Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/86pmQhR3tumm6aKpKa5tR6sKn2Y.roa
File: 86pmQhR3tumm6aKpKa5tR6sKn2Y.roa (raw, json)
Hash identifier: y1UamkXET5HMaJBK7pe7q3lox6X+V75MRSuUUTK6f04=
Subject key identifier: F3:AA:66:42:14:77:B6:E9:A6:E9:A2:A9:29:AE:6D:47:AB:0A:9F:66
Certificate issuer: /CN=167782bea46fd271768ff46d9b45c057a9df5481
Certificate serial: 019421446C38136E41E590EE5DEFD3DC1D85
Authority key identifier: 16:77:82:BE:A4:6F:D2:71:76:8F:F4:6D:9B:45:C0:57:A9:DF:54:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FneCvqRv0nF2j_Rtm0XAV6nfVIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/86pmQhR3tumm6aKpKa5tR6sKn2Y.roa
Signing time: Wed 01 Jan 2025 09:48:39 +0000
ROA not before: Wed 01 Jan 2025 09:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205399
IP address blocks: 141.98.116.0/24 maxlen: 24
141.98.117.0/24 maxlen: 24
141.98.118.0/24 maxlen: 24
141.98.119.0/24 maxlen: 24
185.181.208.0/22 maxlen: 24
185.181.208.0/24 maxlen: 24
185.181.209.0/24 maxlen: 24
185.181.210.0/24 maxlen: 24
185.181.211.0/24 maxlen: 24
185.219.132.0/24 maxlen: 24
185.219.133.0/24 maxlen: 24
185.219.134.0/24 maxlen: 24
185.219.135.0/24 maxlen: 24
185.229.12.0/22 maxlen: 24
185.229.12.0/24 maxlen: 24
185.229.13.0/24 maxlen: 24
185.229.15.0/24 maxlen: 24
194.26.108.0/24 maxlen: 24
194.26.109.0/24 maxlen: 24
194.26.114.0/24 maxlen: 24
194.26.115.0/24 maxlen: 24
2a0a:e080::/29 maxlen: 29
2a0b:e8c0::/29 maxlen: 29
2a0d:ae00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/FneCvqRv0nF2j_Rtm0XAV6nfVIE.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/FneCvqRv0nF2j_Rtm0XAV6nfVIE.mft
rsync://rpki.ripe.net/repository/DEFAULT/FneCvqRv0nF2j_Rtm0XAV6nfVIE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 13:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:6c:38:13:6e:41:e5:90:ee:5d:ef:d3:dc:1d:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=167782bea46fd271768ff46d9b45c057a9df5481
Validity
Not Before: Jan 1 09:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3aa66421477b6e9a6e9a2a929ae6d47ab0a9f66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:70:a7:87:78:06:ae:3f:7a:c1:7c:67:12:39:
8d:b3:64:ac:43:cc:83:dc:be:bc:43:b3:6e:3b:47:
f3:3a:71:66:0c:0b:e2:23:5a:fb:87:37:b5:0d:c5:
a5:b5:cd:c9:09:a1:7e:16:c0:e5:83:6f:1f:84:6d:
9d:70:60:0d:72:6b:40:97:e5:8a:0c:c6:38:02:90:
48:74:23:22:b7:4c:e9:13:7b:7e:c3:13:0d:2d:62:
a8:96:36:26:7c:1c:21:77:f9:50:c3:fe:00:6d:5d:
11:81:3c:92:ff:ab:52:08:e2:b1:68:17:e7:fe:ea:
c1:8f:09:bb:22:20:39:a7:b4:ce:28:51:c5:e4:f0:
24:3d:bf:4d:7c:f3:53:32:2c:67:e0:c9:bd:a0:bc:
45:48:7f:86:f7:00:6d:c2:e2:4a:a0:c1:fe:f6:2d:
68:60:7e:1c:0b:ef:34:c0:05:b9:32:1c:92:59:b3:
72:48:bc:be:42:ac:bb:91:61:a9:cc:d2:40:c8:15:
48:20:b7:7a:42:49:b3:b5:e6:dc:f8:9f:c4:e3:9f:
a5:37:77:c3:4d:24:41:1e:5e:6a:7e:37:5e:1f:45:
82:4c:fb:e7:39:8b:55:b6:69:1d:44:3d:11:b7:ea:
e0:9d:94:f9:c7:42:b0:b3:d4:13:a9:0d:53:13:98:
26:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:AA:66:42:14:77:B6:E9:A6:E9:A2:A9:29:AE:6D:47:AB:0A:9F:66
X509v3 Authority Key Identifier:
keyid:16:77:82:BE:A4:6F:D2:71:76:8F:F4:6D:9B:45:C0:57:A9:DF:54:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FneCvqRv0nF2j_Rtm0XAV6nfVIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/86pmQhR3tumm6aKpKa5tR6sKn2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/FneCvqRv0nF2j_Rtm0XAV6nfVIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.116.0/22
185.181.208.0/22
185.219.132.0/22
185.229.12.0/22
194.26.108.0/23
194.26.114.0/23
IPv6:
2a0a:e080::/29
2a0b:e8c0::/29
2a0d:ae00::/29
Signature Algorithm: sha256WithRSAEncryption
28:45:11:73:3e:88:3b:66:fc:0a:8f:ec:9f:90:60:2e:39:55:
fa:4b:33:24:98:19:a7:c9:63:a9:b9:81:b6:be:f6:5c:66:cf:
dc:53:a6:e9:79:6f:00:6d:dd:de:da:7c:06:ed:aa:70:5f:df:
36:29:55:01:1d:09:53:59:fd:d8:8f:17:85:46:71:08:37:4a:
74:ae:ca:82:97:e7:45:98:58:f8:1a:6d:70:8e:17:05:30:56:
ea:07:7f:bf:22:da:1a:71:f2:25:cc:84:1d:22:9b:cb:5b:cd:
d3:63:bc:87:de:20:69:79:f5:44:d4:c2:43:8a:ac:4b:f4:0b:
da:19:13:ae:ac:8b:a3:57:bb:de:6e:14:2d:62:f2:cb:67:9e:
6f:49:a4:c8:1e:e9:72:d7:91:17:28:a0:c6:82:17:85:31:84:
e8:90:59:7c:ff:7a:f4:db:68:94:5a:fa:ef:7c:8d:81:5e:36:
da:f8:0c:0a:2a:11:d5:9b:e5:f0:72:65:80:98:4f:f2:7c:7f:
ba:17:d5:51:d5:25:d3:94:02:53:27:26:04:0f:70:63:4a:ad:
8a:73:a5:f9:15:f9:0b:e4:1d:14:14:19:16:6d:94:78:e4:1d:
1e:5c:a4:8e:5f:e4:31:65:cd:9e:90:19:23:3f:a4:ef:13:86:
47:2b:75:40
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZQhRGw4E25B5ZDuXe/T3B2FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2Nzc4MmJlYTQ2ZmQyNzE3NjhmZjQ2ZDliNDVjMDU3YTlk
ZjU0ODEwHhcNMjUwMTAxMDk0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2FhNjY0MjE0NzdiNmU5YTZlOWEyYTkyOWFlNmQ0N2FiMGE5ZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnCnh3gGrj96wXxnEjmNs2SsQ8yD
3L68Q7NuO0fzOnFmDAviI1r7hze1DcWltc3JCaF+FsDlg28fhG2dcGANcmtAl+WK
DMY4ApBIdCMit0zpE3t+wxMNLWKoljYmfBwhd/lQw/4AbV0RgTyS/6tSCOKxaBfn
/urBjwm7IiA5p7TOKFHF5PAkPb9NfPNTMixn4Mm9oLxFSH+G9wBtwuJKoMH+9i1o
YH4cC+80wAW5MhySWbNySLy+Qqy7kWGpzNJAyBVIILd6Qkmztebc+J/E45+lN3fD
TSRBHl5qfjdeH0WCTPvnOYtVtmkdRD0Rt+rgnZT5x0Kws9QTqQ1TE5gmhwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFPOqZkIUd7bppumiqSmubUerCp9mMB8GA1UdIwQY
MBaAFBZ3gr6kb9Jxdo/0bZtFwFep31SBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm5lQ3ZxUnYwbkYyal9SdG0wWEFWNm5mVklFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9lZjBiOTItNWQ4NS00NzkyLWI1NTEt
OWEzNTgzNjI4MjljLzEvODZwbVFoUjN0dW1tNmFLcEthNXRSNnNLbjJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9lZjBiOTItNWQ4NS00NzkyLWI1NTEtOWEzNTgzNjI4Mjlj
LzEvRm5lQ3ZxUnYwbkYyal9SdG0wWEFWNm5mVklFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQCjWJ0AwQC
ubXQAwQCuduEAwQCueUMAwQBwhpsAwQBwhpyMBsEAgACMBUDBQMqCuCAAwUDKgvo
wAMFAyoNrgAwDQYJKoZIhvcNAQELBQADggEBAChFEXM+iDtm/AqP7J+QYC45VfpL
MySYGafJY6m5gba+9lxmz9xTpul5bwBt3d7afAbtqnBf3zYpVQEdCVNZ/diPF4VG
cQg3SnSuyoKX50WYWPgabXCOFwUwVuoHf78i2hpx8iXMhB0im8tbzdNjvIfeIGl5
9UTUwkOKrEv0C9oZE66si6NXu95uFC1i8stnnm9JpMge6XLXkRcooMaCF4UxhOiQ
WXz/evTbaJRa+u98jYFeNtr4DAoqEdWb5fByZYCYT/J8f7oX1VHVJdOUAlMnJgQP
cGNKrYpzpfkV+QvkHRQUGRZtlHjkHR5cpI5f5DFlzZ6QGSM/pO8ThkcrdUA=
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:56:29 2025 by rpki-client