Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b90060-5aaa-43ea-bceb-5e749f4341a4/1/N5Gh8WU6LbeHtUd8XRyhLT7tdkQ.roa
File: N5Gh8WU6LbeHtUd8XRyhLT7tdkQ.roa (raw, json)
Hash identifier: mitxt5I+lSF+4rUo8JMUQCIfsBb/PVUX3ZvyGSCEfWk=
Subject key identifier: 37:91:A1:F1:65:3A:2D:B7:87:B5:47:7C:5D:1C:A1:2D:3E:ED:76:44
Certificate issuer: /CN=16241dd83d8ac080b66504bf937459ffcec4ccc4
Certificate serial: 019425FC7FAF9728797CE86D57C58BBF8D73
Authority key identifier: 16:24:1D:D8:3D:8A:C0:80:B6:65:04:BF:93:74:59:FF:CE:C4:CC:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FiQd2D2KwIC2ZQS_k3RZ_87EzMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b90060-5aaa-43ea-bceb-5e749f4341a4/1/N5Gh8WU6LbeHtUd8XRyhLT7tdkQ.roa
Signing time: Thu 02 Jan 2025 07:48:12 +0000
ROA not before: Thu 02 Jan 2025 07:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16154
IP address blocks: 80.95.28.0/22 maxlen: 24
88.213.194.0/23 maxlen: 24
88.213.204.0/22 maxlen: 24
217.79.64.0/22 maxlen: 24
217.79.72.0/21 maxlen: 24
217.79.80.0/20 maxlen: 24
2a02:7900::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/b90060-5aaa-43ea-bceb-5e749f4341a4/1/FiQd2D2KwIC2ZQS_k3RZ_87EzMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/b90060-5aaa-43ea-bceb-5e749f4341a4/1/FiQd2D2KwIC2ZQS_k3RZ_87EzMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/FiQd2D2KwIC2ZQS_k3RZ_87EzMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:7f:af:97:28:79:7c:e8:6d:57:c5:8b:bf:8d:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16241dd83d8ac080b66504bf937459ffcec4ccc4
Validity
Not Before: Jan 2 07:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3791a1f1653a2db787b5477c5d1ca12d3eed7644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d1:cc:99:8a:b4:73:33:69:6a:4f:29:0e:01:
72:72:ce:cf:e1:6a:c2:de:6a:a5:f6:7e:95:d8:11:
70:26:27:76:30:7e:67:22:a6:95:a7:91:7a:10:5a:
3b:e4:e5:84:fe:12:f2:44:8c:b8:58:83:1d:15:bf:
1a:4b:62:fb:71:93:84:d9:0d:d0:6e:9f:35:b7:cb:
5f:66:6b:00:37:d1:e6:00:b5:75:d2:51:4f:44:27:
03:11:25:ea:eb:7a:ce:62:df:bc:9b:d1:b9:f8:96:
5b:df:3f:c7:b5:2d:59:d6:f1:a4:c8:11:07:73:1e:
07:16:98:a1:4d:65:b0:a9:b0:d4:10:a0:26:41:7d:
d4:e2:b8:f5:e1:46:d9:32:7f:05:ea:06:b2:3a:e4:
ee:41:90:bc:e8:fe:1b:03:66:48:a6:fc:26:ec:0e:
76:fa:1e:fa:60:70:25:ae:7d:8b:f0:f6:6e:99:b1:
be:b7:a6:5b:59:08:db:c8:a1:61:7d:78:21:5b:b3:
5e:7b:bb:27:af:ca:ae:ee:40:bf:8e:e0:a4:dd:76:
a5:75:e8:93:92:7e:55:5c:0b:aa:f8:68:1c:05:f2:
20:de:e6:2c:a1:22:b2:c9:28:5a:b7:3c:77:f0:1d:
2a:25:ec:f7:5f:bd:9c:d2:91:2c:85:f8:41:37:40:
27:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:91:A1:F1:65:3A:2D:B7:87:B5:47:7C:5D:1C:A1:2D:3E:ED:76:44
X509v3 Authority Key Identifier:
keyid:16:24:1D:D8:3D:8A:C0:80:B6:65:04:BF:93:74:59:FF:CE:C4:CC:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FiQd2D2KwIC2ZQS_k3RZ_87EzMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b90060-5aaa-43ea-bceb-5e749f4341a4/1/N5Gh8WU6LbeHtUd8XRyhLT7tdkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b90060-5aaa-43ea-bceb-5e749f4341a4/1/FiQd2D2KwIC2ZQS_k3RZ_87EzMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.95.28.0/22
88.213.194.0/23
88.213.204.0/22
217.79.64.0/22
217.79.72.0-217.79.95.255
IPv6:
2a02:7900::/32
Signature Algorithm: sha256WithRSAEncryption
02:cf:a4:4f:c4:a2:78:f6:4b:e8:87:9c:ea:2a:6d:3f:f0:9c:
74:2b:81:5f:86:5c:12:b4:f0:2f:3e:41:74:16:f0:bb:fc:c8:
df:95:1c:b5:53:d4:6a:27:9e:c7:5a:df:2f:d8:79:2f:2a:73:
b8:ad:58:e3:2d:94:be:22:c6:19:18:4a:3b:97:6d:5a:2e:79:
c3:08:7b:8d:61:89:3b:56:4b:34:a0:a5:64:28:5e:53:ca:09:
96:36:7c:56:18:84:ca:8c:73:24:0d:f8:6e:a2:dd:ed:24:36:
06:ab:1c:c2:78:c4:cc:42:41:02:92:58:a5:3c:2a:0f:39:53:
20:34:26:da:0d:de:eb:a6:08:c0:b3:7a:4a:a0:72:9a:02:10:
20:8d:ca:3b:57:a9:8f:93:92:5d:2f:6e:e1:12:ac:d7:d8:80:
f2:e8:3a:84:f4:ae:c8:04:3b:1f:53:72:2f:9d:c8:fa:70:6b:
f2:0b:3a:06:48:c0:9a:4a:db:90:0a:be:9b:7c:4c:dd:33:e3:
54:e7:6f:c6:70:d5:45:16:e1:45:93:a8:9d:7c:30:7b:a8:1d:
f4:a8:44:b8:61:14:f4:cd:c1:dc:08:f6:44:0d:52:2a:1f:7b:
ee:19:62:ed:54:1d:b7:8e:f9:e8:7a:94:1d:5b:62:24:0e:42:
95:d5:d9:ba
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQl/H+vlyh5fOhtV8WLv41zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MjQxZGQ4M2Q4YWMwODBiNjY1MDRiZjkzNzQ1OWZmY2Vj
NGNjYzQwHhcNMjUwMTAyMDc0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzkxYTFmMTY1M2EyZGI3ODdiNTQ3N2M1ZDFjYTEyZDNlZWQ3NjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNHMmYq0czNpak8pDgFycs7P4WrC
3mql9n6V2BFwJid2MH5nIqaVp5F6EFo75OWE/hLyRIy4WIMdFb8aS2L7cZOE2Q3Q
bp81t8tfZmsAN9HmALV10lFPRCcDESXq63rOYt+8m9G5+JZb3z/HtS1Z1vGkyBEH
cx4HFpihTWWwqbDUEKAmQX3U4rj14UbZMn8F6gayOuTuQZC86P4bA2ZIpvwm7A52
+h76YHAlrn2L8PZumbG+t6ZbWQjbyKFhfXghW7Nee7snr8qu7kC/juCk3XaldeiT
kn5VXAuq+GgcBfIg3uYsoSKyyShatzx38B0qJez3X72c0pEshfhBN0An8wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFDeRofFlOi23h7VHfF0coS0+7XZEMB8GA1UdIwQY
MBaAFBYkHdg9isCAtmUEv5N0Wf/OxMzEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmlRZDJEMkt3SUMyWlFTX2szUlpfODdFek1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iOTAwNjAtNWFhYS00M2VhLWJjZWIt
NWU3NDlmNDM0MWE0LzEvTjVHaDhXVTZMYmVIdFVkOFhSeWhMVDd0ZGtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iOTAwNjAtNWFhYS00M2VhLWJjZWItNWU3NDlmNDM0MWE0
LzEvRmlRZDJEMkt3SUMyWlFTX2szUlpfODdFek1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCUF8cAwQB
WNXCAwQCWNXMAwQC2U9AMAwDBAPZT0gDBAXZT0AwDQQCAAIwBwMFACoCeQAwDQYJ
KoZIhvcNAQELBQADggEBAALPpE/Eonj2S+iHnOoqbT/wnHQrgV+GXBK08C8+QXQW
8Lv8yN+VHLVT1Gonnsda3y/YeS8qc7itWOMtlL4ixhkYSjuXbVouecMIe41hiTtW
SzSgpWQoXlPKCZY2fFYYhMqMcyQN+G6i3e0kNgarHMJ4xMxCQQKSWKU8Kg85UyA0
JtoN3uumCMCzekqgcpoCECCNyjtXqY+Tkl0vbuESrNfYgPLoOoT0rsgEOx9Tci+d
yPpwa/ILOgZIwJpK25AKvpt8TN0z41Tnb8Zw1UUW4UWTqJ18MHuoHfSoRLhhFPTN
wdwI9kQNUiofe+4ZYu1UHbeO+eh6lB1bYiQOQpXV2bo=
-----END CERTIFICATE-----
Generated at Tue Apr 22 10:29:42 2025 by rpki-client