Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/fM4upgn2bkdFqFqdM4w69KIFo18.roa
File: fM4upgn2bkdFqFqdM4w69KIFo18.roa (raw, json)
Hash identifier: jdCOCGDOKFN0MgNs03zeJs4dUrMLVsH5Mui/w86uNjY=
Subject key identifier: 7C:CE:2E:A6:09:F6:6E:47:45:A8:5A:9D:33:8C:3A:F4:A2:05:A3:5F
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FE629000BABE142F0CE1298CAC20E
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/fM4upgn2bkdFqFqdM4w69KIFo18.roa
Signing time: Thu 02 Jan 2025 05:49:35 +0000
ROA not before: Thu 02 Jan 2025 05:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198056
IP address blocks: 93.170.106.0/23 maxlen: 24
93.171.132.0/23 maxlen: 24
95.46.110.0/23 maxlen: 24
95.46.192.0/22 maxlen: 24
146.120.111.0/24 maxlen: 24
146.158.56.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:e6:29:00:0b:ab:e1:42:f0:ce:12:98:ca:c2:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7cce2ea609f66e4745a85a9d338c3af4a205a35f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c4:a8:9d:83:7f:86:8d:0b:71:ee:1a:fc:30:
54:b8:41:4e:d0:d0:cb:80:47:98:60:d4:e9:f3:ec:
aa:b3:56:a8:21:3b:23:c9:6c:47:4e:29:4c:a8:21:
18:b4:d7:d0:98:85:e4:de:0c:af:5f:40:04:6a:c7:
17:e1:1f:9e:23:3b:e2:d5:3d:ad:00:53:20:25:6a:
f5:1e:1c:37:9b:e2:02:5f:1e:6d:59:08:71:b5:82:
f1:9b:f6:a3:8c:ba:07:34:d4:0c:b1:e2:00:22:9e:
2b:3f:d0:f1:34:97:60:f6:3f:64:aa:08:91:5b:1a:
80:3b:f3:f4:85:7f:a1:c2:da:22:6a:da:00:6c:4b:
a8:05:7e:db:ae:e1:b5:39:70:48:b0:21:08:39:1e:
71:b0:92:0d:0b:33:e8:66:44:7f:b6:c3:8e:8a:06:
59:4f:ad:0c:69:8f:21:fc:a8:fe:02:97:7d:f0:69:
bf:a0:6d:8e:09:07:c6:fe:4f:4e:d3:d5:74:98:89:
44:0a:3d:4c:d2:3b:45:2b:26:99:0e:4d:e6:4d:dd:
6c:e0:df:9e:4d:52:4e:56:73:66:86:fb:57:14:e4:
ab:7c:69:f5:63:e4:9c:07:81:5d:0a:5d:20:f3:8a:
dc:4a:83:0b:b8:59:de:3b:41:ac:0c:b7:44:14:3d:
a4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:CE:2E:A6:09:F6:6E:47:45:A8:5A:9D:33:8C:3A:F4:A2:05:A3:5F
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/fM4upgn2bkdFqFqdM4w69KIFo18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.106.0/23
93.171.132.0/23
95.46.110.0/23
95.46.192.0/22
146.120.111.0/24
146.158.56.0/23
Signature Algorithm: sha256WithRSAEncryption
92:b5:4e:a3:9f:77:1a:8f:3c:9b:d0:86:9c:40:eb:0b:2e:f5:
d4:f1:09:5d:54:be:21:af:ab:c4:78:d8:d6:49:8f:48:82:8f:
dd:23:e8:ba:0b:c5:8c:3d:14:e5:7e:6a:41:24:85:19:ae:15:
95:b4:d6:a9:f5:ce:c4:fc:b9:de:9a:fc:d3:4e:83:8b:c7:bb:
df:ba:f8:aa:b7:e0:e3:b0:94:5c:4b:48:d1:20:c1:04:2c:c8:
83:0f:01:1b:28:a7:b8:83:09:90:1c:91:65:1b:a6:95:f3:5a:
ae:56:6c:18:94:4e:00:be:10:60:8c:37:cc:e5:4e:50:31:7a:
ab:e1:77:08:b0:07:a9:1e:1f:b3:11:ff:bb:1c:89:bc:c9:bf:
89:82:bb:e4:79:35:07:1f:b1:34:f3:2a:a4:72:e9:4e:b5:7c:
78:cf:31:af:34:67:27:d7:aa:22:27:88:13:83:15:f1:07:0e:
c2:33:e4:cf:62:d2:7c:4d:60:b7:7e:d5:cc:af:d2:a0:be:eb:
be:4d:45:39:d2:53:4e:10:e6:29:5f:0c:d3:23:20:5c:a8:3e:
34:f5:1f:9c:04:e4:70:82:78:31:88:b3:fc:15:6b:5d:2f:f3:
90:5c:38:5f:94:13:dc:5f:28:ed:f9:7b:d3:79:44:21:fb:83:
17:79:31:a3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQlj+YpAAur4ULwzhKYysIOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2NlMmVhNjA5ZjY2ZTQ3NDVhODVhOWQzMzhjM2FmNGEyMDVhMzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMSonYN/ho0Lce4a/DBUuEFO0NDL
gEeYYNTp8+yqs1aoITsjyWxHTilMqCEYtNfQmIXk3gyvX0AEascX4R+eIzvi1T2t
AFMgJWr1Hhw3m+ICXx5tWQhxtYLxm/ajjLoHNNQMseIAIp4rP9DxNJdg9j9kqgiR
WxqAO/P0hX+hwtoiatoAbEuoBX7bruG1OXBIsCEIOR5xsJINCzPoZkR/tsOOigZZ
T60MaY8h/Kj+Apd98Gm/oG2OCQfG/k9O09V0mIlECj1M0jtFKyaZDk3mTd1s4N+e
TVJOVnNmhvtXFOSrfGn1Y+ScB4FdCl0g84rcSoMLuFneO0GsDLdEFD2kkwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHzOLqYJ9m5HRahanTOMOvSiBaNfMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvZk00dXBnbjJia2RGcUZxZE00dzY5S0lGbzE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBXapqAwQB
XauEAwQBXy5uAwQCXy7AAwQAknhvAwQBkp44MA0GCSqGSIb3DQEBCwUAA4IBAQCS
tU6jn3cajzyb0IacQOsLLvXU8QldVL4hr6vEeNjWSY9Igo/dI+i6C8WMPRTlfmpB
JIUZrhWVtNap9c7E/LnemvzTToOLx7vfuviqt+DjsJRcS0jRIMEELMiDDwEbKKe4
gwmQHJFlG6aV81quVmwYlE4AvhBgjDfM5U5QMXqr4XcIsAepHh+zEf+7HIm8yb+J
grvkeTUHH7E08yqkculOtXx4zzGvNGcn16oiJ4gTgxXxBw7CM+TPYtJ8TWC3ftXM
r9Kgvuu+TUU50lNOEOYpXwzTIyBcqD409R+cBORwgngxiLP8FWtdL/OQXDhflBPc
Xyjt+XvTeUQh+4MXeTGj
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:43:56 2025 by rpki-client