Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/l9duCdWQZeKxwZPuiEhJ6rksmdQ.roa
File: l9duCdWQZeKxwZPuiEhJ6rksmdQ.roa (raw, json)
Hash identifier: MiA4XKyh5USkVTz1e6BjYBpRpXwXHFkEnxCX1U1Bomg=
Subject key identifier: 97:D7:6E:09:D5:90:65:E2:B1:C1:93:EE:88:48:49:EA:B9:2C:99:D4
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019420D5C93D78D6F54048855BCE145667FF
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/l9duCdWQZeKxwZPuiEhJ6rksmdQ.roa
Signing time: Wed 01 Jan 2025 07:47:49 +0000
ROA not before: Wed 01 Jan 2025 07:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41957
IP address blocks: 85.209.10.0/24 maxlen: 24
185.21.141.0/24 maxlen: 24
185.191.213.0/24 maxlen: 24
194.93.59.0/24 maxlen: 24
194.147.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:c9:3d:78:d6:f5:40:48:85:5b:ce:14:56:67:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 07:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97d76e09d59065e2b1c193ee884849eab92c99d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:17:75:5a:28:d0:1b:4a:59:b4:2a:89:10:a9:
53:a2:ee:77:a6:0b:49:95:2a:ee:1c:5f:28:e7:e8:
ff:c8:30:d3:b0:fa:0a:a3:69:12:ca:9e:cc:88:2a:
42:08:19:f9:78:55:05:4f:ee:83:5c:cc:73:30:85:
72:2d:6f:5d:33:0e:f2:1c:9f:50:8a:d6:bb:a5:77:
88:a5:fa:6d:42:1e:9a:fb:5e:19:90:04:5e:4f:7c:
89:98:5e:c5:85:0b:2b:82:db:c3:55:52:11:b2:40:
17:b3:45:d4:ee:81:59:08:8b:28:d8:93:99:ed:d0:
9e:02:56:87:c5:b0:63:08:8e:e6:0e:7e:6e:6b:41:
bf:9e:2e:b6:8b:69:41:57:22:30:eb:7b:18:91:b3:
aa:29:09:90:53:b0:10:56:e4:db:9f:16:31:40:dc:
f1:9b:a8:c9:49:7e:a5:27:77:7a:0a:c5:33:29:15:
69:18:0a:b6:94:14:77:94:70:2f:ca:2d:3b:fd:80:
ea:9e:fa:ab:8d:75:75:69:07:f3:d1:04:f0:14:5b:
05:26:77:2d:b0:61:1d:b4:54:ea:e8:4b:b9:4e:58:
35:73:f0:1d:a1:45:d4:04:85:b4:1f:39:f2:9f:ea:
e3:54:70:0d:14:e1:3b:4b:47:6e:f6:c0:5a:af:28:
7d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:D7:6E:09:D5:90:65:E2:B1:C1:93:EE:88:48:49:EA:B9:2C:99:D4
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/l9duCdWQZeKxwZPuiEhJ6rksmdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.10.0/24
185.21.141.0/24
185.191.213.0/24
194.93.59.0/24
194.147.89.0/24
Signature Algorithm: sha256WithRSAEncryption
96:0d:76:4a:dc:3e:c2:1e:a3:ec:f3:f9:75:74:a4:a0:4b:15:
aa:af:fe:66:61:38:71:7e:67:71:f8:df:e0:b3:60:a6:81:e5:
29:97:b5:3d:9f:dc:d0:8a:e3:f0:97:22:1c:af:45:50:48:3e:
fd:c9:40:45:3f:3e:05:ef:00:0e:03:87:1e:2d:e8:a0:eb:67:
54:61:75:c8:a8:e6:59:86:f7:8c:cf:7d:63:9a:89:b4:e9:09:
22:6c:e1:05:23:6f:61:bc:16:bb:ef:09:b5:05:b3:b3:36:5c:
59:9e:39:95:5a:53:cc:a1:ca:4f:36:29:c4:b2:19:9d:05:13:
97:c7:9e:d5:03:f5:c6:d6:73:ae:99:9a:2f:93:99:44:d4:04:
82:f4:d1:71:d5:15:8d:28:2d:7a:78:7a:8f:ee:f5:13:ef:11:
64:51:a6:01:7e:43:66:0b:1f:cc:5d:fa:9c:19:48:fb:e4:b1:
4c:4a:34:b7:4e:bb:99:79:93:2a:03:17:a4:ac:82:de:a8:37:
a1:d0:9d:1a:ab:40:63:86:c4:bd:6a:98:3f:56:e5:65:7b:01:
11:63:15:b1:14:8d:b5:f8:89:fa:73:06:b2:38:c6:7c:b6:06:
e2:32:1b:d9:ec:93:53:10:01:ba:f2:14:21:c3:29:38:21:26:
e9:4e:66:d3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQg1ck9eNb1QEiFW84UVmf/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwMTAxMDc0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2Q3NmUwOWQ1OTA2NWUyYjFjMTkzZWU4ODQ4NDllYWI5MmM5OWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8hd1WijQG0pZtCqJEKlTou53pgtJ
lSruHF8o5+j/yDDTsPoKo2kSyp7MiCpCCBn5eFUFT+6DXMxzMIVyLW9dMw7yHJ9Q
ita7pXeIpfptQh6a+14ZkAReT3yJmF7FhQsrgtvDVVIRskAXs0XU7oFZCIso2JOZ
7dCeAlaHxbBjCI7mDn5ua0G/ni62i2lBVyIw63sYkbOqKQmQU7AQVuTbnxYxQNzx
m6jJSX6lJ3d6CsUzKRVpGAq2lBR3lHAvyi07/YDqnvqrjXV1aQfz0QTwFFsFJnct
sGEdtFTq6Eu5Tlg1c/AdoUXUBIW0Hznyn+rjVHANFOE7S0du9sBaryh9aQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJfXbgnVkGXiscGT7ohISeq5LJnUMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvbDlkdUNkV1FaZUt4d1pQdWlFaEo2cmtzbWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVdEKAwQA
uRWNAwQAub/VAwQAwl07AwQAwpNZMA0GCSqGSIb3DQEBCwUAA4IBAQCWDXZK3D7C
HqPs8/l1dKSgSxWqr/5mYThxfmdx+N/gs2CmgeUpl7U9n9zQiuPwlyIcr0VQSD79
yUBFPz4F7wAOA4ceLeig62dUYXXIqOZZhveMz31jmom06QkibOEFI29hvBa77wm1
BbOzNlxZnjmVWlPMocpPNinEshmdBROXx57VA/XG1nOumZovk5lE1ASC9NFx1RWN
KC16eHqP7vUT7xFkUaYBfkNmCx/MXfqcGUj75LFMSjS3TruZeZMqAxekrILeqDeh
0J0aq0BjhsS9apg/VuVlewERYxWxFI21+In6cwayOMZ8tgbiMhvZ7JNTEAG68hQh
wyk4ISbpTmbT
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:58:11 2025 by rpki-client