Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/f57b93-d253-4fbb-a31e-6b89fa46757c/1/prumtdRguLUWgSqqHbzk8jBqloQ.roa
File: prumtdRguLUWgSqqHbzk8jBqloQ.roa (raw, json)
Hash identifier: xMMK2x/LYfV9Soh0v548c3TFIIdeHQqfXsiwhf98SBU=
Subject key identifier: A6:BB:A6:B5:D4:60:B8:B5:16:81:2A:AA:1D:BC:E4:F2:30:6A:96:84
Certificate issuer: /CN=b8dafa7ea553178133e7e84feeb8ac3a9dbcf9ca
Certificate serial: 0195B8366EA175884AB67E029C0512691F78
Authority key identifier: B8:DA:FA:7E:A5:53:17:81:33:E7:E8:4F:EE:B8:AC:3A:9D:BC:F9:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uNr6fqVTF4Ez5-hP7risOp28-co.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/f57b93-d253-4fbb-a31e-6b89fa46757c/1/prumtdRguLUWgSqqHbzk8jBqloQ.roa
Signing time: Fri 21 Mar 2025 10:18:49 +0000
ROA not before: Fri 21 Mar 2025 10:18:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208124
IP address blocks: 91.209.161.0/24 maxlen: 24
185.160.205.0/24 maxlen: 24
2a10:b240::/29 maxlen: 29
2a10:c4c0::/29 maxlen: 29
2a12:8840::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/f57b93-d253-4fbb-a31e-6b89fa46757c/1/uNr6fqVTF4Ez5-hP7risOp28-co.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/f57b93-d253-4fbb-a31e-6b89fa46757c/1/uNr6fqVTF4Ez5-hP7risOp28-co.mft
rsync://rpki.ripe.net/repository/DEFAULT/uNr6fqVTF4Ez5-hP7risOp28-co.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 01:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b8:36:6e:a1:75:88:4a:b6:7e:02:9c:05:12:69:1f:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8dafa7ea553178133e7e84feeb8ac3a9dbcf9ca
Validity
Not Before: Mar 21 10:18:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6bba6b5d460b8b516812aaa1dbce4f2306a9684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d4:1b:0b:eb:e7:fb:e7:20:f8:d3:c7:a6:50:
8a:0f:d1:4d:4d:2e:7b:55:64:26:f7:43:bb:1e:7f:
e5:dd:73:95:ea:f0:a6:d4:e9:16:fc:79:b5:36:a8:
eb:d9:ea:0a:ce:5b:0b:2c:c1:d7:99:a4:2e:df:28:
ab:0a:b4:b6:fb:db:5a:8c:9c:9a:74:78:60:51:39:
35:81:08:9e:b6:fd:42:86:a2:bb:26:27:f2:2f:54:
f3:9c:16:df:21:09:28:c2:a0:b2:9a:60:77:8b:fb:
91:94:8b:e2:bd:9a:34:90:7f:b4:76:6e:64:95:09:
8e:de:62:20:b3:41:a2:17:bb:f0:16:be:e6:e3:a3:
97:6e:af:b4:a5:35:0e:2b:54:13:cc:9f:7a:18:ba:
51:27:6e:39:0b:df:85:e8:b5:47:d0:cb:68:ce:da:
da:d8:22:89:f7:a0:80:8a:db:df:62:cc:5f:b5:22:
50:f4:16:6b:3f:ac:be:6c:ec:8a:4e:c4:64:f0:42:
09:f5:46:07:2e:11:66:a7:b0:eb:f7:f8:81:a0:83:
57:38:8e:be:7f:c5:b0:8c:c9:66:3b:d9:3f:83:a4:
3f:c4:44:c6:58:6e:de:44:1e:c4:5c:61:e7:40:05:
ab:c6:8b:b0:e3:56:9a:31:ad:e5:e6:d1:44:b6:d2:
f9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:BB:A6:B5:D4:60:B8:B5:16:81:2A:AA:1D:BC:E4:F2:30:6A:96:84
X509v3 Authority Key Identifier:
keyid:B8:DA:FA:7E:A5:53:17:81:33:E7:E8:4F:EE:B8:AC:3A:9D:BC:F9:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uNr6fqVTF4Ez5-hP7risOp28-co.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/f57b93-d253-4fbb-a31e-6b89fa46757c/1/prumtdRguLUWgSqqHbzk8jBqloQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/f57b93-d253-4fbb-a31e-6b89fa46757c/1/uNr6fqVTF4Ez5-hP7risOp28-co.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.161.0/24
185.160.205.0/24
IPv6:
2a10:b240::/29
2a10:c4c0::/29
2a12:8840::/29
Signature Algorithm: sha256WithRSAEncryption
51:03:6d:ea:be:42:08:34:61:18:ae:0f:72:67:ce:7f:f7:21:
82:2a:93:14:ac:17:0a:5b:bc:bb:8f:69:65:ab:23:c1:75:aa:
3e:8e:d9:85:43:eb:df:00:d6:d4:68:2c:16:95:cb:38:99:0e:
66:65:ef:29:8b:37:e1:42:f7:ec:97:55:9d:98:30:6b:de:b2:
9a:d9:5a:86:2b:8d:4a:45:37:99:f1:6a:43:90:43:74:06:6a:
27:d4:4c:f1:8d:c6:c7:c4:54:24:7d:1c:48:d2:ac:4b:b4:66:
4d:1f:ea:66:b6:aa:5e:99:4f:6b:a4:16:00:c4:3c:69:4d:a4:
d1:05:59:a1:ed:c2:51:29:28:3f:95:98:27:00:39:fe:77:32:
c3:66:db:70:61:1c:6a:f3:78:04:4d:1a:1f:69:e2:32:c8:87:
50:8a:06:33:05:38:dd:e9:28:29:92:95:5b:f4:52:32:4b:53:
eb:d5:e8:e9:ce:4c:21:9c:be:8d:ec:fb:26:fe:5c:75:28:7b:
ab:dc:7c:84:27:cb:13:75:62:49:73:ac:ec:61:42:61:d6:6c:
3f:52:12:77:29:dd:e5:de:96:ed:08:59:4c:06:78:1b:ad:63:
24:ef:ce:86:88:c7:25:1d:d1:41:85:e3:a6:b8:86:a3:c3:3d:
5a:aa:4b:67
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZW4Nm6hdYhKtn4CnAUSaR94MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZGFmYTdlYTU1MzE3ODEzM2U3ZTg0ZmVlYjhhYzNhOWRi
Y2Y5Y2EwHhcNMjUwMzIxMTAxODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmJiYTZiNWQ0NjBiOGI1MTY4MTJhYWExZGJjZTRmMjMwNmE5Njg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudQbC+vn++cg+NPHplCKD9FNTS57
VWQm90O7Hn/l3XOV6vCm1OkW/Hm1Nqjr2eoKzlsLLMHXmaQu3yirCrS2+9tajJya
dHhgUTk1gQietv1ChqK7JifyL1TznBbfIQkowqCymmB3i/uRlIvivZo0kH+0dm5k
lQmO3mIgs0GiF7vwFr7m46OXbq+0pTUOK1QTzJ96GLpRJ245C9+F6LVH0Mtoztra
2CKJ96CAitvfYsxftSJQ9BZrP6y+bOyKTsRk8EIJ9UYHLhFmp7Dr9/iBoINXOI6+
f8WwjMlmO9k/g6Q/xETGWG7eRB7EXGHnQAWrxouw41aaMa3l5tFEttL5MQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFKa7prXUYLi1FoEqqh285PIwapaEMB8GA1UdIwQY
MBaAFLja+n6lUxeBM+foT+64rDqdvPnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU5yNmZxVlRGNEV6NS1oUDdyaXNPcDI4LWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9mNTdiOTMtZDI1My00ZmJiLWEzMWUt
NmI4OWZhNDY3NTdjLzEvcHJ1bXRkUmd1TFVXZ1NxcUhiems4akJxbG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9mNTdiOTMtZDI1My00ZmJiLWEzMWUtNmI4OWZhNDY3NTdj
LzEvdU5yNmZxVlRGNEV6NS1oUDdyaXNPcDI4LWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQAW9GhAwQA
uaDNMBsEAgACMBUDBQMqELJAAwUDKhDEwAMFAyoSiEAwDQYJKoZIhvcNAQELBQAD
ggEBAFEDbeq+Qgg0YRiuD3Jnzn/3IYIqkxSsFwpbvLuPaWWrI8F1qj6O2YVD698A
1tRoLBaVyziZDmZl7ymLN+FC9+yXVZ2YMGvesprZWoYrjUpFN5nxakOQQ3QGaifU
TPGNxsfEVCR9HEjSrEu0Zk0f6ma2ql6ZT2ukFgDEPGlNpNEFWaHtwlEpKD+VmCcA
Of53MsNm23BhHGrzeARNGh9p4jLIh1CKBjMFON3pKCmSlVv0UjJLU+vV6OnOTCGc
vo3s+yb+XHUoe6vcfIQnyxN1YklzrOxhQmHWbD9SEncp3eXelu0IWUwGeButYyTv
zoaIxyUd0UGF46a4hqPDPVqqS2c=
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:17:52 2025 by rpki-client