Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/688425-14cb-4fd6-8f27-deccfa3ea635/1/9pGdNh0dkqM5WJr2d64Db3VyTiU.roa
File: 9pGdNh0dkqM5WJr2d64Db3VyTiU.roa (raw, json)
Hash identifier: YFjcGwYG51ckAsTGEaarqbVHwri0cUu+NrZNkgCyAVM=
Subject key identifier: F6:91:9D:36:1D:1D:92:A3:39:58:9A:F6:77:AE:03:6F:75:72:4E:25
Certificate issuer: /CN=33ea08efa9b3f78c9ef9db767adc21dd61834e0f
Certificate serial: 01942444B9566B8A549ACD8D189D36EDDFCD
Authority key identifier: 33:EA:08:EF:A9:B3:F7:8C:9E:F9:DB:76:7A:DC:21:DD:61:83:4E:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-oI76mz94ye-dt2etwh3WGDTg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/688425-14cb-4fd6-8f27-deccfa3ea635/1/9pGdNh0dkqM5WJr2d64Db3VyTiU.roa
Signing time: Wed 01 Jan 2025 23:47:51 +0000
ROA not before: Wed 01 Jan 2025 23:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198944
IP address blocks: 81.161.96.0/23 maxlen: 23
185.82.228.0/22 maxlen: 22
185.137.112.0/23 maxlen: 23
185.137.114.0/23 maxlen: 23
185.247.100.0/22 maxlen: 22
2001:67c:2a68::/48 maxlen: 48
2a03:6960::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/688425-14cb-4fd6-8f27-deccfa3ea635/1/M-oI76mz94ye-dt2etwh3WGDTg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/688425-14cb-4fd6-8f27-deccfa3ea635/1/M-oI76mz94ye-dt2etwh3WGDTg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/M-oI76mz94ye-dt2etwh3WGDTg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:b9:56:6b:8a:54:9a:cd:8d:18:9d:36:ed:df:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ea08efa9b3f78c9ef9db767adc21dd61834e0f
Validity
Not Before: Jan 1 23:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6919d361d1d92a339589af677ae036f75724e25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:91:b3:49:d1:5e:37:93:1a:b4:32:6d:97:81:
96:14:59:57:cc:5b:40:fe:bb:f9:72:19:25:2b:22:
9d:f0:c2:9a:cd:24:47:7b:78:12:d6:70:6b:62:62:
4a:86:41:5a:ef:f9:a3:c9:1f:29:dc:ed:2d:e1:24:
8e:7e:a5:16:7c:55:87:78:c4:2a:a1:58:fa:c1:cb:
03:82:ba:d6:bf:7d:d8:9e:70:a6:5c:53:4a:d2:4b:
f3:5e:90:47:70:07:4c:ef:5a:b1:12:6b:7a:57:5b:
c9:e0:91:9f:ec:f7:f0:e1:35:e4:1a:d3:c4:17:8b:
68:63:a1:f2:06:73:84:8f:66:59:3e:ef:09:7e:b0:
74:92:81:8b:99:74:dd:06:51:a5:fd:67:57:d3:c7:
99:7a:8b:9a:f7:62:6d:f4:a4:0a:03:b7:39:63:2b:
bf:93:ed:74:14:19:fd:54:e4:49:c8:a5:7b:2d:02:
40:81:76:40:38:ed:4f:45:bb:ce:c3:a3:23:89:86:
67:17:71:6b:59:d0:31:0d:cb:33:73:c5:e7:ac:7f:
d0:35:63:64:34:8c:4b:e0:09:a5:a2:c9:7c:b6:86:
a3:3c:02:39:9f:e0:fa:c6:70:f3:2c:39:d6:9a:29:
10:e0:7d:e7:6c:e5:be:d2:93:67:05:b9:5d:51:d8:
a9:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:91:9D:36:1D:1D:92:A3:39:58:9A:F6:77:AE:03:6F:75:72:4E:25
X509v3 Authority Key Identifier:
keyid:33:EA:08:EF:A9:B3:F7:8C:9E:F9:DB:76:7A:DC:21:DD:61:83:4E:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-oI76mz94ye-dt2etwh3WGDTg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/688425-14cb-4fd6-8f27-deccfa3ea635/1/9pGdNh0dkqM5WJr2d64Db3VyTiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/688425-14cb-4fd6-8f27-deccfa3ea635/1/M-oI76mz94ye-dt2etwh3WGDTg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.96.0/23
185.82.228.0/22
185.137.112.0/22
185.247.100.0/22
IPv6:
2001:67c:2a68::/48
2a03:6960::/32
Signature Algorithm: sha256WithRSAEncryption
a4:6b:d4:39:e6:4a:da:24:a9:13:2a:fd:9a:48:e9:cd:a9:13:
b8:44:8d:2c:73:8d:4b:98:76:ed:03:e4:98:06:47:d0:4b:5e:
da:52:cb:23:0c:bf:cb:2f:b5:e4:b1:5c:1c:af:48:ec:16:00:
1b:38:84:22:00:df:0a:21:96:c2:c7:b5:86:45:c3:84:16:3b:
3f:42:fe:2c:cc:cd:36:b2:66:49:94:02:29:b8:34:e2:dc:40:
4f:a0:54:76:8e:b8:13:f0:e6:92:b5:6f:de:c4:7e:9c:85:4f:
f0:7d:64:ea:3c:27:10:c7:de:91:8f:fd:4b:45:2b:21:d4:16:
98:c6:6c:d6:57:48:ad:4e:b4:9b:18:b5:ba:d6:7d:63:80:be:
59:6d:fe:9a:10:09:03:ff:59:c6:0f:e7:99:a7:de:8e:15:51:
6d:c6:d4:8f:b2:0d:fe:65:76:20:b8:60:bb:7d:76:0a:a8:0e:
d2:44:18:ce:00:67:c9:89:46:8f:53:ef:ff:b7:d1:f0:a7:e0:
9a:25:d6:7f:98:aa:ca:33:f5:df:99:82:c9:b6:bd:98:9b:cb:
fc:92:bb:20:f9:6d:26:bc:fc:fe:a2:23:20:38:df:43:4b:db:
2f:29:f1:e9:1d:2f:93:4c:f1:f3:1d:79:f3:44:64:49:db:f6:
fe:e2:e7:85
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQkRLlWa4pUms2NGJ027d/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZWEwOGVmYTliM2Y3OGM5ZWY5ZGI3NjdhZGMyMWRkNjE4
MzRlMGYwHhcNMjUwMTAxMjM0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjkxOWQzNjFkMWQ5MmEzMzk1ODlhZjY3N2FlMDM2Zjc1NzI0ZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZGzSdFeN5MatDJtl4GWFFlXzFtA
/rv5chklKyKd8MKazSRHe3gS1nBrYmJKhkFa7/mjyR8p3O0t4SSOfqUWfFWHeMQq
oVj6wcsDgrrWv33YnnCmXFNK0kvzXpBHcAdM71qxEmt6V1vJ4JGf7Pfw4TXkGtPE
F4toY6HyBnOEj2ZZPu8JfrB0koGLmXTdBlGl/WdX08eZeoua92Jt9KQKA7c5Yyu/
k+10FBn9VORJyKV7LQJAgXZAOO1PRbvOw6MjiYZnF3FrWdAxDcszc8XnrH/QNWNk
NIxL4Amlosl8toajPAI5n+D6xnDzLDnWmikQ4H3nbOW+0pNnBbldUdipfQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPaRnTYdHZKjOVia9neuA291ck4lMB8GA1UdIwQY
MBaAFDPqCO+ps/eMnvnbdnrcId1hg04PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1vSTc2bXo5NHllLWR0MmV0d2gzV0dEVGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82ODg0MjUtMTRjYi00ZmQ2LThmMjct
ZGVjY2ZhM2VhNjM1LzEvOXBHZE5oMGRrcU01V0pyMmQ2NERiM1Z5VGlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82ODg0MjUtMTRjYi00ZmQ2LThmMjctZGVjY2ZhM2VhNjM1
LzEvTS1vSTc2bXo5NHllLWR0MmV0d2gzV0dEVGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQBUaFgAwQC
uVLkAwQCuYlwAwQCufdkMBYEAgACMBADBwAgAQZ8KmgDBQAqA2lgMA0GCSqGSIb3
DQEBCwUAA4IBAQCka9Q55kraJKkTKv2aSOnNqRO4RI0sc41LmHbtA+SYBkfQS17a
UssjDL/LL7XksVwcr0jsFgAbOIQiAN8KIZbCx7WGRcOEFjs/Qv4szM02smZJlAIp
uDTi3EBPoFR2jrgT8OaStW/exH6chU/wfWTqPCcQx96Rj/1LRSsh1BaYxmzWV0it
TrSbGLW61n1jgL5Zbf6aEAkD/1nGD+eZp96OFVFtxtSPsg3+ZXYguGC7fXYKqA7S
RBjOAGfJiUaPU+//t9Hwp+CaJdZ/mKrKM/XfmYLJtr2Ym8v8krsg+W0mvPz+oiMg
ON9DS9svKfHpHS+TTPHzHXnzRGRJ2/b+4ueF
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:44:47 2025 by rpki-client