Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/6abcd1-eeee-46d5-9f6c-df6871e2f735/1/YVQzd6PcqiODUsbYmUonrXOMiW8.roa
File: YVQzd6PcqiODUsbYmUonrXOMiW8.roa (raw, json)
Hash identifier: UXmPQNw2cgJnJveX2kfmMJ+ICGqK1YqsczZUPC4FYUg=
Subject key identifier: 61:54:33:77:A3:DC:AA:23:83:52:C6:D8:99:4A:27:AD:73:8C:89:6F
Certificate issuer: /CN=07ead29889dbf62f398f64bc614916673056d45e
Certificate serial: 0194258F86C0F0CC6CC0F611BEC5353A14B9
Authority key identifier: 07:EA:D2:98:89:DB:F6:2F:39:8F:64:BC:61:49:16:67:30:56:D4:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B-rSmInb9i85j2S8YUkWZzBW1F4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/6abcd1-eeee-46d5-9f6c-df6871e2f735/1/YVQzd6PcqiODUsbYmUonrXOMiW8.roa
Signing time: Thu 02 Jan 2025 05:49:10 +0000
ROA not before: Thu 02 Jan 2025 05:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44668
IP address blocks: 77.87.40.0/21 maxlen: 21
91.202.104.0/22 maxlen: 22
176.122.88.0/21 maxlen: 21
185.255.48.0/22 maxlen: 22
193.168.51.0/24 maxlen: 24
193.168.55.0/24 maxlen: 24
193.194.112.0/22 maxlen: 22
195.5.126.0/24 maxlen: 24
195.18.28.0/22 maxlen: 22
2a0c:5940::/29 maxlen: 29
2a0c:5940::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/6abcd1-eeee-46d5-9f6c-df6871e2f735/1/B-rSmInb9i85j2S8YUkWZzBW1F4.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/6abcd1-eeee-46d5-9f6c-df6871e2f735/1/B-rSmInb9i85j2S8YUkWZzBW1F4.mft
rsync://rpki.ripe.net/repository/DEFAULT/B-rSmInb9i85j2S8YUkWZzBW1F4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:86:c0:f0:cc:6c:c0:f6:11:be:c5:35:3a:14:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07ead29889dbf62f398f64bc614916673056d45e
Validity
Not Before: Jan 2 05:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61543377a3dcaa238352c6d8994a27ad738c896f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8c:88:b4:65:28:dd:de:60:74:b7:8e:2d:3b:
c3:39:45:dc:f8:15:07:18:f0:e8:50:e3:cb:70:2a:
0f:e8:c6:e1:c8:4b:56:92:c9:ca:5d:22:b4:60:a3:
c5:3a:49:01:18:68:6d:8b:a5:3c:b8:b8:a4:ae:92:
d3:6b:55:5d:3b:30:74:6c:08:9d:e0:72:e5:5b:31:
95:ec:a2:a8:21:82:b6:54:cb:4c:52:55:7c:1e:bf:
ca:60:1e:9d:32:ef:82:87:85:f3:df:21:c5:a8:99:
f5:cf:54:69:68:33:11:52:47:00:64:93:a4:b5:3e:
9b:b3:4f:c5:88:73:e0:5e:70:b3:34:73:6d:51:1c:
47:c9:4f:2c:71:aa:b1:aa:84:61:62:59:33:f0:01:
b6:10:92:16:6e:e9:52:4e:f7:b9:5a:0d:ec:87:4e:
a9:d2:f8:25:7b:c9:10:5c:29:3b:54:6c:48:58:73:
92:15:ca:a8:be:69:23:38:84:90:18:bb:51:33:c0:
00:57:30:25:fe:75:2f:e7:d8:cf:4b:c2:30:51:3f:
c3:39:28:64:2b:84:ae:fc:2e:83:d2:aa:19:eb:1c:
a3:f3:a2:18:2f:1e:b7:98:9d:02:25:1b:ab:e4:d0:
bc:f7:64:7f:cb:5a:fb:9d:71:23:33:86:10:55:47:
23:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:54:33:77:A3:DC:AA:23:83:52:C6:D8:99:4A:27:AD:73:8C:89:6F
X509v3 Authority Key Identifier:
keyid:07:EA:D2:98:89:DB:F6:2F:39:8F:64:BC:61:49:16:67:30:56:D4:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B-rSmInb9i85j2S8YUkWZzBW1F4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/6abcd1-eeee-46d5-9f6c-df6871e2f735/1/YVQzd6PcqiODUsbYmUonrXOMiW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/6abcd1-eeee-46d5-9f6c-df6871e2f735/1/B-rSmInb9i85j2S8YUkWZzBW1F4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.40.0/21
91.202.104.0/22
176.122.88.0/21
185.255.48.0/22
193.168.51.0/24
193.168.55.0/24
193.194.112.0/22
195.5.126.0/24
195.18.28.0/22
IPv6:
2a0c:5940::/29
Signature Algorithm: sha256WithRSAEncryption
16:dc:c5:0e:66:7c:11:78:bf:15:cd:e5:49:0f:ee:a1:78:12:
c9:c2:e3:d0:44:79:18:b5:99:b9:66:27:8c:67:b2:11:1b:4f:
29:f9:32:d6:9f:81:2a:07:a6:2e:fe:09:c2:d2:9e:c6:cf:7d:
ab:bf:a4:ac:3a:40:53:93:ec:23:9a:50:cf:d4:16:cc:a2:5e:
8d:4e:14:c3:a0:0c:e1:4a:fe:3d:6e:66:9a:f2:29:d9:50:5f:
d2:d7:94:65:66:45:a6:4a:50:28:8b:60:c4:6e:4a:9a:69:7c:
4d:f9:21:73:eb:85:5c:15:60:02:bd:98:93:91:33:4e:1b:f8:
64:51:25:f6:10:17:42:d4:e9:c6:25:d8:88:76:e4:67:18:80:
45:fc:ec:35:35:13:65:1a:d0:dd:d0:74:cb:20:de:cb:b6:14:
64:86:e1:b2:ad:5a:de:27:8b:e6:64:55:86:d6:49:12:53:f7:
8c:83:10:fc:79:f3:c7:53:d8:5e:d2:c9:49:e1:e4:23:76:97:
36:ef:11:04:72:1f:0f:c9:5d:ad:1a:17:62:09:06:59:05:49:
7d:e7:0f:3d:da:a6:6d:f5:6c:43:6f:88:ae:32:d2:98:49:78:
2b:f6:d1:97:cc:3d:f3:b2:cd:15:5a:70:6b:5d:f1:4c:9a:e2:
7d:3c:5c:be
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZQlj4bA8MxswPYRvsU1OhS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZWFkMjk4ODlkYmY2MmYzOThmNjRiYzYxNDkxNjY3MzA1
NmQ0NWUwHhcNMjUwMTAyMDU0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTU0MzM3N2EzZGNhYTIzODM1MmM2ZDg5OTRhMjdhZDczOGM4OTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoyItGUo3d5gdLeOLTvDOUXc+BUH
GPDoUOPLcCoP6MbhyEtWksnKXSK0YKPFOkkBGGhti6U8uLikrpLTa1VdOzB0bAid
4HLlWzGV7KKoIYK2VMtMUlV8Hr/KYB6dMu+Ch4Xz3yHFqJn1z1RpaDMRUkcAZJOk
tT6bs0/FiHPgXnCzNHNtURxHyU8scaqxqoRhYlkz8AG2EJIWbulSTve5Wg3sh06p
0vgle8kQXCk7VGxIWHOSFcqovmkjOISQGLtRM8AAVzAl/nUv59jPS8IwUT/DOShk
K4Su/C6D0qoZ6xyj86IYLx63mJ0CJRur5NC892R/y1r7nXEjM4YQVUcjWQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFGFUM3ej3Kojg1LG2JlKJ61zjIlvMB8GA1UdIwQY
MBaAFAfq0piJ2/YvOY9kvGFJFmcwVtReMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQi1yU21JbmI5aTg1ajJTOFlVa1daekJXMUY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC82YWJjZDEtZWVlZS00NmQ1LTlmNmMt
ZGY2ODcxZTJmNzM1LzEvWVZRemQ2UGNxaU9EVXNiWW1Vb25yWE9NaVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC82YWJjZDEtZWVlZS00NmQ1LTlmNmMtZGY2ODcxZTJmNzM1
LzEvQi1yU21JbmI5aTg1ajJTOFlVa1daekJXMUY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDTVcoAwQC
W8poAwQDsHpYAwQCuf8wAwQAwagzAwQAwag3AwQCwcJwAwQAwwV+AwQCwxIcMA0E
AgACMAcDBQMqDFlAMA0GCSqGSIb3DQEBCwUAA4IBAQAW3MUOZnwReL8VzeVJD+6h
eBLJwuPQRHkYtZm5ZieMZ7IRG08p+TLWn4EqB6Yu/gnC0p7Gz32rv6SsOkBTk+wj
mlDP1BbMol6NThTDoAzhSv49bmaa8inZUF/S15RlZkWmSlAoi2DEbkqaaXxN+SFz
64VcFWACvZiTkTNOG/hkUSX2EBdC1OnGJdiIduRnGIBF/Ow1NRNlGtDd0HTLIN7L
thRkhuGyrVreJ4vmZFWG1kkSU/eMgxD8efPHU9he0slJ4eQjdpc27xEEch8PyV2t
GhdiCQZZBUl95w892qZt9WxDb4iuMtKYSXgr9tGXzD3zss0VWnBrXfFMmuJ9PFy+
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:42 2025 by rpki-client