Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/8l4FtnLwwdEp2oibbUvL_uIxS9E.roa
File: 8l4FtnLwwdEp2oibbUvL_uIxS9E.roa (raw, json)
Hash identifier: LQ2IaIcHgt4i0WPp/lDm2yxGoBa1VH4Xl9eLNEo1qbo=
Subject key identifier: F2:5E:05:B6:72:F0:C1:D1:29:DA:88:9B:6D:4B:CB:FE:E2:31:4B:D1
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 019420D60DB547ECEAD9B58D295EC8978ECC
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/8l4FtnLwwdEp2oibbUvL_uIxS9E.roa
Signing time: Wed 01 Jan 2025 07:48:06 +0000
ROA not before: Wed 01 Jan 2025 07:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31554
IP address blocks: 89.33.5.0/24 maxlen: 24
89.33.248.0/23 maxlen: 23
89.35.160.0/23 maxlen: 23
89.37.156.0/23 maxlen: 23
89.39.110.0/24 maxlen: 24
89.44.214.0/23 maxlen: 23
188.212.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 05:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:0d:b5:47:ec:ea:d9:b5:8d:29:5e:c8:97:8e:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 1 07:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f25e05b672f0c1d129da889b6d4bcbfee2314bd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e6:88:37:2e:f9:20:93:d1:bf:5d:f8:24:ad:
1b:7d:99:83:a2:05:05:3c:26:24:92:1b:53:09:32:
b5:fa:ec:f9:0a:87:9e:4c:a6:2e:d6:b7:f8:0a:3c:
e5:35:4c:78:0f:21:e5:06:4c:7e:d1:40:20:c6:f4:
61:d5:55:54:b4:fb:77:6b:b4:c5:e8:5e:9e:75:d3:
f0:73:9c:e8:22:97:56:25:80:2e:37:47:60:ff:36:
95:b1:cc:a5:bd:7b:85:0a:54:bf:04:b9:d4:7e:cd:
ed:a4:23:2a:5c:0d:ee:a0:c6:6d:2a:26:b7:18:b6:
c9:e7:73:45:dd:3f:81:cf:4f:71:ab:3d:6a:fe:0a:
57:25:94:cc:71:1d:b6:ed:c6:f9:23:74:b5:0c:b8:
37:82:e4:d3:39:81:82:7a:58:fa:4d:97:95:c1:9f:
c8:d5:74:07:8d:f0:7a:ac:d8:4a:5d:6a:7e:df:f0:
11:ea:77:64:95:80:cc:09:8a:55:b5:58:94:72:26:
99:6f:d7:24:33:b7:e5:db:5a:a8:d3:0a:a5:4b:83:
4f:5f:9e:96:cb:60:f9:14:2b:ff:7b:3c:98:a0:c0:
07:b8:dd:4f:bd:cb:70:37:2e:9f:d2:d7:76:dd:00:
8f:78:30:5d:a6:ff:8c:b7:38:9c:a6:75:7f:1f:2c:
d9:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:5E:05:B6:72:F0:C1:D1:29:DA:88:9B:6D:4B:CB:FE:E2:31:4B:D1
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/8l4FtnLwwdEp2oibbUvL_uIxS9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.5.0/24
89.33.248.0/23
89.35.160.0/23
89.37.156.0/23
89.39.110.0/24
89.44.214.0/23
188.212.134.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:87:c7:bc:08:ee:44:1c:91:06:e5:cb:08:42:77:30:fa:f2:
ec:44:6f:ad:90:ca:94:60:17:8a:51:78:6f:07:a0:4d:9e:0b:
17:0c:45:05:a6:31:be:0c:66:80:e4:5b:0f:1c:fe:84:e5:bc:
44:6e:a6:b9:40:21:78:a0:c3:80:c6:af:7a:c6:5c:99:0e:70:
cd:c2:3f:58:ad:eb:14:34:51:f3:72:bc:0b:84:28:3c:8f:72:
58:c9:d5:d6:19:2d:c3:c4:db:3d:db:89:67:12:a7:26:b3:27:
ca:91:63:00:69:7e:fe:da:c7:e0:22:8b:fe:f3:cc:d0:1d:ce:
e9:36:a0:6f:a8:8e:80:02:7f:15:8c:97:6f:a5:9b:b6:d0:a4:
62:83:3e:be:0f:04:70:bd:99:e2:08:25:25:a9:9d:dd:d7:29:
fe:21:a6:3f:7e:40:39:a8:30:72:f6:5e:b3:2f:42:16:ec:54:
90:da:05:10:99:5d:b5:05:a0:4a:ad:8f:9c:8a:61:6c:35:12:
86:a3:70:db:8b:e8:9e:15:3c:27:05:f3:8d:1a:05:37:80:63:
a4:4d:62:ad:2e:9d:c3:c7:80:86:74:4a:b1:f9:d6:c6:3e:a7:
cc:30:71:9e:0d:ad:a7:35:17:15:e8:8a:10:83:cc:f2:ad:d4:
d2:fc:99:ea
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQg1g21R+zq2bWNKV7Il47MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjUwMTAxMDc0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjVlMDViNjcyZjBjMWQxMjlkYTg4OWI2ZDRiY2JmZWUyMzE0YmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuaINy75IJPRv134JK0bfZmDogUF
PCYkkhtTCTK1+uz5CoeeTKYu1rf4CjzlNUx4DyHlBkx+0UAgxvRh1VVUtPt3a7TF
6F6eddPwc5zoIpdWJYAuN0dg/zaVscylvXuFClS/BLnUfs3tpCMqXA3uoMZtKia3
GLbJ53NF3T+Bz09xqz1q/gpXJZTMcR227cb5I3S1DLg3guTTOYGCelj6TZeVwZ/I
1XQHjfB6rNhKXWp+3/AR6ndklYDMCYpVtViUciaZb9ckM7fl21qo0wqlS4NPX56W
y2D5FCv/ezyYoMAHuN1PvctwNy6f0td23QCPeDBdpv+MtzicpnV/HyzZxQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPJeBbZy8MHRKdqIm21Ly/7iMUvRMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvOGw0RnRuTHd3ZEVwMm9pYmJVdkxfdUl4UzlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAWSEFAwQB
WSH4AwQBWSOgAwQBWSWcAwQAWSduAwQBWSzWAwQAvNSGMA0GCSqGSIb3DQEBCwUA
A4IBAQDIh8e8CO5EHJEG5csIQncw+vLsRG+tkMqUYBeKUXhvB6BNngsXDEUFpjG+
DGaA5FsPHP6E5bxEbqa5QCF4oMOAxq96xlyZDnDNwj9YresUNFHzcrwLhCg8j3JY
ydXWGS3DxNs924lnEqcmsyfKkWMAaX7+2sfgIov+88zQHc7pNqBvqI6AAn8VjJdv
pZu20KRigz6+DwRwvZniCCUlqZ3d1yn+IaY/fkA5qDBy9l6zL0IW7FSQ2gUQmV21
BaBKrY+cimFsNRKGo3Dbi+ieFTwnBfONGgU3gGOkTWKtLp3Dx4CGdEqx+dbGPqfM
MHGeDa2nNRcV6IoQg8zyrdTS/Jnq
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:04:37 2025 by rpki-client