h84G/YkPWCmc6zndqggJI2K
G6K2kOtSm6fABchvH76IeUA/Z6gav/jFH9N6rC/HFLfWxx+GMHygmGbn+6kqqzA0
ZV8xOboOtyawyGf8eVFrvW8A45deZlmZwTV3NEgY/zUVwCiLg9D3Rf6nL0RSW8IO
b60KWz9HOJxQ5KtxGtbrynLqxlrs0R7jayDqNRui8iCu1CA83raRr2FuR5x3D/1L
lc3i4lslR2+/Cy5Pj9wLzgMPXBvktnXYTl4kgiGUoPEKcTh/noS5ofyZSgFl
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:52:01 2025 by rpki-client