Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/oAUG8qSVxsbcnn5oCLrJKtKLuNc.roa
File: oAUG8qSVxsbcnn5oCLrJKtKLuNc.roa (raw, json)
Hash identifier: o+LV+u3nMYQIizzPpiFLkTJNXnW4krdNAYxqeBL+QH8=
Subject key identifier: A0:05:06:F2:A4:95:C6:C6:DC:9E:7E:68:08:BA:C9:2A:D2:8B:B8:D7
Certificate issuer: /CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Certificate serial: 019427B5C15FD1FB72B99BB20A0C5FEE86B6
Authority key identifier: E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/oAUG8qSVxsbcnn5oCLrJKtKLuNc.roa
Signing time: Thu 02 Jan 2025 15:50:10 +0000
ROA not before: Thu 02 Jan 2025 15:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35394
IP address blocks: 89.29.160.0/20 maxlen: 20
89.29.176.0/21 maxlen: 21
89.29.184.0/23 maxlen: 23
89.29.244.0/23 maxlen: 23
89.29.248.0/23 maxlen: 23
176.57.97.0/24 maxlen: 24
185.64.242.0/24 maxlen: 24
213.181.74.0/24 maxlen: 24
213.181.75.0/24 maxlen: 24
213.181.76.0/24 maxlen: 24
213.181.80.0/23 maxlen: 23
213.181.84.0/23 maxlen: 23
213.181.86.0/23 maxlen: 23
213.181.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.mft
rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:c1:5f:d1:fb:72:b9:9b:b2:0a:0c:5f:ee:86:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Validity
Not Before: Jan 2 15:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a00506f2a495c6c6dc9e7e6808bac92ad28bb8d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:85:0a:cc:bf:27:78:09:b7:51:9b:4e:37:11:
c9:51:b8:5c:17:b6:bd:50:33:60:93:db:d7:07:03:
30:de:08:d5:b9:34:60:f4:f3:59:14:23:51:40:f4:
a0:b3:6c:0f:9f:e5:54:b3:23:0d:26:5d:17:97:fc:
df:7b:69:65:19:96:bd:d4:f9:a5:54:44:90:f5:25:
54:85:88:92:eb:3d:81:66:ae:52:54:74:aa:6f:9a:
f2:57:3c:af:f1:1d:1e:8d:20:ee:13:6f:dc:29:9e:
3a:db:b1:9e:6f:45:44:72:a8:bb:0e:6d:26:f4:eb:
2f:27:a0:9f:81:fc:b2:23:0f:c2:9f:b1:01:77:1f:
4a:34:11:0e:f6:47:04:39:ed:38:a5:86:9d:10:09:
3e:58:53:15:19:39:d8:43:a1:bb:4d:9f:40:74:2c:
65:09:1f:ce:cb:d0:03:eb:c9:03:8e:8b:df:16:8e:
7e:dc:3b:10:57:38:4b:99:a6:f2:45:f7:81:a4:8c:
e9:c5:02:8f:43:db:28:9e:2a:96:d2:f6:40:f8:bc:
6f:b0:1b:77:d9:7c:4a:a2:04:41:15:92:79:cc:70:
55:10:66:cd:3b:0e:0e:0e:a4:fc:9a:13:e5:d4:b3:
2a:3a:f9:5b:4a:db:43:85:0c:4d:46:b5:33:2a:59:
09:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:05:06:F2:A4:95:C6:C6:DC:9E:7E:68:08:BA:C9:2A:D2:8B:B8:D7
X509v3 Authority Key Identifier:
keyid:E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/oAUG8qSVxsbcnn5oCLrJKtKLuNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.29.160.0-89.29.185.255
89.29.244.0/23
89.29.248.0/23
176.57.97.0/24
185.64.242.0/24
213.181.74.0-213.181.76.255
213.181.80.0/23
213.181.84.0-213.181.88.255
Signature Algorithm: sha256WithRSAEncryption
73:a2:8b:f4:08:17:df:c2:57:81:13:ea:14:d8:54:24:98:63:
5f:48:3c:86:57:4a:05:4b:c3:2a:fa:52:84:27:65:fb:7b:12:
66:21:c7:a5:93:df:7b:4b:74:68:f7:9f:70:9b:46:3f:3e:97:
74:ca:15:0e:a6:77:58:59:9e:6d:7d:9f:69:83:34:2f:3c:ea:
b8:10:3b:95:ec:65:81:33:f6:b4:09:d9:a1:ec:49:e8:41:20:
2c:9b:82:28:ce:4a:14:83:af:30:92:f2:73:3d:a4:72:e4:77:
85:a0:4b:eb:ba:fb:3a:84:f4:b4:84:30:eb:fc:0d:a5:d5:b0:
f0:6b:63:fc:b1:d6:84:19:10:6a:a0:19:8d:ac:25:60:94:c6:
f0:ae:0d:f4:e1:36:f1:f8:b0:82:62:89:b7:38:b1:45:7b:6d:
7a:76:23:94:7c:c5:f0:57:7f:01:ae:12:88:f2:0c:f6:8a:b4:
ef:02:35:c5:18:52:5e:88:b8:67:a5:11:8d:4e:9c:85:3a:ce:
38:45:30:f0:14:22:36:67:eb:65:4a:e3:8a:41:0e:1c:93:b1:
df:b7:bf:a9:30:2b:60:5b:0a:99:b6:9d:41:ab:a5:b2:b7:4a:
dc:5e:4d:e5:ff:4b:6f:d2:11:95:40:fc:8d:e9:27:37:85:59:
d5:ba:91:8a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZQntcFf0ftyuZuyCgxf7oa2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MmM0MTVkMTc3NWFlOTk5M2U5MDBhNzUzNmI0NmFiMTQ0
YTlhYTIwHhcNMjUwMTAyMTU1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDA1MDZmMmE0OTVjNmM2ZGM5ZTdlNjgwOGJhYzkyYWQyOGJiOGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YUKzL8neAm3UZtONxHJUbhcF7a9
UDNgk9vXBwMw3gjVuTRg9PNZFCNRQPSgs2wPn+VUsyMNJl0Xl/zfe2llGZa91Pml
VESQ9SVUhYiS6z2BZq5SVHSqb5ryVzyv8R0ejSDuE2/cKZ4627Geb0VEcqi7Dm0m
9OsvJ6CfgfyyIw/Cn7EBdx9KNBEO9kcEOe04pYadEAk+WFMVGTnYQ6G7TZ9AdCxl
CR/Oy9AD68kDjovfFo5+3DsQVzhLmabyRfeBpIzpxQKPQ9soniqW0vZA+LxvsBt3
2XxKogRBFZJ5zHBVEGbNOw4ODqT8mhPl1LMqOvlbSttDhQxNRrUzKlkJ1wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKAFBvKklcbG3J5+aAi6ySrSi7jXMB8GA1UdIwQY
MBaAFOksQV0Xda6Zk+kAp1NrRqsUSpqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQt
MWQ5MzRhMDQ4NDc0LzEvb0FVRzhxU1Z4c2Jjbm41b0NMckpLdEtMdU5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQtMWQ5MzRhMDQ4NDc0
LzEvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIMAwDBAVZHaAD
BAFZHbgDBAFZHfQDBAFZHfgDBACwOWEDBAC5QPIwDAMEAdW1SgMEANW1TAMEAdW1
UDAMAwQC1bVUAwQA1bVYMA0GCSqGSIb3DQEBCwUAA4IBAQBzoov0CBffwleBE+oU
2FQkmGNfSDyGV0oFS8Mq+lKEJ2X7exJmIcelk997S3Ro959wm0Y/Ppd0yhUOpndY
WZ5tfZ9pgzQvPOq4EDuV7GWBM/a0Cdmh7EnoQSAsm4IozkoUg68wkvJzPaRy5HeF
oEvruvs6hPS0hDDr/A2l1bDwa2P8sdaEGRBqoBmNrCVglMbwrg304Tbx+LCCYom3
OLFFe216diOUfMXwV38BrhKI8gz2irTvAjXFGFJeiLhnpRGNTpyFOs44RTDwFCI2
Z+tlSuOKQQ4ck7Hft7+pMCtgWwqZtp1Bq6Wyt0rcXk3l/0tv0hGVQPyN6Sc3hVnV
upGK
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:49 2025 by rpki-client