Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/Ylu4oY650LeSLzKfRWZsKd7D6d4.roa
File: Ylu4oY650LeSLzKfRWZsKd7D6d4.roa (raw, json)
Hash identifier: at13Jjp52CyKiekCDznMGprsJGH6Ha6O/Aegpe9S1N0=
Subject key identifier: 62:5B:B8:A1:8E:B9:D0:B7:92:2F:32:9F:45:66:6C:29:DE:C3:E9:DE
Certificate issuer: /CN=cddd902a1271270027e4577778ea35883b4515f6
Certificate serial: 01954A220D0D1C4CE114B23C7506932440B5
Authority key identifier: CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/Ylu4oY650LeSLzKfRWZsKd7D6d4.roa
Signing time: Fri 28 Feb 2025 01:18:20 +0000
ROA not before: Fri 28 Feb 2025 01:18:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42425
IP address blocks: 2.59.4.0/24 maxlen: 24
2.59.5.0/24 maxlen: 24
2.59.6.0/24 maxlen: 24
2.59.7.0/24 maxlen: 24
94.125.232.0/21 maxlen: 24
94.125.232.0/24 maxlen: 24
94.125.233.0/24 maxlen: 24
94.125.234.0/24 maxlen: 24
94.125.235.0/24 maxlen: 24
94.125.236.0/24 maxlen: 24
94.125.237.0/24 maxlen: 24
94.125.238.0/24 maxlen: 24
94.125.239.0/24 maxlen: 24
178.255.184.0/21 maxlen: 21
178.255.184.0/24 maxlen: 24
178.255.185.0/24 maxlen: 24
178.255.186.0/24 maxlen: 24
178.255.187.0/24 maxlen: 24
178.255.188.0/24 maxlen: 24
178.255.189.0/24 maxlen: 24
178.255.190.0/24 maxlen: 24
178.255.191.0/24 maxlen: 24
185.28.80.0/22 maxlen: 22
185.28.80.0/24 maxlen: 24
185.28.81.0/24 maxlen: 24
185.28.82.0/24 maxlen: 24
185.28.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4a:22:0d:0d:1c:4c:e1:14:b2:3c:75:06:93:24:40:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddd902a1271270027e4577778ea35883b4515f6
Validity
Not Before: Feb 28 01:18:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=625bb8a18eb9d0b7922f329f45666c29dec3e9de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:09:ab:9d:9d:92:89:01:23:29:4a:97:b1:7c:
e5:db:8f:88:d1:fc:17:16:ff:17:a9:7a:0f:f2:c2:
61:00:e5:ec:39:c2:63:19:32:b0:a1:0c:7c:a0:ec:
f4:3d:91:9e:4b:e7:cf:3c:85:b9:51:f0:ba:85:f4:
66:3a:9c:01:9f:bd:e6:53:6b:90:b0:66:11:5b:5b:
17:fd:9f:52:1b:99:e4:fd:38:fa:51:91:6c:3e:a3:
26:28:ea:b0:ce:ec:e5:a4:00:8d:3b:54:87:2b:6d:
29:bf:1e:20:e6:58:35:e0:c9:97:bf:7c:46:5b:10:
76:4b:da:1f:de:46:19:f6:e3:88:4a:84:59:71:14:
92:68:9d:6b:24:7c:47:4a:d8:32:c5:51:12:00:4b:
8d:b3:c3:8a:e3:ef:95:9a:01:92:ff:1e:c8:02:20:
20:0f:d4:5f:95:37:ac:58:63:50:52:7a:3c:b4:0a:
b7:ec:e0:48:72:a1:0e:06:05:6a:60:f2:d8:37:69:
4a:5a:8b:4c:c9:98:93:95:10:80:4d:fa:a2:c0:6b:
98:e6:b9:89:35:da:5d:e8:f9:36:e0:c6:77:88:59:
18:a9:d0:a1:07:c8:cc:18:af:53:7c:a8:21:60:01:
a6:58:b0:bd:0f:01:0c:9c:43:4c:0e:bc:73:93:d9:
ec:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:5B:B8:A1:8E:B9:D0:B7:92:2F:32:9F:45:66:6C:29:DE:C3:E9:DE
X509v3 Authority Key Identifier:
keyid:CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/Ylu4oY650LeSLzKfRWZsKd7D6d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.4.0/22
94.125.232.0/21
178.255.184.0/21
185.28.80.0/22
Signature Algorithm: sha256WithRSAEncryption
21:b2:57:94:bf:f3:33:52:58:cf:d8:bb:4e:f6:50:56:1c:82:
9b:61:46:68:03:67:80:69:a1:4b:a5:a1:1c:b9:dc:de:9e:b7:
01:35:b9:58:77:3e:6d:71:29:75:7c:e3:f1:f5:a4:f6:58:97:
3f:e2:00:48:00:4e:d5:2d:e0:0a:cc:49:87:34:e6:b4:a9:0b:
20:84:f7:a8:f0:12:c5:00:7a:41:00:b7:94:09:2c:bd:5f:0c:
2b:c4:6c:fd:f3:be:9a:e2:49:c4:61:53:d5:42:c6:32:9c:51:
42:96:19:3c:30:aa:65:9c:f7:9d:15:e8:7e:18:74:79:31:88:
86:71:54:57:5f:11:57:6e:41:d3:6d:ec:c1:9a:fe:9a:6e:70:
19:ec:29:6b:b8:83:1a:a6:d6:6c:62:6a:56:57:98:2a:ad:4b:
47:0b:4a:44:a8:a0:ff:e3:b2:9b:cd:41:39:5d:d2:61:fc:18:
60:8c:53:d2:38:e6:c0:5a:3a:2b:54:74:56:56:03:b0:23:69:
6a:d8:3d:d6:13:c3:f7:77:9d:74:89:2e:f1:13:6e:12:fd:bc:
4a:d7:22:6a:86:09:f9:b6:3b:fa:ed:8d:ca:0e:f1:a7:e4:53:
7f:e3:35:94:73:db:b0:d5:2b:4c:1c:6d:ed:4b:89:27:6f:19:
85:57:be:aa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZVKIg0NHEzhFLI8dQaTJEC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGQ5MDJhMTI3MTI3MDAyN2U0NTc3Nzc4ZWEzNTg4M2I0
NTE1ZjYwHhcNMjUwMjI4MDExODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjViYjhhMThlYjlkMGI3OTIyZjMyOWY0NTY2NmMyOWRlYzNlOWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwmrnZ2SiQEjKUqXsXzl24+I0fwX
Fv8XqXoP8sJhAOXsOcJjGTKwoQx8oOz0PZGeS+fPPIW5UfC6hfRmOpwBn73mU2uQ
sGYRW1sX/Z9SG5nk/Tj6UZFsPqMmKOqwzuzlpACNO1SHK20pvx4g5lg14MmXv3xG
WxB2S9of3kYZ9uOISoRZcRSSaJ1rJHxHStgyxVESAEuNs8OK4++VmgGS/x7IAiAg
D9RflTesWGNQUno8tAq37OBIcqEOBgVqYPLYN2lKWotMyZiTlRCATfqiwGuY5rmJ
Ndpd6Pk24MZ3iFkYqdChB8jMGK9TfKghYAGmWLC9DwEMnENMDrxzk9nsMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGJbuKGOudC3ki8yn0VmbCnew+neMB8GA1UdIwQY
MBaAFM3dkCoScScAJ+RXd3jqNYg7RRX2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemQyUUtoSnhKd0FuNUZkM2VPbzFpRHRGRmZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83YTFlYjQtMjkwYS00Njg2LThiYmEt
ZGM3NTQyMTM4OTUyLzEvWWx1NG9ZNjUwTGVTTHpLZlJXWnNLZDdENmQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83YTFlYjQtMjkwYS00Njg2LThiYmEtZGM3NTQyMTM4OTUy
LzEvemQyUUtoSnhKd0FuNUZkM2VPbzFpRHRGRmZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjsEAwQD
Xn3oAwQDsv+4AwQCuRxQMA0GCSqGSIb3DQEBCwUAA4IBAQAhsleUv/MzUljP2LtO
9lBWHIKbYUZoA2eAaaFLpaEcudzenrcBNblYdz5tcSl1fOPx9aT2WJc/4gBIAE7V
LeAKzEmHNOa0qQsghPeo8BLFAHpBALeUCSy9XwwrxGz9876a4knEYVPVQsYynFFC
lhk8MKplnPedFeh+GHR5MYiGcVRXXxFXbkHTbezBmv6abnAZ7ClruIMaptZsYmpW
V5gqrUtHC0pEqKD/47KbzUE5XdJh/BhgjFPSOObAWjorVHRWVgOwI2lq2D3WE8P3
d510iS7xE24S/bxK1yJqhgn5tjv67Y3KDvGn5FN/4zWUc9uw1StMHG3tS4knbxmF
V76q
-----END CERTIFICATE-----
Generated at Wed Apr 23 08:15:01 2025 by rpki-client