Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/353f3d-6afa-4e31-91a9-5e6a92e7f68f/1/IK8VN_iyq26ReyybdZRgLTbp_h4.roa
File: IK8VN_iyq26ReyybdZRgLTbp_h4.roa (raw, json)
Hash identifier: dThLkrPmFPQLdA53lP5J5dXCbHy3K9TicE7H7Mr22pg=
Subject key identifier: 20:AF:15:37:F8:B2:AB:6E:91:7B:2C:9B:75:94:60:2D:36:E9:FE:1E
Certificate issuer: /CN=fcbb5e2e0fd9832d73b1ef8f9e486ffd00b3d789
Certificate serial: 0194258E75ED1781C30A4FEB398042DE52C6
Authority key identifier: FC:BB:5E:2E:0F:D9:83:2D:73:B1:EF:8F:9E:48:6F:FD:00:B3:D7:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_LteLg_Zgy1zse-Pnkhv_QCz14k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/353f3d-6afa-4e31-91a9-5e6a92e7f68f/1/IK8VN_iyq26ReyybdZRgLTbp_h4.roa
Signing time: Thu 02 Jan 2025 05:48:00 +0000
ROA not before: Thu 02 Jan 2025 05:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47295
IP address blocks: 93.90.128.0/20 maxlen: 20
194.48.144.0/22 maxlen: 32
194.48.145.145/32 maxlen: 32
2a03:2400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/353f3d-6afa-4e31-91a9-5e6a92e7f68f/1/_LteLg_Zgy1zse-Pnkhv_QCz14k.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/353f3d-6afa-4e31-91a9-5e6a92e7f68f/1/_LteLg_Zgy1zse-Pnkhv_QCz14k.mft
rsync://rpki.ripe.net/repository/DEFAULT/_LteLg_Zgy1zse-Pnkhv_QCz14k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 14:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:75:ed:17:81:c3:0a:4f:eb:39:80:42:de:52:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcbb5e2e0fd9832d73b1ef8f9e486ffd00b3d789
Validity
Not Before: Jan 2 05:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20af1537f8b2ab6e917b2c9b7594602d36e9fe1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9e:35:a6:11:09:f8:a8:3d:f7:c3:05:9e:0f:
d8:e2:75:cc:bc:89:b9:08:29:f6:8c:f8:2f:f8:cf:
46:7e:9c:54:d1:bd:2e:31:72:05:63:98:fc:62:de:
d4:e9:08:2e:ed:ef:5e:70:03:5c:fc:24:07:51:8c:
c0:d9:52:8e:68:f1:de:db:57:3e:17:b2:1e:1e:0f:
ee:9c:16:1f:3e:28:07:68:86:32:b1:28:d9:fb:a9:
32:dc:0a:6e:12:80:00:6a:f8:c6:e3:f2:bb:1e:f8:
da:e6:2d:32:eb:3b:d4:ef:fd:31:1e:c8:62:a5:43:
8c:0b:f2:d4:f8:79:0c:16:b4:bb:85:6b:94:5f:bc:
1b:3d:da:68:1f:6a:aa:cf:e2:bb:3c:5a:93:20:3e:
88:7c:76:b4:9c:9c:43:f3:41:e6:77:a8:59:79:38:
b1:65:4b:a3:b8:e3:0a:c4:2a:1c:12:48:f5:13:a1:
d0:08:c9:fc:ff:f0:13:31:15:92:42:aa:8a:c5:a5:
9c:86:23:66:3c:e8:6c:91:92:e1:2f:27:2d:61:6e:
bc:15:23:ed:40:ed:78:cf:20:e8:36:65:93:b8:be:
fd:be:f4:de:b8:db:20:6a:a0:9e:3c:0b:63:f0:65:
3e:f9:0c:f0:0f:80:43:cd:ff:f6:92:4c:c1:f2:64:
b0:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:AF:15:37:F8:B2:AB:6E:91:7B:2C:9B:75:94:60:2D:36:E9:FE:1E
X509v3 Authority Key Identifier:
keyid:FC:BB:5E:2E:0F:D9:83:2D:73:B1:EF:8F:9E:48:6F:FD:00:B3:D7:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_LteLg_Zgy1zse-Pnkhv_QCz14k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/353f3d-6afa-4e31-91a9-5e6a92e7f68f/1/IK8VN_iyq26ReyybdZRgLTbp_h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/353f3d-6afa-4e31-91a9-5e6a92e7f68f/1/_LteLg_Zgy1zse-Pnkhv_QCz14k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.90.128.0/20
194.48.144.0/22
IPv6:
2a03:2400::/29
Signature Algorithm: sha256WithRSAEncryption
75:4f:53:c1:7d:ae:75:27:91:cc:2d:c4:dc:15:8d:36:4c:fd:
47:ec:73:b4:ed:39:b3:c0:92:d1:99:a3:10:1f:36:d5:7b:5a:
8d:49:8f:07:0d:aa:51:b8:73:0d:e8:3d:a9:f2:87:87:2b:3f:
15:8e:fd:e0:e1:e4:3e:99:c0:2d:f3:11:e6:b2:79:57:dc:11:
52:03:84:bd:66:fb:74:56:dd:ac:24:7e:d3:e0:52:7d:25:4c:
51:8b:d0:a3:6d:27:03:a4:ec:69:d6:bc:19:51:66:91:f8:11:
ba:cb:98:89:bb:21:1b:46:58:c6:7c:60:e9:fd:a7:07:f1:58:
ed:0c:e0:26:b3:5a:07:39:6f:0d:2a:a6:38:fd:06:f6:07:b1:
43:7e:4b:a5:7a:26:1e:8b:85:94:60:7f:ec:64:c3:8c:17:da:
c6:5c:14:86:89:6a:db:64:f5:eb:eb:5c:06:83:39:44:be:2b:
fb:e0:79:d4:ac:4f:46:8f:99:36:2b:77:8b:95:a2:b0:d9:66:
66:fe:93:af:c5:e8:b7:fb:2a:eb:19:32:15:91:1b:e4:68:8b:
fd:be:eb:a1:80:62:37:9c:f9:fc:6a:4a:87:53:05:30:44:d3:
08:34:a8:8f:68:66:36:92:73:2b:eb:2b:8b:69:f1:7b:2d:85:
3f:c2:fd:7b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQljnXtF4HDCk/rOYBC3lLGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYmI1ZTJlMGZkOTgzMmQ3M2IxZWY4ZjllNDg2ZmZkMDBi
M2Q3ODkwHhcNMjUwMTAyMDU0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGFmMTUzN2Y4YjJhYjZlOTE3YjJjOWI3NTk0NjAyZDM2ZTlmZTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn541phEJ+Kg998MFng/Y4nXMvIm5
CCn2jPgv+M9GfpxU0b0uMXIFY5j8Yt7U6Qgu7e9ecANc/CQHUYzA2VKOaPHe21c+
F7IeHg/unBYfPigHaIYysSjZ+6ky3ApuEoAAavjG4/K7Hvja5i0y6zvU7/0xHshi
pUOMC/LU+HkMFrS7hWuUX7wbPdpoH2qqz+K7PFqTID6IfHa0nJxD80Hmd6hZeTix
ZUujuOMKxCocEkj1E6HQCMn8//ATMRWSQqqKxaWchiNmPOhskZLhLyctYW68FSPt
QO14zyDoNmWTuL79vvTeuNsgaqCePAtj8GU++QzwD4BDzf/2kkzB8mSwJQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCCvFTf4sqtukXssm3WUYC026f4eMB8GA1UdIwQY
MBaAFPy7Xi4P2YMtc7Hvj55Ib/0As9eJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0x0ZUxnX1pneTF6c2UtUG5raHZfUUN6MTRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8zNTNmM2QtNmFmYS00ZTMxLTkxYTkt
NWU2YTkyZTdmNjhmLzEvSUs4Vk5faXlxMjZSZXl5YmRaUmdMVGJwX2g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8zNTNmM2QtNmFmYS00ZTMxLTkxYTktNWU2YTkyZTdmNjhm
LzEvX0x0ZUxnX1pneTF6c2UtUG5raHZfUUN6MTRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEXVqAAwQC
wjCQMA0EAgACMAcDBQMqAyQAMA0GCSqGSIb3DQEBCwUAA4IBAQB1T1PBfa51J5HM
LcTcFY02TP1H7HO07TmzwJLRmaMQHzbVe1qNSY8HDapRuHMN6D2p8oeHKz8Vjv3g
4eQ+mcAt8xHmsnlX3BFSA4S9Zvt0Vt2sJH7T4FJ9JUxRi9CjbScDpOxp1rwZUWaR
+BG6y5iJuyEbRljGfGDp/acH8VjtDOAms1oHOW8NKqY4/Qb2B7FDfkuleiYei4WU
YH/sZMOMF9rGXBSGiWrbZPXr61wGgzlEviv74HnUrE9Gj5k2K3eLlaKw2WZm/pOv
xei3+yrrGTIVkRvkaIv9vuuhgGI3nPn8akqHUwUwRNMINKiPaGY2knMr6yuLafF7
LYU/wv17
-----END CERTIFICATE-----
Generated at Sun Mar 9 20:13:54 2025 by rpki-client