Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/AH8YfsuwJx0af1H6sw2nAIpol7g.roa
File: AH8YfsuwJx0af1H6sw2nAIpol7g.roa (raw, json)
Hash identifier: QB8f2OrNQnT+GeqYmkp8zb67UdxInw+pNReppkRi83M=
Subject key identifier: 00:7F:18:7E:CB:B0:27:1D:1A:7F:51:FA:B3:0D:A7:00:8A:68:97:B8
Certificate issuer: /CN=b9b350a0ae32e73e660c416c3f1406edd3615f82
Certificate serial: 01942445514E5625E16FC7386387AEA312D3
Authority key identifier: B9:B3:50:A0:AE:32:E7:3E:66:0C:41:6C:3F:14:06:ED:D3:61:5F:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/AH8YfsuwJx0af1H6sw2nAIpol7g.roa
Signing time: Wed 01 Jan 2025 23:48:30 +0000
ROA not before: Wed 01 Jan 2025 23:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29657
IP address blocks: 89.107.250.0/24 maxlen: 24
89.107.251.0/24 maxlen: 24
89.107.252.0/24 maxlen: 24
89.107.254.0/24 maxlen: 24
109.232.206.0/24 maxlen: 24
109.232.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/ubNQoK4y5z5mDEFsPxQG7dNhX4I.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/ubNQoK4y5z5mDEFsPxQG7dNhX4I.mft
rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:51:4e:56:25:e1:6f:c7:38:63:87:ae:a3:12:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b350a0ae32e73e660c416c3f1406edd3615f82
Validity
Not Before: Jan 1 23:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=007f187ecbb0271d1a7f51fab30da7008a6897b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:da:9e:e3:33:e9:29:41:d3:be:72:77:2b:a8:
11:d0:cf:e3:37:c2:0e:d5:15:0c:14:93:c6:65:5e:
69:17:9d:dc:c5:99:c8:91:42:e3:75:d5:aa:88:fc:
78:cf:4f:9a:b0:ad:c6:98:32:42:48:f8:97:a7:c3:
2b:f1:55:a7:9c:7b:59:7c:65:5d:b4:8b:0b:74:b9:
06:83:29:76:85:b4:87:e3:4b:c1:82:1a:dc:83:48:
a3:80:98:87:be:40:ed:bd:e7:77:c6:ed:d2:a0:6c:
b9:dc:9f:19:7c:74:9b:f6:79:4d:2e:99:07:13:ef:
d4:ea:98:79:d3:1c:90:20:7a:35:ac:6d:95:17:45:
cc:39:66:7a:fb:15:35:85:9d:91:7a:6c:36:58:c9:
ed:66:84:d7:e5:de:d9:fe:11:9b:d5:26:8e:a1:5a:
f2:c9:5b:96:34:8d:ea:ff:bb:c6:53:fe:38:0e:16:
09:3a:b8:c8:eb:ca:5c:06:02:f8:b9:46:49:dd:f6:
78:1a:28:14:d7:d3:c8:11:34:10:81:2d:83:0c:8a:
0c:18:73:12:06:a8:84:ae:c0:4e:5f:a3:7e:5e:95:
df:93:33:11:7e:71:5a:9a:a7:ac:d1:c6:a1:7f:5a:
f5:c0:69:db:6f:70:d7:09:f7:6e:ad:84:25:60:28:
fe:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:7F:18:7E:CB:B0:27:1D:1A:7F:51:FA:B3:0D:A7:00:8A:68:97:B8
X509v3 Authority Key Identifier:
keyid:B9:B3:50:A0:AE:32:E7:3E:66:0C:41:6C:3F:14:06:ED:D3:61:5F:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/AH8YfsuwJx0af1H6sw2nAIpol7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/ubNQoK4y5z5mDEFsPxQG7dNhX4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.250.0-89.107.252.255
89.107.254.0/24
109.232.206.0/23
Signature Algorithm: sha256WithRSAEncryption
bf:c2:f9:53:34:32:a9:df:17:37:7d:b3:46:11:4d:35:ab:be:
7c:f0:5f:4e:b5:15:2f:b7:b9:86:02:40:75:90:83:a5:5f:28:
09:2a:40:43:13:d1:cf:cb:e4:8d:3f:05:59:1e:f5:df:34:85:
ed:12:03:f5:1e:b0:67:d9:dd:c3:2d:de:40:aa:7a:f3:69:be:
9b:36:b4:70:7f:66:8f:9f:a1:57:53:fe:c9:9e:60:6c:cd:58:
20:5e:be:27:05:d2:95:68:9a:77:d6:2e:47:fc:18:6f:51:fb:
c9:b2:00:bc:ed:07:dd:b1:01:a5:12:ab:6c:ea:10:d4:3c:ae:
19:5e:05:c4:f8:cd:18:b2:0a:cc:1c:ac:a6:58:11:b6:16:98:
2e:3b:67:d6:04:02:93:c9:40:df:d7:14:c9:75:85:06:3a:03:
3d:0d:b3:63:9d:e5:33:04:b9:23:5f:13:a7:04:f0:ab:a3:17:
b0:8f:6b:ca:48:3d:39:bc:0c:16:9e:52:90:18:9c:22:68:bb:
c2:50:81:b2:96:82:35:24:64:7d:c7:3a:18:68:0f:b4:fe:fd:
ad:94:39:3a:df:82:73:60:ca:df:8a:ed:a6:a8:67:54:94:ae:
b9:de:a5:c8:52:a7:5b:1d:d6:4f:2d:2d:ec:59:17:20:18:39:
84:c3:8a:32
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQkRVFOViXhb8c4Y4euoxLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YjM1MGEwYWUzMmU3M2U2NjBjNDE2YzNmMTQwNmVkZDM2
MTVmODIwHhcNMjUwMTAxMjM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDdmMTg3ZWNiYjAyNzFkMWE3ZjUxZmFiMzBkYTcwMDhhNjg5N2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdqe4zPpKUHTvnJ3K6gR0M/jN8IO
1RUMFJPGZV5pF53cxZnIkULjddWqiPx4z0+asK3GmDJCSPiXp8Mr8VWnnHtZfGVd
tIsLdLkGgyl2hbSH40vBghrcg0ijgJiHvkDtved3xu3SoGy53J8ZfHSb9nlNLpkH
E+/U6ph50xyQIHo1rG2VF0XMOWZ6+xU1hZ2Remw2WMntZoTX5d7Z/hGb1SaOoVry
yVuWNI3q/7vGU/44DhYJOrjI68pcBgL4uUZJ3fZ4GigU19PIETQQgS2DDIoMGHMS
BqiErsBOX6N+XpXfkzMRfnFamqes0cahf1r1wGnbb3DXCfdurYQlYCj+IwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAB/GH7LsCcdGn9R+rMNpwCKaJe4MB8GA1UdIwQY
MBaAFLmzUKCuMuc+ZgxBbD8UBu3TYV+CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJOUW9LNHk1ejVtREVGc1B4UUc3ZE5oWDRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82MjdlNjAtMDBhNi00ZDI2LWI5M2Et
ZWY3M2I3YjRjYTNjLzEvQUg4WWZzdXdKeDBhZjFINnN3Mm5BSXBvbDdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS82MjdlNjAtMDBhNi00ZDI2LWI5M2EtZWY3M2I3YjRjYTNj
LzEvdWJOUW9LNHk1ejVtREVGc1B4UUc3ZE5oWDRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAFZa/oD
BABZa/wDBABZa/4DBAFt6M4wDQYJKoZIhvcNAQELBQADggEBAL/C+VM0MqnfFzd9
s0YRTTWrvnzwX061FS+3uYYCQHWQg6VfKAkqQEMT0c/L5I0/BVke9d80he0SA/Ue
sGfZ3cMt3kCqevNpvps2tHB/Zo+foVdT/smeYGzNWCBevicF0pVomnfWLkf8GG9R
+8myALztB92xAaUSq2zqENQ8rhleBcT4zRiyCswcrKZYEbYWmC47Z9YEApPJQN/X
FMl1hQY6Az0Ns2Od5TMEuSNfE6cE8KujF7CPa8pIPTm8DBaeUpAYnCJou8JQgbKW
gjUkZH3HOhhoD7T+/a2UOTrfgnNgyt+K7aaoZ1SUrrnepchSp1sd1k8tLexZFyAY
OYTDijI=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:33:35 2025 by rpki-client