Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/6ff43b-27ab-4064-af1d-09ed7800fdfb/1/8u9hb0S_4Uuo5fYUwLVSXZK5rxM.roa
File: 8u9hb0S_4Uuo5fYUwLVSXZK5rxM.roa (raw, json)
Hash identifier: 6iQilpXzVprtaKFu2A9AhzRE5Pgx6o9DaMAB494sBrc=
Subject key identifier: F2:EF:61:6F:44:BF:E1:4B:A8:E5:F6:14:C0:B5:52:5D:92:B9:AF:13
Certificate issuer: /CN=2a12efaee997e9a763b460ab592ddda67a0deb70
Certificate serial: 0194A71B86C02D6A60F46D41B7F266F26A15
Authority key identifier: 2A:12:EF:AE:E9:97:E9:A7:63:B4:60:AB:59:2D:DD:A6:7A:0D:EB:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhLvrumX6adjtGCrWS3dpnoN63A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/6ff43b-27ab-4064-af1d-09ed7800fdfb/1/8u9hb0S_4Uuo5fYUwLVSXZK5rxM.roa
Signing time: Mon 27 Jan 2025 09:33:06 +0000
ROA not before: Mon 27 Jan 2025 09:33:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212910
IP address blocks: 91.137.240.0/22 maxlen: 22
91.137.248.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/6ff43b-27ab-4064-af1d-09ed7800fdfb/1/KhLvrumX6adjtGCrWS3dpnoN63A.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/6ff43b-27ab-4064-af1d-09ed7800fdfb/1/KhLvrumX6adjtGCrWS3dpnoN63A.mft
rsync://rpki.ripe.net/repository/DEFAULT/KhLvrumX6adjtGCrWS3dpnoN63A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a7:1b:86:c0:2d:6a:60:f4:6d:41:b7:f2:66:f2:6a:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a12efaee997e9a763b460ab592ddda67a0deb70
Validity
Not Before: Jan 27 09:33:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2ef616f44bfe14ba8e5f614c0b5525d92b9af13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e5:b9:19:31:b0:09:ab:b1:4c:8e:b8:5a:3a:
a6:e7:84:62:0c:9f:3c:5d:ad:3e:f5:83:1f:80:77:
30:d6:03:15:1b:25:6d:10:26:22:73:94:2b:97:05:
81:1a:41:d3:08:d1:d9:11:32:c5:88:31:9d:0a:c4:
0a:70:18:bb:f3:3d:18:86:59:14:62:7f:f2:6b:74:
e9:db:42:3c:b5:43:6d:db:cb:d9:49:4b:82:53:79:
40:90:f1:fe:da:ae:cb:a5:c8:11:9a:8f:a4:52:60:
5a:08:5b:d7:94:aa:75:1f:f2:3c:73:b6:14:0e:5c:
d6:87:8c:67:aa:15:f9:09:ff:92:72:e9:ed:d5:4a:
3a:a6:25:62:5c:d4:37:7e:34:c5:ee:94:47:ee:4a:
02:0b:65:c6:93:20:ed:a5:4e:33:6f:fd:01:f8:e4:
56:37:f9:99:4f:ab:61:24:5e:34:a0:b7:17:d2:21:
ba:32:cf:5b:f6:41:a0:b9:fd:06:62:e1:4c:d7:ec:
d5:a5:ec:f6:55:b7:ea:4f:8b:7e:40:68:59:ca:e1:
68:6e:42:52:cb:27:75:e6:ff:e4:8b:d8:85:42:75:
31:9a:34:5d:f4:00:04:34:43:81:da:97:18:7e:61:
a1:fc:71:9b:a8:62:b6:6c:f3:7c:6f:10:a5:c5:42:
81:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:EF:61:6F:44:BF:E1:4B:A8:E5:F6:14:C0:B5:52:5D:92:B9:AF:13
X509v3 Authority Key Identifier:
keyid:2A:12:EF:AE:E9:97:E9:A7:63:B4:60:AB:59:2D:DD:A6:7A:0D:EB:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhLvrumX6adjtGCrWS3dpnoN63A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/6ff43b-27ab-4064-af1d-09ed7800fdfb/1/8u9hb0S_4Uuo5fYUwLVSXZK5rxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/6ff43b-27ab-4064-af1d-09ed7800fdfb/1/KhLvrumX6adjtGCrWS3dpnoN63A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.137.240.0/22
91.137.248.0/22
Signature Algorithm: sha256WithRSAEncryption
42:35:cd:a2:30:d0:7b:08:44:e5:b0:0c:39:32:1f:8e:06:fc:
d1:7f:16:fd:38:4d:22:e5:63:f3:f8:2e:8d:aa:b3:f5:71:fd:
9f:a3:33:9b:dc:43:9e:3a:9b:79:c0:2f:fc:84:bc:10:bd:d7:
77:fb:5c:d1:0c:d8:6b:a6:61:48:a0:9e:0c:a3:fa:3c:a0:cb:
ef:18:6b:9e:9d:e3:c0:81:89:d5:da:00:92:3c:01:5e:5c:46:
61:54:9d:3c:d2:03:ff:50:ab:88:13:03:ef:40:da:a6:74:cb:
34:c7:6d:0e:13:56:bd:f3:db:a4:53:5e:37:8d:19:c6:02:d8:
b8:7e:e9:ac:df:fa:2f:24:aa:ce:e0:b2:4d:ff:91:25:a6:ce:
d3:bf:63:88:70:4b:90:ef:fc:3e:8d:e0:db:71:fa:df:26:e0:
37:07:71:49:7f:5f:b2:c9:81:eb:6a:a1:e9:3a:dc:b1:b1:1a:
1e:10:43:ce:d3:d3:fd:2c:4c:2c:8f:53:a2:b4:23:7d:eb:13:
f2:8e:4b:51:26:75:f6:2e:de:d0:0a:ec:df:bc:9d:b8:2c:45:
95:5e:70:72:c2:b2:88:77:9d:11:16:5d:60:a9:b7:d0:9a:ae:
66:55:a9:a3:26:0a:3a:3e:0e:6d:65:b4:bc:e2:d3:e5:35:db:
8f:78:8a:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZSnG4bALWpg9G1Bt/Jm8moVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTJlZmFlZTk5N2U5YTc2M2I0NjBhYjU5MmRkZGE2N2Ew
ZGViNzAwHhcNMjUwMTI3MDkzMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmVmNjE2ZjQ0YmZlMTRiYThlNWY2MTRjMGI1NTI1ZDkyYjlhZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OW5GTGwCauxTI64Wjqm54RiDJ88
Xa0+9YMfgHcw1gMVGyVtECYic5QrlwWBGkHTCNHZETLFiDGdCsQKcBi78z0YhlkU
Yn/ya3Tp20I8tUNt28vZSUuCU3lAkPH+2q7LpcgRmo+kUmBaCFvXlKp1H/I8c7YU
DlzWh4xnqhX5Cf+Scunt1Uo6piViXNQ3fjTF7pRH7koCC2XGkyDtpU4zb/0B+ORW
N/mZT6thJF40oLcX0iG6Ms9b9kGguf0GYuFM1+zVpez2VbfqT4t+QGhZyuFobkJS
yyd15v/ki9iFQnUxmjRd9AAENEOB2pcYfmGh/HGbqGK2bPN8bxClxUKB2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPLvYW9Ev+FLqOX2FMC1Ul2Sua8TMB8GA1UdIwQY
MBaAFCoS767pl+mnY7Rgq1kt3aZ6DetwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2hMdnJ1bVg2YWRqdEdDcldTM2Rwbm9ONjNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny82ZmY0M2ItMjdhYi00MDY0LWFmMWQt
MDllZDc4MDBmZGZiLzEvOHU5aGIwU180VXVvNWZZVXdMVlNYWks1cnhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny82ZmY0M2ItMjdhYi00MDY0LWFmMWQtMDllZDc4MDBmZGZi
LzEvS2hMdnJ1bVg2YWRqdEdDcldTM2Rwbm9ONjNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW4nwAwQC
W4n4MA0GCSqGSIb3DQEBCwUAA4IBAQBCNc2iMNB7CETlsAw5Mh+OBvzRfxb9OE0i
5WPz+C6NqrP1cf2fozOb3EOeOpt5wC/8hLwQvdd3+1zRDNhrpmFIoJ4Mo/o8oMvv
GGuenePAgYnV2gCSPAFeXEZhVJ080gP/UKuIEwPvQNqmdMs0x20OE1a989ukU143
jRnGAti4fums3/ovJKrO4LJN/5Elps7Tv2OIcEuQ7/w+jeDbcfrfJuA3B3FJf1+y
yYHraqHpOtyxsRoeEEPO09P9LEwsj1OitCN96xPyjktRJnX2Lt7QCuzfvJ24LEWV
XnBywrKId50RFl1gqbfQmq5mVamjJgo6Pg5tZbS84tPlNduPeIop
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:03:43 2025 by rpki-client