Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/1-5NUrO_byWPObjKw_XJz8H8qct8.roa
File: 1-5NUrO_byWPObjKw_XJz8H8qct8.roa (raw, json)
Hash identifier: h1I1pFSK7rKXwOACmEPGtKZC6oMngaIIwONtJrknS64=
Subject key identifier: FB:93:54:AC:EF:DB:C9:63:CE:6E:32:B0:FD:72:73:F0:7F:2A:72:DF
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 019422FB69761D632E56E07BBBEA2139995C
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/1-5NUrO_byWPObjKw_XJz8H8qct8.roa
Signing time: Wed 01 Jan 2025 17:48:09 +0000
ROA not before: Wed 01 Jan 2025 17:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8683
IP address blocks: 149.20.96.0/22 maxlen: 22
149.20.100.0/22 maxlen: 22
149.20.104.0/22 maxlen: 22
149.20.108.0/22 maxlen: 22
213.248.196.0/23 maxlen: 23
213.248.198.0/23 maxlen: 23
213.248.228.0/23 maxlen: 23
213.248.230.0/23 maxlen: 23
213.248.232.0/21 maxlen: 21
213.248.240.0/21 maxlen: 21
213.248.249.0/24 maxlen: 24
213.248.252.0/23 maxlen: 23
2a01:618:8000::/33 maxlen: 33
2a01:618:8000::/40 maxlen: 40
2a01:61c:1000::/40 maxlen: 40
2a01:61c:1100::/40 maxlen: 40
2a01:61c:1900::/40 maxlen: 40
2a01:61c:1a00::/40 maxlen: 40
2a01:61c:1d00::/40 maxlen: 40
2a01:61c:1f00::/40 maxlen: 40
2a01:61c:2000::/40 maxlen: 40
2a01:61c:2100::/40 maxlen: 40
2a01:61c:2a00::/40 maxlen: 40
2a01:61c:2f00::/40 maxlen: 40
2a01:61c:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:69:76:1d:63:2e:56:e0:7b:bb:ea:21:39:99:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Jan 1 17:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb9354acefdbc963ce6e32b0fd7273f07f2a72df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4a:bb:7e:eb:8e:da:a3:c8:e5:f3:5d:12:ef:
43:78:85:6b:75:70:77:e9:a9:d2:fe:fd:ac:b4:2f:
f1:66:74:9f:2b:d6:a2:69:a4:e4:7e:6e:99:dc:d6:
f0:d9:5e:5d:7c:76:b3:49:0f:91:61:61:c3:83:a4:
c7:63:ab:e3:9e:3e:4a:e3:9d:4e:83:f9:be:8c:3e:
43:e1:89:ef:48:4d:a0:c7:a7:ea:b7:49:7b:cc:9c:
86:cb:b0:02:98:8f:9e:98:7e:bf:6c:e8:24:13:d7:
17:81:a3:0b:c1:3f:cc:63:d4:4c:16:de:b1:63:2b:
d7:40:34:6f:2a:f4:46:a1:a7:6e:15:e0:f2:e4:81:
3b:a8:f3:4d:34:23:60:31:80:a6:a3:5d:c0:a9:cb:
dd:52:8b:1d:d9:50:c5:3a:02:93:f9:e4:44:9c:f7:
7b:4f:85:d3:ab:fa:3b:8a:45:56:bb:dc:47:94:9e:
04:d1:02:dc:a2:e0:e1:2d:a3:69:93:b7:d8:e7:92:
18:04:16:03:ee:4e:6d:61:a5:35:87:d9:1f:96:31:
f3:a7:ca:c2:f7:a2:60:50:ba:55:bd:27:6a:3f:65:
45:8c:73:38:f1:82:55:22:e9:88:4f:39:f0:c2:f5:
ce:91:4d:3e:0c:97:16:49:d2:ee:fc:3f:fc:72:a2:
e2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:93:54:AC:EF:DB:C9:63:CE:6E:32:B0:FD:72:73:F0:7F:2A:72:DF
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/1-5NUrO_byWPObjKw_XJz8H8qct8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.20.96.0/20
213.248.196.0/22
213.248.228.0-213.248.247.255
213.248.249.0/24
213.248.252.0/23
IPv6:
2a01:618:8000::/33
2a01:61c:1000::/39
2a01:61c:1900::-2a01:61c:1aff:ffff:ffff:ffff:ffff:ffff
2a01:61c:1d00::/40
2a01:61c:1f00::-2a01:61c:21ff:ffff:ffff:ffff:ffff:ffff
2a01:61c:2a00::/40
2a01:61c:2f00::/40
2a01:61c:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
30:4e:a3:98:88:d5:42:f8:bf:85:f1:07:0e:3c:1c:e0:5a:b1:
85:93:c8:72:51:58:ab:73:fc:f2:89:1e:89:00:a9:4d:56:a1:
ef:0c:49:a1:85:55:d5:07:a3:fb:81:24:aa:ad:52:f9:47:63:
3d:4e:79:e1:10:7a:59:0e:aa:8b:10:46:ff:fd:f3:2c:d7:d6:
61:81:db:6c:42:cc:60:c4:98:b3:0f:87:23:c0:47:68:23:91:
6e:b9:9d:9d:4d:f0:eb:ac:4b:57:55:79:67:ec:d4:bc:2b:9c:
67:9e:42:54:91:26:0a:2e:f5:04:dc:bd:85:25:a1:1d:fb:f2:
c2:69:de:11:54:3c:aa:d8:6d:e3:f8:6f:d3:75:be:38:97:b5:
76:df:cc:c8:95:bf:7d:0a:0d:d6:da:c9:74:d9:33:47:f4:ca:
4d:b1:78:46:61:39:69:79:6d:a3:44:e3:2f:95:1e:df:b4:1d:
64:48:31:e3:26:08:55:17:d3:a7:01:10:bb:f0:eb:c0:61:bd:
12:1a:d4:c0:38:93:2d:46:84:fc:1b:ec:6a:97:b3:d8:c2:1b:
ce:7c:dd:00:b9:61:e4:1c:b3:fa:06:86:8f:94:f3:05:bc:6a:
3d:7a:18:21:22:38:ac:17:77:ab:a7:2b:07:d6:9d:96:2f:2d:
42:16:e0:6f
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZQi+2l2HWMuVuB7u+ohOZlcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjUwMTAxMTc0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjkzNTRhY2VmZGJjOTYzY2U2ZTMyYjBmZDcyNzNmMDdmMmE3MmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0q7fuuO2qPI5fNdEu9DeIVrdXB3
6anS/v2stC/xZnSfK9aiaaTkfm6Z3Nbw2V5dfHazSQ+RYWHDg6THY6vjnj5K451O
g/m+jD5D4YnvSE2gx6fqt0l7zJyGy7ACmI+emH6/bOgkE9cXgaMLwT/MY9RMFt6x
YyvXQDRvKvRGoaduFeDy5IE7qPNNNCNgMYCmo13AqcvdUosd2VDFOgKT+eREnPd7
T4XTq/o7ikVWu9xHlJ4E0QLcouDhLaNpk7fY55IYBBYD7k5tYaU1h9kfljHzp8rC
96JgULpVvSdqP2VFjHM48YJVIumITznwwvXOkU0+DJcWSdLu/D/8cqLiMQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFPuTVKzv28ljzm4ysP1yc/B/KnLfMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvMS01TlVyT19ieVdQT2JqS3dfWEp6OEg4cWN0OC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjcvMjYyYTRiLWM3MDEtNDhkYy05YWU1LTM0NjM2ODgyN2U2
OC8xL1lpN01iTVdRT3VvTnRoSUE5TXpVLUNUTjFVOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBngYIKwYBBQUHAQcBAf8EgY4wgYswLAQCAAEwJgMEBJUU
YAMEAtX4xDAMAwQC1fjkAwQD1fjwAwQA1fj5AwQB1fj8MFsEAgACMFUDBgcqAQYY
gAMGASoBBhwQMBADBgAqAQYcGQMGACoBBhwaAwYAKgEGHB0wEAMGACoBBhwfAwYB
KgEGHCADBgAqAQYcKgMGACoBBhwvAwcAKgEGHP//MA0GCSqGSIb3DQEBCwUAA4IB
AQAwTqOYiNVC+L+F8QcOPBzgWrGFk8hyUVirc/zyiR6JAKlNVqHvDEmhhVXVB6P7
gSSqrVL5R2M9TnnhEHpZDqqLEEb//fMs19ZhgdtsQsxgxJizD4cjwEdoI5FuuZ2d
TfDrrEtXVXln7NS8K5xnnkJUkSYKLvUE3L2FJaEd+/LCad4RVDyq2G3j+G/Tdb44
l7V238zIlb99Cg3W2sl02TNH9MpNsXhGYTlpeW2jROMvlR7ftB1kSDHjJghVF9On
ARC78OvAYb0SGtTAOJMtRoT8G+xql7PYwhvOfN0AuWHkHLP6BoaPlPMFvGo9ehgh
IjisF3erpysH1p2WLy1CFuBv
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:15:47 2025 by rpki-client