Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/9GIXqcmPDOQCe6OcRi8fYZeIDJA.roa
File: 9GIXqcmPDOQCe6OcRi8fYZeIDJA.roa (raw, json)
Hash identifier: LALysLYk2cUV8ywank9MaIcyv6Luq5IysC+FHpnCFCE=
Subject key identifier: F4:62:17:A9:C9:8F:0C:E4:02:7B:A3:9C:46:2F:1F:61:97:88:0C:90
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0194F189666229BFEF7560474038C4A8EDDD
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/9GIXqcmPDOQCe6OcRi8fYZeIDJA.roa
Signing time: Mon 10 Feb 2025 20:25:01 +0000
ROA not before: Mon 10 Feb 2025 20:25:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215073
IP address blocks: 185.254.29.0/24 maxlen: 24
185.254.239.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f1:89:66:62:29:bf:ef:75:60:47:40:38:c4:a8:ed:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Feb 10 20:25:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f46217a9c98f0ce4027ba39c462f1f6197880c90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cd:4a:c1:8f:52:be:cc:ed:b4:25:20:33:37:
5d:83:0b:0c:5c:45:d3:7d:63:84:1b:7b:a9:8e:6a:
6e:04:da:25:bc:cf:e1:46:2b:13:ea:77:ef:71:e9:
54:a4:4e:17:b7:5e:03:ae:2b:4f:b6:de:7d:73:25:
26:af:89:27:0c:3a:7c:2f:cb:47:cf:e4:90:e3:8d:
fa:84:5d:37:66:12:49:2f:95:a4:c2:28:20:43:c0:
a1:87:3f:04:e5:4c:be:7f:7b:55:fd:66:da:f7:d1:
21:fe:b5:c9:41:36:3e:9e:e9:91:ac:33:31:cb:73:
d7:0e:12:48:f3:7a:5c:f3:09:ff:0a:45:b4:7f:2b:
5b:b8:77:e7:51:0a:42:5e:3f:13:75:4c:e5:b7:ae:
7a:b1:cb:e3:da:fa:60:0b:3a:2d:1c:4f:42:81:95:
21:d4:f9:15:13:df:1f:ad:b4:1e:00:2a:62:fe:15:
6a:b8:d8:ef:d1:0b:c3:a4:d1:17:42:a4:42:dc:13:
91:23:9f:3b:90:e8:ce:0f:1a:22:24:5a:51:0a:94:
a9:8b:61:af:79:11:39:b8:df:1a:4c:b7:ce:ce:7d:
28:e5:2b:c9:ee:28:02:55:71:5c:98:0a:4b:73:4f:
ff:40:26:83:da:c9:61:28:50:df:cb:56:b4:36:48:
08:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:62:17:A9:C9:8F:0C:E4:02:7B:A3:9C:46:2F:1F:61:97:88:0C:90
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/9GIXqcmPDOQCe6OcRi8fYZeIDJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.29.0/24
185.254.239.0/24
193.35.152.0/24
193.160.143.0/24
Signature Algorithm: sha256WithRSAEncryption
13:b6:dd:b0:22:c9:70:67:88:5e:3d:70:bc:f8:c1:ce:90:1c:
85:04:d7:8d:e8:2c:81:30:5a:0a:e8:0e:a3:9c:0e:d0:60:4b:
e0:b5:e4:23:51:39:82:dd:cb:b0:b9:7b:11:84:0f:bc:ea:3e:
6c:22:8f:25:b6:6c:b5:a5:1c:c8:eb:7d:f4:74:3e:da:bd:8a:
80:32:21:bc:99:6b:6a:64:75:8c:4b:8d:19:68:43:6d:93:d9:
83:de:9b:4a:6b:b6:c7:ca:d3:12:74:28:7b:85:39:b7:6d:f7:
1b:e2:e8:16:9a:ec:dd:a1:49:70:a5:38:2c:98:7a:fa:e9:d4:
ac:75:9a:a0:d8:4a:81:24:f3:9c:6b:b8:a8:21:d2:55:32:78:
45:78:43:55:a0:e7:fc:86:71:93:b4:47:92:1c:eb:a0:7c:31:
dc:ce:09:f7:12:d9:09:da:50:8d:ac:50:b9:65:e3:06:be:31:
26:62:bf:e8:5c:52:66:0a:e3:db:cb:23:75:68:4d:88:50:72:
95:2e:db:e2:a4:86:95:a0:8d:d0:fb:b3:30:a1:35:80:64:66:
9d:d9:7a:79:67:7d:3b:22:c4:8c:78:f4:23:18:17:b8:45:a2:
29:4b:66:47:1e:18:4e:3a:73:1f:85:3c:95:03:7e:81:bf:09:
8d:80:98:2a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZTxiWZiKb/vdWBHQDjEqO3dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMjEwMjAyNTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDYyMTdhOWM5OGYwY2U0MDI3YmEzOWM0NjJmMWY2MTk3ODgwYzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAss1KwY9SvszttCUgMzddgwsMXEXT
fWOEG3upjmpuBNolvM/hRisT6nfvcelUpE4Xt14DritPtt59cyUmr4knDDp8L8tH
z+SQ4436hF03ZhJJL5WkwiggQ8Chhz8E5Uy+f3tV/Wba99Eh/rXJQTY+numRrDMx
y3PXDhJI83pc8wn/CkW0fytbuHfnUQpCXj8TdUzlt656scvj2vpgCzotHE9CgZUh
1PkVE98frbQeACpi/hVquNjv0QvDpNEXQqRC3BORI587kOjODxoiJFpRCpSpi2Gv
eRE5uN8aTLfOzn0o5SvJ7igCVXFcmApLc0//QCaD2slhKFDfy1a0NkgIxQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPRiF6nJjwzkAnujnEYvH2GXiAyQMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvOUdJWHFjbVBET1FDZTZPY1JpOGZZWmVJREpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuf4dAwQA
uf7vAwQAwSOYAwQAwaCPMA0GCSqGSIb3DQEBCwUAA4IBAQATtt2wIslwZ4hePXC8
+MHOkByFBNeN6CyBMFoK6A6jnA7QYEvgteQjUTmC3cuwuXsRhA+86j5sIo8ltmy1
pRzI6330dD7avYqAMiG8mWtqZHWMS40ZaENtk9mD3ptKa7bHytMSdCh7hTm3bfcb
4ugWmuzdoUlwpTgsmHr66dSsdZqg2EqBJPOca7ioIdJVMnhFeENVoOf8hnGTtEeS
HOugfDHczgn3EtkJ2lCNrFC5ZeMGvjEmYr/oXFJmCuPbyyN1aE2IUHKVLtvipIaV
oI3Q+7MwoTWAZGad2Xp5Z307IsSMePQjGBe4RaIpS2ZHHhhOOnMfhTyVA36BvwmN
gJgq
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:34:48 2025 by rpki-client