Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/1-TlqHwAPmWVtB0VaMS2dcw_y4BM.roa
File: 1-TlqHwAPmWVtB0VaMS2dcw_y4BM.roa (raw, json)
Hash identifier: Vsrj8BjejOLCxBhFk7ZH0eVSUMnx2WUgqzTLU5U12JQ=
Subject key identifier: F9:39:6A:1F:00:0F:99:65:6D:07:45:5A:31:2D:9D:73:0F:F2:E0:13
Certificate issuer: /CN=ffb4f40f3211561c29f1bbc320bd87cfa2ddd029
Certificate serial: 0194266BC04E3699E35823513BD846E8CCB9
Authority key identifier: FF:B4:F4:0F:32:11:56:1C:29:F1:BB:C3:20:BD:87:CF:A2:DD:D0:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/1-TlqHwAPmWVtB0VaMS2dcw_y4BM.roa
Signing time: Thu 02 Jan 2025 09:49:43 +0000
ROA not before: Thu 02 Jan 2025 09:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59943
IP address blocks: 91.208.211.0/24 maxlen: 24
91.223.195.0/24 maxlen: 24
185.3.216.0/22 maxlen: 24
193.104.8.0/24 maxlen: 24
194.32.152.0/22 maxlen: 22
194.32.152.0/24 maxlen: 24
194.32.153.0/24 maxlen: 24
194.32.154.0/24 maxlen: 24
194.32.155.0/24 maxlen: 24
194.247.160.0/23 maxlen: 23
195.225.164.0/22 maxlen: 22
195.225.164.0/24 maxlen: 24
195.225.166.0/24 maxlen: 24
195.225.167.0/24 maxlen: 24
2a02:5b40::/32 maxlen: 32
2a02:5b41::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.mft
rsync://rpki.ripe.net/repository/DEFAULT/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:c0:4e:36:99:e3:58:23:51:3b:d8:46:e8:cc:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffb4f40f3211561c29f1bbc320bd87cfa2ddd029
Validity
Not Before: Jan 2 09:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9396a1f000f99656d07455a312d9d730ff2e013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:bd:e2:5a:38:1f:74:47:8a:9f:c5:3d:46:a7:
58:42:6b:85:60:81:a5:f7:68:6e:f3:0f:69:21:fd:
0f:59:68:a8:d7:51:de:b6:20:10:75:fa:20:44:45:
9d:54:45:ca:f6:76:e1:ee:6b:c0:e5:2d:ee:05:9a:
63:34:6b:2b:e2:ef:27:17:fb:9c:f5:13:d6:08:86:
1e:b9:0b:fe:87:34:be:24:47:d4:1e:d5:8b:e8:22:
d0:51:4b:a0:08:6c:97:22:7a:e0:f2:7d:b6:8c:2f:
29:e4:50:5f:32:e5:b2:32:8b:45:1b:7e:e7:7d:a0:
4b:a0:7e:6d:6c:2e:86:1b:f8:db:0e:de:fa:ea:80:
17:ee:ab:82:d4:a1:bc:f5:58:96:c5:7f:e7:07:62:
16:04:63:69:1c:37:c3:f3:32:10:40:05:3e:87:41:
1b:eb:c1:07:b1:65:72:41:f8:3a:03:b8:9e:0c:db:
fc:2b:40:eb:18:c0:b7:a5:2a:10:ad:b1:08:60:b9:
2d:75:60:25:6a:5f:44:04:ad:a0:d4:27:5a:38:d2:
bf:01:2d:8f:6f:c8:29:30:06:bf:6d:3b:44:57:20:
8e:47:47:b4:0e:e1:e7:b7:0d:99:2a:ae:e1:bb:23:
c8:c0:3c:84:54:e8:3b:ed:32:12:b3:f1:d1:ae:f9:
ff:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:39:6A:1F:00:0F:99:65:6D:07:45:5A:31:2D:9D:73:0F:F2:E0:13
X509v3 Authority Key Identifier:
keyid:FF:B4:F4:0F:32:11:56:1C:29:F1:BB:C3:20:BD:87:CF:A2:DD:D0:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/1-TlqHwAPmWVtB0VaMS2dcw_y4BM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.211.0/24
91.223.195.0/24
185.3.216.0/22
193.104.8.0/24
194.32.152.0/22
194.247.160.0/23
195.225.164.0/22
IPv6:
2a02:5b40::/31
Signature Algorithm: sha256WithRSAEncryption
4b:db:46:cf:b4:31:9f:c5:b5:5a:c1:17:a7:43:75:4d:56:6a:
63:89:6a:a1:d1:63:b5:b8:fb:e1:2c:18:40:15:de:72:eb:58:
f9:07:42:cb:b2:8a:bf:8f:03:0e:b5:73:f7:d9:ac:31:1f:13:
b6:6b:99:78:df:76:2c:60:35:71:31:34:34:dd:95:a9:2e:8d:
bd:e9:fd:16:94:88:54:f7:ee:16:be:63:fb:4e:bd:3e:70:a0:
db:8e:a7:38:66:67:6a:2f:87:3c:0d:71:67:3a:70:ac:db:03:
96:df:89:71:d7:cd:65:e3:b0:56:c6:15:8f:1e:d7:79:4c:35:
c6:95:f6:0c:54:20:45:c9:1a:08:6b:db:6b:1f:11:e3:5e:eb:
f4:92:60:b0:e8:22:e4:37:d6:b3:49:3d:3b:64:a1:20:9a:40:
23:f9:f6:15:e1:61:ea:bc:8a:1c:9b:2a:50:b7:e1:b2:9d:de:
0b:c0:05:d9:89:72:e5:83:74:e0:ab:65:fe:c1:c2:71:5c:80:
a3:d1:71:cb:3d:3c:dd:60:c9:b2:f8:11:8a:48:c9:5f:10:41:
bd:95:10:10:ef:55:67:c5:ba:51:db:39:30:2c:1e:3e:e6:46:
04:08:1c:71:f2:21:ee:07:e2:f8:69:60:73:dd:ee:59:8a:cf:
60:ba:8e:cc
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQma8BONpnjWCNRO9hG6My5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYjRmNDBmMzIxMTU2MWMyOWYxYmJjMzIwYmQ4N2NmYTJk
ZGQwMjkwHhcNMjUwMTAyMDk0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTM5NmExZjAwMGY5OTY1NmQwNzQ1NWEzMTJkOWQ3MzBmZjJlMDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1b3iWjgfdEeKn8U9RqdYQmuFYIGl
92hu8w9pIf0PWWio11HetiAQdfogREWdVEXK9nbh7mvA5S3uBZpjNGsr4u8nF/uc
9RPWCIYeuQv+hzS+JEfUHtWL6CLQUUugCGyXInrg8n22jC8p5FBfMuWyMotFG37n
faBLoH5tbC6GG/jbDt766oAX7quC1KG89ViWxX/nB2IWBGNpHDfD8zIQQAU+h0Eb
68EHsWVyQfg6A7ieDNv8K0DrGMC3pSoQrbEIYLktdWAlal9EBK2g1CdaONK/AS2P
b8gpMAa/bTtEVyCOR0e0DuHntw2ZKq7huyPIwDyEVOg77TISs/HRrvn/AwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFPk5ah8AD5llbQdFWjEtnXMP8uATMB8GA1UdIwQY
MBaAFP+09A8yEVYcKfG7wyC9h8+i3dApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzdUMER6SVJWaHdwOGJ2RElMMkh6NkxkMENrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xNDhkODgtNjEzNi00Mzc0LTk5NGIt
ZDUzZjk0ZTIwN2E5LzEvMS1UbHFId0FQbVdWdEIwVmFNUzJkY3dfeTRCTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWIvMTQ4ZDg4LTYxMzYtNDM3NC05OTRiLWQ1M2Y5NGUyMDdh
OS8xL183VDBEeklSVmh3cDhidkRJTDJIejZMZDBDay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBSBggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAFvQ0wME
AFvfwwMEArkD2AMEAMFoCAMEAsIgmAMEAcL3oAMEAsPhpDANBAIAAjAHAwUBKgJb
QDANBgkqhkiG9w0BAQsFAAOCAQEAS9tGz7Qxn8W1WsEXp0N1TVZqY4lqodFjtbj7
4SwYQBXecutY+QdCy7KKv48DDrVz99msMR8TtmuZeN92LGA1cTE0NN2VqS6Nven9
FpSIVPfuFr5j+069PnCg246nOGZnai+HPA1xZzpwrNsDlt+JcdfNZeOwVsYVjx7X
eUw1xpX2DFQgRckaCGvbax8R417r9JJgsOgi5DfWs0k9O2ShIJpAI/n2FeFh6ryK
HJsqULfhsp3eC8AF2Yly5YN04Ktl/sHCcVyAo9Fxyz083WDJsvgRikjJXxBBvZUQ
EO9VZ8W6Uds5MCwePuZGBAgccfIh7gfi+Glgc93uWYrPYLqOzA==
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:06:12 2025 by rpki-client