Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ID4trGdaWKJu5BbNXALaxIjZ31k.roa
File: ID4trGdaWKJu5BbNXALaxIjZ31k.roa (raw, json)
Hash identifier: Pkv6z01q9dvGXVnFDwkYMbgGkDFgHerMyDhgKR/xJeg=
Subject key identifier: 20:3E:2D:AC:67:5A:58:A2:6E:E4:16:CD:5C:02:DA:C4:88:D9:DF:59
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0194258F93F9EA65521823D79ECC2B149F5A
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ID4trGdaWKJu5BbNXALaxIjZ31k.roa
Signing time: Thu 02 Jan 2025 05:49:14 +0000
ROA not before: Thu 02 Jan 2025 05:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209811
IP address blocks: 91.224.41.0/24 maxlen: 24
91.232.227.0/24 maxlen: 24
93.120.8.0/23 maxlen: 23
94.232.96.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:93:f9:ea:65:52:18:23:d7:9e:cc:2b:14:9f:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 05:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=203e2dac675a58a26ee416cd5c02dac488d9df59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:54:29:52:93:2d:fd:12:ea:e1:db:52:b7:62:
24:be:9d:c8:bf:a7:04:59:a7:c7:76:83:98:30:76:
18:bf:5f:15:84:d7:4d:66:a6:62:c6:77:ed:71:5c:
62:f8:73:74:d6:69:79:40:b4:ca:46:5c:c4:f8:12:
dc:d0:74:b2:50:c8:b3:db:e2:fd:fb:e7:b6:20:7e:
b5:b9:a0:19:f4:9f:46:87:c2:8d:ac:e9:ba:af:ca:
ad:1e:29:93:9e:4b:47:66:b0:f0:8d:31:84:db:5e:
5d:fd:3c:0f:65:f1:e2:90:7d:10:4c:b8:47:4a:7b:
19:84:19:44:e8:22:8e:80:ad:3a:b4:5e:d2:a0:c3:
f1:74:dd:85:b5:89:ff:95:b6:af:7f:3d:88:ee:a0:
f7:3f:2d:7e:2e:f1:5d:86:3a:e9:f3:08:57:47:76:
e5:a9:31:1b:ed:72:ed:3a:6e:9e:69:ee:af:ee:c5:
16:83:70:9d:80:6f:5b:f4:50:f9:32:ca:95:76:3c:
49:fb:6c:a0:55:07:00:0e:54:76:17:a4:f1:1d:74:
3a:6b:dc:b8:44:ec:0d:85:e2:49:70:95:9b:2c:5a:
fd:fb:bc:f8:9e:5a:1c:3b:3d:9a:85:83:47:00:c6:
e9:dc:db:7b:55:40:1e:72:d8:d6:5e:e1:5e:0f:10:
a0:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:3E:2D:AC:67:5A:58:A2:6E:E4:16:CD:5C:02:DA:C4:88:D9:DF:59
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ID4trGdaWKJu5BbNXALaxIjZ31k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.41.0/24
91.232.227.0/24
93.120.8.0/23
94.232.96.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:4a:c6:b5:c9:57:89:2a:af:83:16:36:09:de:6e:13:34:14:
ec:28:17:ad:7e:1a:37:fe:48:c3:8f:32:4f:78:84:d9:44:7d:
fa:3b:0c:da:7d:24:96:a7:36:6d:6b:87:75:7d:63:ea:6a:f9:
41:9f:e5:6e:af:7f:e9:ba:3b:e4:ee:b3:5a:02:ec:0b:71:2c:
a3:1a:97:38:ec:b1:2c:36:7f:cc:12:1b:ba:3e:4a:7c:af:0d:
a9:ec:3c:19:55:17:0d:08:42:3f:ce:9e:06:e3:43:26:b5:e5:
40:8f:e2:c1:6a:c2:2e:8d:1b:74:d0:82:36:8b:b3:dd:21:bf:
53:ae:a1:68:91:5a:d5:c2:dc:80:eb:0f:fb:46:67:00:25:36:
0a:1c:3c:8f:f9:af:4e:7a:b6:65:a7:e9:f7:e7:3b:5e:7c:97:
e5:e8:c1:71:d0:ff:7d:30:f0:9c:c3:3b:36:9e:30:79:ee:7b:
ac:9c:1a:e3:2f:ff:f7:bc:fd:85:0b:60:12:1c:b4:3c:fa:b4:
f6:f6:3a:90:ba:b6:8d:e9:04:55:dd:18:be:7f:cd:b8:44:5f:
7e:ae:73:9c:1b:50:81:8e:80:cf:68:1f:c2:1a:36:e0:68:f5:
54:52:f4:7a:30:1a:ee:fc:00:1b:23:62:09:f0:56:bf:58:43:
a5:01:6f:4a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQlj5P56mVSGCPXnswrFJ9aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMTAyMDU0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDNlMmRhYzY3NWE1OGEyNmVlNDE2Y2Q1YzAyZGFjNDg4ZDlkZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1QpUpMt/RLq4dtSt2Ikvp3Iv6cE
WafHdoOYMHYYv18VhNdNZqZixnftcVxi+HN01ml5QLTKRlzE+BLc0HSyUMiz2+L9
++e2IH61uaAZ9J9Gh8KNrOm6r8qtHimTnktHZrDwjTGE215d/TwPZfHikH0QTLhH
SnsZhBlE6CKOgK06tF7SoMPxdN2FtYn/lbavfz2I7qD3Py1+LvFdhjrp8whXR3bl
qTEb7XLtOm6eae6v7sUWg3CdgG9b9FD5MsqVdjxJ+2ygVQcADlR2F6TxHXQ6a9y4
ROwNheJJcJWbLFr9+7z4nlocOz2ahYNHAMbp3Nt7VUAectjWXuFeDxCgkQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCA+LaxnWliibuQWzVwC2sSI2d9ZMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvSUQ0dHJHZGFXS0p1NUJiTlhBTGF4SWpaMzFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+ApAwQA
W+jjAwQBXXgIAwQCXuhgMA0GCSqGSIb3DQEBCwUAA4IBAQBfSsa1yVeJKq+DFjYJ
3m4TNBTsKBetfho3/kjDjzJPeITZRH36OwzafSSWpzZta4d1fWPqavlBn+Vur3/p
ujvk7rNaAuwLcSyjGpc47LEsNn/MEhu6Pkp8rw2p7DwZVRcNCEI/zp4G40MmteVA
j+LBasIujRt00II2i7PdIb9TrqFokVrVwtyA6w/7RmcAJTYKHDyP+a9OerZlp+n3
5ztefJfl6MFx0P99MPCcwzs2njB57nusnBrjL//3vP2FC2ASHLQ8+rT29jqQuraN
6QRV3Ri+f824RF9+rnOcG1CBjoDPaB/CGjbgaPVUUvR6MBru/AAbI2IJ8Fa/WEOl
AW9K
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:50 2025 by rpki-client