Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/ys8EEYV9duz4vQMnV4A63KTELEI.roa
File: ys8EEYV9duz4vQMnV4A63KTELEI.roa (raw, json)
Hash identifier: Mzw/QCxXFE0BItwPGjx2i5l7tZTi3Kn7VnGnniz1APM=
Subject key identifier: CA:CF:04:11:85:7D:76:EC:F8:BD:03:27:57:80:3A:DC:A4:C4:2C:42
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0195F3BAA403063EF4B57DB62DF691D42FBC
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/ys8EEYV9duz4vQMnV4A63KTELEI.roa
Signing time: Tue 01 Apr 2025 23:40:49 +0000
ROA not before: Tue 01 Apr 2025 23:40:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48430
IP address blocks: 94.231.222.0/24 maxlen: 24
185.139.212.0/22 maxlen: 22
2a07:1840::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f3:ba:a4:03:06:3e:f4:b5:7d:b6:2d:f6:91:d4:2f:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Apr 1 23:40:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cacf0411857d76ecf8bd032757803adca4c42c42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:7c:51:c3:f1:59:1d:fa:9f:63:05:e0:07:c9:
f8:cb:78:b2:bd:23:ca:3b:31:4d:cd:83:f9:1f:5b:
34:96:84:19:19:2d:db:39:17:88:5f:00:60:ef:d4:
88:45:8a:5a:cf:c5:9b:4c:c8:5a:65:c6:75:5b:43:
c9:d0:16:d9:da:2e:b4:ad:61:0a:7f:fe:18:c1:36:
d3:eb:39:d4:10:16:a9:54:47:8e:f1:d6:70:9b:2f:
d6:cb:53:22:cb:17:18:7c:1b:31:eb:30:5c:7a:91:
d8:f7:35:4b:6b:3b:34:29:01:e1:cc:11:67:d2:a4:
8f:7d:2c:e9:06:de:3a:e8:10:2d:3f:30:fa:d2:05:
2e:4c:c2:15:a8:61:b5:f7:0e:5f:0b:2c:f6:5c:1a:
73:62:b4:3a:8e:91:a4:98:9b:19:56:7b:00:47:94:
82:50:75:d3:f8:8c:fd:4a:53:90:a4:d7:a6:4c:29:
dd:40:0b:b5:c8:2a:7c:32:94:9c:ed:d2:63:e8:1d:
09:57:a3:4c:0b:6e:f1:5d:4f:13:e0:95:3f:17:a4:
4d:ff:b5:8d:d4:85:50:71:82:54:53:7a:12:ac:2f:
dc:1b:c1:b5:bb:41:91:ff:43:89:6c:b2:43:74:74:
e2:4a:7e:22:2f:59:2f:ce:f1:95:d4:55:1d:43:6f:
f7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:CF:04:11:85:7D:76:EC:F8:BD:03:27:57:80:3A:DC:A4:C4:2C:42
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/ys8EEYV9duz4vQMnV4A63KTELEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.222.0/24
185.139.212.0/22
IPv6:
2a07:1840::/32
Signature Algorithm: sha256WithRSAEncryption
b3:50:e8:d3:a7:51:0e:e0:84:47:59:86:41:65:19:2d:6c:20:
18:c0:15:1d:1e:41:45:91:0b:49:15:f5:09:ad:e1:ec:53:ad:
8b:d5:7d:66:f1:1b:7c:da:c1:44:aa:e0:d7:4c:ce:c1:b1:d9:
2f:7d:d4:f2:67:68:80:b1:58:6f:b6:9c:84:8c:bd:1e:bf:f4:
0d:c4:1b:11:37:6c:58:30:6d:f6:8d:ce:22:3d:8b:50:cc:ad:
5e:d4:67:c2:3d:19:b6:7e:59:56:05:08:44:18:d6:c8:f0:f6:
d3:e3:9f:62:5c:51:fe:e0:6d:c8:8a:1f:58:0a:5b:5a:5a:1a:
3c:d2:e9:c0:52:ff:2a:4d:b4:e1:8c:15:09:5c:fb:3e:1c:56:
82:90:8f:13:c3:da:0c:77:b0:a0:c1:11:79:a7:0f:ea:df:ed:
fc:22:96:80:ae:f9:0b:26:df:67:9c:1b:eb:7e:d3:ed:40:9c:
ed:1a:24:39:24:24:21:ac:85:a2:36:bf:36:4d:1f:82:27:04:
17:0c:d7:e1:c6:ad:f8:13:45:2b:67:d7:46:00:af:34:56:bc:
4e:11:92:1e:5f:50:03:32:5e:d4:18:4f:33:da:c6:30:b1:6d:
ac:1a:62:3a:cf:b6:79:57:14:07:bd:df:88:a3:7d:2d:f7:17:
50:8a:f6:b3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZXzuqQDBj70tX22LfaR1C+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjUwNDAxMjM0MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWNmMDQxMTg1N2Q3NmVjZjhiZDAzMjc1NzgwM2FkY2E0YzQyYzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13xRw/FZHfqfYwXgB8n4y3iyvSPK
OzFNzYP5H1s0loQZGS3bOReIXwBg79SIRYpaz8WbTMhaZcZ1W0PJ0BbZ2i60rWEK
f/4YwTbT6znUEBapVEeO8dZwmy/Wy1MiyxcYfBsx6zBcepHY9zVLazs0KQHhzBFn
0qSPfSzpBt466BAtPzD60gUuTMIVqGG19w5fCyz2XBpzYrQ6jpGkmJsZVnsAR5SC
UHXT+Iz9SlOQpNemTCndQAu1yCp8MpSc7dJj6B0JV6NMC27xXU8T4JU/F6RN/7WN
1IVQcYJUU3oSrC/cG8G1u0GR/0OJbLJDdHTiSn4iL1kvzvGV1FUdQ2/3hwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMrPBBGFfXbs+L0DJ1eAOtykxCxCMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEveXM4RUVZVjlkdXo0dlFNblY0QTYzS1RFTEVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAXufeAwQC
uYvUMA0EAgACMAcDBQAqBxhAMA0GCSqGSIb3DQEBCwUAA4IBAQCzUOjTp1EO4IRH
WYZBZRktbCAYwBUdHkFFkQtJFfUJreHsU62L1X1m8Rt82sFEquDXTM7BsdkvfdTy
Z2iAsVhvtpyEjL0ev/QNxBsRN2xYMG32jc4iPYtQzK1e1GfCPRm2fllWBQhEGNbI
8PbT459iXFH+4G3Iih9YCltaWho80unAUv8qTbThjBUJXPs+HFaCkI8Tw9oMd7Cg
wRF5pw/q3+38IpaArvkLJt9nnBvrftPtQJztGiQ5JCQhrIWiNr82TR+CJwQXDNfh
xq34E0UrZ9dGAK80VrxOEZIeX1ADMl7UGE8z2sYwsW2sGmI6z7Z5VxQHvd+Io30t
9xdQivaz
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:45:02 2025 by rpki-client