Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/7b056d-09f7-4f12-b1a2-a56bf0cf4cbe/1/od7ExObCxDqzHqRis0nMtXmus2Y.roa
File: od7ExObCxDqzHqRis0nMtXmus2Y.roa (raw, json)
Hash identifier: WoaJOBOnB6iTsR77zkPSuoVOWwQU/LjcUNKKgIIFfv0=
Subject key identifier: A1:DE:C4:C4:E6:C2:C4:3A:B3:1E:A4:62:B3:49:CC:B5:79:AE:B3:66
Certificate issuer: /CN=ad883a86e82d0d910fcf59f8ff9f7bf1a6714870
Certificate serial: 01942369F30E2E6F23798C45BB376964CA8F
Authority key identifier: AD:88:3A:86:E8:2D:0D:91:0F:CF:59:F8:FF:9F:7B:F1:A6:71:48:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rYg6hugtDZEPz1n4_5978aZxSHA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/7b056d-09f7-4f12-b1a2-a56bf0cf4cbe/1/od7ExObCxDqzHqRis0nMtXmus2Y.roa
Signing time: Wed 01 Jan 2025 19:48:53 +0000
ROA not before: Wed 01 Jan 2025 19:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48894
IP address blocks: 91.223.182.0/24 maxlen: 24
91.226.99.0/24 maxlen: 24
91.240.216.0/24 maxlen: 24
193.9.21.0/24 maxlen: 24
193.104.240.0/24 maxlen: 24
195.206.228.0/24 maxlen: 24
195.206.229.0/24 maxlen: 24
2001:67c:2468::/48 maxlen: 48
2001:67c:2468:8000::/49 maxlen: 49
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/7b056d-09f7-4f12-b1a2-a56bf0cf4cbe/1/rYg6hugtDZEPz1n4_5978aZxSHA.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/7b056d-09f7-4f12-b1a2-a56bf0cf4cbe/1/rYg6hugtDZEPz1n4_5978aZxSHA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rYg6hugtDZEPz1n4_5978aZxSHA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:f3:0e:2e:6f:23:79:8c:45:bb:37:69:64:ca:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad883a86e82d0d910fcf59f8ff9f7bf1a6714870
Validity
Not Before: Jan 1 19:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1dec4c4e6c2c43ab31ea462b349ccb579aeb366
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:38:1c:b3:05:a6:e2:9f:2c:6e:05:2e:d4:19:
ff:21:52:37:e3:28:da:1f:f9:a2:3d:51:40:04:f7:
d4:9d:a2:5c:69:33:7c:81:91:ff:18:6d:99:e0:47:
df:8f:19:e6:59:bd:ae:93:07:15:b6:c0:36:4f:2d:
6f:dc:88:a1:0e:e4:00:d1:82:8d:ab:88:a3:22:2a:
c3:0a:cf:51:83:75:5e:f6:f3:c1:8e:07:b7:69:11:
dc:96:ba:5d:9e:4f:77:c8:48:20:69:80:5a:e4:84:
9b:68:55:14:0c:46:0b:7a:f4:00:fe:e8:bd:94:46:
19:4f:bc:a9:13:11:0b:78:e2:b8:5b:35:23:2f:58:
bb:9d:b4:0f:11:47:c4:56:12:55:3e:5b:3b:d8:be:
f1:b5:06:65:1b:03:03:1b:49:e8:ff:87:84:e2:7f:
9d:8e:68:db:ad:a7:7d:bd:1d:13:31:30:51:80:f3:
d1:89:35:8c:05:8d:a5:90:f7:d3:a3:69:92:a5:8a:
28:d5:17:f7:b3:bb:99:bb:68:66:64:15:49:af:11:
2c:12:8a:8e:58:76:ac:6c:d0:6c:76:d0:af:91:62:
b5:98:c1:24:c9:e6:35:9d:1d:ba:dd:c0:d7:b1:44:
63:fa:a8:6d:29:d7:26:b3:1f:29:2c:3a:36:58:12:
9b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:DE:C4:C4:E6:C2:C4:3A:B3:1E:A4:62:B3:49:CC:B5:79:AE:B3:66
X509v3 Authority Key Identifier:
keyid:AD:88:3A:86:E8:2D:0D:91:0F:CF:59:F8:FF:9F:7B:F1:A6:71:48:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rYg6hugtDZEPz1n4_5978aZxSHA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/7b056d-09f7-4f12-b1a2-a56bf0cf4cbe/1/od7ExObCxDqzHqRis0nMtXmus2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/7b056d-09f7-4f12-b1a2-a56bf0cf4cbe/1/rYg6hugtDZEPz1n4_5978aZxSHA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.182.0/24
91.226.99.0/24
91.240.216.0/24
193.9.21.0/24
193.104.240.0/24
195.206.228.0/23
IPv6:
2001:67c:2468::/48
Signature Algorithm: sha256WithRSAEncryption
00:d8:3f:89:a0:bb:3c:09:83:5a:e7:8e:72:14:df:84:91:3b:
af:3e:db:98:0d:37:9e:16:4d:96:11:ff:6e:44:e4:3e:fb:18:
8e:f5:a3:61:70:60:07:d4:1c:99:82:b0:3d:f6:f9:9a:42:de:
56:2b:2a:70:1c:f8:e5:bc:71:3e:52:f2:23:df:f8:3a:b7:a3:
fe:1b:51:15:9c:53:5e:df:fd:48:c1:c4:96:4b:b5:d1:1d:76:
72:86:5d:dc:df:bb:e5:64:95:05:49:00:e2:ce:7b:a9:86:e3:
d2:c1:e9:5d:e6:8b:d6:52:75:4e:24:1e:b3:c3:27:7b:2b:24:
85:93:cb:53:7a:c8:0f:b1:f5:b0:4c:ec:9e:2f:0d:99:4f:73:
54:ca:41:5e:9d:a9:20:b5:5a:cb:43:50:3b:24:99:57:60:1d:
66:87:88:06:3e:4f:1a:36:1a:cf:64:a3:87:05:50:c1:42:a7:
68:22:de:b1:9a:9b:f2:6f:9a:48:7b:db:4d:bb:90:12:4a:bb:
72:ff:dd:ea:65:eb:f5:eb:34:83:b2:33:73:5d:ea:c7:f2:19:
55:33:40:31:87:34:78:a3:f4:5f:7d:65:bd:b8:f4:98:00:2e:
38:ea:f8:a6:95:a7:a4:e3:53:b2:e9:a3:17:55:c6:02:2c:03:
12:7b:49:6a
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQjafMOLm8jeYxFuzdpZMqPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkODgzYTg2ZTgyZDBkOTEwZmNmNTlmOGZmOWY3YmYxYTY3
MTQ4NzAwHhcNMjUwMTAxMTk0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWRlYzRjNGU2YzJjNDNhYjMxZWE0NjJiMzQ5Y2NiNTc5YWViMzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTgcswWm4p8sbgUu1Bn/IVI34yja
H/miPVFABPfUnaJcaTN8gZH/GG2Z4EffjxnmWb2ukwcVtsA2Ty1v3IihDuQA0YKN
q4ijIirDCs9Rg3Ve9vPBjge3aRHclrpdnk93yEggaYBa5ISbaFUUDEYLevQA/ui9
lEYZT7ypExELeOK4WzUjL1i7nbQPEUfEVhJVPls72L7xtQZlGwMDG0no/4eE4n+d
jmjbrad9vR0TMTBRgPPRiTWMBY2lkPfTo2mSpYoo1Rf3s7uZu2hmZBVJrxEsEoqO
WHasbNBsdtCvkWK1mMEkyeY1nR263cDXsURj+qhtKdcmsx8pLDo2WBKbYwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFKHexMTmwsQ6sx6kYrNJzLV5rrNmMB8GA1UdIwQY
MBaAFK2IOoboLQ2RD89Z+P+fe/GmcUhwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcllnNmh1Z3REWkVQejFuNF81OTc4YVp4U0hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni83YjA1NmQtMDlmNy00ZjEyLWIxYTIt
YTU2YmYwY2Y0Y2JlLzEvb2Q3RXhPYkN4RHF6SHFSaXMwbk10WG11czJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni83YjA1NmQtMDlmNy00ZjEyLWIxYTItYTU2YmYwY2Y0Y2Jl
LzEvcllnNmh1Z3REWkVQejFuNF81OTc4YVp4U0hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAW9+2AwQA
W+JjAwQAW/DYAwQAwQkVAwQAwWjwAwQBw87kMA8EAgACMAkDBwAgAQZ8JGgwDQYJ
KoZIhvcNAQELBQADggEBAADYP4mguzwJg1rnjnIU34SRO68+25gNN54WTZYR/25E
5D77GI71o2FwYAfUHJmCsD32+ZpC3lYrKnAc+OW8cT5S8iPf+Dq3o/4bURWcU17f
/UjBxJZLtdEddnKGXdzfu+VklQVJAOLOe6mG49LB6V3mi9ZSdU4kHrPDJ3srJIWT
y1N6yA+x9bBM7J4vDZlPc1TKQV6dqSC1WstDUDskmVdgHWaHiAY+Txo2Gs9ko4cF
UMFCp2gi3rGam/Jvmkh72027kBJKu3L/3epl6/XrNIOyM3Nd6sfyGVUzQDGHNHij
9F99Zb249JgALjjq+KaVp6TjU7LpoxdVxgIsAxJ7SWo=
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:18:17 2025 by rpki-client