Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/aIYlg9Z6r6J1_C5VfiKtlldGRrI.roa
File: aIYlg9Z6r6J1_C5VfiKtlldGRrI.roa (raw, json)
Hash identifier: 1xF0uCQBhw+1hm6OeRG2O6mFUnL8nVyDlkoB9bdADr8=
Subject key identifier: 68:86:25:83:D6:7A:AF:A2:75:FC:2E:55:7E:22:AD:96:57:46:46:B2
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 0194206873E87FEF1FA4E9517772A8BFF525
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/aIYlg9Z6r6J1_C5VfiKtlldGRrI.roa
Signing time: Wed 01 Jan 2025 05:48:23 +0000
ROA not before: Wed 01 Jan 2025 05:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52116
IP address blocks: 89.23.71.0/24 maxlen: 24
178.254.170.0/24 maxlen: 24
178.254.180.0/24 maxlen: 24
178.254.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:73:e8:7f:ef:1f:a4:e9:51:77:72:a8:bf:f5:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Jan 1 05:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68862583d67aafa275fc2e557e22ad96574646b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:aa:81:26:f2:7b:f1:04:f4:c9:dd:c1:2a:62:
96:0f:1e:66:bb:5e:88:39:47:b8:d0:7c:46:e7:92:
54:5f:9f:a4:86:be:da:f2:63:03:77:6b:e9:a7:35:
ab:ed:9e:63:ba:80:ad:a7:a3:fa:45:54:d6:32:01:
21:cb:72:80:a6:2c:3f:1c:ec:ed:a3:75:6a:da:7f:
98:75:65:37:c1:64:05:86:33:a7:9d:2a:d5:f1:88:
1e:8a:f2:96:18:e6:b6:48:33:46:51:f5:90:59:f0:
75:8c:65:04:f6:ab:f4:9f:d4:90:a1:93:43:7d:37:
2b:31:15:d7:e8:56:b4:88:e1:44:82:2d:f8:79:dd:
bd:0b:9a:a4:01:f3:24:95:f3:d1:5d:9a:a0:85:2d:
18:ed:5d:e0:28:a7:51:16:45:a9:e8:0d:72:75:3c:
a7:23:8a:02:81:9e:cd:77:bf:73:d7:cc:8b:b4:02:
04:bc:eb:13:8f:cb:22:37:d1:50:ca:be:64:7f:5b:
24:f0:21:2d:c8:86:15:88:f2:c3:75:c1:ff:3c:df:
1e:7b:af:0c:0f:6f:62:1d:bc:32:32:df:4c:c4:96:
ae:50:ba:96:ef:1c:4a:67:f7:4e:70:57:9f:a9:56:
2b:c2:48:21:36:54:db:a0:a4:8c:ea:77:c8:ea:87:
76:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:86:25:83:D6:7A:AF:A2:75:FC:2E:55:7E:22:AD:96:57:46:46:B2
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/aIYlg9Z6r6J1_C5VfiKtlldGRrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.71.0/24
178.254.170.0/24
178.254.180.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:5c:b7:c4:87:c6:1a:24:0c:7c:ed:1b:5a:72:bb:86:bd:16:
33:40:ad:0e:8b:06:9f:07:b8:99:a7:0d:ef:c2:2e:4b:8d:98:
45:10:9b:dd:77:22:6f:0a:bd:e2:d4:60:07:9f:f1:b5:61:d0:
02:4a:74:09:65:b4:39:27:67:27:36:9f:3e:6e:71:8a:ec:8a:
8e:78:85:ac:a7:4c:b8:c6:38:4f:67:c9:a1:61:f9:8f:e2:72:
6c:14:bb:ba:b5:8b:1a:94:ba:a0:72:7f:d1:32:2e:dd:db:62:
b2:77:99:0c:13:67:d1:a5:4e:66:fc:6b:c5:04:3e:47:b4:fb:
5b:e0:11:31:18:d4:99:46:ce:e6:d9:73:5a:44:0f:68:4b:01:
29:08:88:7e:a8:89:ea:27:e0:5d:9a:f3:af:5e:ed:2f:1a:4a:
29:23:bd:66:61:ee:7c:70:f2:2a:17:c8:c5:ed:66:8b:95:96:
c7:34:12:bf:77:8e:04:44:17:6f:aa:c0:2a:5b:7e:0d:7d:0b:
8f:97:46:50:69:0b:e4:04:22:cb:3d:ae:68:04:2f:b4:9f:17:
5c:1d:7f:0b:84:72:08:06:fc:2d:f8:9b:e8:ed:7b:c9:aa:36:
d0:79:ec:36:f8:88:ad:56:3d:fe:bc:0c:e2:27:4e:a9:7f:f3:
c1:91:84:e0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQgaHPof+8fpOlRd3Kov/UlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjUwMTAxMDU0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODg2MjU4M2Q2N2FhZmEyNzVmYzJlNTU3ZTIyYWQ5NjU3NDY0NmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqqBJvJ78QT0yd3BKmKWDx5mu16I
OUe40HxG55JUX5+khr7a8mMDd2vppzWr7Z5juoCtp6P6RVTWMgEhy3KApiw/HOzt
o3Vq2n+YdWU3wWQFhjOnnSrV8YgeivKWGOa2SDNGUfWQWfB1jGUE9qv0n9SQoZND
fTcrMRXX6Fa0iOFEgi34ed29C5qkAfMklfPRXZqghS0Y7V3gKKdRFkWp6A1ydTyn
I4oCgZ7Nd79z18yLtAIEvOsTj8siN9FQyr5kf1sk8CEtyIYViPLDdcH/PN8ee68M
D29iHbwyMt9MxJauULqW7xxKZ/dOcFefqVYrwkghNlTboKSM6nfI6od2iQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGiGJYPWeq+idfwuVX4irZZXRkayMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvYUlZbGc5WjZyNkoxX0M1VmZpS3RsbGRHUnJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWRdHAwQA
sv6qAwQBsv60MA0GCSqGSIb3DQEBCwUAA4IBAQAaXLfEh8YaJAx87RtacruGvRYz
QK0OiwafB7iZpw3vwi5LjZhFEJvddyJvCr3i1GAHn/G1YdACSnQJZbQ5J2cnNp8+
bnGK7IqOeIWsp0y4xjhPZ8mhYfmP4nJsFLu6tYsalLqgcn/RMi7d22Kyd5kME2fR
pU5m/GvFBD5HtPtb4BExGNSZRs7m2XNaRA9oSwEpCIh+qInqJ+BdmvOvXu0vGkop
I71mYe58cPIqF8jF7WaLlZbHNBK/d44ERBdvqsAqW34NfQuPl0ZQaQvkBCLLPa5o
BC+0nxdcHX8LhHIIBvwt+Jvo7XvJqjbQeew2+IitVj3+vAziJ06pf/PBkYTg
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:59:29 2025 by rpki-client