Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/_49frtnqABvmWwomoQSp0iMiy5M.roa
File: _49frtnqABvmWwomoQSp0iMiy5M.roa (raw, json)
Hash identifier: pe4aV6fFro3d/sEjXnRsXsKg7/+oBeZ1w9pvwh3mE1E=
Subject key identifier: FF:8F:5F:AE:D9:EA:00:1B:E6:5B:0A:26:A1:04:A9:D2:23:22:CB:93
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 019721671D92F606B32A157D1D97025A3156
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/_49frtnqABvmWwomoQSp0iMiy5M.roa
Signing time: Fri 30 May 2025 13:34:55 +0000
ROA not before: Fri 30 May 2025 13:34:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42489
IP address blocks: 93.170.134.0/23 maxlen: 24
146.120.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:21:67:1d:92:f6:06:b3:2a:15:7d:1d:97:02:5a:31:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: May 30 13:34:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff8f5faed9ea001be65b0a26a104a9d22322cb93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:37:7b:0a:5e:ed:a9:ac:87:d9:d5:82:33:f7:
2b:81:a4:6b:eb:55:b9:c5:e8:fa:8f:75:71:e4:e5:
cd:d9:e6:74:aa:10:29:76:d4:e8:c5:cb:db:d5:e7:
67:b9:14:d2:bd:54:aa:41:55:c8:09:1e:de:2b:64:
88:0c:2b:90:27:4e:aa:2c:5b:37:b0:b9:a4:7a:05:
4b:c2:eb:19:16:e4:dd:23:06:f5:22:87:22:85:65:
30:c4:91:4b:95:bd:c5:8a:84:3e:f8:b4:d8:aa:6c:
64:2c:a8:22:88:38:61:cc:6d:f4:e8:e9:2d:fa:de:
e5:bf:9e:c0:4e:2b:e6:5e:b9:94:71:ac:34:06:13:
13:02:60:6a:a2:44:db:67:a5:82:e4:ac:31:bb:cc:
5a:d2:05:e1:70:21:96:fc:e5:47:07:10:dc:86:77:
f7:e9:0f:3b:b3:49:cd:a1:7e:0d:af:5b:18:d7:45:
1f:09:fc:c3:04:78:88:ef:ef:be:46:6c:5a:5a:05:
ac:6f:25:a0:61:ef:3e:4b:c1:21:f5:ed:aa:d0:39:
99:14:39:b9:11:f6:0d:8e:f4:cd:d1:e0:61:85:db:
44:ad:ac:ff:30:33:49:d6:39:30:6d:b6:50:2c:a6:
25:e6:fb:11:4a:a8:55:ff:cd:48:d9:4e:80:d5:c8:
cb:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:8F:5F:AE:D9:EA:00:1B:E6:5B:0A:26:A1:04:A9:D2:23:22:CB:93
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/_49frtnqABvmWwomoQSp0iMiy5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.134.0/23
146.120.222.0/24
Signature Algorithm: sha256WithRSAEncryption
64:3f:1d:a5:0c:02:40:4b:b7:a5:74:1e:e3:35:66:51:c6:4a:
0b:77:a0:ac:c6:d8:9d:66:70:86:39:b7:e1:04:1b:6e:d1:49:
be:ff:58:43:eb:cb:3c:12:39:ac:93:2b:43:cc:93:0a:a7:8f:
f6:3a:a9:27:29:1c:68:e0:95:22:99:5c:13:50:5f:9b:c7:bf:
b0:54:7f:56:da:e1:0c:22:b0:4a:2c:31:5b:ea:79:ec:28:26:
70:a4:f7:88:05:40:37:d3:97:16:0e:b6:5a:00:ad:36:ea:39:
da:d4:81:f6:ff:15:4e:12:aa:d3:b7:b2:a7:4f:f8:0f:c5:f4:
de:8d:f9:04:5c:ff:76:12:96:cd:2e:1e:31:83:42:37:71:bc:
06:e3:99:8d:4f:4f:a1:fb:2e:1d:a5:bf:47:2a:b5:b5:96:6d:
4a:0a:2e:70:36:25:06:17:76:37:87:e0:ca:44:0e:c1:21:0c:
2c:52:a5:16:38:5a:e5:cc:ae:d7:60:0c:b0:aa:c9:54:cd:fd:
80:6b:d8:05:cd:21:e2:a4:6e:e1:c5:c1:99:25:b4:44:e9:92:
b6:99:c2:9b:8e:15:99:cc:27:31:3d:0f:85:c2:d1:b5:cb:89:
7c:45:f9:73:fb:03:10:f9:ee:c6:c3:18:0a:2e:9b:ad:db:6b:
60:4a:c3:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZchZx2S9gazKhV9HZcCWjFWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwNTMwMTMzNDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjhmNWZhZWQ5ZWEwMDFiZTY1YjBhMjZhMTA0YTlkMjIzMjJjYjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzd7Cl7tqayH2dWCM/crgaRr61W5
xej6j3Vx5OXN2eZ0qhApdtToxcvb1ednuRTSvVSqQVXICR7eK2SIDCuQJ06qLFs3
sLmkegVLwusZFuTdIwb1IocihWUwxJFLlb3FioQ++LTYqmxkLKgiiDhhzG306Okt
+t7lv57ATivmXrmUcaw0BhMTAmBqokTbZ6WC5Kwxu8xa0gXhcCGW/OVHBxDchnf3
6Q87s0nNoX4Nr1sY10UfCfzDBHiI7+++RmxaWgWsbyWgYe8+S8Eh9e2q0DmZFDm5
EfYNjvTN0eBhhdtEraz/MDNJ1jkwbbZQLKYl5vsRSqhV/81I2U6A1cjLZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP+PX67Z6gAb5lsKJqEEqdIjIsuTMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvXzQ5ZnJ0bnFBQnZtV3dvbW9RU3AwaU1peTVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXaqGAwQA
knjeMA0GCSqGSIb3DQEBCwUAA4IBAQBkPx2lDAJAS7eldB7jNWZRxkoLd6Csxtid
ZnCGObfhBBtu0Um+/1hD68s8EjmskytDzJMKp4/2OqknKRxo4JUimVwTUF+bx7+w
VH9W2uEMIrBKLDFb6nnsKCZwpPeIBUA305cWDrZaAK026jna1IH2/xVOEqrTt7Kn
T/gPxfTejfkEXP92EpbNLh4xg0I3cbwG45mNT0+h+y4dpb9HKrW1lm1KCi5wNiUG
F3Y3h+DKRA7BIQwsUqUWOFrlzK7XYAywqslUzf2Aa9gFzSHipG7hxcGZJbRE6ZK2
mcKbjhWZzCcxPQ+FwtG1y4l8Rflz+wMQ+e7GwxgKLput22tgSsPT
-----END CERTIFICATE-----
Generated at Fri Jun 6 10:00:17 2025 by rpki-client