Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/YboMhCcJstKJLHmryBstvAc5aZc.roa
File: YboMhCcJstKJLHmryBstvAc5aZc.roa (raw, json)
Hash identifier: u/gxCUCoqsgS01TZF0mszEtlLhY6+L1clteDdKf6jws=
Subject key identifier: 61:BA:0C:84:27:09:B2:D2:89:2C:79:AB:C8:1B:2D:BC:07:39:69:97
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 019541CBB09E09A58865D802FB3340018298
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/YboMhCcJstKJLHmryBstvAc5aZc.roa
Signing time: Wed 26 Feb 2025 10:27:02 +0000
ROA not before: Wed 26 Feb 2025 10:27:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207023
IP address blocks: 37.97.116.0/22 maxlen: 24
91.229.147.0/24 maxlen: 24
91.232.18.0/24 maxlen: 24
91.234.122.0/23 maxlen: 24
91.245.88.0/23 maxlen: 23
176.116.238.0/23 maxlen: 24
176.118.200.0/22 maxlen: 22
176.118.204.0/22 maxlen: 22
192.162.186.0/23 maxlen: 24
194.33.64.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:41:cb:b0:9e:09:a5:88:65:d8:02:fb:33:40:01:82:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Feb 26 10:27:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61ba0c842709b2d2892c79abc81b2dbc07396997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3a:bc:6b:01:94:31:2f:b7:96:cd:15:6e:be:
81:70:9f:06:13:ad:e9:63:79:a0:07:2a:6a:1a:cb:
cb:34:59:e3:8c:02:f2:8f:af:ea:e6:73:ca:2c:c5:
98:95:3b:73:3e:c2:df:a4:b6:a7:03:35:9b:15:18:
00:93:71:c6:52:d6:93:96:88:85:a3:1e:56:62:6d:
d3:b2:e1:e2:33:80:1d:6a:4d:b1:2b:13:f9:18:37:
80:8d:b1:94:ed:75:f2:cf:00:ee:1a:1e:93:b7:bb:
34:45:81:be:4e:94:e6:ba:92:57:78:3e:27:42:90:
a1:8f:69:38:0c:d3:83:59:cb:f3:b2:5f:14:0b:c8:
71:30:9f:9b:e8:f6:ed:5a:a8:db:e6:48:0c:42:5e:
51:65:ea:8f:e0:53:3c:b1:ac:fa:7f:c5:70:1a:ce:
5e:93:06:16:ca:43:a7:14:60:2f:fa:f2:18:43:ac:
88:c4:59:ad:c1:55:8a:f7:be:cd:9b:0e:97:d9:42:
f7:86:d2:18:4f:4d:2d:7b:a8:a7:dd:a9:f4:0f:00:
d8:94:54:c5:0e:15:c0:06:ee:19:51:d0:e0:1e:09:
c5:65:be:d3:26:9e:7f:ee:b6:0a:da:e7:b7:c6:94:
d6:16:8a:4c:e1:75:0e:39:10:9c:cc:bd:2c:d1:12:
8e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:BA:0C:84:27:09:B2:D2:89:2C:79:AB:C8:1B:2D:BC:07:39:69:97
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/YboMhCcJstKJLHmryBstvAc5aZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.116.0/22
91.229.147.0/24
91.232.18.0/24
91.234.122.0/23
91.245.88.0/23
176.116.238.0/23
176.118.200.0/21
192.162.186.0/23
194.33.64.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:80:20:71:33:fe:ac:fc:47:0c:d0:5a:cc:be:49:94:ee:b6:
9a:fc:dc:4d:19:75:75:ff:ae:95:3d:d7:bd:92:f9:77:8d:d6:
9e:50:83:88:15:34:ce:0c:f8:68:1a:20:b3:73:87:43:b0:73:
64:d1:be:6f:ab:c3:7a:d1:78:85:20:63:c9:fe:61:58:13:cc:
72:6e:25:f5:85:f9:25:7d:e3:6a:9d:52:93:ff:8e:71:e6:65:
a2:cb:cf:0c:ce:af:e2:ed:23:77:78:da:3a:37:41:6e:b6:9e:
0d:ad:32:d6:0c:85:6c:92:90:3d:e8:12:b8:46:9b:8e:c3:7c:
ec:bd:60:dc:68:d1:ab:63:88:59:29:d4:cb:4a:75:a2:00:93:
ed:d0:5a:2d:54:f7:9e:b7:ec:03:a9:de:e6:de:9d:38:b6:39:
e9:a4:b0:f9:23:a3:d1:f7:20:4d:a0:b6:aa:2b:75:14:0a:aa:
d8:4b:8e:57:8a:b6:18:ba:bf:ad:b7:09:96:79:6c:01:0f:76:
18:19:b9:86:b8:75:ef:d7:da:91:36:f3:0c:2d:a2:b7:50:77:
12:40:c2:65:00:08:d1:d1:0f:c3:52:bc:31:c2:b1:43:80:2a:
57:97:22:f4:0a:2a:80:46:0c:a4:a7:73:c5:4d:90:ba:f5:0b:
12:77:1d:8f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZVBy7CeCaWIZdgC+zNAAYKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMjI2MTAyNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWJhMGM4NDI3MDliMmQyODkyYzc5YWJjODFiMmRiYzA3Mzk2OTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjq8awGUMS+3ls0Vbr6BcJ8GE63p
Y3mgBypqGsvLNFnjjALyj6/q5nPKLMWYlTtzPsLfpLanAzWbFRgAk3HGUtaTloiF
ox5WYm3TsuHiM4Adak2xKxP5GDeAjbGU7XXyzwDuGh6Tt7s0RYG+TpTmupJXeD4n
QpChj2k4DNODWcvzsl8UC8hxMJ+b6PbtWqjb5kgMQl5RZeqP4FM8saz6f8VwGs5e
kwYWykOnFGAv+vIYQ6yIxFmtwVWK977Nmw6X2UL3htIYT00te6in3an0DwDYlFTF
DhXABu4ZUdDgHgnFZb7TJp5/7rYK2ue3xpTWFopM4XUOORCczL0s0RKO3QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGG6DIQnCbLSiSx5q8gbLbwHOWmXMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvWWJvTWhDY0pzdEtKTEhtcnlCc3R2QWM1YVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCJWF0AwQA
W+WTAwQAW+gSAwQBW+p6AwQBW/VYAwQBsHTuAwQDsHbIAwQBwKK6AwQBwiFAMA0G
CSqGSIb3DQEBCwUAA4IBAQB8gCBxM/6s/EcM0FrMvkmU7raa/NxNGXV1/66VPde9
kvl3jdaeUIOIFTTODPhoGiCzc4dDsHNk0b5vq8N60XiFIGPJ/mFYE8xybiX1hfkl
feNqnVKT/45x5mWiy88Mzq/i7SN3eNo6N0Futp4NrTLWDIVskpA96BK4RpuOw3zs
vWDcaNGrY4hZKdTLSnWiAJPt0FotVPeet+wDqd7m3p04tjnppLD5I6PR9yBNoLaq
K3UUCqrYS45XirYYur+ttwmWeWwBD3YYGbmGuHXv19qRNvMMLaK3UHcSQMJlAAjR
0Q/DUrwxwrFDgCpXlyL0CiqARgykp3PFTZC69QsSdx2P
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:33:38 2025 by rpki-client