Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/Ck9V105I1WzILyho--HhjxtMhOo.roa
File: Ck9V105I1WzILyho--HhjxtMhOo.roa (raw, json)
Hash identifier: n/nSiTnqvWrHsmL1agIClZLa+JDSNKpvkkGREC8GFbY=
Subject key identifier: 0A:4F:55:D7:4E:48:D5:6C:C8:2F:28:68:FB:E1:E1:8F:1B:4C:84:EA
Certificate issuer: /CN=7274b5ee2aa0778af1304358225ac67e55170a88
Certificate serial: 019424B3B46C0C16462BF9BE07D5F4EB4620
Authority key identifier: 72:74:B5:EE:2A:A0:77:8A:F1:30:43:58:22:5A:C6:7E:55:17:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/Ck9V105I1WzILyho--HhjxtMhOo.roa
Signing time: Thu 02 Jan 2025 01:49:04 +0000
ROA not before: Thu 02 Jan 2025 01:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205115
IP address blocks: 87.120.56.0/23 maxlen: 24
87.120.70.0/23 maxlen: 24
87.120.82.0/23 maxlen: 24
87.120.94.0/23 maxlen: 24
87.120.188.0/23 maxlen: 24
87.120.238.0/23 maxlen: 24
87.121.80.0/23 maxlen: 24
94.156.38.0/23 maxlen: 24
178.249.236.0/22 maxlen: 24
185.134.108.0/22 maxlen: 24
2a06:eb40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft
rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:b4:6c:0c:16:46:2b:f9:be:07:d5:f4:eb:46:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7274b5ee2aa0778af1304358225ac67e55170a88
Validity
Not Before: Jan 2 01:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a4f55d74e48d56cc82f2868fbe1e18f1b4c84ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f8:fa:d9:49:e4:e7:b8:e1:a3:9c:81:d4:01:
88:86:72:0b:20:57:1a:01:e8:42:28:91:f5:83:49:
f3:de:dd:15:c0:86:b9:0e:07:5b:ea:86:37:59:57:
f8:c5:60:5e:04:b6:d8:47:49:29:66:42:6b:88:ff:
ec:8e:99:1d:61:c8:ad:36:17:ed:f9:1f:bf:ff:64:
69:ba:24:a1:ba:65:de:44:77:c9:d2:02:7f:d6:80:
6a:81:58:cd:f7:3d:d5:7b:0b:37:f7:d2:6f:c6:cc:
37:b0:f3:ff:91:0d:65:dd:bc:61:30:58:57:ce:54:
e4:8d:fa:ae:2c:24:78:59:aa:24:a7:3d:49:56:e6:
39:51:58:22:e5:9b:b4:fe:ae:0c:49:ef:01:66:19:
9b:70:11:18:0b:77:8c:f1:b2:32:09:18:e3:32:24:
ae:e9:3d:d3:56:34:90:37:47:31:2f:03:57:16:4c:
bb:0d:ad:82:07:2a:1e:29:57:e0:0e:ba:e0:29:2e:
c1:a4:49:1c:d9:98:df:03:d8:ec:9b:2f:fd:49:3b:
af:45:9a:25:9e:79:73:4f:d5:8b:1d:02:5f:a8:50:
a7:38:81:15:c0:ed:0f:8f:5d:2f:ff:be:26:0d:85:
93:68:d9:cb:5f:40:86:2a:a2:ae:da:8d:a5:4a:34:
3c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:4F:55:D7:4E:48:D5:6C:C8:2F:28:68:FB:E1:E1:8F:1B:4C:84:EA
X509v3 Authority Key Identifier:
keyid:72:74:B5:EE:2A:A0:77:8A:F1:30:43:58:22:5A:C6:7E:55:17:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/Ck9V105I1WzILyho--HhjxtMhOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.56.0/23
87.120.70.0/23
87.120.82.0/23
87.120.94.0/23
87.120.188.0/23
87.120.238.0/23
87.121.80.0/23
94.156.38.0/23
178.249.236.0/22
185.134.108.0/22
IPv6:
2a06:eb40::/29
Signature Algorithm: sha256WithRSAEncryption
8c:50:a1:92:c6:65:c4:58:e8:5e:7f:66:0f:ae:33:4b:a5:2e:
e2:d5:be:bd:82:f0:61:dc:36:e2:53:f1:9c:12:ff:ab:c9:ea:
50:c9:9b:de:72:e5:36:57:92:f0:c5:58:8b:34:31:37:59:76:
71:3d:8d:a0:6e:d0:93:a6:2b:29:9b:35:69:78:13:d0:19:1b:
fd:82:85:53:01:32:0e:44:7d:4f:3e:a0:08:ec:b7:85:f7:e1:
29:15:6f:32:41:5d:55:f3:39:b9:eb:0c:32:4b:b6:29:5f:da:
27:7b:d8:5a:68:69:2f:74:f9:23:42:ef:c4:f4:46:c2:50:89:
86:f1:65:67:50:8b:4b:36:41:dc:da:85:44:c4:6a:d6:6c:3a:
68:5c:f0:c7:bf:54:4c:97:a9:5d:d7:a5:eb:1c:fe:65:5c:00:
89:30:98:17:f8:3a:e1:f4:e6:7e:66:30:13:2d:b3:ad:eb:0c:
21:76:94:9e:d3:1d:f1:b5:0b:93:76:f7:0f:96:12:79:ad:3b:
6a:3c:10:b3:9e:69:1f:00:46:1b:32:aa:24:ca:cf:1b:34:08:
7f:7c:7a:88:c2:75:08:de:18:c6:36:a3:7d:0a:2d:89:ac:dd:
b1:41:e9:6e:34:68:f8:db:32:00:24:79:30:87:c3:43:ec:34:
96:24:94:5a
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZQks7RsDBZGK/m+B9X060YgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzRiNWVlMmFhMDc3OGFmMTMwNDM1ODIyNWFjNjdlNTUx
NzBhODgwHhcNMjUwMTAyMDE0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTRmNTVkNzRlNDhkNTZjYzgyZjI4NjhmYmUxZTE4ZjFiNGM4NGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfj62Unk57jho5yB1AGIhnILIFca
AehCKJH1g0nz3t0VwIa5Dgdb6oY3WVf4xWBeBLbYR0kpZkJriP/sjpkdYcitNhft
+R+//2RpuiShumXeRHfJ0gJ/1oBqgVjN9z3Vews399Jvxsw3sPP/kQ1l3bxhMFhX
zlTkjfquLCR4Waokpz1JVuY5UVgi5Zu0/q4MSe8BZhmbcBEYC3eM8bIyCRjjMiSu
6T3TVjSQN0cxLwNXFky7Da2CByoeKVfgDrrgKS7BpEkc2ZjfA9jsmy/9STuvRZol
nnlzT9WLHQJfqFCnOIEVwO0Pj10v/74mDYWTaNnLX0CGKqKu2o2lSjQ8BQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFApPVddOSNVsyC8oaPvh4Y8bTITqMB8GA1UdIwQY
MBaAFHJ0te4qoHeK8TBDWCJaxn5VFwqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25TMTdpcWdkNHJ4TUVOWUlsckdmbFVYQ29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi84MTA2YzYtOTZlMy00ODU2LThlNTMt
NjllYmVkMTc4MTRhLzEvQ2s5VjEwNUkxV3pJTHloby0tSGhqeHRNaE9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi84MTA2YzYtOTZlMy00ODU2LThlNTMtNjllYmVkMTc4MTRh
LzEvY25TMTdpcWdkNHJ4TUVOWUlsckdmbFVYQ29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQBV3g4AwQB
V3hGAwQBV3hSAwQBV3heAwQBV3i8AwQBV3juAwQBV3lQAwQBXpwmAwQCsvnsAwQC
uYZsMA0EAgACMAcDBQMqButAMA0GCSqGSIb3DQEBCwUAA4IBAQCMUKGSxmXEWOhe
f2YPrjNLpS7i1b69gvBh3DbiU/GcEv+ryepQyZvecuU2V5LwxViLNDE3WXZxPY2g
btCTpispmzVpeBPQGRv9goVTATIORH1PPqAI7LeF9+EpFW8yQV1V8zm56wwyS7Yp
X9one9haaGkvdPkjQu/E9EbCUImG8WVnUItLNkHc2oVExGrWbDpoXPDHv1RMl6ld
16XrHP5lXACJMJgX+Drh9OZ+ZjATLbOt6wwhdpSe0x3xtQuTdvcPlhJ5rTtqPBCz
nmkfAEYbMqokys8bNAh/fHqIwnUI3hjGNqN9Ci2JrN2xQeluNGj42zIAJHkwh8ND
7DSWJJRa
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:56 2025 by rpki-client