Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/2162d8-e9de-4981-b1ca-b8477f5073c1/1/0yNiuwlEmaGi-GMVCrhtb0jD684.roa
File: 0yNiuwlEmaGi-GMVCrhtb0jD684.roa (raw, json)
Hash identifier: 0JYmDVSwa/kA2DCdsSlQFjDnGZq4KcJ5IykJE11qOfk=
Subject key identifier: D3:23:62:BB:09:44:99:A1:A2:F8:63:15:0A:B8:6D:6F:48:C3:EB:CE
Certificate issuer: /CN=f3a1ae0b07cd05ee2484f4eebcd4568473473414
Certificate serial: 019423D6EA1644E7DCBA59ADDB486CC6D99D
Authority key identifier: F3:A1:AE:0B:07:CD:05:EE:24:84:F4:EE:BC:D4:56:84:73:47:34:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/86GuCwfNBe4khPTuvNRWhHNHNBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/2162d8-e9de-4981-b1ca-b8477f5073c1/1/0yNiuwlEmaGi-GMVCrhtb0jD684.roa
Signing time: Wed 01 Jan 2025 21:47:54 +0000
ROA not before: Wed 01 Jan 2025 21:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58222
IP address blocks: 89.43.116.0/22 maxlen: 24
156.67.8.0/22 maxlen: 24
185.2.200.0/22 maxlen: 24
185.16.172.0/22 maxlen: 24
212.237.208.0/22 maxlen: 24
2a03:da40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/2162d8-e9de-4981-b1ca-b8477f5073c1/1/86GuCwfNBe4khPTuvNRWhHNHNBQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/2162d8-e9de-4981-b1ca-b8477f5073c1/1/86GuCwfNBe4khPTuvNRWhHNHNBQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/86GuCwfNBe4khPTuvNRWhHNHNBQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ea:16:44:e7:dc:ba:59:ad:db:48:6c:c6:d9:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3a1ae0b07cd05ee2484f4eebcd4568473473414
Validity
Not Before: Jan 1 21:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d32362bb094499a1a2f863150ab86d6f48c3ebce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ad:7c:af:84:b6:c4:75:de:d4:93:30:ce:b8:
2f:e9:69:f3:3c:c4:00:92:65:7f:5e:67:d0:a8:89:
3b:01:ee:d0:ca:06:f6:47:4b:88:36:1e:7b:db:a2:
17:c8:65:6a:51:75:7a:b3:11:57:d2:ef:aa:de:98:
cf:ec:53:04:96:ec:33:d1:24:c7:67:d0:99:92:63:
d5:8a:c0:3d:1e:b3:e8:e8:2d:8c:a3:7f:52:f6:db:
b0:af:e6:87:65:ad:4d:6e:20:47:da:5d:bd:38:03:
11:b4:63:6a:9a:82:dc:15:b6:a5:9f:f5:aa:ac:fe:
1b:13:93:41:04:cb:13:98:f0:7e:06:68:02:df:62:
40:c0:ac:c9:c3:e9:69:3c:d0:ea:b9:4a:a0:43:b9:
bc:f8:c3:3d:94:6c:fb:73:0c:0d:6b:9e:62:e8:4f:
51:0d:c2:89:95:c3:20:7d:f0:f4:b8:e7:43:b1:b8:
d3:d5:52:15:6d:4b:3f:e9:e3:0f:1e:20:a7:0e:16:
8d:bb:cd:b5:7b:ef:9d:76:6d:34:d6:b2:88:52:08:
b9:ec:a8:f3:52:83:95:13:68:f0:d8:ea:7c:72:7a:
77:bd:52:e2:35:a3:09:26:a2:24:83:03:24:8d:d5:
00:2a:8c:65:97:33:a0:46:76:75:be:30:65:d7:46:
bd:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:23:62:BB:09:44:99:A1:A2:F8:63:15:0A:B8:6D:6F:48:C3:EB:CE
X509v3 Authority Key Identifier:
keyid:F3:A1:AE:0B:07:CD:05:EE:24:84:F4:EE:BC:D4:56:84:73:47:34:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/86GuCwfNBe4khPTuvNRWhHNHNBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/2162d8-e9de-4981-b1ca-b8477f5073c1/1/0yNiuwlEmaGi-GMVCrhtb0jD684.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/2162d8-e9de-4981-b1ca-b8477f5073c1/1/86GuCwfNBe4khPTuvNRWhHNHNBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.116.0/22
156.67.8.0/22
185.2.200.0/22
185.16.172.0/22
212.237.208.0/22
IPv6:
2a03:da40::/29
Signature Algorithm: sha256WithRSAEncryption
0c:84:60:90:e8:fd:59:c7:2c:e5:10:f1:8f:a0:3d:76:df:df:
fd:b1:61:d2:bf:fd:c8:fb:89:00:39:01:50:e9:cc:21:43:96:
22:e2:f4:6f:c2:a9:1f:b1:97:0a:de:4c:08:6b:1e:b1:39:19:
77:32:a4:9f:71:87:36:d8:73:27:1c:75:26:d1:7a:83:98:ba:
8e:21:50:0b:a3:1d:b9:59:88:cc:32:93:f2:ec:75:9d:0f:75:
b9:72:14:b4:8f:30:2c:87:dc:a1:12:23:ee:b0:25:64:7d:8f:
b3:92:8b:01:d7:dc:75:da:86:3d:ec:80:38:ec:24:e7:fb:11:
fe:c4:3c:55:3a:5c:0f:58:82:81:68:28:c2:5e:7d:cb:5b:4a:
b4:6d:e4:89:c0:f5:20:0c:1b:ec:dc:a1:72:03:c5:be:84:5f:
2e:fb:a0:82:0a:f0:3f:51:9d:76:35:9c:f0:9b:d8:69:b7:82:
10:f7:8f:57:80:7f:8c:aa:b6:fa:86:f3:24:e5:38:82:a5:05:
24:d7:ca:17:43:0f:2c:fb:b6:66:c5:a4:93:c8:72:c9:56:e2:
3b:8e:ff:48:a0:c0:8c:9c:1a:e3:1c:09:0c:b3:d4:56:2b:2f:
d0:e8:12:80:4d:54:a4:ca:05:66:8e:73:25:a2:33:fe:99:df:
a2:aa:7f:52
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQj1uoWROfculmt20hsxtmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYTFhZTBiMDdjZDA1ZWUyNDg0ZjRlZWJjZDQ1Njg0NzM0
NzM0MTQwHhcNMjUwMTAxMjE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzIzNjJiYjA5NDQ5OWExYTJmODYzMTUwYWI4NmQ2ZjQ4YzNlYmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq618r4S2xHXe1JMwzrgv6WnzPMQA
kmV/XmfQqIk7Ae7Qygb2R0uINh5726IXyGVqUXV6sxFX0u+q3pjP7FMEluwz0STH
Z9CZkmPVisA9HrPo6C2Mo39S9tuwr+aHZa1NbiBH2l29OAMRtGNqmoLcFbaln/Wq
rP4bE5NBBMsTmPB+BmgC32JAwKzJw+lpPNDquUqgQ7m8+MM9lGz7cwwNa55i6E9R
DcKJlcMgffD0uOdDsbjT1VIVbUs/6eMPHiCnDhaNu821e++ddm001rKIUgi57Kjz
UoOVE2jw2Op8cnp3vVLiNaMJJqIkgwMkjdUAKoxllzOgRnZ1vjBl10a9QwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNMjYrsJRJmhovhjFQq4bW9Iw+vOMB8GA1UdIwQY
MBaAFPOhrgsHzQXuJIT07rzUVoRzRzQUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODZHdUN3Zk5CZTRraFBUdXZOUldoSE5ITkJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8yMTYyZDgtZTlkZS00OTgxLWIxY2Et
Yjg0NzdmNTA3M2MxLzEvMHlOaXV3bEVtYUdpLUdNVkNyaHRiMGpENjg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8yMTYyZDgtZTlkZS00OTgxLWIxY2EtYjg0NzdmNTA3M2Mx
LzEvODZHdUN3Zk5CZTRraFBUdXZOUldoSE5ITkJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCWSt0AwQC
nEMIAwQCuQLIAwQCuRCsAwQC1O3QMA0EAgACMAcDBQMqA9pAMA0GCSqGSIb3DQEB
CwUAA4IBAQAMhGCQ6P1ZxyzlEPGPoD1239/9sWHSv/3I+4kAOQFQ6cwhQ5Yi4vRv
wqkfsZcK3kwIax6xORl3MqSfcYc22HMnHHUm0XqDmLqOIVALox25WYjMMpPy7HWd
D3W5chS0jzAsh9yhEiPusCVkfY+zkosB19x12oY97IA47CTn+xH+xDxVOlwPWIKB
aCjCXn3LW0q0beSJwPUgDBvs3KFyA8W+hF8u+6CCCvA/UZ12NZzwm9hpt4IQ949X
gH+Mqrb6hvMk5TiCpQUk18oXQw8s+7ZmxaSTyHLJVuI7jv9IoMCMnBrjHAkMs9RW
Ky/Q6BKATVSkygVmjnMlojP+md+iqn9S
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:14:46 2025 by rpki-client