Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/1ef061-e581-49e4-b8e4-2bccc275e696/1/ddFSz5BHQOYnaU-gHg3YrxEkhJw.roa
File: ddFSz5BHQOYnaU-gHg3YrxEkhJw.roa (raw, json)
Hash identifier: adygbfjd+yjXvUTx2yOuoRyVaLmd0xsTX9kZsgRNyYY=
Subject key identifier: 75:D1:52:CF:90:47:40:E6:27:69:4F:A0:1E:0D:D8:AF:11:24:84:9C
Certificate issuer: /CN=6961869099145e31d7b4b5c55ec5f9a724ffca7e
Certificate serial: 019423D6EE2AD649897B134B1C3B0F3D4B5D
Authority key identifier: 69:61:86:90:99:14:5E:31:D7:B4:B5:C5:5E:C5:F9:A7:24:FF:CA:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aWGGkJkUXjHXtLXFXsX5pyT_yn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/1ef061-e581-49e4-b8e4-2bccc275e696/1/ddFSz5BHQOYnaU-gHg3YrxEkhJw.roa
Signing time: Wed 01 Jan 2025 21:47:55 +0000
ROA not before: Wed 01 Jan 2025 21:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52180
IP address blocks: 91.222.244.0/22 maxlen: 22
91.222.244.0/23 maxlen: 23
91.222.244.0/24 maxlen: 24
91.222.245.0/24 maxlen: 24
91.222.246.0/23 maxlen: 23
91.222.246.0/24 maxlen: 24
91.222.247.0/24 maxlen: 24
193.242.156.0/22 maxlen: 22
193.242.158.0/23 maxlen: 23
193.242.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/1ef061-e581-49e4-b8e4-2bccc275e696/1/aWGGkJkUXjHXtLXFXsX5pyT_yn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/1ef061-e581-49e4-b8e4-2bccc275e696/1/aWGGkJkUXjHXtLXFXsX5pyT_yn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/aWGGkJkUXjHXtLXFXsX5pyT_yn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 12:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ee:2a:d6:49:89:7b:13:4b:1c:3b:0f:3d:4b:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6961869099145e31d7b4b5c55ec5f9a724ffca7e
Validity
Not Before: Jan 1 21:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75d152cf904740e627694fa01e0dd8af1124849c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c8:75:5d:77:e6:f3:ec:3f:e1:1f:6b:de:3d:
6d:3d:f5:fd:35:36:e4:8a:d9:dd:a9:31:a7:ae:09:
be:37:58:32:04:62:16:56:1d:d1:fa:0d:58:fc:7f:
f1:2d:0d:fb:c2:80:9b:c2:66:e8:a8:40:3e:bc:94:
73:3f:f2:06:fd:e1:b1:73:7b:75:9c:c5:31:9b:a5:
2c:db:16:52:e4:91:13:73:83:32:b8:00:c7:8d:ac:
e3:dc:cd:02:9f:45:96:b2:a4:ff:31:d1:99:f6:ab:
78:02:89:5a:45:a4:2f:cc:23:54:ae:69:1c:36:8b:
b2:aa:da:85:c3:94:1d:70:49:e4:15:dc:dd:d1:fe:
04:af:45:5a:02:0f:0e:12:a7:37:a7:d5:c1:2a:e2:
c6:82:02:f0:4c:65:3b:64:71:83:59:f1:e2:08:ff:
93:16:3f:b5:39:1b:39:75:fa:84:6c:1d:97:1e:b6:
0f:3e:fa:5f:21:df:d4:15:14:f9:d0:f7:3a:88:53:
9e:02:ca:3a:5a:9c:12:be:6d:2d:19:10:1b:84:85:
e6:28:46:6e:d4:2b:1e:33:1b:e1:60:ca:6f:d8:e4:
a0:4d:2f:31:d8:14:4d:64:bc:06:e4:d5:3d:c4:db:
c1:43:44:15:7a:c2:a1:f1:f1:55:95:d8:f7:5b:ea:
54:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:D1:52:CF:90:47:40:E6:27:69:4F:A0:1E:0D:D8:AF:11:24:84:9C
X509v3 Authority Key Identifier:
keyid:69:61:86:90:99:14:5E:31:D7:B4:B5:C5:5E:C5:F9:A7:24:FF:CA:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aWGGkJkUXjHXtLXFXsX5pyT_yn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/1ef061-e581-49e4-b8e4-2bccc275e696/1/ddFSz5BHQOYnaU-gHg3YrxEkhJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/1ef061-e581-49e4-b8e4-2bccc275e696/1/aWGGkJkUXjHXtLXFXsX5pyT_yn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.244.0/22
193.242.156.0/22
Signature Algorithm: sha256WithRSAEncryption
01:59:47:d8:12:f6:fd:03:38:f9:56:b3:cf:1a:4c:04:7b:f4:
01:ec:e8:ea:f1:fa:4c:13:04:a0:53:29:d6:07:72:8f:4c:2e:
e1:0f:11:6a:51:1b:ff:8c:68:91:43:22:4f:f8:9b:cc:09:cc:
86:7e:a6:d9:fd:66:e2:f2:70:1c:aa:f5:b1:48:20:e8:f5:d2:
a7:5f:a0:b4:ee:9f:c0:d1:b1:aa:47:0a:bf:29:5d:53:93:07:
87:4d:39:b8:2d:a4:9f:41:eb:66:e2:58:cb:a5:f5:1c:49:9b:
70:4d:cf:d0:f0:2a:8e:0f:dd:d7:c8:5d:f5:5a:c2:88:8d:94:
a7:4b:3f:a7:26:6f:5e:8b:8e:6a:05:95:df:ad:08:5a:7a:57:
a7:a5:54:80:a4:29:d7:80:a4:73:e7:c4:97:6e:76:e2:d4:a3:
e4:65:35:58:8b:59:36:61:66:31:ea:ca:45:0b:b1:c2:73:ae:
df:3e:fd:33:93:c6:04:18:83:88:95:cd:0e:5c:dc:9f:6a:d3:
cd:ad:aa:51:c9:20:97:e8:ad:87:c0:4e:93:91:f7:8d:6e:9b:
24:cc:ca:98:21:1a:2d:49:62:70:2a:29:f5:4a:15:67:3f:7e:
06:14:e1:19:96:1d:ac:18:83:79:1e:51:14:9d:ad:bc:05:1d:
5b:e2:8c:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1u4q1kmJexNLHDsPPUtdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NjE4NjkwOTkxNDVlMzFkN2I0YjVjNTVlYzVmOWE3MjRm
ZmNhN2UwHhcNMjUwMTAxMjE0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWQxNTJjZjkwNDc0MGU2Mjc2OTRmYTAxZTBkZDhhZjExMjQ4NDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Mh1XXfm8+w/4R9r3j1tPfX9NTbk
itndqTGnrgm+N1gyBGIWVh3R+g1Y/H/xLQ37woCbwmboqEA+vJRzP/IG/eGxc3t1
nMUxm6Us2xZS5JETc4MyuADHjazj3M0Cn0WWsqT/MdGZ9qt4AolaRaQvzCNUrmkc
NouyqtqFw5QdcEnkFdzd0f4Er0VaAg8OEqc3p9XBKuLGggLwTGU7ZHGDWfHiCP+T
Fj+1ORs5dfqEbB2XHrYPPvpfId/UFRT50Pc6iFOeAso6WpwSvm0tGRAbhIXmKEZu
1CseMxvhYMpv2OSgTS8x2BRNZLwG5NU9xNvBQ0QVesKh8fFVldj3W+pU4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHXRUs+QR0DmJ2lPoB4N2K8RJIScMB8GA1UdIwQY
MBaAFGlhhpCZFF4x17S1xV7F+ack/8p+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVdHR2tKa1VYakhYdExYRlhzWDVweVRfeW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8xZWYwNjEtZTU4MS00OWU0LWI4ZTQt
MmJjY2MyNzVlNjk2LzEvZGRGU3o1QkhRT1luYVUtZ0hnM1lyeEVraEp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8xZWYwNjEtZTU4MS00OWU0LWI4ZTQtMmJjY2MyNzVlNjk2
LzEvYVdHR2tKa1VYakhYdExYRlhzWDVweVRfeW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW970AwQC
wfKcMA0GCSqGSIb3DQEBCwUAA4IBAQABWUfYEvb9Azj5VrPPGkwEe/QB7Ojq8fpM
EwSgUynWB3KPTC7hDxFqURv/jGiRQyJP+JvMCcyGfqbZ/Wbi8nAcqvWxSCDo9dKn
X6C07p/A0bGqRwq/KV1TkweHTTm4LaSfQetm4ljLpfUcSZtwTc/Q8CqOD93XyF31
WsKIjZSnSz+nJm9ei45qBZXfrQhaelenpVSApCnXgKRz58SXbnbi1KPkZTVYi1k2
YWYx6spFC7HCc67fPv0zk8YEGIOIlc0OXNyfatPNrapRySCX6K2HwE6TkfeNbpsk
zMqYIRotSWJwKin1ShVnP34GFOEZlh2sGIN5HlEUna28BR1b4oxg
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:11:48 2025 by rpki-client