Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/PyyzXUdlmoA9Bk7oa0uF75YdupI.roa
File: PyyzXUdlmoA9Bk7oa0uF75YdupI.roa (raw, json)
Hash identifier: KrKiurvSNPj8UgpNpGVtpzLAre3QiNcGoEwUhT8E1Zw=
Subject key identifier: 3F:2C:B3:5D:47:65:9A:80:3D:06:4E:E8:6B:4B:85:EF:96:1D:BA:92
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 019422203526343683CB04EDC3B960AC9ED8
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/PyyzXUdlmoA9Bk7oa0uF75YdupI.roa
Signing time: Wed 01 Jan 2025 13:48:43 +0000
ROA not before: Wed 01 Jan 2025 13:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215540
IP address blocks: 2.59.162.0/24 maxlen: 24
2.59.163.0/24 maxlen: 24
62.133.60.0/24 maxlen: 24
62.133.61.0/24 maxlen: 24
62.133.62.0/24 maxlen: 24
62.133.63.0/24 maxlen: 24
81.177.214.0/24 maxlen: 24
81.177.215.0/24 maxlen: 24
194.156.102.0/24 maxlen: 24
194.156.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:35:26:34:36:83:cb:04:ed:c3:b9:60:ac:9e:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jan 1 13:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f2cb35d47659a803d064ee86b4b85ef961dba92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:26:1f:63:5a:5a:67:fa:07:90:28:ac:44:4a:
8c:da:7d:d9:5a:bf:69:69:8c:cb:8a:75:04:d6:8c:
58:12:c7:dc:d9:df:37:a3:15:19:82:95:cf:9c:90:
30:d7:7b:a7:b1:5f:d1:da:82:c6:0b:4b:56:5b:81:
70:c6:0b:12:4e:eb:a5:32:97:46:57:02:73:c2:da:
de:40:2a:6d:06:f0:1e:a7:5c:ef:b3:40:6f:46:d8:
25:f5:d6:ea:80:9b:29:8b:33:56:69:d1:02:cc:4c:
02:4a:21:ba:b2:40:b5:51:c0:fb:a8:64:e4:6b:0c:
68:5e:7e:0a:b7:3c:a2:5b:cc:96:4d:60:79:07:10:
34:9d:88:50:94:40:44:36:7d:2f:ca:91:60:d6:58:
9d:3e:71:b2:b5:c5:78:40:9b:79:71:08:7e:32:f1:
34:3d:cd:4d:36:cb:ba:0e:42:9c:c6:e6:b7:7f:12:
46:61:21:f4:e2:69:e6:24:00:82:f9:aa:b0:27:8a:
b2:86:db:59:9d:e6:dd:8d:66:96:81:b5:a4:ec:c3:
20:80:93:90:6e:47:24:b2:75:75:54:6c:eb:3b:c3:
77:02:5e:c3:85:10:08:2f:72:30:dc:c3:2e:68:30:
05:4b:51:e5:d2:db:a9:41:6f:63:56:3c:72:c8:a7:
13:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:2C:B3:5D:47:65:9A:80:3D:06:4E:E8:6B:4B:85:EF:96:1D:BA:92
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/PyyzXUdlmoA9Bk7oa0uF75YdupI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.162.0/23
62.133.60.0/22
81.177.214.0/23
194.156.102.0/23
Signature Algorithm: sha256WithRSAEncryption
58:b0:f4:02:49:37:b5:c2:4b:90:59:56:f7:1f:80:c2:d1:43:
f6:49:09:45:a2:8a:46:ae:e7:0a:6d:61:29:bf:ef:16:b5:bf:
4e:8f:c3:cd:fc:ce:7e:87:c7:af:e3:2b:08:a7:f1:3f:d8:98:
94:fb:b7:38:14:4f:bb:62:b3:fc:fb:16:e9:07:bd:78:7e:be:
98:1d:46:62:64:23:90:f6:09:21:2d:e1:28:4c:5f:44:7c:59:
8d:ad:63:57:9b:f2:fe:38:33:a2:a3:73:fc:c5:d5:3a:1f:72:
3a:3c:de:9d:ef:b8:a8:cb:80:90:11:29:ed:59:04:60:cf:9c:
ba:50:d5:96:b1:0c:d4:ad:5f:78:fb:7b:42:d0:49:e1:34:2c:
ee:e5:20:94:09:7e:94:80:84:fe:5f:64:d2:d1:2d:0f:76:47:
0d:65:2f:2f:b6:6f:fc:4b:f1:a3:35:96:d9:60:fd:35:72:0d:
d1:2f:31:cd:c0:ba:ed:33:ba:d6:6e:0b:8c:ee:12:da:a9:f1:
ff:97:52:77:ce:84:5c:69:af:a4:41:04:ae:40:66:63:d5:35:
d0:59:9a:30:98:b5:8a:9a:a5:58:c5:72:85:bb:a1:f7:31:35:
c0:5b:39:6a:60:c9:fe:09:48:77:9a:71:34:99:df:a7:be:54:
ce:9b:2c:f2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQiIDUmNDaDywTtw7lgrJ7YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjUwMTAxMTM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjJjYjM1ZDQ3NjU5YTgwM2QwNjRlZTg2YjRiODVlZjk2MWRiYTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4CYfY1paZ/oHkCisREqM2n3ZWr9p
aYzLinUE1oxYEsfc2d83oxUZgpXPnJAw13unsV/R2oLGC0tWW4FwxgsSTuulMpdG
VwJzwtreQCptBvAep1zvs0BvRtgl9dbqgJspizNWadECzEwCSiG6skC1UcD7qGTk
awxoXn4KtzyiW8yWTWB5BxA0nYhQlEBENn0vypFg1lidPnGytcV4QJt5cQh+MvE0
Pc1NNsu6DkKcxua3fxJGYSH04mnmJACC+aqwJ4qyhttZnebdjWaWgbWk7MMggJOQ
bkcksnV1VGzrO8N3Al7DhRAIL3Iw3MMuaDAFS1Hl0tupQW9jVjxyyKcTWwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD8ss11HZZqAPQZO6GtLhe+WHbqSMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvUHl5elhVZGxtb0E5Qms3b2EwdUY3NVlkdXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBAjuiAwQC
PoU8AwQBUbHWAwQBwpxmMA0GCSqGSIb3DQEBCwUAA4IBAQBYsPQCSTe1wkuQWVb3
H4DC0UP2SQlFoopGrucKbWEpv+8Wtb9Oj8PN/M5+h8ev4ysIp/E/2JiU+7c4FE+7
YrP8+xbpB714fr6YHUZiZCOQ9gkhLeEoTF9EfFmNrWNXm/L+ODOio3P8xdU6H3I6
PN6d77ioy4CQESntWQRgz5y6UNWWsQzUrV94+3tC0EnhNCzu5SCUCX6UgIT+X2TS
0S0PdkcNZS8vtm/8S/GjNZbZYP01cg3RLzHNwLrtM7rWbguM7hLaqfH/l1J3zoRc
aa+kQQSuQGZj1TXQWZowmLWKmqVYxXKFu6H3MTXAWzlqYMn+CUh3mnE0md+nvlTO
myzy
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:07:21 2025 by rpki-client