Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/Ci8c4lijM-itsGBnOoGvfjxFVD4.roa
File: Ci8c4lijM-itsGBnOoGvfjxFVD4.roa (raw, json)
Hash identifier: IwkrVAcoM8fcw5GSh/qj2juJAHVqPWudn41+HXh3nJA=
Subject key identifier: 0A:2F:1C:E2:58:A3:33:E8:AD:B0:60:67:3A:81:AF:7E:3C:45:54:3E
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 019427B618D14956C6D023D555E0487440F1
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/Ci8c4lijM-itsGBnOoGvfjxFVD4.roa
Signing time: Thu 02 Jan 2025 15:50:32 +0000
ROA not before: Thu 02 Jan 2025 15:50:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 62.90.135.0/24 maxlen: 24
147.234.8.0/21 maxlen: 24
147.234.74.0/24 maxlen: 24
147.234.75.0/24 maxlen: 24
147.234.81.0/24 maxlen: 24
147.234.88.0/24 maxlen: 24
147.234.89.0/24 maxlen: 24
194.90.1.0/24 maxlen: 24
199.203.1.0/24 maxlen: 24
212.143.194.0/24 maxlen: 24
212.143.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 22:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:18:d1:49:56:c6:d0:23:d5:55:e0:48:74:40:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 15:50:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a2f1ce258a333e8adb060673a81af7e3c45543e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6c:fd:a5:e9:36:10:c0:78:53:9b:9e:06:a3:
bb:6a:a0:d0:9e:38:ff:de:2d:16:80:18:6b:6d:7b:
4d:51:cb:60:72:ab:40:45:c9:cc:9b:36:76:1d:a6:
80:d0:21:bc:46:45:9a:38:bb:d2:bb:d2:a9:e4:21:
96:d6:7d:fb:94:1a:64:58:79:e0:8f:38:ea:11:92:
9d:48:a6:32:d9:3f:87:e9:ef:c1:17:61:f1:33:d6:
33:55:61:8f:ce:bb:2f:dd:dc:60:24:7d:e7:5b:53:
c0:10:a4:82:1c:e2:ef:9e:23:59:ce:ec:a9:54:94:
5e:c9:0f:0a:ff:67:50:61:f5:12:19:9d:4f:2f:56:
5f:19:6c:f8:9a:ae:0e:f4:32:e9:e4:a2:94:91:eb:
43:5f:5c:ae:da:7e:8d:24:51:ce:3b:0b:9f:91:4c:
8d:dc:0f:e6:26:2b:3a:bb:32:29:dd:42:e3:a0:a6:
d5:e1:b6:70:67:f8:04:8f:0e:9d:85:a3:98:0c:83:
69:af:73:cf:a9:c9:7e:72:e0:a6:3d:ed:0f:95:0f:
f5:64:3b:dc:69:3d:ee:92:19:8f:00:c7:74:58:5a:
2b:b1:06:c2:03:4b:98:70:fa:00:58:e6:d6:73:69:
eb:16:b1:07:9a:db:b2:32:7b:12:89:80:ca:5b:46:
f2:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:2F:1C:E2:58:A3:33:E8:AD:B0:60:67:3A:81:AF:7E:3C:45:54:3E
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/Ci8c4lijM-itsGBnOoGvfjxFVD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.90.135.0/24
147.234.8.0/21
147.234.74.0/23
147.234.81.0/24
147.234.88.0/23
194.90.1.0/24
199.203.1.0/24
212.143.194.0/24
212.143.211.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:10:11:f0:90:f2:76:e8:a7:c7:80:36:a4:e2:8f:90:06:cd:
39:27:5a:97:9a:f3:4b:75:7f:74:4a:a8:e1:43:c7:1d:50:3b:
bf:2c:0d:12:2b:2d:f5:cf:a3:0a:8b:cc:28:ee:b6:f2:31:b9:
a3:cf:5f:41:58:c4:19:c4:9f:c0:a2:6b:d3:ad:9b:d8:f0:63:
b4:ad:3d:c3:1a:65:52:e6:38:d2:32:82:6d:32:ff:92:fd:f3:
db:18:af:f2:4e:1a:c0:05:42:a8:36:1e:d1:a1:a5:e6:5b:df:
56:c7:21:c4:96:ed:52:5e:6d:ea:81:46:a6:2a:4c:19:69:d2:
14:42:c2:42:61:24:8f:92:f1:75:1f:f2:1a:98:66:54:ee:73:
e5:a4:34:fa:67:ed:f9:30:6c:8e:80:e6:50:1f:a8:8c:a6:b2:
ef:b3:4a:6a:30:9a:51:c9:ce:b5:5e:53:11:4b:81:95:ba:66:
38:29:ea:b0:e1:d4:80:ec:a6:c5:21:0c:9b:de:f9:5e:ff:a6:
dd:7f:51:85:cb:1f:e1:44:fe:42:d1:ba:ab:c8:b7:ad:e9:79:
f4:bb:4f:aa:fd:3d:d8:cd:fe:2c:11:79:12:ed:16:67:ac:e7:
22:e5:20:5e:dd:4d:1d:09:64:4c:c5:4e:7c:86:e1:eb:6c:4f:
d5:e5:60:1b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQnthjRSVbG0CPVVeBIdEDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjUwMTAyMTU1MDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTJmMWNlMjU4YTMzM2U4YWRiMDYwNjczYTgxYWY3ZTNjNDU1NDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2z9pek2EMB4U5ueBqO7aqDQnjj/
3i0WgBhrbXtNUctgcqtARcnMmzZ2HaaA0CG8RkWaOLvSu9Kp5CGW1n37lBpkWHng
jzjqEZKdSKYy2T+H6e/BF2HxM9YzVWGPzrsv3dxgJH3nW1PAEKSCHOLvniNZzuyp
VJReyQ8K/2dQYfUSGZ1PL1ZfGWz4mq4O9DLp5KKUketDX1yu2n6NJFHOOwufkUyN
3A/mJis6uzIp3ULjoKbV4bZwZ/gEjw6dhaOYDINpr3PPqcl+cuCmPe0PlQ/1ZDvc
aT3ukhmPAMd0WForsQbCA0uYcPoAWObWc2nrFrEHmtuyMnsSiYDKW0by9wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAovHOJYozPorbBgZzqBr348RVQ+MB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvQ2k4YzRsaWpNLWl0c0dCbk9vR3ZmanhGVkQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAPlqHAwQD
k+oIAwQBk+pKAwQAk+pRAwQBk+pYAwQAwloBAwQAx8sBAwQA1I/CAwQA1I/TMA0G
CSqGSIb3DQEBCwUAA4IBAQDTEBHwkPJ26KfHgDak4o+QBs05J1qXmvNLdX90Sqjh
Q8cdUDu/LA0SKy31z6MKi8wo7rbyMbmjz19BWMQZxJ/AomvTrZvY8GO0rT3DGmVS
5jjSMoJtMv+S/fPbGK/yThrABUKoNh7RoaXmW99WxyHElu1SXm3qgUamKkwZadIU
QsJCYSSPkvF1H/IamGZU7nPlpDT6Z+35MGyOgOZQH6iMprLvs0pqMJpRyc61XlMR
S4GVumY4Keqw4dSA7KbFIQyb3vle/6bdf1GFyx/hRP5C0bqryLet6Xn0u0+q/T3Y
zf4sEXkS7RZnrOci5SBe3U0dCWRMxU58huHrbE/V5WAb
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:19:58 2025 by rpki-client