Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/yZE684PU1B3lT-aKA30arKwyTEI.roa
File: yZE684PU1B3lT-aKA30arKwyTEI.roa (raw, json)
Hash identifier: isFNdgWP0HVp5O76X23OI/gh9YCy0xYVcwqK0QPMZ60=
Subject key identifier: C9:91:3A:F3:83:D4:D4:1D:E5:4F:E6:8A:03:7D:1A:AC:AC:32:4C:42
Certificate issuer: /CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Certificate serial: 0194221F6B54F63752187C3C206842DB7EDF
Authority key identifier: F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/yZE684PU1B3lT-aKA30arKwyTEI.roa
Signing time: Wed 01 Jan 2025 13:47:51 +0000
ROA not before: Wed 01 Jan 2025 13:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49434
IP address blocks: 91.238.180.0/24 maxlen: 24
91.238.181.0/24 maxlen: 24
91.239.208.0/24 maxlen: 24
185.55.240.0/24 maxlen: 24
194.24.161.0/24 maxlen: 24
2a12:5e40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:6b:54:f6:37:52:18:7c:3c:20:68:42:db:7e:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Validity
Not Before: Jan 1 13:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9913af383d4d41de54fe68a037d1aacac324c42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:40:d3:b7:ba:d9:2c:49:83:05:90:cb:f1:31:
db:ff:91:dd:04:26:41:a1:a5:10:78:02:8d:6d:b7:
9f:8d:6a:c5:e1:af:c7:61:b4:a2:ae:fd:38:c1:3b:
24:7b:1c:15:bf:43:3d:21:36:04:d0:a5:03:82:ef:
8e:e9:03:ad:14:3b:25:f0:f7:80:a0:15:d4:29:83:
35:d6:a8:c4:31:ef:23:65:27:e3:0a:7a:88:3e:bb:
23:db:60:85:c3:0b:f6:c8:89:d4:1e:f0:53:62:a3:
f3:ce:f5:3d:0a:f8:da:17:58:1d:e6:26:32:a4:dd:
60:7b:ba:69:75:52:24:18:f4:01:3c:7a:96:7b:4d:
21:22:ee:07:eb:a7:46:03:06:11:32:f0:17:9c:21:
92:9c:31:e0:df:8f:f9:a8:ae:2c:fd:63:4c:c3:c9:
6d:42:3c:2c:42:3b:86:4d:69:3c:23:25:ef:70:12:
15:02:76:1a:e0:ac:7d:50:08:0b:6b:a8:28:0a:93:
8d:ac:9e:46:3d:a2:9a:d3:fd:18:b2:52:fc:e0:28:
c3:5e:7a:cd:19:64:5a:02:18:0c:49:79:cd:a0:9b:
df:40:51:df:30:65:56:af:c1:1b:98:93:ca:f1:c5:
4e:c2:a3:e1:59:c6:e4:2d:b8:3e:cf:a8:5a:0c:96:
a4:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:91:3A:F3:83:D4:D4:1D:E5:4F:E6:8A:03:7D:1A:AC:AC:32:4C:42
X509v3 Authority Key Identifier:
keyid:F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/yZE684PU1B3lT-aKA30arKwyTEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.180.0/23
91.239.208.0/24
185.55.240.0/24
194.24.161.0/24
IPv6:
2a12:5e40::/32
Signature Algorithm: sha256WithRSAEncryption
89:f5:94:69:4a:cc:f9:12:a7:7e:16:8e:89:aa:35:da:a0:6f:
e4:4d:3e:ec:57:c7:11:c0:9d:53:6d:29:6b:7e:e8:fa:36:51:
a8:4c:2a:44:de:e0:75:e4:a6:5c:29:84:74:74:d8:9e:4c:c4:
82:57:c2:a5:a4:a3:32:13:88:ba:0b:cd:44:fc:03:11:d1:63:
19:1a:e4:80:4d:60:03:4d:ef:ce:f0:e8:a9:9c:77:d7:c3:c5:
11:c9:14:84:cd:95:56:b1:01:ba:94:cd:de:fd:bb:c3:2b:bc:
71:1f:b2:90:c1:67:4a:93:6a:ff:f7:ef:bd:7f:14:45:e9:e7:
cf:4f:71:63:0d:88:49:2f:16:17:b7:bc:73:0b:fa:61:bf:31:
43:f6:c0:d1:10:1d:ea:7c:5d:7f:70:b7:b2:bc:9b:57:d9:4c:
8c:65:61:b8:1c:83:6a:86:6e:ec:89:ed:e3:ce:fc:83:7d:a6:
b4:bf:75:9f:5e:34:9f:85:68:70:98:d8:05:58:ac:8d:14:fe:
69:66:ed:45:76:2c:8c:93:2c:28:59:e3:76:92:13:00:a9:94:
45:60:1e:0e:50:55:01:f4:b3:9b:47:61:b6:de:d8:e6:69:fb:
6a:6e:3f:79:b9:08:78:8a:0c:58:3d:85:99:86:5f:fa:13:cc:
07:0b:b8:f8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQiH2tU9jdSGHw8IGhC237fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZDlhOTI4MmM5ZDI1NDdjNTY2NjM0ZjNiYWNjY2JjZjI1
ODg4MjcwHhcNMjUwMTAxMTM0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTkxM2FmMzgzZDRkNDFkZTU0ZmU2OGEwMzdkMWFhY2FjMzI0YzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kDTt7rZLEmDBZDL8THb/5HdBCZB
oaUQeAKNbbefjWrF4a/HYbSirv04wTskexwVv0M9ITYE0KUDgu+O6QOtFDsl8PeA
oBXUKYM11qjEMe8jZSfjCnqIPrsj22CFwwv2yInUHvBTYqPzzvU9CvjaF1gd5iYy
pN1ge7ppdVIkGPQBPHqWe00hIu4H66dGAwYRMvAXnCGSnDHg34/5qK4s/WNMw8lt
QjwsQjuGTWk8IyXvcBIVAnYa4Kx9UAgLa6goCpONrJ5GPaKa0/0YslL84CjDXnrN
GWRaAhgMSXnNoJvfQFHfMGVWr8EbmJPK8cVOwqPhWcbkLbg+z6haDJakYwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMmROvOD1NQd5U/migN9GqysMkxCMB8GA1UdIwQY
MBaAFPXZqSgsnSVHxWZjTzuszLzyWIgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjct
OGNmNDFjYWZkY2UyLzEveVpFNjg0UFUxQjNsVC1hS0EzMGFyS3d5VEVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjctOGNmNDFjYWZkY2Uy
LzEvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBW+60AwQA
W+/QAwQAuTfwAwQAwhihMA0EAgACMAcDBQAqEl5AMA0GCSqGSIb3DQEBCwUAA4IB
AQCJ9ZRpSsz5Eqd+Fo6JqjXaoG/kTT7sV8cRwJ1TbSlrfuj6NlGoTCpE3uB15KZc
KYR0dNieTMSCV8KlpKMyE4i6C81E/AMR0WMZGuSATWADTe/O8OipnHfXw8URyRSE
zZVWsQG6lM3e/bvDK7xxH7KQwWdKk2r/9++9fxRF6efPT3FjDYhJLxYXt7xzC/ph
vzFD9sDREB3qfF1/cLeyvJtX2UyMZWG4HINqhm7sie3jzvyDfaa0v3WfXjSfhWhw
mNgFWKyNFP5pZu1FdiyMkywoWeN2khMAqZRFYB4OUFUB9LObR2G23tjmaftqbj95
uQh4igxYPYWZhl/6E8wHC7j4
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:04:35 2025 by rpki-client