Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/SNHPOOFKUgc1zNBN9wxr7FeAdRs.roa
File: SNHPOOFKUgc1zNBN9wxr7FeAdRs.roa (raw, json)
Hash identifier: Hb2HBizkzgimQbuN29+MCl8e5+WlfhI+P1/UM2vwUU0=
Subject key identifier: 48:D1:CF:38:E1:4A:52:07:35:CC:D0:4D:F7:0C:6B:EC:57:80:75:1B
Certificate issuer: /CN=9b340699c8ed970a8c9ed8c162088f2067c33250
Certificate serial: 01956FF0FF95F40BDFFB06619CE15E76FE54
Authority key identifier: 9B:34:06:99:C8:ED:97:0A:8C:9E:D8:C1:62:08:8F:20:67:C3:32:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mzQGmcjtlwqMntjBYgiPIGfDMlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/SNHPOOFKUgc1zNBN9wxr7FeAdRs.roa
Signing time: Fri 07 Mar 2025 09:30:19 +0000
ROA not before: Fri 07 Mar 2025 09:30:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43905
IP address blocks: 93.91.96.0/21 maxlen: 21
93.91.110.0/24 maxlen: 24
185.85.130.0/23 maxlen: 23
213.234.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/mzQGmcjtlwqMntjBYgiPIGfDMlA.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/mzQGmcjtlwqMntjBYgiPIGfDMlA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mzQGmcjtlwqMntjBYgiPIGfDMlA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 21:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6f:f0:ff:95:f4:0b:df:fb:06:61:9c:e1:5e:76:fe:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b340699c8ed970a8c9ed8c162088f2067c33250
Validity
Not Before: Mar 7 09:30:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48d1cf38e14a520735ccd04df70c6bec5780751b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d5:30:35:42:95:e9:33:1d:b9:07:1d:4a:ef:
0d:b7:da:d0:32:df:d8:70:71:b3:24:43:f8:aa:68:
44:32:6b:f5:87:bd:d2:9d:1c:a6:81:b6:c0:42:3a:
31:79:e2:d1:05:d6:6e:f2:ad:c9:9e:42:50:58:f7:
a9:27:dc:67:b6:15:42:b2:bd:eb:84:ef:9e:c0:ee:
d3:21:32:7a:a7:7b:f2:5e:b6:8b:05:1a:b7:7b:74:
7a:36:20:ba:c9:b4:d3:9c:af:7e:74:bd:1b:5d:a6:
79:4d:f7:fc:b6:9d:e5:b7:45:f0:aa:57:b2:c1:64:
3d:97:8d:54:3b:36:03:83:d1:6d:d3:9b:91:20:ef:
64:63:08:71:f0:d7:f0:a3:8b:96:31:9d:57:31:5c:
f6:67:b9:8c:51:3d:2c:6b:6e:76:ac:01:5d:3c:36:
a2:d1:9b:c0:92:31:3f:5e:df:4b:e7:fb:37:58:9d:
ba:b5:e3:a2:48:0c:46:03:c8:c7:30:87:13:49:79:
80:84:43:51:51:75:35:64:58:ae:7e:e4:27:51:b0:
41:a3:ab:40:d9:ca:d4:50:81:fb:1c:cc:35:71:0d:
f3:89:4a:47:b1:79:45:75:f1:b8:d5:91:70:f6:d3:
11:2d:b6:1c:6a:f9:56:7f:4d:06:14:03:b7:93:93:
f8:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:D1:CF:38:E1:4A:52:07:35:CC:D0:4D:F7:0C:6B:EC:57:80:75:1B
X509v3 Authority Key Identifier:
keyid:9B:34:06:99:C8:ED:97:0A:8C:9E:D8:C1:62:08:8F:20:67:C3:32:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mzQGmcjtlwqMntjBYgiPIGfDMlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/SNHPOOFKUgc1zNBN9wxr7FeAdRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/mzQGmcjtlwqMntjBYgiPIGfDMlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.91.96.0/21
93.91.110.0/24
185.85.130.0/23
213.234.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4d:d2:f7:05:d7:1a:65:d8:b4:31:1e:00:f1:ab:08:02:f7:d0:
48:1d:03:61:b3:9d:8f:7b:a4:bc:b4:35:a0:e4:2f:dd:ea:9d:
4c:14:3b:38:ab:99:a9:98:d0:03:b3:09:5f:02:f6:c1:9e:63:
b3:8f:b6:46:4f:81:f8:ed:b9:54:86:04:57:7e:e2:b4:79:e1:
a7:46:ea:4f:8f:04:61:f1:a2:a7:8f:e8:51:d2:c9:10:4d:2a:
59:94:0d:24:52:23:20:17:74:7e:7d:f2:aa:79:86:a6:65:80:
17:fa:f5:33:15:08:15:81:58:72:37:02:e0:a8:09:7b:5c:ce:
9c:6f:9d:a3:fc:9b:b8:aa:b2:c7:d0:83:2c:f2:0a:dc:c8:a2:
de:12:89:55:65:db:76:1e:93:b6:d0:89:f9:5d:35:c4:c8:e0:
eb:a6:b2:c5:e1:cb:7b:87:be:2f:f7:5e:de:c3:81:28:72:00:
a9:08:c9:dd:3c:e5:bd:6b:c4:27:53:c4:bd:a8:1c:d3:55:31:
22:ce:f5:8b:dd:e7:73:28:af:65:fc:b8:b4:b0:3b:e7:d1:43:
37:b6:59:8d:41:41:79:77:3d:0c:8b:aa:b4:ac:ad:cf:2f:fb:
9f:51:bd:a1:f9:3f:29:ef:b0:9c:7e:af:56:85:12:e2:09:87:
fb:d9:56:45
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZVv8P+V9Avf+wZhnOFedv5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMzQwNjk5YzhlZDk3MGE4YzllZDhjMTYyMDg4ZjIwNjdj
MzMyNTAwHhcNMjUwMzA3MDkzMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGQxY2YzOGUxNGE1MjA3MzVjY2QwNGRmNzBjNmJlYzU3ODA3NTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNUwNUKV6TMduQcdSu8Nt9rQMt/Y
cHGzJEP4qmhEMmv1h73SnRymgbbAQjoxeeLRBdZu8q3JnkJQWPepJ9xnthVCsr3r
hO+ewO7TITJ6p3vyXraLBRq3e3R6NiC6ybTTnK9+dL0bXaZ5Tff8tp3lt0Xwqley
wWQ9l41UOzYDg9Ft05uRIO9kYwhx8Nfwo4uWMZ1XMVz2Z7mMUT0sa252rAFdPDai
0ZvAkjE/Xt9L5/s3WJ26teOiSAxGA8jHMIcTSXmAhENRUXU1ZFiufuQnUbBBo6tA
2crUUIH7HMw1cQ3ziUpHsXlFdfG41ZFw9tMRLbYcavlWf00GFAO3k5P4xQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEjRzzjhSlIHNczQTfcMa+xXgHUbMB8GA1UdIwQY
MBaAFJs0BpnI7ZcKjJ7YwWIIjyBnwzJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXpRR21janRsd3FNbnRqQllnaVBJR2ZETWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82ZjQ5NDAtNWFiYy00OWI0LTk3NDct
ZTA4YmUwZWRhZjc2LzEvU05IUE9PRktVZ2Mxek5CTjl3eHI3RmVBZFJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82ZjQ5NDAtNWFiYy00OWI0LTk3NDctZTA4YmUwZWRhZjc2
LzEvbXpRR21janRsd3FNbnRqQllnaVBJR2ZETWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDXVtgAwQA
XVtuAwQBuVWCAwQG1epAMA0GCSqGSIb3DQEBCwUAA4IBAQBN0vcF1xpl2LQxHgDx
qwgC99BIHQNhs52Pe6S8tDWg5C/d6p1MFDs4q5mpmNADswlfAvbBnmOzj7ZGT4H4
7blUhgRXfuK0eeGnRupPjwRh8aKnj+hR0skQTSpZlA0kUiMgF3R+ffKqeYamZYAX
+vUzFQgVgVhyNwLgqAl7XM6cb52j/Ju4qrLH0IMs8grcyKLeEolVZdt2HpO20In5
XTXEyODrprLF4ct7h74v917ew4EocgCpCMndPOW9a8QnU8S9qBzTVTEizvWL3edz
KK9l/Li0sDvn0UM3tlmNQUF5dz0Mi6q0rK3PL/ufUb2h+T8p77Ccfq9WhRLiCYf7
2VZF
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:32:50 2025 by rpki-client