Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9FSJWBDoQ9gnlfS4PQ--Ko8FitQ.roa
File: 9FSJWBDoQ9gnlfS4PQ--Ko8FitQ.roa (raw, json)
Hash identifier: q3Ljx1JawlznE4ald69gEFrjndqt7kMs1Mi72tj4yAM=
Subject key identifier: F4:54:89:58:10:E8:43:D8:27:95:F4:B8:3D:0F:BE:2A:8F:05:8A:D4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01952401595C3809807FC514B3BFE1D53217
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9FSJWBDoQ9gnlfS4PQ--Ko8FitQ.roa
Signing time: Thu 20 Feb 2025 15:37:02 +0000
ROA not before: Thu 20 Feb 2025 15:37:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31490
IP address blocks: 85.217.188.0/24 maxlen: 24
87.121.121.0/24 maxlen: 32
93.123.23.0/24 maxlen: 24
94.156.178.0/24 maxlen: 24
185.219.124.0/24 maxlen: 24
2a00:1728:20::/48 maxlen: 48
2a00:1728:20:100::/56 maxlen: 56
2a00:1728:33::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 00:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:24:01:59:5c:38:09:80:7f:c5:14:b3:bf:e1:d5:32:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 20 15:37:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f454895810e843d82795f4b83d0fbe2a8f058ad4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e2:67:f3:73:a7:97:19:5a:a4:f9:a9:cc:08:
e3:cf:b6:81:b8:1d:cc:83:a3:0c:f5:ad:d8:57:16:
62:9a:eb:96:2d:37:2e:18:32:36:b1:5d:7b:0e:b8:
65:4d:91:d3:2e:20:3a:0b:7e:bf:29:73:a7:71:94:
b8:50:89:88:83:5d:17:6a:9f:23:39:37:da:77:c0:
84:19:6c:db:66:b4:da:c7:d6:d6:31:8a:f1:41:4e:
14:64:e5:83:8d:ed:00:5d:16:19:db:a2:e9:73:5d:
95:bb:37:49:8c:20:80:84:83:c1:48:bb:d7:d8:c3:
e9:dd:49:17:28:a0:f8:a0:6f:1e:55:fe:47:4f:bc:
55:c4:e4:f7:71:4d:cc:29:19:ca:37:95:ea:96:f9:
65:ff:b9:11:8e:85:28:a9:5c:f4:6d:b6:c4:b9:16:
a7:9d:f2:b2:55:c9:3e:04:05:ca:81:60:af:25:aa:
89:44:00:c1:70:7c:fc:14:7f:d7:c9:77:5f:1b:40:
82:77:af:63:79:68:2a:21:b2:eb:5f:85:82:41:4c:
1a:63:78:44:a9:d5:0d:66:09:44:42:8f:e4:64:7b:
ca:c4:40:3b:1c:be:ff:2e:e6:b6:e7:7c:4a:c5:c3:
91:aa:7f:44:4c:e4:07:77:62:55:91:88:39:89:e3:
af:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:54:89:58:10:E8:43:D8:27:95:F4:B8:3D:0F:BE:2A:8F:05:8A:D4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9FSJWBDoQ9gnlfS4PQ--Ko8FitQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.188.0/24
87.121.121.0/24
93.123.23.0/24
94.156.178.0/24
185.219.124.0/24
IPv6:
2a00:1728:20::/48
2a00:1728:33::/48
Signature Algorithm: sha256WithRSAEncryption
a6:30:49:07:36:a5:7b:95:fe:29:23:25:0c:24:26:b3:4c:61:
a5:2f:9d:95:06:9a:3f:5c:1a:1f:12:da:8e:7a:c4:c9:28:84:
b0:52:6a:d8:9e:fb:c9:f7:08:b0:20:1e:b3:ed:9e:7f:ba:1c:
19:6d:7f:b8:66:d8:5b:e7:a8:66:4b:5b:18:66:7c:ff:3b:78:
ee:27:05:29:0c:ac:01:60:64:c8:c4:a0:bd:fd:18:ed:2b:e9:
01:70:e5:bf:d7:34:46:19:a2:c8:c7:f8:12:dd:0e:06:14:45:
b6:29:5c:f5:1a:b6:4b:21:87:6a:54:d7:78:a1:fb:7f:dc:ee:
79:17:04:b6:33:11:77:c2:56:5d:92:21:64:23:9b:f2:bd:2c:
66:0e:e8:08:6c:91:8d:04:99:cb:e6:5e:39:bc:52:2c:29:eb:
a8:a6:d4:49:57:d0:90:d8:dc:0c:2e:d3:ac:e0:77:b1:e0:43:
70:ec:17:2b:fe:ec:0d:9c:8f:36:7a:ab:54:e0:ad:76:82:e8:
bf:9c:65:dd:30:7a:ee:b5:89:01:95:31:a9:28:52:25:67:96:
12:dd:08:5e:9b:f8:2a:59:ea:23:60:16:c0:2f:e3:73:3b:63:
04:98:f2:98:11:1e:be:e8:f1:c6:a3:ba:76:df:d8:20:93:74:
de:f6:e2:bf
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZUkAVlcOAmAf8UUs7/h1TIXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMjIwMTUzNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDU0ODk1ODEwZTg0M2Q4Mjc5NWY0YjgzZDBmYmUyYThmMDU4YWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOJn83OnlxlapPmpzAjjz7aBuB3M
g6MM9a3YVxZimuuWLTcuGDI2sV17DrhlTZHTLiA6C36/KXOncZS4UImIg10Xap8j
OTfad8CEGWzbZrTax9bWMYrxQU4UZOWDje0AXRYZ26Lpc12VuzdJjCCAhIPBSLvX
2MPp3UkXKKD4oG8eVf5HT7xVxOT3cU3MKRnKN5Xqlvll/7kRjoUoqVz0bbbEuRan
nfKyVck+BAXKgWCvJaqJRADBcHz8FH/XyXdfG0CCd69jeWgqIbLrX4WCQUwaY3hE
qdUNZglEQo/kZHvKxEA7HL7/Lua253xKxcORqn9ETOQHd2JVkYg5ieOv7wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFPRUiVgQ6EPYJ5X0uD0PviqPBYrUMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvOUZTSldCRG9ROWdubGZTNFBRLS1LbzhGaXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAkBAIAATAeAwQAVdm8AwQA
V3l5AwQAXXsXAwQAXpyyAwQAudt8MBgEAgACMBIDBwAqABcoACADBwAqABcoADMw
DQYJKoZIhvcNAQELBQADggEBAKYwSQc2pXuV/ikjJQwkJrNMYaUvnZUGmj9cGh8S
2o56xMkohLBSatie+8n3CLAgHrPtnn+6HBltf7hm2FvnqGZLWxhmfP87eO4nBSkM
rAFgZMjEoL39GO0r6QFw5b/XNEYZosjH+BLdDgYURbYpXPUatkshh2pU13ih+3/c
7nkXBLYzEXfCVl2SIWQjm/K9LGYO6AhskY0EmcvmXjm8Uiwp66im1ElX0JDY3Awu
06zgd7HgQ3DsFyv+7A2cjzZ6q1TgrXaC6L+cZd0weu61iQGVMakoUiVnlhLdCF6b
+CpZ6iNgFsAv43M7YwSY8pgRHr7o8cajunbf2CCTdN724r8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:01:19 2025 by rpki-client