Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/sfQ3GEtYzhBBWxqpfOQ0GcKpsbY.roa
File: sfQ3GEtYzhBBWxqpfOQ0GcKpsbY.roa (raw, json)
Hash identifier: wrk4xF0OxGaC9MkY6FPvwbKzU+JxYtuzUOz5b0tcuxA=
Subject key identifier: B1:F4:37:18:4B:58:CE:10:41:5B:1A:A9:7C:E4:34:19:C2:A9:B1:B6
Certificate issuer: /CN=98a533308740bbbd217bf69dce90b3f541208457
Certificate serial: 019423D739E48968A2657E5B86DB5BD39FC8
Authority key identifier: 98:A5:33:30:87:40:BB:BD:21:7B:F6:9D:CE:90:B3:F5:41:20:84:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKUzMIdAu70he_adzpCz9UEghFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/sfQ3GEtYzhBBWxqpfOQ0GcKpsbY.roa
Signing time: Wed 01 Jan 2025 21:48:14 +0000
ROA not before: Wed 01 Jan 2025 21:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51557
IP address blocks: 93.89.224.0/20 maxlen: 20
185.33.232.0/22 maxlen: 22
185.111.232.0/23 maxlen: 23
185.111.234.0/24 maxlen: 24
185.111.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKUzMIdAu70he_adzpCz9UEghFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 21:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:39:e4:89:68:a2:65:7e:5b:86:db:5b:d3:9f:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a533308740bbbd217bf69dce90b3f541208457
Validity
Not Before: Jan 1 21:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1f437184b58ce10415b1aa97ce43419c2a9b1b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:bf:5c:08:3f:77:f1:0a:b4:55:6d:96:d1:46:
ad:50:b3:23:65:18:c5:08:fc:8c:54:d4:be:b1:6c:
ba:63:b0:19:ce:09:03:a5:87:f4:c5:a3:16:75:d2:
35:4c:7a:22:25:99:f6:7a:10:6f:36:94:cf:16:d0:
77:bc:fb:bc:2c:a6:62:2d:e7:02:81:c1:82:1e:b8:
9b:23:6a:9f:d0:a6:55:6c:c0:24:55:b8:0d:bb:24:
0b:6c:c4:fc:ac:92:7c:0f:8e:2c:31:96:1a:18:d3:
72:15:34:1d:31:ac:d6:13:75:ff:00:09:5a:48:82:
2e:31:b0:33:81:08:2f:74:d6:ff:f6:06:ba:77:5c:
ac:9f:32:84:3d:b8:da:b7:51:54:1b:af:d1:08:a8:
48:fb:3a:00:ca:0b:05:fe:81:9c:1b:2f:01:20:8c:
88:ec:2c:2b:ea:41:f1:a4:8d:c8:92:2b:08:dc:06:
d1:12:d5:3a:81:df:a4:85:b5:64:ec:3c:f5:21:a1:
d5:49:61:f1:26:f3:4e:ba:12:95:67:15:58:84:eb:
95:7c:5d:6f:e3:f4:65:25:ca:b3:b4:39:79:3f:9e:
c5:f4:ed:13:f1:8a:0a:b6:32:b7:7a:88:c1:70:91:
90:f6:38:a0:28:33:7e:00:b8:1c:e3:24:2e:12:59:
b5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:F4:37:18:4B:58:CE:10:41:5B:1A:A9:7C:E4:34:19:C2:A9:B1:B6
X509v3 Authority Key Identifier:
keyid:98:A5:33:30:87:40:BB:BD:21:7B:F6:9D:CE:90:B3:F5:41:20:84:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKUzMIdAu70he_adzpCz9UEghFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/sfQ3GEtYzhBBWxqpfOQ0GcKpsbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.224.0/20
185.33.232.0/22
185.111.232.0/22
Signature Algorithm: sha256WithRSAEncryption
18:84:6e:3b:00:43:8b:64:c5:11:85:31:49:74:70:64:9b:08:
18:68:e6:56:bd:b1:d5:ac:43:7e:44:36:89:ea:65:a2:a7:fa:
ad:7d:74:9c:f2:de:92:e3:e8:6d:86:b6:bb:15:93:87:c6:06:
a6:61:c5:7c:e0:6d:e2:e0:17:87:8a:13:7e:2d:11:a4:b6:66:
cc:89:79:5c:4a:8b:cb:2b:7a:d8:26:5d:bf:c4:4b:e6:61:02:
59:6f:15:03:e3:cf:72:69:58:96:ea:a0:2d:4b:cf:9a:d7:78:
fc:72:e7:f4:62:82:d2:d7:67:aa:ed:6f:a8:5a:57:2d:6c:41:
1f:a4:b2:29:48:e9:41:51:c8:ab:51:ea:1b:c2:d3:69:1f:c7:
36:12:83:64:88:46:3c:c2:02:9a:e3:69:34:7e:76:32:31:3b:
d1:f5:0d:2e:37:09:33:25:f1:7b:5b:fd:45:bc:43:78:fd:7d:
35:c8:bd:07:7d:e2:29:e1:12:2b:c5:0f:7e:f0:56:b1:c7:13:
a1:01:8c:38:43:f4:dc:02:74:c5:32:e1:87:e1:0e:9a:09:20:
9f:41:a8:6a:04:28:4f:ed:aa:ce:92:b9:2b:ba:b5:de:2f:ca:
07:60:f5:35:8c:40:93:97:38:ce:13:72:9e:1d:61:64:0b:89:
1d:cb:2a:42
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQj1znkiWiiZX5bhttb05/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YTUzMzMwODc0MGJiYmQyMTdiZjY5ZGNlOTBiM2Y1NDEy
MDg0NTcwHhcNMjUwMTAxMjE0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWY0MzcxODRiNThjZTEwNDE1YjFhYTk3Y2U0MzQxOWMyYTliMWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA479cCD938Qq0VW2W0UatULMjZRjF
CPyMVNS+sWy6Y7AZzgkDpYf0xaMWddI1THoiJZn2ehBvNpTPFtB3vPu8LKZiLecC
gcGCHribI2qf0KZVbMAkVbgNuyQLbMT8rJJ8D44sMZYaGNNyFTQdMazWE3X/AAla
SIIuMbAzgQgvdNb/9ga6d1ysnzKEPbjat1FUG6/RCKhI+zoAygsF/oGcGy8BIIyI
7Cwr6kHxpI3IkisI3AbREtU6gd+khbVk7Dz1IaHVSWHxJvNOuhKVZxVYhOuVfF1v
4/RlJcqztDl5P57F9O0T8YoKtjK3eojBcJGQ9jigKDN+ALgc4yQuElm1OQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLH0NxhLWM4QQVsaqXzkNBnCqbG2MB8GA1UdIwQY
MBaAFJilMzCHQLu9IXv2nc6Qs/VBIIRXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUtVek1JZEF1NzBoZV9hZHpwQ3o5VUVnaEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi82YTUzOTQtMGIwNS00NTM4LWIwY2Qt
OWY2ODkwZjkyZTYwLzEvc2ZRM0dFdFl6aEJCV3hxcGZPUTBHY0twc2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi82YTUzOTQtMGIwNS00NTM4LWIwY2QtOWY2ODkwZjkyZTYw
LzEvbUtVek1JZEF1NzBoZV9hZHpwQ3o5VUVnaEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEXVngAwQC
uSHoAwQCuW/oMA0GCSqGSIb3DQEBCwUAA4IBAQAYhG47AEOLZMURhTFJdHBkmwgY
aOZWvbHVrEN+RDaJ6mWip/qtfXSc8t6S4+hthra7FZOHxgamYcV84G3i4BeHihN+
LRGktmbMiXlcSovLK3rYJl2/xEvmYQJZbxUD489yaViW6qAtS8+a13j8cuf0YoLS
12eq7W+oWlctbEEfpLIpSOlBUcirUeobwtNpH8c2EoNkiEY8wgKa42k0fnYyMTvR
9Q0uNwkzJfF7W/1FvEN4/X01yL0HfeIp4RIrxQ9+8FaxxxOhAYw4Q/TcAnTFMuGH
4Q6aCSCfQahqBChP7arOkrkrurXeL8oHYPU1jECTlzjOE3KeHWFkC4kdyypC
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:07:05 2025 by rpki-client