Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/PpuH6UZdHiPbsmr0e060Bitru2g.roa
File: PpuH6UZdHiPbsmr0e060Bitru2g.roa (raw, json)
Hash identifier: S+KU/xPGIUttnT6f0HUq3beFm6aOsdHTB3Cjru0v55o=
Subject key identifier: 3E:9B:87:E9:46:5D:1E:23:DB:B2:6A:F4:7B:4E:B4:06:2B:6B:BB:68
Certificate issuer: /CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Certificate serial: 01954299ADE86DFFD9A0398A113A167CBEBB
Authority key identifier: F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/PpuH6UZdHiPbsmr0e060Bitru2g.roa
Signing time: Wed 26 Feb 2025 14:12:02 +0000
ROA not before: Wed 26 Feb 2025 14:12:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199912
IP address blocks: 88.214.24.0/24 maxlen: 24
91.238.180.0/24 maxlen: 24
91.238.181.0/24 maxlen: 24
185.55.240.0/24 maxlen: 24
193.24.211.0/24 maxlen: 24
194.24.161.0/24 maxlen: 24
2a12:5e41::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:42:99:ad:e8:6d:ff:d9:a0:39:8a:11:3a:16:7c:be:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Validity
Not Before: Feb 26 14:12:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e9b87e9465d1e23dbb26af47b4eb4062b6bbb68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2f:f7:ba:f6:5e:63:1b:aa:0f:cc:42:af:e6:
23:d2:09:06:50:af:1d:66:a3:ec:3c:eb:de:e5:4d:
fe:80:14:8b:3f:6c:14:1d:b6:4c:86:93:18:04:55:
1c:c2:a3:c3:dd:0d:a1:c9:11:13:5e:08:b9:9a:b8:
02:6e:be:31:f4:18:14:f0:56:9b:da:e3:f2:2c:1d:
e5:63:b3:98:1e:65:8c:43:1a:88:c2:ce:64:76:5d:
29:47:80:0e:54:39:22:3f:ea:ee:f4:3c:06:c5:12:
db:33:60:a4:10:1d:e4:0f:c5:87:6e:1b:6a:43:62:
1a:3e:6d:2e:ea:0c:b1:fc:6d:d1:83:6b:c2:9f:09:
25:ea:53:98:fe:49:67:75:06:ac:d9:27:7e:84:33:
49:a2:bb:bd:e3:80:12:17:c3:82:bb:7f:f3:b4:22:
04:da:da:30:89:7a:15:67:48:e9:66:a0:73:14:59:
c8:9b:8a:79:5b:05:08:26:86:68:49:16:7d:71:e1:
d6:a3:14:ef:9c:8a:c9:67:9c:6c:86:56:0b:ad:db:
20:62:68:13:9c:b9:f7:ff:05:f6:07:0d:e6:29:44:
f9:d8:29:58:1f:6a:d9:39:97:24:9c:b8:b6:f2:3d:
56:17:74:d4:d9:ac:1e:69:eb:58:19:e3:11:29:98:
10:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:9B:87:E9:46:5D:1E:23:DB:B2:6A:F4:7B:4E:B4:06:2B:6B:BB:68
X509v3 Authority Key Identifier:
keyid:F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/PpuH6UZdHiPbsmr0e060Bitru2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.24.0/24
91.238.180.0/23
185.55.240.0/24
193.24.211.0/24
194.24.161.0/24
IPv6:
2a12:5e41::/32
Signature Algorithm: sha256WithRSAEncryption
85:a8:d5:0d:47:14:5b:4b:b2:c7:6f:fc:6d:b0:f4:29:83:f9:
f4:48:67:a6:96:55:c9:3b:c9:32:cd:71:b4:71:f8:48:d0:73:
f8:56:f5:f3:e0:2e:52:05:00:1b:e0:58:84:4d:8b:82:fa:f2:
4d:db:fa:90:63:da:37:c7:d8:3c:e3:ae:7d:d0:4c:61:af:aa:
91:ec:12:6a:41:f0:a5:e7:4a:f3:4d:ea:8e:58:b4:f5:25:29:
e5:19:c5:f4:ec:c9:59:53:f0:ee:77:2e:68:80:e8:0e:65:95:
73:11:dc:63:3a:7e:cf:5a:9d:0d:ed:7e:4f:7b:78:18:29:f2:
cf:ae:98:24:b1:7c:84:03:b0:a2:d9:b6:ad:42:4f:64:72:46:
80:a0:7c:5e:eb:8f:ad:46:28:a4:81:11:2e:53:72:47:10:a3:
ca:be:80:27:38:a2:0a:a7:5b:d8:bc:d5:9f:91:a4:ad:dd:47:
fa:fb:0e:7a:21:23:33:91:47:89:aa:c0:d7:3c:00:67:4c:e0:
75:cf:31:b6:40:0d:8b:39:9b:61:98:42:16:13:38:7e:a3:fa:
9a:7b:ca:9e:28:56:a2:dd:52:99:97:cd:4e:34:72:0b:dd:37:
97:3f:83:10:60:3e:91:b3:f8:f2:95:f3:48:48:48:18:73:c8:
3d:42:60:22
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZVCma3obf/ZoDmKEToWfL67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZDlhOTI4MmM5ZDI1NDdjNTY2NjM0ZjNiYWNjY2JjZjI1
ODg4MjcwHhcNMjUwMjI2MTQxMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTliODdlOTQ2NWQxZTIzZGJiMjZhZjQ3YjRlYjQwNjJiNmJiYjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvi/3uvZeYxuqD8xCr+Yj0gkGUK8d
ZqPsPOve5U3+gBSLP2wUHbZMhpMYBFUcwqPD3Q2hyRETXgi5mrgCbr4x9BgU8Fab
2uPyLB3lY7OYHmWMQxqIws5kdl0pR4AOVDkiP+ru9DwGxRLbM2CkEB3kD8WHbhtq
Q2IaPm0u6gyx/G3Rg2vCnwkl6lOY/klndQas2Sd+hDNJoru944ASF8OCu3/ztCIE
2towiXoVZ0jpZqBzFFnIm4p5WwUIJoZoSRZ9ceHWoxTvnIrJZ5xshlYLrdsgYmgT
nLn3/wX2Bw3mKUT52ClYH2rZOZcknLi28j1WF3TU2aweaetYGeMRKZgQJQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFD6bh+lGXR4j27Jq9HtOtAYra7toMB8GA1UdIwQY
MBaAFPXZqSgsnSVHxWZjTzuszLzyWIgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjct
OGNmNDFjYWZkY2UyLzEvUHB1SDZVWmRIaVBic21yMGUwNjBCaXRydTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjctOGNmNDFjYWZkY2Uy
LzEvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAWNYYAwQB
W+60AwQAuTfwAwQAwRjTAwQAwhihMA0EAgACMAcDBQAqEl5BMA0GCSqGSIb3DQEB
CwUAA4IBAQCFqNUNRxRbS7LHb/xtsPQpg/n0SGemllXJO8kyzXG0cfhI0HP4VvXz
4C5SBQAb4FiETYuC+vJN2/qQY9o3x9g846590Exhr6qR7BJqQfCl50rzTeqOWLT1
JSnlGcX07MlZU/Dudy5ogOgOZZVzEdxjOn7PWp0N7X5Pe3gYKfLPrpgksXyEA7Ci
2batQk9kckaAoHxe64+tRiikgREuU3JHEKPKvoAnOKIKp1vYvNWfkaSt3Uf6+w56
ISMzkUeJqsDXPABnTOB1zzG2QA2LOZthmEIWEzh+o/qae8qeKFai3VKZl81ONHIL
3TeXP4MQYD6Rs/jylfNISEgYc8g9QmAi
-----END CERTIFICATE-----
Generated at Sat Apr 12 15:04:48 2025 by rpki-client