Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/ye6oHKBIg-uOgW5BBKwLTASR5h8.roa
File: ye6oHKBIg-uOgW5BBKwLTASR5h8.roa (raw, json)
Hash identifier: oG7L/y/89aEb3zysPfLFnUSsbCAgcxlQEkYj6dk9vQE=
Subject key identifier: C9:EE:A8:1C:A0:48:83:EB:8E:81:6E:41:04:AC:0B:4C:04:91:E6:1F
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 0194244526C0AED97FE0B0B4D6DCE47ADFB8
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/ye6oHKBIg-uOgW5BBKwLTASR5h8.roa
Signing time: Wed 01 Jan 2025 23:48:19 +0000
ROA not before: Wed 01 Jan 2025 23:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59729
IP address blocks: 91.220.198.0/24 maxlen: 24
195.88.220.0/24 maxlen: 24
195.96.144.0/24 maxlen: 24
195.96.147.0/24 maxlen: 24
195.96.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 08:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:26:c0:ae:d9:7f:e0:b0:b4:d6:dc:e4:7a:df:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jan 1 23:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9eea81ca04883eb8e816e4104ac0b4c0491e61f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ec:df:30:47:b8:5c:ff:8d:16:2f:de:7b:64:
e5:e5:34:6a:44:5f:b4:4b:35:9e:d0:8c:29:83:8f:
8b:c2:59:7e:3c:da:fa:3d:aa:14:a5:69:35:43:50:
6a:c8:72:63:2b:53:5f:89:45:ba:73:c8:7f:e8:8b:
fc:b0:47:51:f3:38:79:2d:7e:c0:52:2d:3e:22:14:
6d:a8:c3:57:c1:d1:a5:a5:98:d8:25:ea:2f:89:d4:
61:33:d3:be:de:bf:c7:04:3e:09:11:d2:19:77:24:
b5:58:5f:44:56:91:0f:87:7d:29:e1:05:8c:76:ed:
f0:2e:5a:40:5f:92:13:39:b6:2d:4c:c3:56:e5:1d:
a9:a1:b7:d9:43:3f:3a:06:ce:66:84:09:11:7c:41:
5f:32:3d:a8:6a:26:e9:6c:64:ee:d3:66:67:7f:4b:
8d:d0:09:a2:2d:89:6c:47:76:be:6d:e6:60:ef:9f:
86:18:2c:7a:89:26:43:2b:86:15:71:62:28:3c:3b:
d5:f8:fa:45:54:b9:41:2b:3f:e4:22:cc:67:43:00:
1f:08:da:d6:b3:85:3d:e3:d1:9e:e3:97:d0:13:1a:
5e:0e:b4:60:12:5e:63:9d:36:bf:f1:d7:f5:50:ac:
a4:14:d0:2d:43:7a:16:fe:5d:75:26:ed:8a:52:7b:
9b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:EE:A8:1C:A0:48:83:EB:8E:81:6E:41:04:AC:0B:4C:04:91:E6:1F
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/ye6oHKBIg-uOgW5BBKwLTASR5h8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.198.0/24
195.88.220.0/24
195.96.144.0/24
195.96.147.0/24
195.96.154.0/24
Signature Algorithm: sha256WithRSAEncryption
01:33:89:0b:65:73:ff:4c:d3:e0:cb:d6:95:94:f3:b5:3e:ab:
16:2a:3a:70:e0:ed:e5:20:c9:1c:e1:17:24:b6:b7:46:8e:cf:
a4:df:8a:92:71:f3:5d:f1:8a:c6:f3:45:2a:81:f2:9c:d6:48:
98:2f:35:0b:68:a7:ca:bd:a8:ba:40:17:4e:36:e1:62:61:2b:
76:bc:85:0a:7d:3f:dd:9a:bf:55:70:8a:a5:c5:57:02:5b:57:
79:dc:81:29:14:40:64:b9:75:83:bc:11:69:ea:e8:3f:34:18:
5f:11:55:bc:9c:a1:c7:da:a6:95:40:7c:c1:b0:84:7d:60:0e:
3e:91:75:b6:1e:fe:23:8f:da:7a:07:6e:ec:dd:ef:42:4c:38:
4a:d2:22:7f:d8:4c:03:dc:62:7c:18:55:34:04:24:f3:b0:de:
0d:be:87:59:3d:ca:12:a6:a2:93:35:ad:83:b4:2d:b3:e2:b6:
4e:4b:cb:51:c0:77:c2:8c:62:e8:fe:f1:30:59:a0:56:c8:0e:
53:4a:49:46:de:80:a0:c0:94:2c:8c:95:07:c6:dd:1d:d2:cf:
c7:93:28:40:91:b6:44:31:3c:e1:6a:fd:97:75:1b:54:ea:90:
7d:ab:d6:93:5d:59:a7:6b:8f:36:86:a0:66:42:c0:ab:46:32:
f0:84:28:73
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQkRSbArtl/4LC01tzket+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMTAxMjM0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWVlYTgxY2EwNDg4M2ViOGU4MTZlNDEwNGFjMGI0YzA0OTFlNjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuzfMEe4XP+NFi/ee2Tl5TRqRF+0
SzWe0Iwpg4+Lwll+PNr6PaoUpWk1Q1BqyHJjK1NfiUW6c8h/6Iv8sEdR8zh5LX7A
Ui0+IhRtqMNXwdGlpZjYJeovidRhM9O+3r/HBD4JEdIZdyS1WF9EVpEPh30p4QWM
du3wLlpAX5ITObYtTMNW5R2pobfZQz86Bs5mhAkRfEFfMj2oaibpbGTu02Znf0uN
0AmiLYlsR3a+beZg75+GGCx6iSZDK4YVcWIoPDvV+PpFVLlBKz/kIsxnQwAfCNrW
s4U949Ge45fQExpeDrRgEl5jnTa/8df1UKykFNAtQ3oW/l11Ju2KUnubdwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMnuqBygSIPrjoFuQQSsC0wEkeYfMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEveWU2b0hLQklnLXVPZ1c1QkJLd0xUQVNSNWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW9zGAwQA
w1jcAwQAw2CQAwQAw2CTAwQAw2CaMA0GCSqGSIb3DQEBCwUAA4IBAQABM4kLZXP/
TNPgy9aVlPO1PqsWKjpw4O3lIMkc4RcktrdGjs+k34qScfNd8YrG80UqgfKc1kiY
LzULaKfKvai6QBdONuFiYSt2vIUKfT/dmr9VcIqlxVcCW1d53IEpFEBkuXWDvBFp
6ug/NBhfEVW8nKHH2qaVQHzBsIR9YA4+kXW2Hv4jj9p6B27s3e9CTDhK0iJ/2EwD
3GJ8GFU0BCTzsN4NvodZPcoSpqKTNa2DtC2z4rZOS8tRwHfCjGLo/vEwWaBWyA5T
SklG3oCgwJQsjJUHxt0d0s/HkyhAkbZEMTzhav2XdRtU6pB9q9aTXVmna482hqBm
QsCrRjLwhChz
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:37:54 2025 by rpki-client