Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/1bcuYr7QKJ5bW0bfcIYHS53yG6g.roa
File: 1bcuYr7QKJ5bW0bfcIYHS53yG6g.roa (raw, json)
Hash identifier: qd4P1coRqTY7B32E2jEnjJekCI9CLXdo/5/4fRHSsDk=
Subject key identifier: D5:B7:2E:62:BE:D0:28:9E:5B:5B:46:DF:70:86:07:4B:9D:F2:1B:A8
Certificate issuer: /CN=3474210c28413e26284822abe83ad6d7c0f764fa
Certificate serial: 019423D70994F6CBCBA0DF67B22C20B7D1F2
Authority key identifier: 34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/1bcuYr7QKJ5bW0bfcIYHS53yG6g.roa
Signing time: Wed 01 Jan 2025 21:48:02 +0000
ROA not before: Wed 01 Jan 2025 21:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59872
IP address blocks: 91.206.20.0/23 maxlen: 23
185.68.44.0/22 maxlen: 22
185.68.44.0/24 maxlen: 24
185.68.45.0/24 maxlen: 24
185.68.46.0/24 maxlen: 24
185.68.47.0/24 maxlen: 24
2a05:1600::/29 maxlen: 29
2a05:1603::/32 maxlen: 32
2a07:c880::/29 maxlen: 29
2a07:c881::/32 maxlen: 32
2a07:c882::/32 maxlen: 32
2a07:c883::/32 maxlen: 32
2a07:c884::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 06:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:09:94:f6:cb:cb:a0:df:67:b2:2c:20:b7:d1:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3474210c28413e26284822abe83ad6d7c0f764fa
Validity
Not Before: Jan 1 21:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5b72e62bed0289e5b5b46df7086074b9df21ba8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fa:f5:23:0c:0e:0d:b5:11:ca:24:ba:ec:62:
fd:3f:d3:52:32:a4:e6:d8:24:92:89:39:f3:e6:19:
df:63:57:ff:03:97:84:7c:4d:00:1d:24:a5:65:45:
17:18:38:4e:ea:41:d3:01:00:34:17:d3:df:a6:b6:
09:da:eb:15:65:b0:68:a3:35:65:36:52:a7:08:04:
42:fa:73:36:68:c2:69:82:93:8b:b5:06:46:81:1d:
61:e1:65:6a:f1:74:3d:d5:55:fc:6a:33:15:a5:cd:
a8:1a:20:c4:fa:1a:68:ef:8d:b2:01:c7:08:5c:23:
9e:66:99:ab:f6:43:9b:06:21:d4:53:91:36:61:db:
11:9e:7a:9f:ef:cd:a8:cf:d3:fb:3e:40:07:9e:88:
a8:0d:28:2b:15:af:b4:91:0e:27:8b:26:85:33:6c:
f5:24:62:71:6a:00:52:b0:ab:9b:0d:7a:73:0c:cf:
c2:70:0d:75:e2:8e:5c:69:17:fa:78:65:29:87:ed:
46:ee:5d:a3:88:de:0b:04:9c:72:5e:26:55:58:ee:
3c:5f:70:2b:d6:55:0e:17:cd:95:22:82:ae:18:cb:
f0:42:fb:43:a1:d1:47:d8:6f:ae:f1:bf:74:5d:c1:
af:6a:5d:17:24:b2:b1:c8:e3:95:12:8a:66:ac:b9:
53:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:B7:2E:62:BE:D0:28:9E:5B:5B:46:DF:70:86:07:4B:9D:F2:1B:A8
X509v3 Authority Key Identifier:
keyid:34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/1bcuYr7QKJ5bW0bfcIYHS53yG6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.20.0/23
185.68.44.0/22
IPv6:
2a05:1600::/29
2a07:c880::/29
Signature Algorithm: sha256WithRSAEncryption
7d:ff:2e:77:2d:f0:31:72:99:1c:0d:69:1d:fb:b2:60:5c:02:
ad:f2:63:0a:d9:82:3d:9f:29:27:e8:0b:ec:cc:96:ed:7c:92:
6d:44:67:79:4c:61:6b:2e:03:74:a6:ba:b7:f2:b3:87:e3:8e:
c5:a3:b0:e0:5b:9c:a9:40:b3:81:53:fb:76:6d:1c:4e:6f:c9:
d1:4e:da:4a:29:4d:0c:c8:9b:78:46:fa:19:7e:52:7a:bc:12:
77:75:f8:66:b6:bb:74:a0:70:12:3e:57:74:7c:92:7f:a4:a5:
11:ff:44:4f:9b:37:80:a4:45:06:60:10:48:a0:ff:8e:c7:4a:
51:61:74:a9:9d:14:aa:3d:bb:42:b8:45:9b:47:38:0a:a8:0f:
c1:6c:b7:4d:4a:fe:c0:8d:ac:74:b5:3d:a7:80:0a:0f:c5:39:
64:67:6c:5a:66:ae:15:cb:36:b1:b8:8d:6d:54:09:00:96:41:
2d:5c:2e:9e:83:fd:ed:d8:65:cf:07:d2:51:43:40:8f:ca:8b:
72:d8:bc:16:99:54:7f:53:6a:98:c0:44:35:0e:1e:06:06:a9:
73:3d:19:e6:98:36:45:4e:ad:ad:17:59:af:a5:30:49:e4:b2:
40:4d:5b:19:41:ea:6b:32:01:5e:cd:ed:8a:7f:a4:0f:a1:29:
ee:0f:18:53
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQj1wmU9svLoN9nsiwgt9HyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzQyMTBjMjg0MTNlMjYyODQ4MjJhYmU4M2FkNmQ3YzBm
NzY0ZmEwHhcNMjUwMTAxMjE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWI3MmU2MmJlZDAyODllNWI1YjQ2ZGY3MDg2MDc0YjlkZjIxYmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Pr1IwwODbURyiS67GL9P9NSMqTm
2CSSiTnz5hnfY1f/A5eEfE0AHSSlZUUXGDhO6kHTAQA0F9PfprYJ2usVZbBoozVl
NlKnCARC+nM2aMJpgpOLtQZGgR1h4WVq8XQ91VX8ajMVpc2oGiDE+hpo742yAccI
XCOeZpmr9kObBiHUU5E2YdsRnnqf782oz9P7PkAHnoioDSgrFa+0kQ4niyaFM2z1
JGJxagBSsKubDXpzDM/CcA114o5caRf6eGUph+1G7l2jiN4LBJxyXiZVWO48X3Ar
1lUOF82VIoKuGMvwQvtDodFH2G+u8b90XcGval0XJLKxyOOVEopmrLlThQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNW3LmK+0CieW1tG33CGB0ud8huoMB8GA1UdIwQY
MBaAFDR0IQwoQT4mKEgiq+g61tfA92T6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5Yzkt
YjBjNzRiNzZlMTgyLzEvMWJjdVlyN1FLSjViVzBiZmNJWUhTNTN5RzZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5YzktYjBjNzRiNzZlMTgy
LzEvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQBW84UAwQC
uUQsMBQEAgACMA4DBQMqBRYAAwUDKgfIgDANBgkqhkiG9w0BAQsFAAOCAQEAff8u
dy3wMXKZHA1pHfuyYFwCrfJjCtmCPZ8pJ+gL7MyW7XySbURneUxhay4DdKa6t/Kz
h+OOxaOw4FucqUCzgVP7dm0cTm/J0U7aSilNDMibeEb6GX5SerwSd3X4Zra7dKBw
Ej5XdHySf6SlEf9ET5s3gKRFBmAQSKD/jsdKUWF0qZ0Uqj27QrhFm0c4CqgPwWy3
TUr+wI2sdLU9p4AKD8U5ZGdsWmauFcs2sbiNbVQJAJZBLVwunoP97dhlzwfSUUNA
j8qLcti8FplUf1NqmMBENQ4eBgapcz0Z5pg2RU6trRdZr6UwSeSyQE1bGUHqazIB
Xs3tin+kD6Ep7g8YUw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:17:34 2025 by rpki-client