Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/601360-adb9-4cb5-86d9-2bb2377e5a1c/1/1-RRFLFYvpdDCB0gIWM3HeWx7I8g.roa
File: 1-RRFLFYvpdDCB0gIWM3HeWx7I8g.roa (raw, json)
Hash identifier: pD8ORJEMQZjbq/pqQVUKzZDauGOud+2TyXVh5uPBOWk=
Subject key identifier: F9:14:45:2C:56:2F:A5:D0:C2:07:48:08:58:CD:C7:79:6C:7B:23:C8
Certificate issuer: /CN=68dafd6360636a6327747a07080f7f2e5e32ce85
Certificate serial: 01941F8C80F7ECAE9485CBDF24A67FF59768
Authority key identifier: 68:DA:FD:63:60:63:6A:63:27:74:7A:07:08:0F:7F:2E:5E:32:CE:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNr9Y2BjamMndHoHCA9_Ll4yzoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/601360-adb9-4cb5-86d9-2bb2377e5a1c/1/1-RRFLFYvpdDCB0gIWM3HeWx7I8g.roa
Signing time: Wed 01 Jan 2025 01:48:09 +0000
ROA not before: Wed 01 Jan 2025 01:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204626
IP address blocks: 91.218.152.0/23 maxlen: 23
91.218.152.0/24 maxlen: 24
91.218.153.0/24 maxlen: 24
2001:678:5f4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/601360-adb9-4cb5-86d9-2bb2377e5a1c/1/aNr9Y2BjamMndHoHCA9_Ll4yzoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/601360-adb9-4cb5-86d9-2bb2377e5a1c/1/aNr9Y2BjamMndHoHCA9_Ll4yzoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNr9Y2BjamMndHoHCA9_Ll4yzoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:80:f7:ec:ae:94:85:cb:df:24:a6:7f:f5:97:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68dafd6360636a6327747a07080f7f2e5e32ce85
Validity
Not Before: Jan 1 01:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f914452c562fa5d0c207480858cdc7796c7b23c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:44:cb:de:1f:83:71:b0:7f:77:8e:2d:b5:8b:
ca:85:72:7f:ef:64:9f:5a:04:f5:cd:07:14:75:42:
04:56:74:0e:10:e0:e0:73:1c:91:8a:c2:18:2b:af:
cf:ef:ca:29:17:8f:1f:01:0e:9e:2d:e1:21:db:ce:
e6:fe:f2:5e:52:c6:99:c0:2b:c0:6e:ef:8c:28:c8:
d9:52:59:7d:3d:25:cc:9e:f0:d5:7d:b7:28:6e:59:
ae:51:5f:e4:c8:d2:a9:aa:23:5c:ec:da:ad:82:2f:
fa:5b:bd:e3:0a:11:61:f2:e6:41:b6:8a:62:4f:3f:
08:b6:6f:d9:fd:f6:2a:11:c0:fe:4b:c9:89:6e:70:
a6:0d:7f:d8:1a:be:bf:05:60:4b:94:37:f5:cd:48:
08:ae:f2:0f:ae:66:29:fd:bb:79:13:a9:58:20:9b:
9c:27:34:66:f0:30:60:c6:ef:9d:89:56:8f:38:df:
a4:4e:ec:73:10:ff:6a:2a:c3:c8:5a:99:5f:bf:73:
7c:bb:47:02:de:98:b0:6a:47:8a:9b:f2:af:82:eb:
30:69:fb:ee:40:87:f3:38:70:4c:eb:49:a3:57:47:
21:04:71:4d:a0:0c:20:fa:27:81:a8:68:31:28:de:
22:ff:06:79:82:77:94:4a:a0:ce:5c:83:3e:dd:ec:
01:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:14:45:2C:56:2F:A5:D0:C2:07:48:08:58:CD:C7:79:6C:7B:23:C8
X509v3 Authority Key Identifier:
keyid:68:DA:FD:63:60:63:6A:63:27:74:7A:07:08:0F:7F:2E:5E:32:CE:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNr9Y2BjamMndHoHCA9_Ll4yzoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/601360-adb9-4cb5-86d9-2bb2377e5a1c/1/1-RRFLFYvpdDCB0gIWM3HeWx7I8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/601360-adb9-4cb5-86d9-2bb2377e5a1c/1/aNr9Y2BjamMndHoHCA9_Ll4yzoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.152.0/23
IPv6:
2001:678:5f4::/48
Signature Algorithm: sha256WithRSAEncryption
73:bd:0a:f5:c3:96:19:b7:96:24:9f:03:a6:73:7f:39:8d:8b:
dd:e5:2e:4c:9c:a8:29:43:fc:1d:d8:8b:a5:2c:bd:ec:70:1c:
4c:77:7d:7a:db:70:bf:15:6f:f1:13:50:ff:87:1e:1b:df:14:
ca:2c:5b:8f:e0:0b:c0:fd:a1:b2:55:f5:5b:61:ff:b9:6d:01:
15:92:c4:64:5f:5a:ec:70:be:68:af:f5:11:5d:dc:e7:57:5b:
f4:58:12:ed:6f:27:3f:1c:13:de:b3:9f:cf:35:cd:01:6e:39:
cd:04:bf:c6:4f:a9:77:19:80:f7:02:26:b6:8d:f6:76:99:ac:
4e:15:13:77:43:0d:81:66:0d:8d:a9:b7:95:c3:32:2d:af:be:
38:81:6a:ad:99:cb:0a:12:4b:6d:5b:ca:ce:cd:da:81:1f:41:
d0:cd:e8:39:38:16:aa:ac:1d:94:55:63:7a:c5:3e:b8:55:bf:
69:74:c9:10:fa:f2:a5:ea:de:ce:ff:32:eb:21:b9:d9:fd:8d:
5d:19:ad:24:2e:7b:5e:48:9e:b9:4d:d7:d9:32:30:29:f9:b8:
a1:f5:cb:19:47:89:61:03:b4:ce:02:51:1f:5d:d9:5c:86:ac:
61:8b:61:15:24:d7:d7:ce:a8:91:1a:f0:0a:8c:6c:77:2c:c6:
3e:2e:f8:20
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQfjID37K6UhcvfJKZ/9ZdoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZGFmZDYzNjA2MzZhNjMyNzc0N2EwNzA4MGY3ZjJlNWUz
MmNlODUwHhcNMjUwMTAxMDE0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTE0NDUyYzU2MmZhNWQwYzIwNzQ4MDg1OGNkYzc3OTZjN2IyM2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0TL3h+DcbB/d44ttYvKhXJ/72Sf
WgT1zQcUdUIEVnQOEODgcxyRisIYK6/P78opF48fAQ6eLeEh287m/vJeUsaZwCvA
bu+MKMjZUll9PSXMnvDVfbcoblmuUV/kyNKpqiNc7Nqtgi/6W73jChFh8uZBtopi
Tz8Itm/Z/fYqEcD+S8mJbnCmDX/YGr6/BWBLlDf1zUgIrvIPrmYp/bt5E6lYIJuc
JzRm8DBgxu+diVaPON+kTuxzEP9qKsPIWplfv3N8u0cC3piwakeKm/Kvguswafvu
QIfzOHBM60mjV0chBHFNoAwg+ieBqGgxKN4i/wZ5gneUSqDOXIM+3ewBwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPkURSxWL6XQwgdICFjNx3lseyPIMB8GA1UdIwQY
MBaAFGja/WNgY2pjJ3R6BwgPfy5eMs6FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5yOVkyQmphbU1uZEhvSENBOV9MbDR5em9VLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi82MDEzNjAtYWRiOS00Y2I1LTg2ZDkt
MmJiMjM3N2U1YTFjLzEvMS1SUkZMRll2cGREQ0IwZ0lXTTNIZVd4N0k4Zy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGIvNjAxMzYwLWFkYjktNGNiNS04NmQ5LTJiYjIzNzdlNWEx
Yy8xL2FOcjlZMkJqYW1NbmRIb0hDQTlfTGw0eXpvVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAVvamDAP
BAIAAjAJAwcAIAEGeAX0MA0GCSqGSIb3DQEBCwUAA4IBAQBzvQr1w5YZt5YknwOm
c385jYvd5S5MnKgpQ/wd2IulLL3scBxMd31623C/FW/xE1D/hx4b3xTKLFuP4AvA
/aGyVfVbYf+5bQEVksRkX1rscL5or/URXdznV1v0WBLtbyc/HBPes5/PNc0BbjnN
BL/GT6l3GYD3Aia2jfZ2maxOFRN3Qw2BZg2NqbeVwzItr744gWqtmcsKEkttW8rO
zdqBH0HQzeg5OBaqrB2UVWN6xT64Vb9pdMkQ+vKl6t7O/zLrIbnZ/Y1dGa0kLnte
SJ65TdfZMjAp+bih9csZR4lhA7TOAlEfXdlchqxhi2EVJNfXzqiRGvAKjGx3LMY+
Lvgg
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:19 2025 by rpki-client