Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/s_AA60Ddfygbd8EKAGEg6mSlXwc.roa
File: s_AA60Ddfygbd8EKAGEg6mSlXwc.roa (raw, json)
Hash identifier: ENuKCW/gynViV0FOCDZJgVAAEXvbRuvjapJ167NV/i4=
Subject key identifier: B3:F0:00:EB:40:DD:7F:28:1B:77:C1:0A:00:61:20:EA:64:A5:5F:07
Certificate issuer: /CN=3474210c28413e26284822abe83ad6d7c0f764fa
Certificate serial: 019423D70A2D97EA1DB2F3EA3C4A51199D73
Authority key identifier: 34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/s_AA60Ddfygbd8EKAGEg6mSlXwc.roa
Signing time: Wed 01 Jan 2025 21:48:02 +0000
ROA not before: Wed 01 Jan 2025 21:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207249
IP address blocks: 91.206.20.0/23 maxlen: 23
91.206.20.0/24 maxlen: 24
185.68.44.0/22 maxlen: 22
185.68.44.0/24 maxlen: 24
185.68.46.0/24 maxlen: 24
185.68.47.0/24 maxlen: 24
185.161.232.0/22 maxlen: 24
2a05:1600::/29 maxlen: 29
2a05:1600::/32 maxlen: 32
2a05:1601::/32 maxlen: 32
2a05:1602::/32 maxlen: 32
2a07:c880::/29 maxlen: 32
2a07:c880::/32 maxlen: 32
2a07:c881::/32 maxlen: 32
2a07:c882::/32 maxlen: 32
2a07:c883::/32 maxlen: 32
2a07:c884::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 18:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:0a:2d:97:ea:1d:b2:f3:ea:3c:4a:51:19:9d:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3474210c28413e26284822abe83ad6d7c0f764fa
Validity
Not Before: Jan 1 21:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3f000eb40dd7f281b77c10a006120ea64a55f07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:03:cb:8a:6b:9b:76:2b:0f:39:d7:0c:e2:18:
30:f0:5f:34:e5:d6:f1:ed:8f:c1:8d:00:87:e5:80:
71:9c:8e:98:06:ff:bf:10:a5:e0:89:b5:2b:b9:b5:
df:fd:90:a7:ba:b8:2f:60:12:33:6d:7b:1c:b3:d7:
5b:89:44:17:3b:70:92:34:f3:eb:58:35:74:bf:45:
68:bd:41:69:a3:15:32:dc:2d:72:06:42:c8:dc:23:
b7:a2:a9:37:9f:ca:b0:f2:77:ef:b8:62:d0:2e:b8:
79:c6:43:6b:8b:ba:d2:c3:2f:bb:28:37:e1:6d:0f:
23:83:a6:fc:8c:34:23:dc:89:5b:0f:75:e5:17:d7:
2f:7b:ed:c0:c8:9b:d3:6c:ac:0b:a7:14:95:a4:a6:
2a:f3:13:34:30:8d:49:55:2b:41:56:8d:d8:35:ed:
bf:64:8a:10:24:8e:5e:d7:44:95:f4:5a:58:29:dd:
1b:6d:64:3a:82:a5:33:b9:7e:9f:53:4f:83:48:e3:
6f:97:90:7b:ae:46:54:3d:eb:75:37:b5:43:ca:57:
2b:0d:c4:06:e8:bb:8c:94:aa:c5:be:1f:ac:7d:0c:
23:24:e6:24:59:3c:aa:6d:b2:10:e5:1f:69:84:8e:
4b:0f:fb:4d:4f:e7:ed:57:51:f9:91:b0:84:14:90:
53:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:F0:00:EB:40:DD:7F:28:1B:77:C1:0A:00:61:20:EA:64:A5:5F:07
X509v3 Authority Key Identifier:
keyid:34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/s_AA60Ddfygbd8EKAGEg6mSlXwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.20.0/23
185.68.44.0/22
185.161.232.0/22
IPv6:
2a05:1600::/29
2a07:c880::/29
Signature Algorithm: sha256WithRSAEncryption
89:23:42:3f:48:f8:c0:f4:a7:1c:56:66:94:fc:08:0e:23:53:
30:c8:58:ba:da:ba:50:cf:c0:28:a7:f6:a6:33:a2:38:a7:21:
85:f5:0b:a5:df:11:4d:12:48:a0:99:aa:22:af:80:6b:06:9d:
03:11:64:d2:1a:02:e6:e9:8c:67:1a:d0:cc:a7:8f:06:69:b9:
8d:a0:09:e0:34:7f:24:dd:e6:56:f1:c8:90:84:93:81:84:51:
c4:3d:43:5c:c9:ac:2a:6e:30:5d:5e:10:b7:35:4d:8e:61:fe:
26:f0:a5:76:a5:f8:74:c2:92:72:63:25:13:f8:7e:b3:7b:45:
f5:f6:0b:a0:de:9c:e2:59:54:39:07:93:be:67:12:b7:05:ee:
1b:e0:29:16:77:22:80:0e:7b:ca:bd:a3:54:6c:34:c5:40:d1:
7c:3e:ba:7b:17:f0:10:d2:45:7d:35:94:ed:b6:86:f7:6e:54:
5d:2e:08:ea:c8:46:98:c1:b0:16:63:ef:2a:9b:63:6c:e5:63:
0c:bd:d7:44:31:4d:a1:46:67:9a:d0:2f:6f:ba:c4:9f:14:b5:
02:28:52:e6:e9:df:f3:69:e7:30:d9:68:f2:52:bf:66:a0:b5:
e3:a4:f4:27:52:38:44:6f:41:c6:8b:c4:71:6d:d1:6a:8c:76:
e1:37:f7:35
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQj1wotl+odsvPqPEpRGZ1zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzQyMTBjMjg0MTNlMjYyODQ4MjJhYmU4M2FkNmQ3YzBm
NzY0ZmEwHhcNMjUwMTAxMjE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2YwMDBlYjQwZGQ3ZjI4MWI3N2MxMGEwMDYxMjBlYTY0YTU1ZjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAPLimubdisPOdcM4hgw8F805dbx
7Y/BjQCH5YBxnI6YBv+/EKXgibUrubXf/ZCnurgvYBIzbXscs9dbiUQXO3CSNPPr
WDV0v0VovUFpoxUy3C1yBkLI3CO3oqk3n8qw8nfvuGLQLrh5xkNri7rSwy+7KDfh
bQ8jg6b8jDQj3IlbD3XlF9cve+3AyJvTbKwLpxSVpKYq8xM0MI1JVStBVo3YNe2/
ZIoQJI5e10SV9FpYKd0bbWQ6gqUzuX6fU0+DSONvl5B7rkZUPet1N7VDylcrDcQG
6LuMlKrFvh+sfQwjJOYkWTyqbbIQ5R9phI5LD/tNT+ftV1H5kbCEFJBT2QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFLPwAOtA3X8oG3fBCgBhIOpkpV8HMB8GA1UdIwQY
MBaAFDR0IQwoQT4mKEgiq+g61tfA92T6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5Yzkt
YjBjNzRiNzZlMTgyLzEvc19BQTYwRGRmeWdiZDhFS0FHRWc2bVNsWHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5YzktYjBjNzRiNzZlMTgy
LzEvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQBW84UAwQC
uUQsAwQCuaHoMBQEAgACMA4DBQMqBRYAAwUDKgfIgDANBgkqhkiG9w0BAQsFAAOC
AQEAiSNCP0j4wPSnHFZmlPwIDiNTMMhYutq6UM/AKKf2pjOiOKchhfULpd8RTRJI
oJmqIq+AawadAxFk0hoC5umMZxrQzKePBmm5jaAJ4DR/JN3mVvHIkISTgYRRxD1D
XMmsKm4wXV4QtzVNjmH+JvCldqX4dMKScmMlE/h+s3tF9fYLoN6c4llUOQeTvmcS
twXuG+ApFncigA57yr2jVGw0xUDRfD66exfwENJFfTWU7baG925UXS4I6shGmMGw
FmPvKptjbOVjDL3XRDFNoUZnmtAvb7rEnxS1AihS5unf82nnMNlo8lK/ZqC146T0
J1I4RG9BxovEcW3Raox24Tf3NQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:39:10 2025 by rpki-client