Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/Ry-o6BvHlNuOD_d14wdLVmhDsgM.roa
File: Ry-o6BvHlNuOD_d14wdLVmhDsgM.roa (raw, json)
Hash identifier: S/jHrYJPbAAtdA+RZZOotd+GpMfWfmGdhS0b8Kc0V30=
Subject key identifier: 47:2F:A8:E8:1B:C7:94:DB:8E:0F:F7:75:E3:07:4B:56:68:43:B2:03
Certificate issuer: /CN=007e6b5aa437d3693151502a211496e37d4ae2c5
Certificate serial: 019422FB2DAB628867306A9A927ED7B88553
Authority key identifier: 00:7E:6B:5A:A4:37:D3:69:31:51:50:2A:21:14:96:E3:7D:4A:E2:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/Ry-o6BvHlNuOD_d14wdLVmhDsgM.roa
Signing time: Wed 01 Jan 2025 17:47:54 +0000
ROA not before: Wed 01 Jan 2025 17:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8677
IP address blocks: 89.106.184.0/21 maxlen: 24
160.92.0.0/16 maxlen: 24
192.136.30.0/24 maxlen: 24
193.16.186.0/23 maxlen: 24
193.16.188.0/22 maxlen: 24
193.56.46.0/24 maxlen: 24
193.58.80.0/21 maxlen: 24
193.201.76.0/23 maxlen: 24
2a01:20:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/AH5rWqQ302kxUVAqIRSW431K4sU.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/AH5rWqQ302kxUVAqIRSW431K4sU.mft
rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:2d:ab:62:88:67:30:6a:9a:92:7e:d7:b8:85:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=007e6b5aa437d3693151502a211496e37d4ae2c5
Validity
Not Before: Jan 1 17:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=472fa8e81bc794db8e0ff775e3074b566843b203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1c:be:7f:fc:14:bb:a5:d6:74:fd:ba:37:de:
7d:c5:de:7b:ba:5f:1d:9f:8e:37:20:59:28:b8:40:
4e:81:ad:80:29:fc:30:8a:da:a5:4d:28:a4:fd:45:
c0:b0:ab:d9:80:01:1a:26:dc:54:3d:cd:b9:e4:93:
4b:31:8a:1d:b6:34:3f:71:ad:3b:68:67:02:5c:19:
9f:26:7d:24:5b:0c:2f:be:e0:09:53:af:f3:3f:cf:
64:4e:69:d7:fe:38:71:0f:6b:a6:bd:cf:2f:c0:28:
25:4d:01:32:6d:3a:2a:50:5b:20:80:a8:c4:7a:20:
23:89:1a:8f:d3:29:af:6c:4e:fe:eb:85:3c:01:95:
c4:9b:00:7e:b0:34:f8:e8:9d:b2:d0:d3:18:46:a3:
6f:a2:6d:5c:35:d8:25:eb:a1:79:88:43:c3:85:c9:
29:96:ce:14:96:eb:9a:44:9f:8d:61:e7:76:1c:70:
4f:30:56:1e:df:d7:4f:2a:22:57:ca:84:7f:1f:5e:
d1:ac:10:62:36:d3:a4:e2:7e:7b:33:0d:04:03:01:
a0:49:f9:9a:2f:8d:8a:d6:c8:4c:f1:fe:dd:c5:f0:
00:04:0c:b4:97:1c:08:21:fc:77:df:ba:6e:65:86:
2e:4d:48:46:dd:f4:52:0c:89:66:99:a6:55:ac:22:
ef:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:2F:A8:E8:1B:C7:94:DB:8E:0F:F7:75:E3:07:4B:56:68:43:B2:03
X509v3 Authority Key Identifier:
keyid:00:7E:6B:5A:A4:37:D3:69:31:51:50:2A:21:14:96:E3:7D:4A:E2:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/Ry-o6BvHlNuOD_d14wdLVmhDsgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/AH5rWqQ302kxUVAqIRSW431K4sU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.184.0/21
160.92.0.0/16
192.136.30.0/24
193.16.186.0-193.16.191.255
193.56.46.0/24
193.58.80.0/21
193.201.76.0/23
IPv6:
2a01:20:6::/48
Signature Algorithm: sha256WithRSAEncryption
6c:38:0a:09:f8:c0:24:9b:25:05:24:27:e6:e9:cb:d7:42:c7:
3b:c7:e0:7e:81:a2:82:c8:94:4b:6f:82:c2:ec:e2:f6:fd:f7:
55:ec:e4:15:bb:39:a2:a4:fe:82:81:7a:76:de:fc:47:0e:be:
92:e4:6a:b6:70:1e:9f:d9:66:2c:cf:6e:06:d3:c8:8d:a5:a2:
dd:ad:53:7e:e4:6e:5c:f7:27:b3:6f:e0:86:c1:99:4d:61:ec:
05:4c:b3:df:c4:64:c8:af:89:ea:d8:e6:f0:26:93:60:73:25:
23:2d:95:a2:12:a9:5d:40:71:82:85:3d:21:de:14:25:3c:09:
a5:37:d6:81:82:42:fa:d7:77:83:eb:b7:3e:8a:97:44:02:23:
66:19:ac:7e:b3:f2:e9:49:47:44:83:8c:c7:93:3c:86:71:c5:
6e:d4:4b:28:2d:4f:7b:ba:94:e6:05:2e:5c:fc:82:9c:57:8e:
4c:3c:fa:25:bb:63:b6:7b:91:f9:91:41:fe:85:c2:30:53:c4:
45:cc:59:78:1f:3b:4e:a2:26:1e:bb:72:ed:a9:8c:15:f7:61:
1e:df:83:36:07:c6:77:c6:e1:29:11:f9:09:6e:23:22:ba:19:
43:33:b9:8a:bc:16:01:a6:a9:bb:18:fb:70:8e:45:82:94:a9:
7a:9b:1e:85
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZQi+y2rYohnMGqakn7XuIVTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwN2U2YjVhYTQzN2QzNjkzMTUxNTAyYTIxMTQ5NmUzN2Q0
YWUyYzUwHhcNMjUwMTAxMTc0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzJmYThlODFiYzc5NGRiOGUwZmY3NzVlMzA3NGI1NjY4NDNiMjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBy+f/wUu6XWdP26N959xd57ul8d
n443IFkouEBOga2AKfwwitqlTSik/UXAsKvZgAEaJtxUPc255JNLMYodtjQ/ca07
aGcCXBmfJn0kWwwvvuAJU6/zP89kTmnX/jhxD2umvc8vwCglTQEybToqUFsggKjE
eiAjiRqP0ymvbE7+64U8AZXEmwB+sDT46J2y0NMYRqNvom1cNdgl66F5iEPDhckp
ls4UluuaRJ+NYed2HHBPMFYe39dPKiJXyoR/H17RrBBiNtOk4n57Mw0EAwGgSfma
L42K1shM8f7dxfAABAy0lxwIIfx337puZYYuTUhG3fRSDIlmmaZVrCLvOwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFEcvqOgbx5Tbjg/3deMHS1ZoQ7IDMB8GA1UdIwQY
MBaAFAB+a1qkN9NpMVFQKiEUluN9SuLFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUg1cldxUTMwMmt4VVZBcUlSU1c0MzFLNHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy81MThmYWItNzYwNi00ODMyLWFhNjYt
NWE4YzY3ODQyMzg5LzEvUnktbzZCdkhsTnVPRF9kMTR3ZExWbWhEc2dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy81MThmYWItNzYwNi00ODMyLWFhNjYtNWE4YzY3ODQyMzg5
LzEvQUg1cldxUTMwMmt4VVZBcUlSU1c0MzFLNHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjA3BAIAATAxAwQDWWq4AwMA
oFwDBADAiB4wDAMEAcEQugMEBsEQgAMEAME4LgMEA8E6UAMEAcHJTDAPBAIAAjAJ
AwcAKgEAIAAGMA0GCSqGSIb3DQEBCwUAA4IBAQBsOAoJ+MAkmyUFJCfm6cvXQsc7
x+B+gaKCyJRLb4LC7OL2/fdV7OQVuzmipP6CgXp23vxHDr6S5Gq2cB6f2WYsz24G
08iNpaLdrVN+5G5c9yezb+CGwZlNYewFTLPfxGTIr4nq2ObwJpNgcyUjLZWiEqld
QHGChT0h3hQlPAmlN9aBgkL613eD67c+ipdEAiNmGax+s/LpSUdEg4zHkzyGccVu
1EsoLU97upTmBS5c/IKcV45MPPolu2O2e5H5kUH+hcIwU8RFzFl4HztOoiYeu3Lt
qYwV92Ee34M2B8Z3xuEpEfkJbiMiuhlDM7mKvBYBpqm7GPtwjkWClKl6mx6F
-----END CERTIFICATE-----
Generated at Sun Apr 13 16:22:19 2025 by rpki-client