Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/8f44c6-7791-4054-a5e5-1ef76442f49a/1/8gVvFm91f0RDawryW7l9gKrlwps.roa
File: 8gVvFm91f0RDawryW7l9gKrlwps.roa (raw, json)
Hash identifier: QofxAMe0K3ECuRtwFP3oD9RJD1otx3XwH2YFtNZT6bY=
Subject key identifier: F2:05:6F:16:6F:75:7F:44:43:6B:0A:F2:5B:B9:7D:80:AA:E5:C2:9B
Certificate issuer: /CN=13701ebe06799de0969899205150e532deffe7b5
Certificate serial: 019440E7C6CA89426C2071F49C9780F496CE
Authority key identifier: 13:70:1E:BE:06:79:9D:E0:96:98:99:20:51:50:E5:32:DE:FF:E7:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E3AevgZ5neCWmJkgUVDlMt7_57U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/8f44c6-7791-4054-a5e5-1ef76442f49a/1/8gVvFm91f0RDawryW7l9gKrlwps.roa
Signing time: Tue 07 Jan 2025 13:15:19 +0000
ROA not before: Tue 07 Jan 2025 13:15:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35787
IP address blocks: 91.202.228.0/22 maxlen: 22
91.202.228.0/24 maxlen: 24
91.202.229.0/24 maxlen: 24
91.202.230.0/24 maxlen: 24
91.202.231.0/24 maxlen: 24
91.219.120.0/22 maxlen: 22
91.219.120.0/24 maxlen: 24
91.219.121.0/24 maxlen: 24
91.219.122.0/24 maxlen: 24
91.219.123.0/24 maxlen: 24
194.88.154.0/23 maxlen: 23
194.88.154.0/24 maxlen: 24
194.88.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/8f44c6-7791-4054-a5e5-1ef76442f49a/1/E3AevgZ5neCWmJkgUVDlMt7_57U.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/8f44c6-7791-4054-a5e5-1ef76442f49a/1/E3AevgZ5neCWmJkgUVDlMt7_57U.mft
rsync://rpki.ripe.net/repository/DEFAULT/E3AevgZ5neCWmJkgUVDlMt7_57U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:40:e7:c6:ca:89:42:6c:20:71:f4:9c:97:80:f4:96:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13701ebe06799de0969899205150e532deffe7b5
Validity
Not Before: Jan 7 13:15:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2056f166f757f44436b0af25bb97d80aae5c29b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:59:b2:b7:25:a3:0a:43:92:d5:30:c2:48:86:
5e:db:19:bb:4f:11:f5:b0:e6:80:4c:d0:57:a4:75:
d5:e2:27:99:f2:9c:c7:3a:12:9f:ef:a2:e1:77:c8:
52:66:eb:df:c5:c8:f1:40:0a:bd:0d:e2:43:87:c2:
ee:65:f8:4f:5e:f9:8e:fe:5b:d5:b5:d3:10:10:7a:
fc:62:d0:1c:f5:42:35:ed:58:6d:20:a6:6a:8e:29:
9b:7b:70:6d:94:9c:82:1f:b1:24:ee:cc:77:69:8f:
f6:9a:a3:f2:0c:8b:71:61:40:4b:de:d2:a8:da:6a:
a1:85:fb:7b:47:08:f9:bc:4d:07:aa:a7:db:4d:c1:
39:ac:3c:34:24:59:bd:2a:33:36:1d:3e:64:2a:b2:
e6:12:59:3f:99:13:e0:16:3d:eb:6b:9b:39:74:7f:
1b:27:91:ef:9f:8a:30:e6:77:ed:66:ab:32:22:d7:
0c:e0:e7:b2:98:4e:00:bc:af:b4:38:f3:5b:b1:61:
cb:df:e7:b8:d7:ac:5f:ac:ae:a9:22:c5:8a:d1:8a:
c9:0b:b7:45:1d:e6:fb:20:e4:1a:92:11:f7:97:81:
67:8a:83:7a:27:db:6a:14:cf:9b:d1:6a:bf:dc:e2:
93:5d:40:ba:4e:1e:04:0e:96:b5:99:b1:83:4d:85:
49:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:05:6F:16:6F:75:7F:44:43:6B:0A:F2:5B:B9:7D:80:AA:E5:C2:9B
X509v3 Authority Key Identifier:
keyid:13:70:1E:BE:06:79:9D:E0:96:98:99:20:51:50:E5:32:DE:FF:E7:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E3AevgZ5neCWmJkgUVDlMt7_57U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/8f44c6-7791-4054-a5e5-1ef76442f49a/1/8gVvFm91f0RDawryW7l9gKrlwps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/8f44c6-7791-4054-a5e5-1ef76442f49a/1/E3AevgZ5neCWmJkgUVDlMt7_57U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.228.0/22
91.219.120.0/22
194.88.154.0/23
Signature Algorithm: sha256WithRSAEncryption
de:c2:51:cc:1b:92:2c:4e:f2:22:41:ac:1b:6b:ab:69:f0:fd:
5f:9f:5d:67:f5:57:39:f0:e3:fe:57:fc:86:e3:86:ca:41:b6:
a0:b0:1e:a1:f2:36:28:f3:a0:52:4a:58:a6:b1:56:70:6a:e1:
c1:51:b5:57:b4:be:97:6c:cb:a8:46:9e:e4:aa:3b:86:41:45:
7a:7e:6e:3b:61:61:81:ed:d3:f6:0b:cd:d4:37:65:dd:a3:57:
ba:3c:5c:0f:98:6b:5e:86:e9:d0:ba:c1:f0:51:cc:18:01:0f:
a0:87:6b:ee:4b:69:c4:83:91:c4:eb:a5:f5:a3:56:5c:cb:69:
60:08:e2:60:20:ae:40:16:96:b6:09:cb:7e:b1:1d:77:c1:9e:
ef:05:b8:15:1e:8c:c7:e2:de:ce:c2:80:11:10:3c:a2:a3:c0:
f8:cc:0b:ab:5a:e7:3d:54:85:a7:33:c1:10:d7:3a:5e:dd:9b:
ca:01:90:8c:75:f5:71:99:45:2f:6e:01:3d:8c:1f:2d:32:15:
21:0a:e0:c4:d8:a8:19:e7:0c:d2:e3:f6:f7:b7:a5:16:92:5f:
53:60:97:6b:64:19:11:ea:fd:7d:e7:48:32:79:39:7f:f0:65:
c5:71:af:73:a9:8c:f6:b1:0d:d7:b0:79:26:4d:a0:e8:8b:e5:
53:17:80:0b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRA58bKiUJsIHH0nJeA9JbOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNzAxZWJlMDY3OTlkZTA5Njk4OTkyMDUxNTBlNTMyZGVm
ZmU3YjUwHhcNMjUwMTA3MTMxNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjA1NmYxNjZmNzU3ZjQ0NDM2YjBhZjI1YmI5N2Q4MGFhZTVjMjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFmytyWjCkOS1TDCSIZe2xm7TxH1
sOaATNBXpHXV4ieZ8pzHOhKf76Lhd8hSZuvfxcjxQAq9DeJDh8LuZfhPXvmO/lvV
tdMQEHr8YtAc9UI17VhtIKZqjimbe3BtlJyCH7Ek7sx3aY/2mqPyDItxYUBL3tKo
2mqhhft7Rwj5vE0HqqfbTcE5rDw0JFm9KjM2HT5kKrLmElk/mRPgFj3ra5s5dH8b
J5Hvn4ow5nftZqsyItcM4OeymE4AvK+0OPNbsWHL3+e416xfrK6pIsWK0YrJC7dF
Heb7IOQakhH3l4FnioN6J9tqFM+b0Wq/3OKTXUC6Th4EDpa1mbGDTYVJxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPIFbxZvdX9EQ2sK8lu5fYCq5cKbMB8GA1UdIwQY
MBaAFBNwHr4GeZ3glpiZIFFQ5TLe/+e1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTNBZXZnWjVuZUNXbUprZ1VWRGxNdDdfNTdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS84ZjQ0YzYtNzc5MS00MDU0LWE1ZTUt
MWVmNzY0NDJmNDlhLzEvOGdWdkZtOTFmMFJEYXdyeVc3bDlnS3Jsd3BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS84ZjQ0YzYtNzc5MS00MDU0LWE1ZTUtMWVmNzY0NDJmNDlh
LzEvRTNBZXZnWjVuZUNXbUprZ1VWRGxNdDdfNTdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8rkAwQC
W9t4AwQBwliaMA0GCSqGSIb3DQEBCwUAA4IBAQDewlHMG5IsTvIiQawba6tp8P1f
n11n9Vc58OP+V/yG44bKQbagsB6h8jYo86BSSlimsVZwauHBUbVXtL6XbMuoRp7k
qjuGQUV6fm47YWGB7dP2C83UN2Xdo1e6PFwPmGtehunQusHwUcwYAQ+gh2vuS2nE
g5HE66X1o1Zcy2lgCOJgIK5AFpa2Cct+sR13wZ7vBbgVHozH4t7OwoAREDyio8D4
zAurWuc9VIWnM8EQ1zpe3ZvKAZCMdfVxmUUvbgE9jB8tMhUhCuDE2KgZ5wzS4/b3
t6UWkl9TYJdrZBkR6v1950gyeTl/8GXFca9zqYz2sQ3XsHkmTaDoi+VTF4AL
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:09:16 2025 by rpki-client