Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/89542a-587d-4c27-a523-6a1b9c1c6924/1/iNnNSc-GCpy_kfXVOvoivVeh7kk.roa
File: iNnNSc-GCpy_kfXVOvoivVeh7kk.roa (raw, json)
Hash identifier: RWS+M6/4Gi10W4jzmr5OrwQVniITHKJISgDut4dKF6U=
Subject key identifier: 88:D9:CD:49:CF:86:0A:9C:BF:91:F5:D5:3A:FA:22:BD:57:A1:EE:49
Certificate issuer: /CN=4789c5dc0dd544fc02b7e67e5f1bac456aabfe61
Certificate serial: 0194274815F5891FAAABE51ABB8B421CA871
Authority key identifier: 47:89:C5:DC:0D:D5:44:FC:02:B7:E6:7E:5F:1B:AC:45:6A:AB:FE:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R4nF3A3VRPwCt-Z-XxusRWqr_mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/89542a-587d-4c27-a523-6a1b9c1c6924/1/iNnNSc-GCpy_kfXVOvoivVeh7kk.roa
Signing time: Thu 02 Jan 2025 13:50:23 +0000
ROA not before: Thu 02 Jan 2025 13:50:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47178
IP address blocks: 93.188.112.0/21 maxlen: 21
185.99.224.0/22 maxlen: 22
185.99.224.0/24 maxlen: 24
185.99.225.0/24 maxlen: 24
185.99.226.0/24 maxlen: 24
185.99.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/89542a-587d-4c27-a523-6a1b9c1c6924/1/R4nF3A3VRPwCt-Z-XxusRWqr_mE.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/89542a-587d-4c27-a523-6a1b9c1c6924/1/R4nF3A3VRPwCt-Z-XxusRWqr_mE.mft
rsync://rpki.ripe.net/repository/DEFAULT/R4nF3A3VRPwCt-Z-XxusRWqr_mE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:15:f5:89:1f:aa:ab:e5:1a:bb:8b:42:1c:a8:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4789c5dc0dd544fc02b7e67e5f1bac456aabfe61
Validity
Not Before: Jan 2 13:50:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88d9cd49cf860a9cbf91f5d53afa22bd57a1ee49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4e:96:8e:20:40:3d:7a:88:72:55:33:38:1a:
2c:ba:4b:73:d0:bd:f0:ed:f9:98:34:45:41:73:a6:
ae:de:8d:ec:cc:e8:af:28:ec:e8:b5:26:02:87:21:
dc:8b:59:a1:a8:b0:d2:22:82:e0:1a:f4:7e:26:7f:
97:7d:51:fc:b5:d8:a3:0e:9f:20:aa:58:e2:92:64:
68:c0:23:ae:91:c9:ad:e8:1e:60:60:8b:50:19:f6:
86:af:f0:99:9f:5a:e4:ca:f8:e5:f9:b4:28:18:d8:
9f:de:c7:77:b6:62:d9:e6:85:eb:8c:31:45:45:e0:
fc:31:d2:72:59:08:70:96:d1:b1:56:59:d6:b7:8b:
a8:0a:61:21:41:06:6a:14:3b:df:16:42:37:d4:10:
3e:1f:66:ac:98:2e:19:8d:47:d4:ca:8b:e1:f1:63:
b5:3a:cb:ba:36:10:71:f7:85:0e:c8:db:f3:c9:e7:
b0:ba:72:c3:5e:d0:ae:99:5d:69:2d:b4:44:da:4e:
2a:b1:17:1b:63:0b:4e:ed:1a:60:4e:67:66:9f:3d:
81:17:43:03:3b:dc:e6:b8:f5:0e:b4:59:15:b8:44:
f9:dc:c7:39:00:f5:e1:63:e2:3f:ba:b0:9b:40:ee:
02:7c:23:e0:a9:e2:d1:90:8a:e9:93:58:70:13:1c:
d5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D9:CD:49:CF:86:0A:9C:BF:91:F5:D5:3A:FA:22:BD:57:A1:EE:49
X509v3 Authority Key Identifier:
keyid:47:89:C5:DC:0D:D5:44:FC:02:B7:E6:7E:5F:1B:AC:45:6A:AB:FE:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R4nF3A3VRPwCt-Z-XxusRWqr_mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/89542a-587d-4c27-a523-6a1b9c1c6924/1/iNnNSc-GCpy_kfXVOvoivVeh7kk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/89542a-587d-4c27-a523-6a1b9c1c6924/1/R4nF3A3VRPwCt-Z-XxusRWqr_mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.188.112.0/21
185.99.224.0/22
Signature Algorithm: sha256WithRSAEncryption
54:69:86:0e:6f:24:db:84:a0:d0:9e:49:42:dd:9c:70:09:99:
47:60:b7:78:f9:c8:86:89:09:a2:18:d0:04:e5:b9:ff:b5:fb:
49:43:9a:60:2e:93:57:69:c1:9d:1c:5f:d2:43:e5:d2:60:94:
b6:a8:91:e4:82:2e:b0:8c:2b:e4:bc:11:39:19:15:61:b5:3d:
17:09:8d:a5:b5:0e:16:75:81:7f:e5:19:3e:85:5b:08:1a:af:
3b:84:a7:27:6f:1e:dc:f6:9e:36:70:4a:c7:9e:87:12:7f:14:
e1:76:ac:5a:dd:63:f3:bd:2a:90:22:36:4f:6b:e1:b9:50:e2:
7b:e5:f6:cc:7b:2f:11:a4:20:5a:26:39:b6:1f:3e:1a:72:33:
4c:8c:a2:ea:48:a7:0a:7b:2a:cd:10:4a:71:0e:87:88:e7:06:
b3:db:93:5b:ce:5f:db:13:09:bf:05:7f:f4:e5:96:2a:c4:ca:
67:eb:95:47:05:3a:18:82:80:6b:6b:b5:f3:0d:38:04:b4:73:
e8:21:ac:ee:43:8e:f7:4d:03:54:b6:0c:e7:14:87:db:b9:31:
d0:8e:64:9c:14:8e:03:91:4a:69:c2:33:7f:a2:67:94:14:05:
90:b3:77:b9:59:66:56:c2:27:5b:5a:19:80:ab:e5:2f:fa:7b:
ce:d6:3b:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnSBX1iR+qq+Uau4tCHKhxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ODljNWRjMGRkNTQ0ZmMwMmI3ZTY3ZTVmMWJhYzQ1NmFh
YmZlNjEwHhcNMjUwMTAyMTM1MDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGQ5Y2Q0OWNmODYwYTljYmY5MWY1ZDUzYWZhMjJiZDU3YTFlZTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuk6WjiBAPXqIclUzOBosuktz0L3w
7fmYNEVBc6au3o3szOivKOzotSYChyHci1mhqLDSIoLgGvR+Jn+XfVH8tdijDp8g
qljikmRowCOukcmt6B5gYItQGfaGr/CZn1rkyvjl+bQoGNif3sd3tmLZ5oXrjDFF
ReD8MdJyWQhwltGxVlnWt4uoCmEhQQZqFDvfFkI31BA+H2asmC4ZjUfUyovh8WO1
Osu6NhBx94UOyNvzyeewunLDXtCumV1pLbRE2k4qsRcbYwtO7RpgTmdmnz2BF0MD
O9zmuPUOtFkVuET53Mc5APXhY+I/urCbQO4CfCPgqeLRkIrpk1hwExzVswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIjZzUnPhgqcv5H11Tr6Ir1Xoe5JMB8GA1UdIwQY
MBaAFEeJxdwN1UT8Arfmfl8brEVqq/5hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjRuRjNBM1ZSUHdDdC1aLVh4dXNSV3FyX21FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS84OTU0MmEtNTg3ZC00YzI3LWE1MjMt
NmExYjljMWM2OTI0LzEvaU5uTlNjLUdDcHlfa2ZYVk92b2l2VmVoN2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS84OTU0MmEtNTg3ZC00YzI3LWE1MjMtNmExYjljMWM2OTI0
LzEvUjRuRjNBM1ZSUHdDdC1aLVh4dXNSV3FyX21FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXbxwAwQC
uWPgMA0GCSqGSIb3DQEBCwUAA4IBAQBUaYYObyTbhKDQnklC3ZxwCZlHYLd4+ciG
iQmiGNAE5bn/tftJQ5pgLpNXacGdHF/SQ+XSYJS2qJHkgi6wjCvkvBE5GRVhtT0X
CY2ltQ4WdYF/5Rk+hVsIGq87hKcnbx7c9p42cErHnocSfxThdqxa3WPzvSqQIjZP
a+G5UOJ75fbMey8RpCBaJjm2Hz4acjNMjKLqSKcKeyrNEEpxDoeI5waz25Nbzl/b
Ewm/BX/05ZYqxMpn65VHBToYgoBra7XzDTgEtHPoIazuQ473TQNUtgznFIfbuTHQ
jmScFI4DkUppwjN/omeUFAWQs3e5WWZWwidbWhmAq+Uv+nvO1jvD
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:20:43 2025 by rpki-client