Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/osJ9_DR-TYLXPhwmG2ma04NJTWc.roa
File: osJ9_DR-TYLXPhwmG2ma04NJTWc.roa (raw, json)
Hash identifier: J9O9DuXjiOjoHZT0sNnMyGnclsGi579GC3bqlBQWEYI=
Subject key identifier: A2:C2:7D:FC:34:7E:4D:82:D7:3E:1C:26:1B:69:9A:D3:83:49:4D:67
Certificate issuer: /CN=066369e2705cb433db0658ab666d08b67b1551dc
Certificate serial: 01951453AD581D414F01EA436F5B4758F7DC
Authority key identifier: 06:63:69:E2:70:5C:B4:33:DB:06:58:AB:66:6D:08:B6:7B:15:51:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BmNp4nBctDPbBlirZm0ItnsVUdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/osJ9_DR-TYLXPhwmG2ma04NJTWc.roa
Signing time: Mon 17 Feb 2025 14:33:02 +0000
ROA not before: Mon 17 Feb 2025 14:33:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197308
IP address blocks: 5.179.112.0/21 maxlen: 21
31.216.32.0/21 maxlen: 21
81.91.0.0/20 maxlen: 20
176.57.88.0/22 maxlen: 22
185.21.144.0/22 maxlen: 22
185.27.240.0/22 maxlen: 22
193.108.0.0/21 maxlen: 21
193.108.0.0/24 maxlen: 24
193.108.1.0/24 maxlen: 24
193.108.2.0/23 maxlen: 23
193.108.4.0/24 maxlen: 24
193.108.5.0/24 maxlen: 24
193.108.6.0/24 maxlen: 24
213.180.64.0/19 maxlen: 19
2a00:5860::/32 maxlen: 32
2a03:2f80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/BmNp4nBctDPbBlirZm0ItnsVUdw.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/BmNp4nBctDPbBlirZm0ItnsVUdw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BmNp4nBctDPbBlirZm0ItnsVUdw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:14:53:ad:58:1d:41:4f:01:ea:43:6f:5b:47:58:f7:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=066369e2705cb433db0658ab666d08b67b1551dc
Validity
Not Before: Feb 17 14:33:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2c27dfc347e4d82d73e1c261b699ad383494d67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:00:0b:af:26:6b:a2:61:72:6f:f1:64:f2:84:
51:56:93:d8:c5:18:ac:34:dc:81:ed:5f:28:7e:61:
da:54:49:32:f1:21:a9:dc:a8:16:86:df:f6:e7:1e:
26:aa:f7:01:f4:03:23:50:ab:6b:58:09:30:48:ae:
90:a9:76:8f:bc:13:89:0d:fd:b4:64:9b:4e:c6:ff:
c0:f5:7d:a9:2b:46:8d:c8:0a:52:cd:1c:a9:ac:22:
8e:5c:f8:a1:32:48:55:29:09:50:67:c5:37:d8:84:
56:22:69:8b:db:f8:fa:72:f4:7c:5d:d5:77:22:ac:
9d:74:84:13:58:92:9f:93:d1:b2:9c:0d:ef:fd:a0:
ee:84:30:cf:0e:4d:f4:4c:1f:b9:a3:5d:6e:42:8e:
03:a6:af:1c:6e:a5:bb:09:ab:66:6e:f8:4d:5c:32:
9b:ff:32:d8:16:92:9e:5a:f5:fd:92:43:b3:82:c6:
68:07:e8:92:e9:d6:f5:6f:1b:c3:56:f5:7e:ab:f0:
81:67:a0:22:67:9b:ee:9e:bf:e4:53:cb:89:2b:aa:
3e:64:92:80:05:31:d6:c5:55:0a:99:25:74:2d:f4:
3e:7a:66:ae:3f:02:34:5d:09:ca:1d:8a:f0:d9:03:
f3:a8:82:73:69:2a:c1:6f:2d:4e:ed:1b:df:0e:03:
b3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:C2:7D:FC:34:7E:4D:82:D7:3E:1C:26:1B:69:9A:D3:83:49:4D:67
X509v3 Authority Key Identifier:
keyid:06:63:69:E2:70:5C:B4:33:DB:06:58:AB:66:6D:08:B6:7B:15:51:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BmNp4nBctDPbBlirZm0ItnsVUdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/osJ9_DR-TYLXPhwmG2ma04NJTWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/BmNp4nBctDPbBlirZm0ItnsVUdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.179.112.0/21
31.216.32.0/21
81.91.0.0/20
176.57.88.0/22
185.21.144.0/22
185.27.240.0/22
193.108.0.0/21
213.180.64.0/19
IPv6:
2a00:5860::/32
2a03:2f80::/32
Signature Algorithm: sha256WithRSAEncryption
9e:06:11:e6:55:20:54:ac:38:34:c2:41:43:af:96:83:60:9e:
77:0f:2d:cd:77:e2:5d:28:dc:a5:97:7c:fd:45:cb:aa:29:e0:
7d:72:d7:f3:46:e5:6f:03:d5:cd:53:ad:4c:72:b5:f4:8a:e6:
0c:7d:e7:03:c2:e9:de:e9:2a:4a:38:a5:c7:9a:56:0e:05:77:
fa:07:68:31:50:02:21:91:6b:4c:f2:6d:f9:7d:16:9f:41:00:
48:e7:dc:80:64:4a:dc:b7:fd:16:7f:05:c2:e9:10:99:b6:51:
a5:7b:88:b2:79:d4:86:2c:f0:45:ce:a7:80:10:a4:35:97:5d:
7c:e2:c6:8b:50:c7:f2:e2:52:31:ee:1f:23:5c:fb:4c:fa:bb:
6b:52:07:6b:7c:1a:90:79:3b:c3:39:db:4d:eb:62:34:d7:89:
87:aa:29:b4:1c:78:54:a3:77:b5:ec:fd:3d:13:1a:3b:52:72:
f9:b2:41:0c:0d:ab:d9:ca:82:32:db:0d:7b:2f:4e:f0:1d:0b:
4d:41:0b:18:0d:7e:5d:4e:22:ff:18:42:1e:30:f1:b9:78:db:
0b:20:6c:23:d7:b5:91:a6:66:e0:a5:4e:7a:71:1e:42:ca:cb:
5f:9a:bb:72:cf:19:40:cf:47:ab:3f:c3:a9:07:95:2d:ea:2f:
91:a0:ec:7d
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZUUU61YHUFPAepDb1tHWPfcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NjM2OWUyNzA1Y2I0MzNkYjA2NThhYjY2NmQwOGI2N2Ix
NTUxZGMwHhcNMjUwMjE3MTQzMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmMyN2RmYzM0N2U0ZDgyZDczZTFjMjYxYjY5OWFkMzgzNDk0ZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywALryZromFyb/Fk8oRRVpPYxRis
NNyB7V8ofmHaVEky8SGp3KgWht/25x4mqvcB9AMjUKtrWAkwSK6QqXaPvBOJDf20
ZJtOxv/A9X2pK0aNyApSzRyprCKOXPihMkhVKQlQZ8U32IRWImmL2/j6cvR8XdV3
IqyddIQTWJKfk9GynA3v/aDuhDDPDk30TB+5o11uQo4Dpq8cbqW7CatmbvhNXDKb
/zLYFpKeWvX9kkOzgsZoB+iS6db1bxvDVvV+q/CBZ6AiZ5vunr/kU8uJK6o+ZJKA
BTHWxVUKmSV0LfQ+emauPwI0XQnKHYrw2QPzqIJzaSrBby1O7RvfDgOzewIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFKLCffw0fk2C1z4cJhtpmtODSU1nMB8GA1UdIwQY
MBaAFAZjaeJwXLQz2wZYq2ZtCLZ7FVHcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm1OcDRuQmN0RFBiQmxpclptMEl0bnNWVWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC82NGU0OWEtNWZlMS00NWMyLTgzMTAt
MzRhOWU5OGE1Zjg2LzEvb3NKOV9EUi1UWUxYUGh3bUcybWEwNE5KVFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC82NGU0OWEtNWZlMS00NWMyLTgzMTAtMzRhOWU5OGE1Zjg2
LzEvQm1OcDRuQmN0RFBiQmxpclptMEl0bnNWVWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQDBbNwAwQD
H9ggAwQEUVsAAwQCsDlYAwQCuRWQAwQCuRvwAwQDwWwAAwQF1bRAMBQEAgACMA4D
BQAqAFhgAwUAKgMvgDANBgkqhkiG9w0BAQsFAAOCAQEAngYR5lUgVKw4NMJBQ6+W
g2Cedw8tzXfiXSjcpZd8/UXLqingfXLX80blbwPVzVOtTHK19IrmDH3nA8Lp3ukq
Sjilx5pWDgV3+gdoMVACIZFrTPJt+X0Wn0EASOfcgGRK3Lf9Fn8FwukQmbZRpXuI
snnUhizwRc6ngBCkNZddfOLGi1DH8uJSMe4fI1z7TPq7a1IHa3wakHk7wznbTeti
NNeJh6optBx4VKN3tez9PRMaO1Jy+bJBDA2r2cqCMtsNey9O8B0LTUELGA1+XU4i
/xhCHjDxuXjbCyBsI9e1kaZm4KVOenEeQsrLX5q7cs8ZQM9Hqz/DqQeVLeovkaDs
fQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 01:14:10 2025 by rpki-client