Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/34m9tu8-VJMAF9BtHbwX9Jvv0x4.roa
File: 34m9tu8-VJMAF9BtHbwX9Jvv0x4.roa (raw, json)
Hash identifier: 8cDtrdeF9xJMrCFVsKTBOunUF2EsP6IX5xqHU+sWq6o=
Subject key identifier: DF:89:BD:B6:EF:3E:54:93:00:17:D0:6D:1D:BC:17:F4:9B:EF:D3:1E
Certificate issuer: /CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Certificate serial: 01942825B27BC49999EE2D8186CF432B9376
Authority key identifier: 65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/34m9tu8-VJMAF9BtHbwX9Jvv0x4.roa
Signing time: Thu 02 Jan 2025 17:52:26 +0000
ROA not before: Thu 02 Jan 2025 17:52:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42248
IP address blocks: 89.106.96.0/24 maxlen: 24
89.106.97.0/24 maxlen: 24
89.106.98.0/24 maxlen: 24
89.106.99.0/24 maxlen: 24
89.106.100.0/24 maxlen: 24
89.106.106.0/24 maxlen: 24
89.106.110.0/23 maxlen: 23
89.106.112.0/23 maxlen: 23
89.106.114.0/23 maxlen: 23
89.106.116.0/23 maxlen: 23
89.106.118.0/23 maxlen: 23
89.106.120.0/23 maxlen: 23
89.106.122.0/23 maxlen: 23
89.106.124.0/23 maxlen: 23
89.106.126.0/24 maxlen: 24
94.139.216.0/21 maxlen: 21
178.75.224.0/21 maxlen: 21
178.75.232.0/21 maxlen: 21
178.239.224.0/20 maxlen: 20
185.44.124.0/22 maxlen: 22
185.52.50.0/24 maxlen: 24
185.52.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:b2:7b:c4:99:99:ee:2d:81:86:cf:43:2b:93:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Validity
Not Before: Jan 2 17:52:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df89bdb6ef3e54930017d06d1dbc17f49befd31e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c4:da:36:8d:91:52:69:87:81:2c:16:48:22:
d3:70:67:8d:87:0d:4c:cd:31:3c:6b:51:45:5a:54:
dc:ab:7b:b3:57:ac:5a:ed:5f:c2:bb:ad:fe:3d:cf:
d9:69:09:ba:b6:8c:e0:a9:d6:19:6e:eb:0a:8d:ac:
d2:73:15:18:32:f8:1f:5d:6b:0f:cd:c6:b3:98:6b:
34:67:63:8b:e2:cd:3a:2f:fa:68:67:b9:62:15:f5:
d4:ef:7f:67:18:7c:8a:4c:39:db:26:63:e6:19:49:
20:c9:04:f3:d3:ee:9f:a1:6f:a9:e9:a7:8f:17:84:
1c:dd:aa:d1:92:d7:dd:07:f2:f2:38:13:e8:82:51:
4e:08:35:36:3c:91:2e:37:e1:49:23:c1:27:e8:a7:
a5:48:96:fc:6b:67:fe:06:68:92:5d:fc:64:5f:5f:
8e:b8:2a:67:7a:b7:81:b0:f5:fc:36:fa:33:15:df:
23:83:9f:e5:00:6d:d8:e8:ef:72:69:8c:53:e2:13:
b1:02:7d:77:71:d8:14:60:47:3d:04:66:a5:77:58:
6a:6e:a8:44:8c:06:bb:81:93:17:8e:25:5f:35:45:
7d:85:ea:5e:4f:45:c0:49:f5:bc:53:00:15:7a:00:
64:38:fb:84:2c:e0:36:ca:03:a5:71:80:05:46:e6:
16:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:89:BD:B6:EF:3E:54:93:00:17:D0:6D:1D:BC:17:F4:9B:EF:D3:1E
X509v3 Authority Key Identifier:
keyid:65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/34m9tu8-VJMAF9BtHbwX9Jvv0x4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.96.0-89.106.100.255
89.106.106.0/24
89.106.110.0-89.106.126.255
94.139.216.0/21
178.75.224.0/20
178.239.224.0/20
185.44.124.0/22
185.52.50.0/23
Signature Algorithm: sha256WithRSAEncryption
b0:ff:6b:29:09:49:da:40:9d:1f:9c:46:81:02:1d:27:df:db:
a0:7c:32:e6:6c:05:70:04:31:81:45:32:78:25:40:38:9f:07:
54:27:54:0b:25:b1:4e:67:74:7b:df:94:d3:c6:80:39:f8:58:
33:b8:87:dc:41:ff:c5:3c:ce:4f:3c:bf:95:eb:43:01:b8:fe:
4a:1c:2c:5b:7b:fa:1c:f7:aa:66:92:78:55:c6:37:e2:20:7d:
7c:ea:2a:98:92:8d:ec:57:7a:6b:3e:b6:c1:a6:c6:45:ee:97:
60:c0:51:27:c1:c0:bc:d7:b0:27:63:14:21:a2:47:d6:c4:35:
a4:fc:c2:45:c1:9c:21:82:25:4b:c0:39:cb:d6:f4:17:b9:3a:
f0:cc:03:38:8d:81:4f:be:1e:51:d3:b8:2b:e9:5b:89:64:8c:
3c:3c:1b:19:d8:f4:a5:73:70:46:25:a6:d2:ec:a3:c0:67:8f:
8d:55:22:03:b4:f8:9d:25:bb:cd:79:ec:74:9f:33:54:1e:e7:
17:18:b9:7f:63:f4:e9:50:01:b6:ed:09:85:29:7f:7f:82:5e:
b3:6c:3a:95:3c:55:e0:55:4f:a7:bf:80:fa:cc:35:a6:f4:9f:
f0:e2:9f:46:6c:90:5e:41:9d:9c:e2:55:e4:c9:94:48:8d:73:
ef:fc:7f:cf
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZQoJbJ7xJmZ7i2Bhs9DK5N2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ODE2Nzc0YjdjNTY2NWQ2N2E4NmMyMGNlYjY0ODdiNWI3
OGIzOGQwHhcNMjUwMTAyMTc1MjI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjg5YmRiNmVmM2U1NDkzMDAxN2QwNmQxZGJjMTdmNDliZWZkMzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcTaNo2RUmmHgSwWSCLTcGeNhw1M
zTE8a1FFWlTcq3uzV6xa7V/Cu63+Pc/ZaQm6tozgqdYZbusKjazScxUYMvgfXWsP
zcazmGs0Z2OL4s06L/poZ7liFfXU739nGHyKTDnbJmPmGUkgyQTz0+6foW+p6aeP
F4Qc3arRktfdB/LyOBPoglFOCDU2PJEuN+FJI8En6KelSJb8a2f+BmiSXfxkX1+O
uCpnereBsPX8NvozFd8jg5/lAG3Y6O9yaYxT4hOxAn13cdgUYEc9BGald1hqbqhE
jAa7gZMXjiVfNUV9hepeT0XASfW8UwAVegBkOPuELOA2ygOlcYAFRuYW6QIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFN+JvbbvPlSTABfQbR28F/Sb79MeMB8GA1UdIwQY
MBaAFGWBZ3S3xWZdZ6hsIM62SHtbeLONMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYt
NmIxNDY5YzNiOTVhLzEvMzRtOXR1OC1WSk1BRjlCdEhid1g5SnZ2MHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYtNmIxNDY5YzNiOTVh
LzEvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAVZamAD
BABZamQDBABZamowDAMEAVlqbgMEAFlqfgMEA16L2AMEBLJL4AMEBLLv4AMEArks
fAMEAbk0MjANBgkqhkiG9w0BAQsFAAOCAQEAsP9rKQlJ2kCdH5xGgQIdJ9/boHwy
5mwFcAQxgUUyeCVAOJ8HVCdUCyWxTmd0e9+U08aAOfhYM7iH3EH/xTzOTzy/letD
Abj+ShwsW3v6HPeqZpJ4VcY34iB9fOoqmJKN7Fd6az62wabGRe6XYMBRJ8HAvNew
J2MUIaJH1sQ1pPzCRcGcIYIlS8A5y9b0F7k68MwDOI2BT74eUdO4K+lbiWSMPDwb
Gdj0pXNwRiWm0uyjwGePjVUiA7T4nSW7zXnsdJ8zVB7nFxi5f2P06VABtu0JhSl/
f4Jes2w6lTxV4FVPp7+A+sw1pvSf8OKfRmyQXkGdnOJV5MmUSI1z7/x/zw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:21:21 2025 by rpki-client