Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/yQrQFduK0DtQ87ggKb7Q-woZC_g.roa
File: yQrQFduK0DtQ87ggKb7Q-woZC_g.roa (raw, json)
Hash identifier: JZkejbipvDPpwEzOuopgf48bMCeYE8xwPOaWUFT0b6w=
Subject key identifier: C9:0A:D0:15:DB:8A:D0:3B:50:F3:B8:20:29:BE:D0:FB:0A:19:0B:F8
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 019423D7E0CCCB316880688534C45A618794
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/yQrQFduK0DtQ87ggKb7Q-woZC_g.roa
Signing time: Wed 01 Jan 2025 21:48:57 +0000
ROA not before: Wed 01 Jan 2025 21:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47596
IP address blocks: 185.120.56.0/24 maxlen: 24
185.120.57.0/24 maxlen: 24
185.120.58.0/24 maxlen: 24
212.22.64.0/24 maxlen: 24
212.22.77.0/24 maxlen: 24
2a06:c3c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.mft
rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 06:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:e0:cc:cb:31:68:80:68:85:34:c4:5a:61:87:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Jan 1 21:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c90ad015db8ad03b50f3b82029bed0fb0a190bf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:11:69:60:bd:ec:5d:10:53:1d:c6:db:ee:15:
f8:5e:d2:19:e5:40:d1:69:b7:ec:0e:f1:d8:d5:41:
25:3c:63:1f:87:b6:9e:c7:00:a5:58:25:5c:9c:9c:
51:18:f1:9f:44:40:96:dd:61:59:1d:50:b5:e7:ed:
fb:aa:45:30:34:03:74:8c:91:44:66:c5:b4:ed:60:
af:0b:6b:59:3a:f6:70:ae:c4:04:96:30:10:e3:80:
ce:18:6b:09:56:0a:5a:7e:a1:c3:6f:5b:2e:52:ee:
59:a3:77:cc:ed:a1:c5:fd:28:53:1a:3d:8d:8e:35:
5b:9a:d0:ca:bd:7c:1f:ca:75:0e:0c:88:1e:68:e2:
b3:ce:d5:9e:78:17:b3:06:19:0f:5a:83:73:f6:a2:
5c:1d:c1:99:18:e5:ac:5b:c6:57:3b:29:95:7d:ba:
40:5c:cc:59:b8:af:db:12:ba:30:bc:cf:6c:e3:f7:
c9:fa:64:a7:ed:ca:ff:d5:ae:6d:d8:a8:ed:60:98:
68:05:90:d0:4f:4c:d2:ee:58:e1:3f:d8:09:58:d1:
f7:cb:97:ee:90:92:3b:1a:2b:d3:b3:f1:d7:08:54:
8b:76:16:4f:eb:7f:a4:48:d8:49:cc:44:82:86:e2:
91:52:f3:33:9e:c8:00:72:1e:fe:1d:70:92:42:6e:
8a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:0A:D0:15:DB:8A:D0:3B:50:F3:B8:20:29:BE:D0:FB:0A:19:0B:F8
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/yQrQFduK0DtQ87ggKb7Q-woZC_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.56.0-185.120.58.255
212.22.64.0/24
212.22.77.0/24
IPv6:
2a06:c3c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
26:9e:19:75:7b:fd:2d:af:02:a8:32:b6:85:a9:e3:f1:32:6a:
a5:f7:61:67:92:4a:d7:8c:ff:ca:1d:60:a1:4d:7b:c2:35:49:
46:05:6d:0a:6c:7d:5c:8e:1e:a7:0a:c3:4d:0e:d1:6e:ef:1a:
9c:4b:d3:ab:de:db:5d:fc:3d:4b:aa:83:73:d8:94:cf:46:22:
69:90:11:85:3b:55:7e:5e:2f:09:80:49:44:6c:af:9a:1f:33:
a6:2d:8b:ca:b1:50:39:ee:14:f5:88:27:4f:97:a5:63:32:ae:
47:4b:ab:70:76:a7:d9:90:5d:02:1e:b6:3d:fa:24:2b:d3:1e:
68:49:e1:27:4b:fa:4f:b5:19:15:ff:e0:10:ff:62:57:93:cf:
92:55:5b:94:09:18:4e:5f:fd:d1:11:0c:89:c3:63:42:26:cb:
f5:74:d8:cb:e6:69:7c:bd:07:f1:84:7a:c2:d8:aa:b6:0f:63:
19:da:a6:75:ce:f9:b7:e9:21:ed:60:29:8e:d6:d0:a4:28:ec:
ca:0e:16:91:a0:a9:a6:6a:62:11:61:b3:1c:ab:dd:a3:55:13:
22:43:11:83:8c:ab:7f:64:9a:2f:3c:4a:6a:31:fd:dc:b4:fb:
e6:d3:09:0a:5d:9d:21:76:e8:ae:8f:b6:71:e7:7c:6d:a2:a7:
ab:c7:aa:09
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZQj1+DMyzFogGiFNMRaYYeUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjUwMTAxMjE0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTBhZDAxNWRiOGFkMDNiNTBmM2I4MjAyOWJlZDBmYjBhMTkwYmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBFpYL3sXRBTHcbb7hX4XtIZ5UDR
abfsDvHY1UElPGMfh7aexwClWCVcnJxRGPGfRECW3WFZHVC15+37qkUwNAN0jJFE
ZsW07WCvC2tZOvZwrsQEljAQ44DOGGsJVgpafqHDb1suUu5Zo3fM7aHF/ShTGj2N
jjVbmtDKvXwfynUODIgeaOKzztWeeBezBhkPWoNz9qJcHcGZGOWsW8ZXOymVfbpA
XMxZuK/bErowvM9s4/fJ+mSn7cr/1a5t2KjtYJhoBZDQT0zS7ljhP9gJWNH3y5fu
kJI7GivTs/HXCFSLdhZP63+kSNhJzESChuKRUvMznsgAch7+HXCSQm6KzQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFMkK0BXbitA7UPO4ICm+0PsKGQv4MB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEveVFyUUZkdUswRHRRODdnZ0tiN1Etd29aQ19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaMAwDBAO5eDgD
BAC5eDoDBADUFkADBADUFk0wDwQCAAIwCQMHACoGw8AAATANBgkqhkiG9w0BAQsF
AAOCAQEAJp4ZdXv9La8CqDK2hanj8TJqpfdhZ5JK14z/yh1goU17wjVJRgVtCmx9
XI4epwrDTQ7Rbu8anEvTq97bXfw9S6qDc9iUz0YiaZARhTtVfl4vCYBJRGyvmh8z
pi2LyrFQOe4U9YgnT5elYzKuR0urcHan2ZBdAh62PfokK9MeaEnhJ0v6T7UZFf/g
EP9iV5PPklVblAkYTl/90REMicNjQibL9XTYy+ZpfL0H8YR6wtiqtg9jGdqmdc75
t+kh7WApjtbQpCjsyg4WkaCppmpiEWGzHKvdo1UTIkMRg4yrf2SaLzxKajH93LT7
5tMJCl2dIXboro+2ced8baKnq8eqCQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:13:01 2025 by rpki-client