Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/Yp8Y2f-rm0XFP0JksYyQiIn5YI4.roa
File: Yp8Y2f-rm0XFP0JksYyQiIn5YI4.roa (raw, json)
Hash identifier: zUTWYSFUC05+hAZt14a3XZJms6iqhzhaVnj/uuxFKy0=
Subject key identifier: 62:9F:18:D9:FF:AB:9B:45:C5:3F:42:64:B1:8C:90:88:89:F9:60:8E
Certificate issuer: /CN=9ba94bc14937bb0b3632374355a446724104a981
Certificate serial: 0194F4B57EFF07B842D4928B295028751517
Authority key identifier: 9B:A9:4B:C1:49:37:BB:0B:36:32:37:43:55:A4:46:72:41:04:A9:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/Yp8Y2f-rm0XFP0JksYyQiIn5YI4.roa
Signing time: Tue 11 Feb 2025 11:12:02 +0000
ROA not before: Tue 11 Feb 2025 11:12:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207957
IP address blocks: 91.196.32.0/24 maxlen: 24
91.196.33.0/24 maxlen: 24
91.196.34.0/24 maxlen: 24
91.196.35.0/24 maxlen: 24
193.151.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/m6lLwUk3uws2MjdDVaRGckEEqYE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/m6lLwUk3uws2MjdDVaRGckEEqYE.mft
rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:43:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f4:b5:7e:ff:07:b8:42:d4:92:8b:29:50:28:75:15:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ba94bc14937bb0b3632374355a446724104a981
Validity
Not Before: Feb 11 11:12:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=629f18d9ffab9b45c53f4264b18c908889f9608e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3b:8b:da:7f:be:06:ec:71:aa:5a:ba:91:e8:
53:b1:f5:38:cc:46:b3:28:70:07:6c:29:25:69:9d:
80:93:8e:50:d6:70:29:27:a5:a9:0f:12:c4:5c:bb:
47:72:2c:a4:7c:e7:a9:79:8f:0e:f9:c0:96:76:c4:
17:a7:7f:0b:81:41:56:45:36:ca:4a:fd:88:2d:ec:
b5:7b:7d:9a:00:80:53:e3:12:77:60:16:61:0d:57:
28:3b:40:41:b5:30:b8:f2:b9:e5:3b:44:10:a5:dd:
a0:02:9b:f5:d7:81:1d:d0:ad:67:af:4f:7a:80:7b:
b4:69:35:b3:5a:8e:8a:3c:b7:73:75:da:d6:c4:73:
17:4d:43:88:f2:51:e8:c8:d0:1e:df:4f:c8:da:4b:
5d:73:54:6d:2d:4b:ad:43:fe:e2:4c:ce:32:63:0c:
36:27:52:88:77:6e:6f:b9:ae:37:86:dc:1d:0c:9a:
57:f3:2c:7c:05:8d:d5:4e:75:a7:a0:d3:a9:d9:0f:
80:ee:d9:17:ed:74:05:45:eb:04:11:fa:20:58:c2:
82:f1:30:98:67:13:65:00:ea:44:29:23:0b:77:1b:
8c:b3:30:05:9f:3a:99:12:00:d6:91:bb:be:2e:ba:
d6:43:63:67:08:be:33:81:29:75:bf:ed:91:4b:24:
60:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:9F:18:D9:FF:AB:9B:45:C5:3F:42:64:B1:8C:90:88:89:F9:60:8E
X509v3 Authority Key Identifier:
keyid:9B:A9:4B:C1:49:37:BB:0B:36:32:37:43:55:A4:46:72:41:04:A9:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/Yp8Y2f-rm0XFP0JksYyQiIn5YI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/m6lLwUk3uws2MjdDVaRGckEEqYE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.32.0/22
193.151.108.0/24
Signature Algorithm: sha256WithRSAEncryption
25:f6:61:42:61:57:e1:53:34:88:8e:43:80:f2:1c:0f:71:f7:
56:97:c3:40:14:aa:c7:12:bd:78:f9:aa:23:49:23:ab:d5:cb:
87:e4:94:e7:18:c2:6e:56:90:2f:05:d7:38:fc:ef:0c:b8:35:
eb:f3:1c:82:a7:ea:b9:0e:01:a5:8f:a8:e7:45:8b:9d:61:fa:
ec:f9:13:57:50:df:db:44:fe:a4:5a:ee:80:cc:22:53:93:4c:
85:39:63:b4:ba:6c:b9:41:67:f9:d5:fd:27:9d:71:be:b0:e3:
f5:76:bc:59:c7:ff:9a:8b:27:5f:77:e6:15:ff:86:55:56:c3:
29:b0:9a:e1:a1:ff:f4:0e:94:3a:aa:97:40:c6:73:7c:75:49:
7d:42:e3:8f:20:ba:16:3f:35:e6:79:8e:b6:fd:85:d0:79:b0:
7d:1d:94:50:f6:10:db:2a:50:10:59:7d:b7:37:9e:0a:ab:19:
61:96:b4:fe:9a:22:1f:1f:2f:a4:6c:1a:27:a7:e7:04:f1:f4:
28:84:fb:84:31:55:ef:72:24:aa:47:48:34:eb:24:6f:ed:51:
b1:64:97:b8:a2:1c:16:e7:6d:51:92:e6:ce:0b:43:ec:6b:b2:
9b:6d:7b:c2:b6:21:37:9a:97:9e:d6:fe:de:81:08:63:27:66:
04:a5:c5:cb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZT0tX7/B7hC1JKLKVAodRUXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYTk0YmMxNDkzN2JiMGIzNjMyMzc0MzU1YTQ0NjcyNDEw
NGE5ODEwHhcNMjUwMjExMTExMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjlmMThkOWZmYWI5YjQ1YzUzZjQyNjRiMThjOTA4ODg5Zjk2MDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjuL2n++Buxxqlq6kehTsfU4zEaz
KHAHbCklaZ2Ak45Q1nApJ6WpDxLEXLtHciykfOepeY8O+cCWdsQXp38LgUFWRTbK
Sv2ILey1e32aAIBT4xJ3YBZhDVcoO0BBtTC48rnlO0QQpd2gApv114Ed0K1nr096
gHu0aTWzWo6KPLdzddrWxHMXTUOI8lHoyNAe30/I2ktdc1RtLUutQ/7iTM4yYww2
J1KId25vua43htwdDJpX8yx8BY3VTnWnoNOp2Q+A7tkX7XQFResEEfogWMKC8TCY
ZxNlAOpEKSMLdxuMszAFnzqZEgDWkbu+LrrWQ2NnCL4zgSl1v+2RSyRgDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGKfGNn/q5tFxT9CZLGMkIiJ+WCOMB8GA1UdIwQY
MBaAFJupS8FJN7sLNjI3Q1WkRnJBBKmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTZsTHdVazN1d3MyTWpkRFZhUkdja0VFcVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9jYzc4NDMtZDEzNi00ZmZiLThiOTkt
ODM2YzMxMmFjOGMyLzEvWXA4WTJmLXJtMFhGUDBKa3NZeVFpSW41WUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9jYzc4NDMtZDEzNi00ZmZiLThiOTktODM2YzMxMmFjOGMy
LzEvbTZsTHdVazN1d3MyTWpkRFZhUkdja0VFcVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8QgAwQA
wZdsMA0GCSqGSIb3DQEBCwUAA4IBAQAl9mFCYVfhUzSIjkOA8hwPcfdWl8NAFKrH
Er14+aojSSOr1cuH5JTnGMJuVpAvBdc4/O8MuDXr8xyCp+q5DgGlj6jnRYudYfrs
+RNXUN/bRP6kWu6AzCJTk0yFOWO0umy5QWf51f0nnXG+sOP1drxZx/+aiydfd+YV
/4ZVVsMpsJrhof/0DpQ6qpdAxnN8dUl9QuOPILoWPzXmeY62/YXQebB9HZRQ9hDb
KlAQWX23N54KqxlhlrT+miIfHy+kbBonp+cE8fQohPuEMVXvciSqR0g06yRv7VGx
ZJe4ohwW521RkubOC0Psa7KbbXvCtiE3mpee1v7egQhjJ2YEpcXL
-----END CERTIFICATE-----
Generated at Tue Apr 8 20:50:17 2025 by rpki-client