Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/ykvaDunnWrInYG8JYdl8FUnhb8E.roa
File: ykvaDunnWrInYG8JYdl8FUnhb8E.roa (raw, json)
Hash identifier: Ow01zePEbOrkUb4yW1o1FSsU+vG0+EPGDtmmuCC0/g0=
Subject key identifier: CA:4B:DA:0E:E9:E7:5A:B2:27:60:6F:09:61:D9:7C:15:49:E1:6F:C1
Certificate issuer: /CN=9d210f2259093aaf45285922a588e9a661aba9fa
Certificate serial: 019422FBA3BFC0096F0A65B8C3EB7682CBC0
Authority key identifier: 9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/ykvaDunnWrInYG8JYdl8FUnhb8E.roa
Signing time: Wed 01 Jan 2025 17:48:24 +0000
ROA not before: Wed 01 Jan 2025 17:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6854
IP address blocks: 77.245.96.0/20 maxlen: 20
93.185.64.0/20 maxlen: 20
95.141.128.0/20 maxlen: 20
217.196.16.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:a3:bf:c0:09:6f:0a:65:b8:c3:eb:76:82:cb:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d210f2259093aaf45285922a588e9a661aba9fa
Validity
Not Before: Jan 1 17:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca4bda0ee9e75ab227606f0961d97c1549e16fc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:3f:64:33:73:21:2a:73:77:a7:0d:c2:9e:8f:
99:a3:d4:34:c1:61:23:fc:d2:bc:41:ef:50:24:af:
df:95:92:04:dd:05:8a:3d:c8:5c:c4:0a:d7:62:f0:
4d:0c:bc:a4:e1:1b:b1:41:99:50:04:3c:d0:5b:e3:
56:62:aa:89:20:2a:8f:df:93:1d:27:ba:c0:6d:89:
b2:eb:b1:55:c7:2c:eb:b9:ae:bf:5f:eb:c5:24:4f:
7e:6c:73:7f:7b:6a:f5:00:5a:88:dc:de:97:09:21:
6b:f3:f2:80:55:e3:0a:e3:b9:e7:55:79:97:5d:d4:
e4:78:f0:11:e3:e2:eb:b2:5d:cd:34:06:3b:6a:f9:
67:e6:78:46:09:29:c9:4e:7f:b5:23:16:a5:ec:6e:
8e:87:7f:ca:09:d4:b4:f8:51:5c:40:5b:cd:c6:6e:
51:b6:9f:cc:11:28:a5:b0:84:5a:e5:70:62:88:76:
29:f0:02:c1:88:6c:05:58:44:a8:c1:70:f3:3f:d2:
a1:8e:d6:9c:a5:cf:b0:ca:79:2e:6c:17:75:55:31:
ff:ae:fe:9f:64:28:18:6e:82:21:3d:ea:57:26:1a:
17:c7:19:6b:d0:92:44:5d:b7:ab:d4:9a:46:a4:9b:
59:c3:45:82:b6:b5:c5:dd:2b:3d:12:d3:52:d8:a0:
7c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:4B:DA:0E:E9:E7:5A:B2:27:60:6F:09:61:D9:7C:15:49:E1:6F:C1
X509v3 Authority Key Identifier:
keyid:9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/ykvaDunnWrInYG8JYdl8FUnhb8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.245.96.0/20
93.185.64.0/20
95.141.128.0/20
217.196.16.0/20
Signature Algorithm: sha256WithRSAEncryption
20:ed:03:3d:b4:f9:52:51:71:57:cd:6d:04:3a:1e:32:e5:9c:
92:24:bf:de:fb:35:5c:8c:d9:9f:de:1a:25:8e:47:c9:6d:90:
c5:5d:2d:40:3f:a8:e3:84:48:3a:a9:a5:5d:22:d7:78:4f:60:
75:08:ff:8b:db:a0:3a:ed:16:2a:60:e0:fc:c3:aa:77:91:00:
5e:6c:a5:1b:3c:48:4c:c5:1e:10:e7:c2:7d:58:83:78:61:00:
99:c3:ca:69:ef:61:26:56:c7:79:a5:16:e1:87:72:76:43:25:
a5:e9:aa:75:e9:d7:59:17:c4:67:68:d4:ea:9a:e4:90:ab:ba:
d8:b7:55:1f:e6:43:15:5a:c6:4a:22:66:c2:85:26:55:5d:f3:
f7:a5:b8:5d:20:a3:b4:2b:55:ce:30:3b:f3:ee:96:78:1b:a4:
a2:e1:4b:e3:ff:db:21:b1:fd:f3:ff:ef:d2:09:54:6d:8a:01:
30:dd:2b:ec:36:5f:78:37:f2:e4:5c:43:70:c7:68:27:d3:c3:
4b:d2:29:86:76:ab:6c:84:62:3d:fc:c9:75:bc:a9:28:06:33:
76:21:82:dc:36:5d:c0:9a:5c:cd:a0:65:2e:87:24:f2:8b:51:
cd:76:ad:63:6c:89:0f:60:27:b9:2b:c7:88:39:3d:0a:d4:77:
68:04:8f:56
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQi+6O/wAlvCmW4w+t2gsvAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjEwZjIyNTkwOTNhYWY0NTI4NTkyMmE1ODhlOWE2NjFh
YmE5ZmEwHhcNMjUwMTAxMTc0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTRiZGEwZWU5ZTc1YWIyMjc2MDZmMDk2MWQ5N2MxNTQ5ZTE2ZmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5T9kM3MhKnN3pw3Cno+Zo9Q0wWEj
/NK8Qe9QJK/flZIE3QWKPchcxArXYvBNDLyk4RuxQZlQBDzQW+NWYqqJICqP35Md
J7rAbYmy67FVxyzrua6/X+vFJE9+bHN/e2r1AFqI3N6XCSFr8/KAVeMK47nnVXmX
XdTkePAR4+Lrsl3NNAY7avln5nhGCSnJTn+1Ixal7G6Oh3/KCdS0+FFcQFvNxm5R
tp/MESilsIRa5XBiiHYp8ALBiGwFWESowXDzP9Khjtacpc+wynkubBd1VTH/rv6f
ZCgYboIhPepXJhoXxxlr0JJEXber1JpGpJtZw0WCtrXF3Ss9EtNS2KB8zwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMpL2g7p51qyJ2BvCWHZfBVJ4W/BMB8GA1UdIwQY
MBaAFJ0hDyJZCTqvRShZIqWI6aZhq6n6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNFUElsa0pPcTlGS0ZraXBZanBwbUdycWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85MzY4NmQtMTFmNS00ZTNlLWI1YzQt
NDM4NDNjMmU5NDNiLzEveWt2YUR1bm5XckluWUc4SllkbDhGVW5oYjhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85MzY4NmQtMTFmNS00ZTNlLWI1YzQtNDM4NDNjMmU5NDNi
LzEvblNFUElsa0pPcTlGS0ZraXBZanBwbUdycWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQETfVgAwQE
XblAAwQEX42AAwQE2cQQMA0GCSqGSIb3DQEBCwUAA4IBAQAg7QM9tPlSUXFXzW0E
Oh4y5ZySJL/e+zVcjNmf3holjkfJbZDFXS1AP6jjhEg6qaVdItd4T2B1CP+L26A6
7RYqYOD8w6p3kQBebKUbPEhMxR4Q58J9WIN4YQCZw8pp72EmVsd5pRbhh3J2QyWl
6ap16ddZF8RnaNTqmuSQq7rYt1Uf5kMVWsZKImbChSZVXfP3pbhdIKO0K1XOMDvz
7pZ4G6Si4Uvj/9shsf3z/+/SCVRtigEw3SvsNl94N/LkXENwx2gn08NL0imGdqts
hGI9/Ml1vKkoBjN2IYLcNl3AmlzNoGUuhyTyi1HNdq1jbIkPYCe5K8eIOT0K1Hdo
BI9W
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:38:01 2025 by rpki-client