Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/bIscYSktyuSdXA8uuitNFV9EUno.roa
File: bIscYSktyuSdXA8uuitNFV9EUno.roa (raw, json)
Hash identifier: w2B+jU39CkMFN16wFNwH+8WwrfFPrjamkhdn7et9g8s=
Subject key identifier: 6C:8B:1C:61:29:2D:CA:E4:9D:5C:0F:2E:BA:2B:4D:15:5F:44:52:7A
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01942747A5D47865E2CC8698A27DBEFC1B4A
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/bIscYSktyuSdXA8uuitNFV9EUno.roa
Signing time: Thu 02 Jan 2025 13:49:54 +0000
ROA not before: Thu 02 Jan 2025 13:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 77.90.167.0/24 maxlen: 24
213.209.135.0/24 maxlen: 24
213.209.141.0/24 maxlen: 24
213.209.153.0/24 maxlen: 24
213.209.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 11:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:a5:d4:78:65:e2:cc:86:98:a2:7d:be:fc:1b:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 2 13:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c8b1c61292dcae49d5c0f2eba2b4d155f44527a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:67:3d:0f:7a:42:bc:7c:20:a3:26:df:e3:e7:
fc:eb:00:20:6a:e3:e4:37:4b:2f:8c:ea:55:cc:53:
fa:1b:ab:3c:84:f7:36:2e:ce:46:64:eb:73:98:4f:
4a:b9:98:a0:d7:4d:a1:41:fc:4e:d6:36:52:cd:86:
80:49:a1:e1:ce:11:d1:64:e5:b6:41:53:5f:98:95:
0a:8f:a8:dc:1f:15:61:4c:85:89:5f:cf:b6:de:ba:
a8:67:6b:91:d6:37:5a:55:d0:3b:45:f9:2f:7f:4a:
16:53:29:a9:e8:b3:50:b5:90:ef:47:f7:01:f7:fb:
c6:f3:9c:72:05:17:15:71:d2:f7:5e:3d:dd:15:4a:
75:85:ff:24:cc:cc:98:4f:b0:06:9b:7b:ac:4c:f7:
fd:3e:00:7c:1f:1a:aa:4c:62:fe:ac:10:be:0e:44:
4f:0f:c7:4a:4a:17:05:d2:d5:7d:6f:8b:f0:f9:02:
ba:cd:07:d8:be:06:f5:fd:ad:f4:f8:c2:2e:3c:3a:
b0:76:33:97:b9:e1:8b:7d:3e:9b:78:d5:2c:32:87:
bb:a7:bf:f0:bb:4c:f5:16:46:cb:97:62:3f:61:2b:
fb:5f:c6:59:66:61:4a:6b:c1:48:e9:59:d1:55:27:
ea:aa:df:44:79:8a:3c:af:e2:6f:0e:54:29:57:cb:
a2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:8B:1C:61:29:2D:CA:E4:9D:5C:0F:2E:BA:2B:4D:15:5F:44:52:7A
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/bIscYSktyuSdXA8uuitNFV9EUno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.167.0/24
213.209.135.0/24
213.209.141.0/24
213.209.153.0-213.209.154.255
Signature Algorithm: sha256WithRSAEncryption
88:a7:7f:4e:d1:b9:fe:c8:1a:c1:b8:a0:fb:6b:64:0e:82:0e:
6b:31:5e:6a:8a:9e:dc:7b:7f:1d:1c:ea:80:3b:87:9e:d6:5d:
d9:d1:f6:fe:4c:64:34:e0:2f:cc:40:70:4e:47:80:63:e2:d5:
b1:11:c6:9c:fd:11:2f:5c:16:3e:28:60:35:03:1c:6b:29:c6:
15:77:9e:37:f5:f6:5d:b5:2a:c5:fc:d2:94:ad:28:93:35:2d:
65:b5:02:b3:c2:a9:f2:9d:82:e7:20:67:9b:d4:1d:85:db:bd:
0c:0f:b0:d8:08:bf:4a:9f:42:43:9b:de:b2:38:58:83:65:91:
b3:70:84:d4:2b:1c:32:88:67:70:36:80:f4:2a:71:bc:e1:4a:
83:e9:f3:51:58:9c:90:09:30:b9:2a:73:5e:d3:de:ff:f6:64:
79:18:b1:1d:33:0f:c4:e8:52:12:18:d7:76:b3:69:8a:99:21:
0b:95:17:f1:dc:ae:94:e1:65:be:00:54:b9:34:09:dd:fe:39:
2b:89:25:72:37:0d:8f:e8:54:9b:75:c6:b1:c9:40:ee:4d:15:
6e:7e:34:12:9a:9d:8f:25:53:e0:fb:4f:06:d8:d3:11:60:54:
07:7a:25:10:72:05:13:ff:cb:3c:f1:75:d1:4d:23:43:a6:d4:
fd:93:e9:52
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQnR6XUeGXizIaYon2+/BtKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjUwMTAyMTM0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzhiMWM2MTI5MmRjYWU0OWQ1YzBmMmViYTJiNGQxNTVmNDQ1MjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Wc9D3pCvHwgoybf4+f86wAgauPk
N0svjOpVzFP6G6s8hPc2Ls5GZOtzmE9KuZig102hQfxO1jZSzYaASaHhzhHRZOW2
QVNfmJUKj6jcHxVhTIWJX8+23rqoZ2uR1jdaVdA7Rfkvf0oWUymp6LNQtZDvR/cB
9/vG85xyBRcVcdL3Xj3dFUp1hf8kzMyYT7AGm3usTPf9PgB8HxqqTGL+rBC+DkRP
D8dKShcF0tV9b4vw+QK6zQfYvgb1/a30+MIuPDqwdjOXueGLfT6beNUsMoe7p7/w
u0z1FkbLl2I/YSv7X8ZZZmFKa8FI6VnRVSfqqt9EeYo8r+JvDlQpV8uibwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGyLHGEpLcrknVwPLrorTRVfRFJ6MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvYklzY1lTa3R5dVNkWEE4dXVpdE5GVjlFVW5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQATVqnAwQA
1dGHAwQA1dGNMAwDBADV0ZkDBADV0ZowDQYJKoZIhvcNAQELBQADggEBAIinf07R
uf7IGsG4oPtrZA6CDmsxXmqKntx7fx0c6oA7h57WXdnR9v5MZDTgL8xAcE5HgGPi
1bERxpz9ES9cFj4oYDUDHGspxhV3njf19l21KsX80pStKJM1LWW1ArPCqfKdgucg
Z5vUHYXbvQwPsNgIv0qfQkOb3rI4WINlkbNwhNQrHDKIZ3A2gPQqcbzhSoPp81FY
nJAJMLkqc17T3v/2ZHkYsR0zD8ToUhIY13azaYqZIQuVF/HcrpThZb4AVLk0Cd3+
OSuJJXI3DY/oVJt1xrHJQO5NFW5+NBKanY8lU+D7TwbY0xFgVAd6JRByBRP/yzzx
ddFNI0Om1P2T6VI=
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:13:29 2025 by rpki-client