Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/9htWy01pg2D2zYDPH366mUte-18.roa
File: 9htWy01pg2D2zYDPH366mUte-18.roa (raw, json)
Hash identifier: EzJGaZ3hn2rEMiPwCBKqVw/ZKa/ezLWPSIlGniopSlk=
Subject key identifier: F6:1B:56:CB:4D:69:83:60:F6:CD:80:CF:1F:7E:BA:99:4B:5E:FB:5F
Certificate issuer: /CN=13d83b225dd33860c51dc44aa88db5f03dc15a74
Certificate serial: 0195AF6113E47E12FE6F4379130DCC16708E
Authority key identifier: 13:D8:3B:22:5D:D3:38:60:C5:1D:C4:4A:A8:8D:B5:F0:3D:C1:5A:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E9g7Il3TOGDFHcRKqI218D3BWnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/9htWy01pg2D2zYDPH366mUte-18.roa
Signing time: Wed 19 Mar 2025 17:08:49 +0000
ROA not before: Wed 19 Mar 2025 17:08:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43858
IP address blocks: 91.198.199.0/24 maxlen: 24
91.244.246.0/24 maxlen: 24
146.255.168.0/21 maxlen: 21
185.11.160.0/22 maxlen: 22
185.80.176.0/22 maxlen: 22
2a03:39c0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/E9g7Il3TOGDFHcRKqI218D3BWnQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/E9g7Il3TOGDFHcRKqI218D3BWnQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/E9g7Il3TOGDFHcRKqI218D3BWnQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:af:61:13:e4:7e:12:fe:6f:43:79:13:0d:cc:16:70:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13d83b225dd33860c51dc44aa88db5f03dc15a74
Validity
Not Before: Mar 19 17:08:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f61b56cb4d698360f6cd80cf1f7eba994b5efb5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:de:fa:d1:5d:0e:86:4d:50:65:39:87:7f:92:
ad:f5:96:79:11:74:71:a7:e9:51:fa:36:82:dd:79:
4f:8e:08:da:42:70:48:30:f6:4f:c1:29:7c:f5:f2:
34:9f:2a:7b:00:df:03:7e:89:9f:f6:d0:10:ce:ac:
d0:ec:5a:1b:46:f4:c7:62:af:56:98:f7:60:94:d8:
9f:37:2c:10:e5:ca:2a:42:ab:7b:85:9e:99:80:54:
1f:1c:4a:0e:5e:a6:02:8b:c2:f2:0f:51:ec:d3:5f:
24:f7:99:b3:76:d0:fb:55:25:1e:1a:bc:24:89:90:
5c:fd:cc:b4:c9:37:ce:9b:8e:cb:46:4c:12:6b:f3:
96:a5:9c:4e:00:3a:c0:7f:e1:ad:eb:db:39:67:83:
e9:4e:c2:af:b8:05:2d:8e:49:ca:2e:23:f9:ab:85:
77:f3:38:ba:0e:be:8f:64:46:3e:e8:05:05:e2:34:
d4:d9:ef:0a:24:20:46:aa:4c:b1:ec:0b:72:ff:f4:
23:e6:bd:8b:bc:0b:3d:0b:8a:ab:47:6e:9a:f2:11:
4f:a4:07:cf:4f:ff:b8:7d:1a:a5:b2:b3:8e:e3:e6:
dc:ea:ec:67:ef:9c:c8:40:22:7f:ab:af:bc:e2:d6:
78:1d:8e:df:1a:8b:9b:be:f9:d0:21:c7:79:98:10:
4b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:1B:56:CB:4D:69:83:60:F6:CD:80:CF:1F:7E:BA:99:4B:5E:FB:5F
X509v3 Authority Key Identifier:
keyid:13:D8:3B:22:5D:D3:38:60:C5:1D:C4:4A:A8:8D:B5:F0:3D:C1:5A:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E9g7Il3TOGDFHcRKqI218D3BWnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/9htWy01pg2D2zYDPH366mUte-18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/E9g7Il3TOGDFHcRKqI218D3BWnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.199.0/24
91.244.246.0/24
146.255.168.0/21
185.11.160.0/22
185.80.176.0/22
IPv6:
2a03:39c0::/29
Signature Algorithm: sha256WithRSAEncryption
6b:07:94:12:51:0f:fd:47:bd:fa:ae:b2:4f:ed:80:94:96:e8:
be:49:25:e5:a0:c2:fb:4a:5d:58:bf:5e:45:4a:64:b8:da:2f:
b8:aa:7f:04:73:fa:1b:c4:23:cd:8e:2e:1a:c4:19:0d:8a:ab:
9a:e0:1d:d6:7a:ee:e6:92:ab:1f:8b:57:e7:9b:c0:2b:6c:fd:
17:06:12:67:e2:2f:aa:5a:90:88:7c:02:31:4c:a0:19:f6:c8:
ea:25:7f:61:61:c1:f7:47:c1:de:57:67:ee:9c:82:87:dd:d1:
e2:a4:8b:f4:73:ea:36:70:f6:7e:21:e4:c7:31:bd:01:d1:f3:
41:77:60:93:f3:05:fa:33:f4:f4:cc:73:58:96:32:3d:28:7c:
c3:f5:ad:f0:65:5d:ce:81:6f:1e:58:0f:0b:fd:f8:1e:47:da:
06:34:be:04:9d:f2:7a:cc:b6:5f:ba:5f:1f:c7:bb:f5:97:05:
e0:c3:d7:d5:3c:67:50:ab:8a:57:42:df:72:7b:1d:b2:00:a7:
d4:1e:8c:a9:f1:79:53:3a:45:83:4a:c5:d8:e6:34:97:3a:17:
dc:cd:06:04:95:88:2f:69:b2:de:6f:36:ef:ad:50:be:59:5c:
bd:4c:43:bc:07:88:c2:fe:b8:70:6d:3c:db:4c:57:0d:ec:be:
a7:1b:29:4f
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZWvYRPkfhL+b0N5Ew3MFnCOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZDgzYjIyNWRkMzM4NjBjNTFkYzQ0YWE4OGRiNWYwM2Rj
MTVhNzQwHhcNMjUwMzE5MTcwODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjFiNTZjYjRkNjk4MzYwZjZjZDgwY2YxZjdlYmE5OTRiNWVmYjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8d760V0Ohk1QZTmHf5Kt9ZZ5EXRx
p+lR+jaC3XlPjgjaQnBIMPZPwSl89fI0nyp7AN8Dfomf9tAQzqzQ7FobRvTHYq9W
mPdglNifNywQ5coqQqt7hZ6ZgFQfHEoOXqYCi8LyD1Hs018k95mzdtD7VSUeGrwk
iZBc/cy0yTfOm47LRkwSa/OWpZxOADrAf+Gt69s5Z4PpTsKvuAUtjknKLiP5q4V3
8zi6Dr6PZEY+6AUF4jTU2e8KJCBGqkyx7Aty//Qj5r2LvAs9C4qrR26a8hFPpAfP
T/+4fRqlsrOO4+bc6uxn75zIQCJ/q6+84tZ4HY7fGoubvvnQIcd5mBBL6QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPYbVstNaYNg9s2Azx9+uplLXvtfMB8GA1UdIwQY
MBaAFBPYOyJd0zhgxR3ESqiNtfA9wVp0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTlnN0lsM1RPR0RGSGNSS3FJMjE4RDNCV25RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9mMjExMWEtM2Y0Ny00ZmYwLWE1MWQt
YjI1MTM3N2FkZDg2LzEvOWh0V3kwMXBnMkQyellEUEgzNjZtVXRlLTE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9mMjExMWEtM2Y0Ny00ZmYwLWE1MWQtYjI1MTM3N2FkZDg2
LzEvRTlnN0lsM1RPR0RGSGNSS3FJMjE4RDNCV25RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW8bHAwQA
W/T2AwQDkv+oAwQCuQugAwQCuVCwMA0EAgACMAcDBQMqAznAMA0GCSqGSIb3DQEB
CwUAA4IBAQBrB5QSUQ/9R736rrJP7YCUlui+SSXloML7Sl1Yv15FSmS42i+4qn8E
c/obxCPNji4axBkNiqua4B3Weu7mkqsfi1fnm8ArbP0XBhJn4i+qWpCIfAIxTKAZ
9sjqJX9hYcH3R8HeV2funIKH3dHipIv0c+o2cPZ+IeTHMb0B0fNBd2CT8wX6M/T0
zHNYljI9KHzD9a3wZV3OgW8eWA8L/fgeR9oGNL4EnfJ6zLZful8fx7v1lwXgw9fV
PGdQq4pXQt9yex2yAKfUHoyp8XlTOkWDSsXY5jSXOhfczQYElYgvabLebzbvrVC+
WVy9TEO8B4jC/rhwbTzbTFcN7L6nGylP
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:15:33 2025 by rpki-client