Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/31431e-5a7d-4fc3-a88d-47f043fba13b/1/cyuyDZqyNqr32xt6pp7fkVwfjYQ.roa
File: cyuyDZqyNqr32xt6pp7fkVwfjYQ.roa (raw, json)
Hash identifier: mjUyO8BKv6+QwzitAcCw3kaT2KKB//HG+FQCsqxoBL4=
Subject key identifier: 73:2B:B2:0D:9A:B2:36:AA:F7:DB:1B:7A:A6:9E:DF:91:5C:1F:8D:84
Certificate issuer: /CN=d8f1fbdbce2145a0db6900609f7c54732dfb0cd8
Certificate serial: 01970C71B6F3D38F5AF1A8279EE64C7FBE05
Authority key identifier: D8:F1:FB:DB:CE:21:45:A0:DB:69:00:60:9F:7C:54:73:2D:FB:0C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2PH7284hRaDbaQBgn3xUcy37DNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/31431e-5a7d-4fc3-a88d-47f043fba13b/1/cyuyDZqyNqr32xt6pp7fkVwfjYQ.roa
Signing time: Mon 26 May 2025 11:54:28 +0000
ROA not before: Mon 26 May 2025 11:54:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4913
IP address blocks: 93.190.185.0/24 maxlen: 24
93.190.186.0/24 maxlen: 24
93.190.187.0/24 maxlen: 24
93.190.188.0/24 maxlen: 24
93.190.189.0/24 maxlen: 24
93.190.190.0/24 maxlen: 24
109.71.185.0/24 maxlen: 24
109.71.186.0/24 maxlen: 24
109.71.187.0/24 maxlen: 24
109.71.188.0/24 maxlen: 24
109.71.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/31431e-5a7d-4fc3-a88d-47f043fba13b/1/2PH7284hRaDbaQBgn3xUcy37DNg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/31431e-5a7d-4fc3-a88d-47f043fba13b/1/2PH7284hRaDbaQBgn3xUcy37DNg.mft
rsync://rpki.ripe.net/repository/DEFAULT/2PH7284hRaDbaQBgn3xUcy37DNg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0c:71:b6:f3:d3:8f:5a:f1:a8:27:9e:e6:4c:7f:be:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8f1fbdbce2145a0db6900609f7c54732dfb0cd8
Validity
Not Before: May 26 11:54:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=732bb20d9ab236aaf7db1b7aa69edf915c1f8d84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e8:48:93:40:9b:e2:7c:cb:47:5f:c6:23:15:
98:a6:2d:1f:bf:1b:de:3a:64:8a:ba:8d:e5:56:6e:
4c:12:7c:8c:32:0a:f4:fc:f8:6c:49:33:39:60:d6:
4e:79:fb:06:ca:9c:22:ef:49:c3:d2:9c:08:c3:06:
e4:fc:64:da:99:84:3b:81:62:12:63:20:5f:0b:44:
42:dd:43:6b:9b:ff:c6:53:56:9d:f1:b0:a8:14:4d:
99:f1:6a:87:22:a1:26:a5:d8:a6:1f:47:dd:53:b6:
48:e0:c5:a5:60:ab:9e:94:0d:5b:e0:45:15:26:07:
44:ad:4f:ef:58:b6:a6:ef:03:2c:40:6f:e2:0c:e5:
1c:9b:40:63:0e:c6:42:fc:07:fb:e8:52:75:33:63:
aa:b3:21:59:a2:6b:43:b0:ce:aa:fc:33:83:03:64:
11:c5:9d:18:46:6f:e8:0b:96:dd:72:f5:6f:93:f3:
2a:1a:40:00:7e:66:0f:a4:f8:3a:00:f7:ea:a3:ea:
c1:da:ad:44:12:be:b7:67:ec:36:b9:1d:50:bf:ed:
3a:16:32:f2:db:40:90:82:ea:8b:37:f6:d1:3e:e1:
0f:2b:d8:28:a8:45:de:15:2b:8d:bb:7d:6e:90:c0:
05:e0:d2:57:3b:f9:bb:24:39:75:d5:71:ae:d9:15:
9c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:2B:B2:0D:9A:B2:36:AA:F7:DB:1B:7A:A6:9E:DF:91:5C:1F:8D:84
X509v3 Authority Key Identifier:
keyid:D8:F1:FB:DB:CE:21:45:A0:DB:69:00:60:9F:7C:54:73:2D:FB:0C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2PH7284hRaDbaQBgn3xUcy37DNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/31431e-5a7d-4fc3-a88d-47f043fba13b/1/cyuyDZqyNqr32xt6pp7fkVwfjYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/31431e-5a7d-4fc3-a88d-47f043fba13b/1/2PH7284hRaDbaQBgn3xUcy37DNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.185.0-93.190.190.255
109.71.185.0-109.71.189.255
Signature Algorithm: sha256WithRSAEncryption
21:c2:69:1d:e8:82:cd:e7:d4:33:08:15:30:26:fc:33:e7:44:
f6:4e:46:51:b1:a7:24:0e:ac:f7:a6:a8:58:f2:07:8a:99:8d:
12:19:bc:41:87:9a:b5:66:e4:02:0c:c7:fc:66:5e:03:a7:93:
7f:b3:09:3b:67:d4:fb:a0:e3:46:77:b0:24:d2:4e:e8:3b:6a:
a7:42:ec:4d:4d:81:c3:c3:f1:09:c4:2a:90:9b:8f:fa:e3:d4:
a8:42:72:ca:d5:d6:75:63:00:6c:f1:57:2d:ec:81:21:55:eb:
06:e0:48:e0:6b:d2:9e:39:a0:34:4a:45:b8:5e:c1:f6:1f:55:
e5:da:9f:0f:05:7f:f6:3e:24:01:d7:c7:b4:e8:23:19:d1:0c:
a4:a1:86:cc:a0:86:bf:d5:ec:39:19:84:75:d4:f7:b6:d9:75:
14:64:06:6a:35:16:82:95:11:01:78:4e:c4:35:3f:49:74:90:
8b:7c:48:de:e2:09:b5:47:9a:05:ca:a9:ef:8f:50:27:8f:6c:
a7:07:cb:9a:cb:bd:9a:80:d2:09:01:a7:7c:30:18:0f:a3:a2:
9c:05:67:51:31:ab:b8:1c:c5:aa:84:02:65:92:ac:3c:db:68:
7e:a3:fd:f4:d2:71:f4:cf:ce:b7:2e:f1:f8:6e:17:dd:54:77:
a8:b5:af:7e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZcMcbbz049a8agnnuZMf74FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZjFmYmRiY2UyMTQ1YTBkYjY5MDA2MDlmN2M1NDczMmRm
YjBjZDgwHhcNMjUwNTI2MTE1NDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzJiYjIwZDlhYjIzNmFhZjdkYjFiN2FhNjllZGY5MTVjMWY4ZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOhIk0Cb4nzLR1/GIxWYpi0fvxve
OmSKuo3lVm5MEnyMMgr0/PhsSTM5YNZOefsGypwi70nD0pwIwwbk/GTamYQ7gWIS
YyBfC0RC3UNrm//GU1ad8bCoFE2Z8WqHIqEmpdimH0fdU7ZI4MWlYKuelA1b4EUV
JgdErU/vWLam7wMsQG/iDOUcm0BjDsZC/Af76FJ1M2OqsyFZomtDsM6q/DODA2QR
xZ0YRm/oC5bdcvVvk/MqGkAAfmYPpPg6APfqo+rB2q1EEr63Z+w2uR1Qv+06FjLy
20CQguqLN/bRPuEPK9goqEXeFSuNu31ukMAF4NJXO/m7JDl11XGu2RWcvQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHMrsg2asjaq99sbeqae35FcH42EMB8GA1UdIwQY
MBaAFNjx+9vOIUWg22kAYJ98VHMt+wzYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlBINzI4NGhSYURiYVFCZ24zeFVjeTM3RE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8zMTQzMWUtNWE3ZC00ZmMzLWE4OGQt
NDdmMDQzZmJhMTNiLzEvY3l1eURacXlOcXIzMnh0NnBwN2ZrVndmallRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8zMTQzMWUtNWE3ZC00ZmMzLWE4OGQtNDdmMDQzZmJhMTNi
LzEvMlBINzI4NGhSYURiYVFCZ24zeFVjeTM3RE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBABdvrkD
BABdvr4wDAMEAG1HuQMEAW1HvDANBgkqhkiG9w0BAQsFAAOCAQEAIcJpHeiCzefU
MwgVMCb8M+dE9k5GUbGnJA6s96aoWPIHipmNEhm8QYeatWbkAgzH/GZeA6eTf7MJ
O2fU+6DjRnewJNJO6Dtqp0LsTU2Bw8PxCcQqkJuP+uPUqEJyytXWdWMAbPFXLeyB
IVXrBuBI4GvSnjmgNEpFuF7B9h9V5dqfDwV/9j4kAdfHtOgjGdEMpKGGzKCGv9Xs
ORmEddT3ttl1FGQGajUWgpURAXhOxDU/SXSQi3xI3uIJtUeaBcqp749QJ49spwfL
msu9moDSCQGnfDAYD6OinAVnUTGruBzFqoQCZZKsPNtofqP99NJx9M/Oty7x+G4X
3VR3qLWvfg==
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:11:43 2025 by rpki-client