Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/9bZMaVRDUPty_7efLT2YpkpIYcM.roa
File: 9bZMaVRDUPty_7efLT2YpkpIYcM.roa (raw, json)
Hash identifier: CtsPPucmvohErAHToYEeV/HheWSPpHxQEHc0Z1mOfCU=
Subject key identifier: F5:B6:4C:69:54:43:50:FB:72:FF:B7:9F:2D:3D:98:A6:4A:48:61:C3
Certificate issuer: /CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Certificate serial: 0194228DE21E395B6D0DA224D0DF4D1B23AA
Authority key identifier: 21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/9bZMaVRDUPty_7efLT2YpkpIYcM.roa
Signing time: Wed 01 Jan 2025 15:48:31 +0000
ROA not before: Wed 01 Jan 2025 15:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57809
IP address blocks: 91.212.26.0/24 maxlen: 24
185.177.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:e2:1e:39:5b:6d:0d:a2:24:d0:df:4d:1b:23:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Validity
Not Before: Jan 1 15:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5b64c69544350fb72ffb79f2d3d98a64a4861c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:44:f2:61:0d:93:ec:d8:98:9b:77:cd:3e:41:
07:57:e2:3b:00:bd:3f:a8:9e:31:f6:ed:06:4a:56:
8a:77:43:2a:12:13:ca:10:19:6d:72:1e:ac:9c:95:
b4:d5:a4:43:b8:9b:40:8c:7f:45:c9:4e:30:b7:fe:
55:29:7d:ba:3b:5e:aa:67:e1:67:8f:82:a9:dd:20:
b9:66:2c:dc:fd:06:db:5f:83:dc:42:d5:a9:25:c3:
27:4e:30:b1:38:72:35:ed:d0:50:37:94:01:81:9e:
75:dd:87:a6:b5:27:10:03:82:6b:80:13:3c:61:dc:
54:bb:00:8b:46:5c:25:a2:fa:a9:57:8c:aa:94:7c:
9a:85:0f:d9:2c:fa:e9:1c:d8:eb:e8:03:73:4d:4f:
73:b9:f9:0d:49:07:ee:bc:5e:fa:2d:ea:ad:d8:83:
36:0e:96:e1:cf:bb:45:57:46:62:dc:45:5f:56:5b:
c5:41:ec:7e:73:c1:cd:10:19:3d:8b:ca:5b:9c:5f:
d7:f3:fa:ee:81:b2:5f:5d:03:59:c7:df:f4:ab:0d:
ad:49:20:90:28:de:dc:d8:1e:e7:ae:a4:03:fd:51:
2c:04:95:60:1d:e1:f5:3c:19:62:db:58:fe:9a:38:
15:2a:c7:8d:0c:f7:94:a5:1c:8f:02:14:91:f8:37:
30:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:B6:4C:69:54:43:50:FB:72:FF:B7:9F:2D:3D:98:A6:4A:48:61:C3
X509v3 Authority Key Identifier:
keyid:21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/9bZMaVRDUPty_7efLT2YpkpIYcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.26.0/24
185.177.44.0/24
Signature Algorithm: sha256WithRSAEncryption
31:7d:1c:01:a4:c3:4d:78:c3:1e:45:9e:c3:7f:9c:3c:87:70:
d8:5b:20:38:98:2e:69:8c:da:2b:bf:55:2a:a5:e5:4b:07:f2:
b4:cf:eb:b2:ac:c7:03:aa:da:6f:b8:38:f0:a1:3f:9f:6e:f9:
92:8d:9a:4c:97:ed:b2:84:7b:b2:bf:a9:54:6b:6e:6c:6f:6f:
e3:a0:0b:6a:d7:6f:3c:f9:bb:9e:0a:e7:d9:7c:ba:82:c2:df:
bc:e4:1a:10:3c:87:14:1e:6d:13:fd:18:2c:65:45:36:21:e6:
cf:c1:da:90:53:bd:49:de:3c:1c:56:8d:18:6c:46:2b:92:c1:
0f:9b:ce:65:a1:3c:ae:7b:37:b6:6f:e7:20:5e:57:8a:33:ca:
dc:13:b8:de:f3:ed:4c:ed:a6:72:a3:40:8f:09:3d:ca:98:70:
5e:b9:b1:25:de:e9:09:64:23:5a:81:2e:f4:e4:9d:f8:c2:9f:
e3:c3:3e:95:c4:7b:1a:5b:18:ed:d2:1c:a9:ad:c2:cc:12:69:
b4:2e:c5:da:1a:08:6c:90:46:93:ff:5a:b4:82:69:b9:52:b1:
98:48:9f:4b:66:2a:39:fc:7a:50:aa:58:c2:67:b0:5a:23:e6:
d9:42:dc:d0:3a:f4:30:e1:9a:9b:64:fe:d1:66:0e:4c:93:7e:
02:d7:d2:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijeIeOVttDaIk0N9NGyOqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxY2IyYWMzNzdmYzYwM2Y5NWZhZWNjNTRhYzdkNTkwZjJj
YzMxOWQwHhcNMjUwMTAxMTU0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWI2NGM2OTU0NDM1MGZiNzJmZmI3OWYyZDNkOThhNjRhNDg2MWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkTyYQ2T7NiYm3fNPkEHV+I7AL0/
qJ4x9u0GSlaKd0MqEhPKEBltch6snJW01aRDuJtAjH9FyU4wt/5VKX26O16qZ+Fn
j4Kp3SC5Zizc/QbbX4PcQtWpJcMnTjCxOHI17dBQN5QBgZ513YemtScQA4JrgBM8
YdxUuwCLRlwlovqpV4yqlHyahQ/ZLPrpHNjr6ANzTU9zufkNSQfuvF76Leqt2IM2
Dpbhz7tFV0Zi3EVfVlvFQex+c8HNEBk9i8pbnF/X8/rugbJfXQNZx9/0qw2tSSCQ
KN7c2B7nrqQD/VEsBJVgHeH1PBli21j+mjgVKseNDPeUpRyPAhSR+DcwwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPW2TGlUQ1D7cv+3ny09mKZKSGHDMB8GA1UdIwQY
MBaAFCHLKsN3/GA/lfrsxUrH1ZDyzDGdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUt
ZmI0MGQ2ZGEyNDY4LzEvOWJaTWFWUkRVUHR5XzdlZkxUMllwa3BJWWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUtZmI0MGQ2ZGEyNDY4
LzEvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9QaAwQA
ubEsMA0GCSqGSIb3DQEBCwUAA4IBAQAxfRwBpMNNeMMeRZ7Df5w8h3DYWyA4mC5p
jNorv1UqpeVLB/K0z+uyrMcDqtpvuDjwoT+fbvmSjZpMl+2yhHuyv6lUa25sb2/j
oAtq1288+bueCufZfLqCwt+85BoQPIcUHm0T/RgsZUU2IebPwdqQU71J3jwcVo0Y
bEYrksEPm85loTyueze2b+cgXleKM8rcE7je8+1M7aZyo0CPCT3KmHBeubEl3ukJ
ZCNagS705J34wp/jwz6VxHsaWxjt0hyprcLMEmm0LsXaGghskEaT/1q0gmm5UrGY
SJ9LZio5/HpQqljCZ7BaI+bZQtzQOvQw4ZqbZP7RZg5Mk34C19KJ
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:46:27 2025 by rpki-client