Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/289b1d-08dd-4d53-b12d-7d4028a1bf59/1/A0AYtzxUnj18_WVT-ZtPo3VQOok.roa
File: A0AYtzxUnj18_WVT-ZtPo3VQOok.roa (raw, json)
Hash identifier: Ky9GG0Y6/3CRG+EZa6gdZtX+mEutz5bg1CsKFSgBHBU=
Subject key identifier: 03:40:18:B7:3C:54:9E:3D:7C:FD:65:53:F9:9B:4F:A3:75:50:3A:89
Certificate issuer: /CN=a6f87cf4a15b9e7822455b3aa8af0b5ed3a299f7
Certificate serial: 0194228D79430110A5E33909017B34B40BFE
Authority key identifier: A6:F8:7C:F4:A1:5B:9E:78:22:45:5B:3A:A8:AF:0B:5E:D3:A2:99:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pvh89KFbnngiRVs6qK8LXtOimfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/289b1d-08dd-4d53-b12d-7d4028a1bf59/1/A0AYtzxUnj18_WVT-ZtPo3VQOok.roa
Signing time: Wed 01 Jan 2025 15:48:04 +0000
ROA not before: Wed 01 Jan 2025 15:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 81.92.192.0/22 maxlen: 22
81.92.217.0/24 maxlen: 24
81.92.218.0/24 maxlen: 24
81.92.219.0/24 maxlen: 24
91.109.112.0/21 maxlen: 21
94.46.184.0/22 maxlen: 22
94.46.192.0/22 maxlen: 22
94.46.207.0/24 maxlen: 24
94.46.220.0/22 maxlen: 22
94.46.244.0/22 maxlen: 22
185.99.252.0/24 maxlen: 24
185.99.253.0/24 maxlen: 24
185.99.254.0/24 maxlen: 24
185.109.168.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/289b1d-08dd-4d53-b12d-7d4028a1bf59/1/pvh89KFbnngiRVs6qK8LXtOimfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/289b1d-08dd-4d53-b12d-7d4028a1bf59/1/pvh89KFbnngiRVs6qK8LXtOimfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/pvh89KFbnngiRVs6qK8LXtOimfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:79:43:01:10:a5:e3:39:09:01:7b:34:b4:0b:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6f87cf4a15b9e7822455b3aa8af0b5ed3a299f7
Validity
Not Before: Jan 1 15:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=034018b73c549e3d7cfd6553f99b4fa375503a89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:82:45:98:b2:7c:4f:ad:65:46:49:45:3a:4b:
94:53:a5:60:50:90:cb:f3:c8:f1:3d:f6:ba:13:1b:
66:78:18:ba:8f:77:a9:75:a2:4a:57:0e:cc:d9:0c:
6f:9f:f0:8a:44:e4:30:2d:df:87:19:07:eb:f4:b6:
e4:f3:0c:47:7e:35:ff:43:e6:48:5f:37:ae:03:1b:
f0:01:4f:26:b2:a6:e6:e7:29:96:4a:28:d0:28:b5:
4b:83:71:47:29:40:e7:77:84:3d:35:15:e5:9a:32:
f7:96:8b:af:c3:c2:c8:39:6a:e4:d5:8d:80:a5:cb:
bb:08:40:0b:ca:bc:1b:3d:a4:4f:fb:b9:01:c9:f7:
a1:f1:96:5a:71:66:fc:b9:f2:00:a1:f0:64:d8:b5:
22:79:9e:2b:aa:51:c6:06:cf:53:0f:16:e8:c7:a2:
51:95:37:d8:c8:a2:3a:9b:82:2e:88:da:74:f4:18:
98:f5:ec:4b:d0:c3:25:ae:30:99:a8:47:1a:18:08:
02:d3:f6:e2:7a:b1:0b:16:ec:01:ec:ec:30:d8:f9:
90:92:28:06:34:e8:27:78:95:54:4a:ca:87:83:35:
fc:01:e5:1e:24:24:9c:c1:2a:87:76:cd:73:97:11:
e7:be:b7:fd:7e:98:72:d5:27:68:f1:78:2b:0d:d9:
0c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:40:18:B7:3C:54:9E:3D:7C:FD:65:53:F9:9B:4F:A3:75:50:3A:89
X509v3 Authority Key Identifier:
keyid:A6:F8:7C:F4:A1:5B:9E:78:22:45:5B:3A:A8:AF:0B:5E:D3:A2:99:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pvh89KFbnngiRVs6qK8LXtOimfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/289b1d-08dd-4d53-b12d-7d4028a1bf59/1/A0AYtzxUnj18_WVT-ZtPo3VQOok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/289b1d-08dd-4d53-b12d-7d4028a1bf59/1/pvh89KFbnngiRVs6qK8LXtOimfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.92.192.0/22
81.92.217.0-81.92.219.255
91.109.112.0/21
94.46.184.0/22
94.46.192.0/22
94.46.207.0/24
94.46.220.0/22
94.46.244.0/22
185.99.252.0-185.99.254.255
185.109.168.0/22
Signature Algorithm: sha256WithRSAEncryption
c7:90:87:08:65:83:13:f9:de:b3:e3:9f:b2:75:a6:26:8d:bc:
a1:bc:cd:67:be:a6:ad:69:0a:57:fd:e5:3b:34:71:4e:e5:39:
34:d3:ba:37:02:20:ee:9a:b4:37:67:3e:b3:fe:a4:bd:68:0f:
3c:0c:38:f1:6c:9f:9d:92:1e:46:7d:a9:58:77:26:51:57:fb:
3c:8b:22:41:94:8d:12:d6:3f:f4:6b:a4:1c:63:9b:70:66:18:
1b:e8:e2:64:fa:3c:89:b5:3b:d5:b3:60:4a:ac:17:2c:86:88:
0e:ae:2f:bd:3f:aa:86:fb:63:8e:24:b1:1a:a7:d1:23:f2:97:
f9:31:5f:ce:ef:1b:87:76:41:31:a3:9b:6a:95:07:f3:79:3b:
15:b6:58:39:d5:dc:b6:ba:6f:bf:d8:c4:45:67:93:28:85:38:
39:75:09:c0:a0:4f:9b:2e:fa:1e:51:d1:94:d6:63:fa:90:96:
15:a8:69:a4:ab:e6:9a:84:68:0a:62:ad:99:7a:ce:62:ed:c1:
c2:a0:31:d9:ee:79:6b:5b:05:e0:76:2d:6f:02:84:cd:00:3e:
3f:8f:4e:52:68:cc:8f:84:da:4e:c3:47:ea:cd:d5:9a:d8:eb:
a9:ef:72:18:47:c6:3c:31:46:6e:09:b8:10:8e:6e:67:e3:99:
c1:2c:61:b6
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZQijXlDARCl4zkJAXs0tAv+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2Zjg3Y2Y0YTE1YjllNzgyMjQ1NWIzYWE4YWYwYjVlZDNh
Mjk5ZjcwHhcNMjUwMTAxMTU0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzQwMThiNzNjNTQ5ZTNkN2NmZDY1NTNmOTliNGZhMzc1NTAzYTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYJFmLJ8T61lRklFOkuUU6VgUJDL
88jxPfa6ExtmeBi6j3epdaJKVw7M2Qxvn/CKROQwLd+HGQfr9Lbk8wxHfjX/Q+ZI
XzeuAxvwAU8msqbm5ymWSijQKLVLg3FHKUDnd4Q9NRXlmjL3louvw8LIOWrk1Y2A
pcu7CEALyrwbPaRP+7kByfeh8ZZacWb8ufIAofBk2LUieZ4rqlHGBs9TDxbox6JR
lTfYyKI6m4IuiNp09BiY9exL0MMlrjCZqEcaGAgC0/bierELFuwB7Oww2PmQkigG
NOgneJVUSsqHgzX8AeUeJCScwSqHds1zlxHnvrf9fphy1Sdo8XgrDdkMRwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFANAGLc8VJ49fP1lU/mbT6N1UDqJMB8GA1UdIwQY
MBaAFKb4fPShW554IkVbOqivC17Topn3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHZoODlLRmJubmdpUlZzNnFLOExYdE9pbWZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8yODliMWQtMDhkZC00ZDUzLWIxMmQt
N2Q0MDI4YTFiZjU5LzEvQTBBWXR6eFVuajE4X1dWVC1adFBvM1ZRT29rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8yODliMWQtMDhkZC00ZDUzLWIxMmQtN2Q0MDI4YTFiZjU5
LzEvcHZoODlLRmJubmdpUlZzNnFLOExYdE9pbWZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQCUVzAMAwD
BABRXNkDBAJRXNgDBANbbXADBAJeLrgDBAJeLsADBABeLs8DBAJeLtwDBAJeLvQw
DAMEArlj/AMEALlj/gMEArltqDANBgkqhkiG9w0BAQsFAAOCAQEAx5CHCGWDE/ne
s+OfsnWmJo28obzNZ76mrWkKV/3lOzRxTuU5NNO6NwIg7pq0N2c+s/6kvWgPPAw4
8WyfnZIeRn2pWHcmUVf7PIsiQZSNEtY/9GukHGObcGYYG+jiZPo8ibU71bNgSqwX
LIaIDq4vvT+qhvtjjiSxGqfRI/KX+TFfzu8bh3ZBMaObapUH83k7FbZYOdXctrpv
v9jERWeTKIU4OXUJwKBPmy76HlHRlNZj+pCWFahppKvmmoRoCmKtmXrOYu3BwqAx
2e55a1sF4HYtbwKEzQA+P49OUmjMj4TaTsNH6s3Vmtjrqe9yGEfGPDFGbgm4EI5u
Z+OZwSxhtg==
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:27:25 2025 by rpki-client