Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/y02l4BHQuyRZqxTlB4lq90WzamI.roa
File: y02l4BHQuyRZqxTlB4lq90WzamI.roa (raw, json)
Hash identifier: FIL756ErnkjMbz7N2d2705a0LI8O0H0MYSn8Dn1Ekik=
Subject key identifier: CB:4D:A5:E0:11:D0:BB:24:59:AB:14:E5:07:89:6A:F7:45:B3:6A:62
Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Certificate serial: 019421445E413A8D77A2928CAF444BAC7CA1
Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/y02l4BHQuyRZqxTlB4lq90WzamI.roa
Signing time: Wed 01 Jan 2025 09:48:36 +0000
ROA not before: Wed 01 Jan 2025 09:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59645
IP address blocks: 193.104.168.0/24 maxlen: 24
195.191.196.0/23 maxlen: 24
2a06:d1c0::/29 maxlen: 29
2a06:d1c0:a761::/48 maxlen: 48
2a06:d1c0:deac::/48 maxlen: 48
2a06:d1c0:dead::/48 maxlen: 48
2a06:d1c0:deae::/48 maxlen: 48
2a06:d1c0:f761::/48 maxlen: 48
2a06:d1c1::/32 maxlen: 48
2a06:d1c1:a::/48 maxlen: 48
2a06:d1c1:e::/48 maxlen: 48
2a06:d1c1:30::/44 maxlen: 48
2a06:d1c2::/36 maxlen: 48
2a06:d1c7::/48 maxlen: 48
2a06:d1c7:a::/48 maxlen: 48
2a06:d1c7:b::/48 maxlen: 48
2a06:d1c7:d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.mft
rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 01:02:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:5e:41:3a:8d:77:a2:92:8c:af:44:4b:ac:7c:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Validity
Not Before: Jan 1 09:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb4da5e011d0bb2459ab14e507896af745b36a62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:89:84:91:9c:dd:de:ba:b9:00:cc:52:ef:2a:
38:9e:ab:73:10:6b:f3:ee:41:a0:77:64:95:a9:a2:
71:6a:b4:9b:82:bc:6b:c0:9e:8d:7e:2c:aa:dc:fe:
f1:23:e5:8a:b3:04:73:c6:6f:06:fc:79:36:60:b9:
d6:58:9c:bc:36:9c:ea:a1:04:8b:7e:35:db:52:59:
fe:b2:fd:12:ec:33:58:37:6f:f8:a6:46:7e:c4:3a:
00:eb:92:dd:fd:11:89:d8:e3:a7:83:f4:4e:8a:5c:
f8:4b:06:86:cb:6b:c2:81:a3:ca:6d:b9:60:50:cd:
f3:06:90:9b:47:a9:c0:74:b2:83:88:fd:bd:7a:44:
45:52:b2:e8:96:06:9c:79:77:16:1d:df:ed:10:2a:
4c:1e:80:a4:e0:3e:79:f4:fe:40:f1:74:35:c8:78:
e6:cc:ff:37:bc:8e:75:c9:67:2a:96:9b:89:0a:05:
c8:f8:8d:f6:97:39:1d:d2:5e:1a:7b:7f:9f:b9:59:
a7:23:0c:12:13:4c:fe:a6:f8:e7:dd:89:eb:78:f5:
fd:50:63:a4:42:61:82:60:94:60:93:9a:a7:b6:c1:
f0:3d:25:66:ce:9f:7b:86:d9:33:f4:e9:31:1f:b5:
2e:5c:16:bb:29:7f:ac:a5:3b:61:e6:ed:6d:67:fc:
f8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:4D:A5:E0:11:D0:BB:24:59:AB:14:E5:07:89:6A:F7:45:B3:6A:62
X509v3 Authority Key Identifier:
keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/y02l4BHQuyRZqxTlB4lq90WzamI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.168.0/24
195.191.196.0/23
IPv6:
2a06:d1c0::/29
Signature Algorithm: sha256WithRSAEncryption
52:e4:ef:07:32:29:b2:98:62:3a:e6:c6:e5:c5:5e:a9:3b:44:
c3:79:07:48:9e:ec:f1:cb:7f:73:de:01:b3:e9:af:14:28:5e:
42:13:d3:ec:42:72:c3:40:c1:13:b9:2f:2c:ad:f1:e4:1e:cf:
5c:9f:34:1d:8b:b9:45:3e:37:9f:18:3f:34:f9:1b:14:d1:50:
1b:90:5a:05:d0:6d:4f:c1:c3:a5:28:da:34:77:29:9f:c4:60:
d2:ea:95:3d:81:c3:51:30:36:62:99:fa:e9:06:38:20:b4:76:
38:5b:16:26:03:d3:5a:1e:b0:45:07:e1:c3:85:aa:26:00:87:
fd:1b:7e:6a:29:ee:6e:65:91:0c:f1:2c:c1:06:cc:19:73:0f:
a4:dc:83:e2:94:61:fb:03:51:af:8c:28:d7:01:12:f3:71:57:
8e:91:38:6d:b7:51:93:a8:c6:86:12:64:21:35:79:ef:35:df:
b1:a8:a0:09:a5:2d:22:3b:18:0e:8e:d6:3a:df:a6:95:27:4d:
36:6a:d7:c7:32:37:c0:5e:98:20:8e:35:e1:be:90:38:09:54:
14:49:02:9a:16:13:ce:d7:4b:ea:82:3e:f6:48:cd:31:1f:e1:
e3:da:2f:83:98:2e:58:3e:16:b2:13:b8:70:9c:c2:a4:1d:3f:
25:09:66:95
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhRF5BOo13opKMr0RLrHyhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWVi
ZjQ3NWQwHhcNMjUwMTAxMDk0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjRkYTVlMDExZDBiYjI0NTlhYjE0ZTUwNzg5NmFmNzQ1YjM2YTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyomEkZzd3rq5AMxS7yo4nqtzEGvz
7kGgd2SVqaJxarSbgrxrwJ6Nfiyq3P7xI+WKswRzxm8G/Hk2YLnWWJy8NpzqoQSL
fjXbUln+sv0S7DNYN2/4pkZ+xDoA65Ld/RGJ2OOng/ROilz4SwaGy2vCgaPKbblg
UM3zBpCbR6nAdLKDiP29ekRFUrLolgaceXcWHd/tECpMHoCk4D559P5A8XQ1yHjm
zP83vI51yWcqlpuJCgXI+I32lzkd0l4ae3+fuVmnIwwSE0z+pvjn3YnrePX9UGOk
QmGCYJRgk5qntsHwPSVmzp97htkz9OkxH7UuXBa7KX+spTth5u1tZ/z4PwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMtNpeAR0LskWasU5QeJavdFs2piMB8GA1UdIwQY
MBaAFMZPoK2JhxSfBVNHJLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEt
YmNmNzcwMjY5MzlkLzEveTAybDRCSFF1eVJacXhUbEI0bHE5MFd6YW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5Mzlk
LzEveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwWioAwQB
w7/EMA0EAgACMAcDBQMqBtHAMA0GCSqGSIb3DQEBCwUAA4IBAQBS5O8HMimymGI6
5sblxV6pO0TDeQdInuzxy39z3gGz6a8UKF5CE9PsQnLDQMETuS8srfHkHs9cnzQd
i7lFPjefGD80+RsU0VAbkFoF0G1PwcOlKNo0dymfxGDS6pU9gcNRMDZimfrpBjgg
tHY4WxYmA9NaHrBFB+HDhaomAIf9G35qKe5uZZEM8SzBBswZcw+k3IPilGH7A1Gv
jCjXARLzcVeOkThtt1GTqMaGEmQhNXnvNd+xqKAJpS0iOxgOjtY636aVJ002atfH
MjfAXpggjjXhvpA4CVQUSQKaFhPO10vqgj72SM0xH+Hj2i+DmC5YPhayE7hwnMKk
HT8lCWaV
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:05:14 2025 by rpki-client