Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/73d3b2-9bd1-410f-91ec-8074a55250ea/1/_T-vtGYkRfg0z_VEY1ujTV9wsKQ.roa
File: _T-vtGYkRfg0z_VEY1ujTV9wsKQ.roa (raw, json)
Hash identifier: 6bCPgaDCgJtCF9Wiux6xQrKawZrIY3ovPB6dkvGNia8=
Subject key identifier: FD:3F:AF:B4:66:24:45:F8:34:CF:F5:44:63:5B:A3:4D:5F:70:B0:A4
Certificate issuer: /CN=ea9a580a4cf64a884190a5b0fb227f309e9040eb
Certificate serial: 01942521CC218282DD9E86C2336778FEFB9C
Authority key identifier: EA:9A:58:0A:4C:F6:4A:88:41:90:A5:B0:FB:22:7F:30:9E:90:40:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6ppYCkz2SohBkKWw-yJ_MJ6QQOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/73d3b2-9bd1-410f-91ec-8074a55250ea/1/_T-vtGYkRfg0z_VEY1ujTV9wsKQ.roa
Signing time: Thu 02 Jan 2025 03:49:19 +0000
ROA not before: Thu 02 Jan 2025 03:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198498
IP address blocks: 91.235.192.0/22 maxlen: 22
176.109.160.0/22 maxlen: 22
176.109.164.0/22 maxlen: 22
185.245.192.0/22 maxlen: 22
213.108.80.0/22 maxlen: 22
213.108.84.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/73d3b2-9bd1-410f-91ec-8074a55250ea/1/6ppYCkz2SohBkKWw-yJ_MJ6QQOs.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/73d3b2-9bd1-410f-91ec-8074a55250ea/1/6ppYCkz2SohBkKWw-yJ_MJ6QQOs.mft
rsync://rpki.ripe.net/repository/DEFAULT/6ppYCkz2SohBkKWw-yJ_MJ6QQOs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:cc:21:82:82:dd:9e:86:c2:33:67:78:fe:fb:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea9a580a4cf64a884190a5b0fb227f309e9040eb
Validity
Not Before: Jan 2 03:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd3fafb4662445f834cff544635ba34d5f70b0a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:00:15:94:9f:80:d9:e6:24:b8:03:63:75:67:
e5:61:25:a4:95:7a:ad:60:e8:fa:b4:7b:eb:e0:1c:
cb:5f:f0:76:23:52:7d:48:b2:b9:0e:32:9c:b8:c2:
69:bb:0b:9e:26:9e:2a:62:97:94:ef:31:77:4a:d4:
05:a2:e9:00:c6:fb:6a:f5:dd:7a:f9:74:9e:8a:ce:
5a:24:e4:12:e3:2b:a8:f3:6f:3e:82:17:87:fd:68:
f4:a8:4f:0f:4d:4c:e8:88:0b:ac:67:e6:08:d5:f9:
4f:84:b3:e0:a6:98:f7:2d:52:52:62:65:cc:85:82:
03:fc:88:5f:b2:ae:88:bd:7e:1d:a9:2d:ae:46:9d:
64:0e:e4:f5:d4:1c:a1:ce:d8:d0:4e:77:1d:49:51:
c0:77:1c:5b:2d:35:0d:91:ee:0e:4b:f6:28:a1:8f:
f3:a8:22:80:b9:8d:34:59:e0:01:85:34:d4:19:ff:
a7:b5:a6:75:89:f1:fc:67:f7:48:9e:5c:14:be:55:
fe:05:b6:62:d9:32:06:c1:cc:a7:34:38:6a:f6:b1:
78:d6:4e:64:8c:ed:07:30:8e:24:36:be:91:2c:bb:
a2:fb:70:3c:b2:95:3c:0b:85:cf:14:8f:db:6d:ad:
54:d4:b0:2a:11:57:33:34:fa:46:46:20:45:a6:e6:
e5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:3F:AF:B4:66:24:45:F8:34:CF:F5:44:63:5B:A3:4D:5F:70:B0:A4
X509v3 Authority Key Identifier:
keyid:EA:9A:58:0A:4C:F6:4A:88:41:90:A5:B0:FB:22:7F:30:9E:90:40:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6ppYCkz2SohBkKWw-yJ_MJ6QQOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/73d3b2-9bd1-410f-91ec-8074a55250ea/1/_T-vtGYkRfg0z_VEY1ujTV9wsKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/73d3b2-9bd1-410f-91ec-8074a55250ea/1/6ppYCkz2SohBkKWw-yJ_MJ6QQOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.192.0/22
176.109.160.0/21
185.245.192.0/22
213.108.80.0/21
Signature Algorithm: sha256WithRSAEncryption
92:c0:e8:7f:ff:2c:41:0d:c6:54:94:8d:bf:ca:7a:86:ba:2e:
54:9f:77:90:97:75:26:52:68:aa:09:44:5e:1b:f5:4c:23:ab:
98:7e:0d:7f:e3:98:9d:72:e8:fa:a5:3b:fd:5d:f3:42:56:7a:
94:05:37:81:35:3d:aa:07:02:75:98:07:1f:3e:21:8c:09:a8:
b5:ff:98:9d:f9:70:17:7a:48:63:60:de:fc:d3:88:96:e5:57:
92:44:99:80:f6:25:b5:3b:de:fe:b3:9c:44:48:fd:0f:6a:4a:
9f:11:e5:7b:76:5f:82:c3:16:cc:99:9c:3e:0c:74:60:09:9b:
a0:0c:21:63:74:34:96:b1:0c:b4:a0:72:d5:3b:f1:cc:b9:58:
98:1f:03:8e:d8:cf:c8:70:e0:dc:84:6e:8a:d5:91:43:85:fe:
1b:4a:e2:03:ec:44:b1:ea:8b:de:0d:c3:00:be:14:26:3c:d3:
30:10:f9:d1:43:b2:a9:59:05:0d:90:af:df:96:96:d9:c8:77:
16:5a:9b:c2:f6:1b:d1:f8:d4:a1:62:51:2a:fe:f6:60:78:ed:
b5:b5:b0:85:06:61:66:56:f5:1f:b4:40:03:17:f9:a9:02:35:
76:82:32:93:b9:66:46:7c:6d:7e:5b:88:89:b4:81:74:aa:54:
88:88:97:e8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQlIcwhgoLdnobCM2d4/vucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhOWE1ODBhNGNmNjRhODg0MTkwYTViMGZiMjI3ZjMwOWU5
MDQwZWIwHhcNMjUwMTAyMDM0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDNmYWZiNDY2MjQ0NWY4MzRjZmY1NDQ2MzViYTM0ZDVmNzBiMGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngAVlJ+A2eYkuANjdWflYSWklXqt
YOj6tHvr4BzLX/B2I1J9SLK5DjKcuMJpuwueJp4qYpeU7zF3StQFoukAxvtq9d16
+XSeis5aJOQS4yuo828+gheH/Wj0qE8PTUzoiAusZ+YI1flPhLPgppj3LVJSYmXM
hYID/Ihfsq6IvX4dqS2uRp1kDuT11ByhztjQTncdSVHAdxxbLTUNke4OS/YooY/z
qCKAuY00WeABhTTUGf+ntaZ1ifH8Z/dInlwUvlX+BbZi2TIGwcynNDhq9rF41k5k
jO0HMI4kNr6RLLui+3A8spU8C4XPFI/bba1U1LAqEVczNPpGRiBFpublCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP0/r7RmJEX4NM/1RGNbo01fcLCkMB8GA1UdIwQY
MBaAFOqaWApM9kqIQZClsPsifzCekEDrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnBwWUNrejJTb2hCa0tXdy15Sl9NSjZRUU9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83M2QzYjItOWJkMS00MTBmLTkxZWMt
ODA3NGE1NTI1MGVhLzEvX1QtdnRHWWtSZmcwel9WRVkxdWpUVjl3c0tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83M2QzYjItOWJkMS00MTBmLTkxZWMtODA3NGE1NTI1MGVh
LzEvNnBwWUNrejJTb2hCa0tXdy15Sl9NSjZRUU9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW+vAAwQD
sG2gAwQCufXAAwQD1WxQMA0GCSqGSIb3DQEBCwUAA4IBAQCSwOh//yxBDcZUlI2/
ynqGui5Un3eQl3UmUmiqCUReG/VMI6uYfg1/45idcuj6pTv9XfNCVnqUBTeBNT2q
BwJ1mAcfPiGMCai1/5id+XAXekhjYN7804iW5VeSRJmA9iW1O97+s5xESP0Pakqf
EeV7dl+CwxbMmZw+DHRgCZugDCFjdDSWsQy0oHLVO/HMuViYHwOO2M/IcODchG6K
1ZFDhf4bSuID7ESx6oveDcMAvhQmPNMwEPnRQ7KpWQUNkK/flpbZyHcWWpvC9hvR
+NShYlEq/vZgeO21tbCFBmFmVvUftEADF/mpAjV2gjKTuWZGfG1+W4iJtIF0qlSI
iJfo
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:46:22 2025 by rpki-client