Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/bc98cb-971d-4b04-b81e-b610568466b3/1/r8Obi9IFhGpTy_Fq_kKt7tzU_pA.roa
File: r8Obi9IFhGpTy_Fq_kKt7tzU_pA.roa (raw, json)
Hash identifier: aKaPCyYUlKajFN86VFdggb+LUFUQbQdhAkrOshlrb08=
Subject key identifier: AF:C3:9B:8B:D2:05:84:6A:53:CB:F1:6A:FE:42:AD:EE:DC:D4:FE:90
Certificate issuer: /CN=26b9ceb10c2c8c00d16099603cc11bed00547be6
Certificate serial: 01941FFAB294C9080C9A6919B993EAEBFB0F
Authority key identifier: 26:B9:CE:B1:0C:2C:8C:00:D1:60:99:60:3C:C1:1B:ED:00:54:7B:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JrnOsQwsjADRYJlgPMEb7QBUe-Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/bc98cb-971d-4b04-b81e-b610568466b3/1/r8Obi9IFhGpTy_Fq_kKt7tzU_pA.roa
Signing time: Wed 01 Jan 2025 03:48:30 +0000
ROA not before: Wed 01 Jan 2025 03:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29686
IP address blocks: 82.96.64.0/18 maxlen: 18
82.96.96.0/24 maxlen: 24
85.190.0.0/18 maxlen: 18
85.190.0.0/19 maxlen: 19
185.191.224.0/22 maxlen: 24
2001:1bc0::/29 maxlen: 32
2001:1bc7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/bc98cb-971d-4b04-b81e-b610568466b3/1/JrnOsQwsjADRYJlgPMEb7QBUe-Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/bc98cb-971d-4b04-b81e-b610568466b3/1/JrnOsQwsjADRYJlgPMEb7QBUe-Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/JrnOsQwsjADRYJlgPMEb7QBUe-Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:b2:94:c9:08:0c:9a:69:19:b9:93:ea:eb:fb:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26b9ceb10c2c8c00d16099603cc11bed00547be6
Validity
Not Before: Jan 1 03:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afc39b8bd205846a53cbf16afe42adeedcd4fe90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a4:ba:bd:84:7a:f5:0f:3b:d7:55:9a:6f:70:
11:41:e2:77:d2:5b:02:65:6e:46:69:58:01:88:6d:
8d:46:9f:37:cd:d0:ed:04:89:68:62:b8:09:f0:6f:
2f:ec:6f:c8:09:38:5d:92:a9:34:92:10:25:cf:6f:
4a:5a:44:1f:24:cd:9c:c8:c5:47:63:b0:60:72:ab:
f6:c1:85:f2:e1:81:fe:fd:38:a1:33:c4:1b:b7:ec:
eb:0c:34:11:d3:78:6b:56:dd:60:15:a2:69:f1:e1:
b0:26:b2:da:aa:d8:3a:cf:3d:dd:6d:38:fb:60:89:
7c:46:ea:c0:af:31:66:fa:ff:65:70:dd:ac:b5:ea:
3a:70:33:5d:c4:25:bb:a0:81:ee:e2:00:a3:d9:24:
e3:d7:56:30:1a:0c:fc:20:73:5c:19:d8:74:b0:15:
8a:84:81:ec:48:21:98:81:56:ea:ec:2e:b7:f0:8d:
16:36:0e:74:fc:94:ef:b6:dc:f0:00:e5:dc:90:af:
60:97:a4:0c:80:dc:9b:73:67:e0:88:f9:6b:6b:1d:
94:4d:ea:05:f1:46:86:5a:46:49:d5:10:bc:37:79:
8a:52:28:38:ea:d2:bf:99:af:93:56:7f:f9:12:93:
fb:6a:3d:70:2a:a8:bd:c0:b1:81:64:5c:55:eb:20:
2b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:C3:9B:8B:D2:05:84:6A:53:CB:F1:6A:FE:42:AD:EE:DC:D4:FE:90
X509v3 Authority Key Identifier:
keyid:26:B9:CE:B1:0C:2C:8C:00:D1:60:99:60:3C:C1:1B:ED:00:54:7B:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JrnOsQwsjADRYJlgPMEb7QBUe-Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/bc98cb-971d-4b04-b81e-b610568466b3/1/r8Obi9IFhGpTy_Fq_kKt7tzU_pA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/bc98cb-971d-4b04-b81e-b610568466b3/1/JrnOsQwsjADRYJlgPMEb7QBUe-Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.96.64.0/18
85.190.0.0/18
185.191.224.0/22
IPv6:
2001:1bc0::/29
Signature Algorithm: sha256WithRSAEncryption
60:20:95:0d:af:ec:06:df:b7:15:98:d9:3f:e6:e6:31:ab:f9:
99:71:e7:0b:6f:b8:1e:01:4f:5e:bd:2d:e3:ca:e3:4d:70:fb:
27:9a:82:27:20:cf:bc:eb:bd:9e:74:1c:4c:ef:93:31:20:fa:
5e:62:9f:7a:9e:e6:0e:58:8c:f1:ae:75:da:58:8f:f1:b5:7e:
ba:2f:a0:4a:de:68:ba:6d:09:2c:78:f8:44:e5:29:fd:36:db:
b6:86:46:c4:3c:97:ab:5c:5e:48:7e:03:16:af:fd:26:c1:d7:
a3:e8:ae:00:ed:59:50:dd:1e:82:9e:5a:95:75:52:a1:b6:ee:
79:02:fa:28:1e:19:3a:07:5d:f0:88:ae:f3:e4:df:1d:33:fe:
49:e9:78:02:84:21:fe:09:8f:3a:ba:33:3b:01:56:a3:1c:65:
05:9d:80:67:d7:05:32:2e:9e:88:3a:ae:44:83:9a:16:da:7f:
f7:f1:1c:50:cd:51:db:e8:33:94:cb:6b:47:ae:49:9e:e6:1f:
5c:54:7b:fc:87:ef:da:7a:67:b6:79:8c:6f:46:7f:60:5b:f3:
14:71:c2:26:0d:f0:77:96:7d:0c:ea:5c:20:61:14:00:70:7b:
43:0c:2f:7e:f0:29:3c:0b:ac:02:24:4d:b6:aa:93:ce:71:d7:
a9:8b:b5:40
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQf+rKUyQgMmmkZuZPq6/sPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YjljZWIxMGMyYzhjMDBkMTYwOTk2MDNjYzExYmVkMDA1
NDdiZTYwHhcNMjUwMTAxMDM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmMzOWI4YmQyMDU4NDZhNTNjYmYxNmFmZTQyYWRlZWRjZDRmZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqS6vYR69Q8711Wab3ARQeJ30lsC
ZW5GaVgBiG2NRp83zdDtBIloYrgJ8G8v7G/ICThdkqk0khAlz29KWkQfJM2cyMVH
Y7Bgcqv2wYXy4YH+/TihM8Qbt+zrDDQR03hrVt1gFaJp8eGwJrLaqtg6zz3dbTj7
YIl8RurArzFm+v9lcN2steo6cDNdxCW7oIHu4gCj2STj11YwGgz8IHNcGdh0sBWK
hIHsSCGYgVbq7C638I0WNg50/JTvttzwAOXckK9gl6QMgNybc2fgiPlrax2UTeoF
8UaGWkZJ1RC8N3mKUig46tK/ma+TVn/5EpP7aj1wKqi9wLGBZFxV6yAr5wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFK/Dm4vSBYRqU8vxav5Cre7c1P6QMB8GA1UdIwQY
MBaAFCa5zrEMLIwA0WCZYDzBG+0AVHvmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnJuT3NRd3NqQURSWUpsZ1BNRWI3UUJVZS1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9iYzk4Y2ItOTcxZC00YjA0LWI4MWUt
YjYxMDU2ODQ2NmIzLzEvcjhPYmk5SUZoR3BUeV9GcV9rS3Q3dHpVX3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9iYzk4Y2ItOTcxZC00YjA0LWI4MWUtYjYxMDU2ODQ2NmIz
LzEvSnJuT3NRd3NqQURSWUpsZ1BNRWI3UUJVZS1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGUmBAAwQG
Vb4AAwQCub/gMA0EAgACMAcDBQMgARvAMA0GCSqGSIb3DQEBCwUAA4IBAQBgIJUN
r+wG37cVmNk/5uYxq/mZcecLb7geAU9evS3jyuNNcPsnmoInIM+8672edBxM75Mx
IPpeYp96nuYOWIzxrnXaWI/xtX66L6BK3mi6bQksePhE5Sn9Ntu2hkbEPJerXF5I
fgMWr/0mwdej6K4A7VlQ3R6CnlqVdVKhtu55AvooHhk6B13wiK7z5N8dM/5J6XgC
hCH+CY86ujM7AVajHGUFnYBn1wUyLp6IOq5Eg5oW2n/38RxQzVHb6DOUy2tHrkme
5h9cVHv8h+/aeme2eYxvRn9gW/MUccImDfB3ln0M6lwgYRQAcHtDDC9+8Ck8C6wC
JE22qpPOcdepi7VA
-----END CERTIFICATE-----
Generated at Wed Apr 16 00:26:08 2025 by rpki-client