Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/59BM3cmIoy1MoFuz148y_WZgCKA.roa
File: 59BM3cmIoy1MoFuz148y_WZgCKA.roa (raw, json)
Hash identifier: b8nLw7Sod/Ce2ZRbJw+OEbeY/YeQr8JvhOn6OiPAFJE=
Subject key identifier: E7:D0:4C:DD:C9:88:A3:2D:4C:A0:5B:B3:D7:8F:32:FD:66:60:08:A0
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 019424454E6EB688F977BF8B2BA2811AFE7F
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/59BM3cmIoy1MoFuz148y_WZgCKA.roa
Signing time: Wed 01 Jan 2025 23:48:29 +0000
ROA not before: Wed 01 Jan 2025 23:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64267
IP address blocks: 79.98.244.0/24 maxlen: 24
79.98.245.0/24 maxlen: 24
176.125.250.0/24 maxlen: 24
185.221.24.0/24 maxlen: 24
185.225.168.0/24 maxlen: 24
185.225.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 10:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:4e:6e:b6:88:f9:77:bf:8b:2b:a2:81:1a:fe:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 1 23:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7d04cddc988a32d4ca05bb3d78f32fd666008a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e9:4d:ba:46:95:8c:af:8c:b0:0d:c3:54:c8:
ad:b2:53:e8:6f:39:f8:2a:ab:e1:09:5a:de:34:12:
78:0e:40:f8:e7:1d:3d:c4:b0:e4:a9:51:2f:e6:0f:
f8:c5:5b:00:fd:8e:55:90:de:0d:3b:9b:9a:e9:1e:
e1:32:62:a0:d2:97:bf:5a:52:22:13:44:6c:be:79:
16:e5:9b:85:82:f7:4b:c9:67:83:2e:28:11:6e:10:
ac:35:61:b5:a7:94:fe:69:d4:4f:74:36:4b:0a:e3:
88:84:4d:8e:e0:55:5a:31:72:9a:a0:71:f8:64:73:
e5:d8:82:86:1d:09:84:de:8f:64:ce:d3:12:b9:06:
6a:93:77:aa:e5:33:fa:84:22:cf:fc:dc:e7:91:9c:
d5:cc:e9:03:87:6e:31:fb:03:69:6f:5b:9f:10:33:
84:bb:df:9c:3a:f4:51:bd:9a:27:e0:72:1c:03:5b:
1f:5e:ab:13:9b:8c:2b:2d:cf:67:fe:8a:4e:c1:f7:
ee:c6:83:9e:b4:95:f7:b4:14:56:6d:03:5b:a7:75:
aa:a3:61:3c:0b:0c:57:00:c5:24:92:c1:bd:71:27:
a2:1d:84:b9:fd:4b:05:e3:93:83:03:02:29:fc:23:
3d:d3:d9:ba:95:cd:59:8e:5c:f9:39:fb:13:2f:dc:
ff:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:D0:4C:DD:C9:88:A3:2D:4C:A0:5B:B3:D7:8F:32:FD:66:60:08:A0
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/59BM3cmIoy1MoFuz148y_WZgCKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.244.0/23
176.125.250.0/24
185.221.24.0/24
185.225.168.0/23
Signature Algorithm: sha256WithRSAEncryption
95:b6:11:10:95:83:39:e9:f7:8f:61:a2:bf:bc:32:b5:cd:55:
8f:f4:8d:90:92:cc:4b:58:b1:f8:f0:db:83:2f:ba:19:3a:42:
db:87:36:e0:0a:5a:d2:c5:36:e4:17:23:b7:34:9d:d3:73:b9:
e3:e7:cf:d6:bc:1a:a4:43:bb:b0:27:f8:03:8a:51:5d:58:b3:
c9:ed:6f:93:5c:27:c4:3e:16:97:2d:cf:06:92:ff:02:f0:6a:
dd:49:f7:b0:a3:38:dd:b8:1d:ac:de:18:4a:71:ce:a5:9f:38:
2e:4f:0e:9c:2f:b1:56:12:65:51:4a:6c:ce:26:d2:fc:33:7c:
f8:98:87:02:fe:aa:3f:d3:8c:c7:53:79:0a:83:28:88:c2:7e:
b3:28:66:38:44:57:96:00:41:03:69:64:ff:a2:17:b6:ad:04:
f3:f0:18:2d:b7:84:5f:7b:08:fc:d3:71:68:85:97:b1:9f:78:
2a:5c:42:70:49:9a:4c:f8:b8:83:98:00:26:bd:8f:62:7b:c2:
39:6f:c3:98:83:67:11:88:08:3e:f9:08:48:d8:de:18:c5:df:
d1:df:03:03:c3:5a:67:2b:94:81:37:83:59:03:da:13:1b:4f:
30:5d:af:67:d6:f5:81:77:5e:0c:89:ba:09:9c:21:7a:db:f9:
0d:4b:1f:1f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQkRU5utoj5d7+LK6KBGv5/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjUwMTAxMjM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2QwNGNkZGM5ODhhMzJkNGNhMDViYjNkNzhmMzJmZDY2NjAwOGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3elNukaVjK+MsA3DVMitslPobzn4
KqvhCVreNBJ4DkD45x09xLDkqVEv5g/4xVsA/Y5VkN4NO5ua6R7hMmKg0pe/WlIi
E0RsvnkW5ZuFgvdLyWeDLigRbhCsNWG1p5T+adRPdDZLCuOIhE2O4FVaMXKaoHH4
ZHPl2IKGHQmE3o9kztMSuQZqk3eq5TP6hCLP/NznkZzVzOkDh24x+wNpb1ufEDOE
u9+cOvRRvZon4HIcA1sfXqsTm4wrLc9n/opOwffuxoOetJX3tBRWbQNbp3Wqo2E8
CwxXAMUkksG9cSeiHYS5/UsF45ODAwIp/CM909m6lc1Zjlz5OfsTL9z/wwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOfQTN3JiKMtTKBbs9ePMv1mYAigMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvNTlCTTNjbUlveTFNb0Z1ejE0OHlfV1pnQ0tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBT2L0AwQA
sH36AwQAud0YAwQBueGoMA0GCSqGSIb3DQEBCwUAA4IBAQCVthEQlYM56fePYaK/
vDK1zVWP9I2QksxLWLH48NuDL7oZOkLbhzbgClrSxTbkFyO3NJ3Tc7nj58/WvBqk
Q7uwJ/gDilFdWLPJ7W+TXCfEPhaXLc8Gkv8C8GrdSfewozjduB2s3hhKcc6lnzgu
Tw6cL7FWEmVRSmzOJtL8M3z4mIcC/qo/04zHU3kKgyiIwn6zKGY4RFeWAEEDaWT/
ohe2rQTz8Bgtt4Rfewj803FohZexn3gqXEJwSZpM+LiDmAAmvY9ie8I5b8OYg2cR
iAg++QhI2N4Yxd/R3wMDw1pnK5SBN4NZA9oTG08wXa9n1vWBd14MiboJnCF62/kN
Sx8f
-----END CERTIFICATE-----
Generated at Wed Feb 5 18:59:29 2025 by rpki-client