Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/iyGn9-N4_Y-74wtv84vIggbUgGE.roa
File: iyGn9-N4_Y-74wtv84vIggbUgGE.roa (raw, json)
Hash identifier: 0+sbmwNGxEETCuI+TbmtpOScQW3Ga70I+RwZkGrwt4I=
Subject key identifier: 8B:21:A7:F7:E3:78:FD:8F:BB:E3:0B:6F:F3:8B:C8:82:06:D4:80:61
Certificate issuer: /CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Certificate serial: 01948EFE205838306C8AA776440D3B7C39B1
Authority key identifier: B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/iyGn9-N4_Y-74wtv84vIggbUgGE.roa
Signing time: Wed 22 Jan 2025 17:10:06 +0000
ROA not before: Wed 22 Jan 2025 17:10:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8903
IP address blocks: 77.72.104.0/21 maxlen: 24
84.18.0.0/19 maxlen: 24
92.60.160.0/20 maxlen: 24
92.60.173.0/24 maxlen: 24
176.98.220.0/22 maxlen: 24
185.66.60.0/22 maxlen: 24
185.145.224.0/22 maxlen: 24
185.155.64.0/22 maxlen: 24
185.173.44.0/22 maxlen: 24
185.187.180.0/22 maxlen: 24
185.224.76.0/22 maxlen: 24
193.34.240.0/22 maxlen: 24
195.5.64.0/19 maxlen: 24
212.49.128.0/18 maxlen: 24
212.49.189.0/24 maxlen: 24
212.66.161.0/24 maxlen: 24
212.66.162.0/23 maxlen: 23
212.66.163.0/24 maxlen: 24
212.66.164.0/22 maxlen: 22
212.66.168.0/21 maxlen: 21
212.66.176.0/20 maxlen: 24
212.163.0.0/16 maxlen: 24
213.9.128.0/17 maxlen: 24
213.192.192.0/18 maxlen: 24
213.192.193.0/24 maxlen: 24
213.192.195.0/24 maxlen: 24
213.192.200.0/22 maxlen: 22
213.192.203.0/24 maxlen: 24
213.192.206.0/23 maxlen: 23
213.192.212.0/22 maxlen: 22
213.192.213.0/24 maxlen: 24
213.192.216.0/21 maxlen: 21
213.192.224.0/22 maxlen: 22
213.192.228.0/23 maxlen: 23
213.192.232.0/22 maxlen: 22
213.192.238.0/24 maxlen: 24
213.192.239.0/24 maxlen: 24
213.192.240.0/24 maxlen: 24
213.192.241.0/24 maxlen: 24
213.192.242.0/23 maxlen: 23
213.192.244.0/23 maxlen: 23
213.192.246.0/24 maxlen: 24
213.192.247.0/24 maxlen: 24
213.192.248.0/21 maxlen: 21
213.192.249.0/24 maxlen: 24
213.192.251.0/24 maxlen: 24
213.192.252.0/23 maxlen: 23
213.192.253.0/24 maxlen: 24
213.192.254.0/24 maxlen: 24
213.192.255.0/24 maxlen: 24
2001:ac0::/29 maxlen: 29
2001:ac0::/32 maxlen: 48
2001:ac0:c0c0::/44 maxlen: 44
2001:ac0:c880::/44 maxlen: 44
2a0d:59c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 21:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8e:fe:20:58:38:30:6c:8a:a7:76:44:0d:3b:7c:39:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Validity
Not Before: Jan 22 17:10:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b21a7f7e378fd8fbbe30b6ff38bc88206d48061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f8:ad:3d:f6:8c:af:21:3d:fe:9b:ec:fd:e1:
2c:9e:d9:e4:c5:50:3d:0f:41:27:32:b8:e9:de:ba:
55:3e:2c:c5:a8:84:fa:66:f5:94:68:7d:b1:85:fe:
e1:96:85:ac:3a:42:4b:5c:08:19:f1:1f:3f:aa:fd:
3c:ac:1f:34:68:21:ec:cc:91:f8:cc:cd:3e:db:af:
fc:81:ac:e8:45:04:37:ac:cb:2b:5d:95:dd:ff:1f:
60:69:7a:7a:84:e4:68:88:3b:f8:8f:20:c0:2d:60:
8b:6a:b5:a1:21:19:d9:db:ed:c3:78:1e:25:e3:79:
94:ed:6d:e3:c8:a7:69:e0:18:0e:bf:62:06:c0:26:
6f:dc:82:56:35:30:22:d4:42:e3:c7:d2:b7:0f:04:
b5:87:2c:36:98:cd:e9:6e:16:ed:9e:cf:c8:6d:57:
bf:b8:8a:57:47:62:40:35:d4:85:ca:e0:4e:ad:11:
46:6e:f3:c4:c4:e3:60:9f:02:8a:da:12:0f:38:95:
63:ad:8a:7c:99:23:bb:54:f9:d9:6b:b4:3e:d4:10:
2a:d0:b7:05:62:d8:4b:67:87:8d:0f:a1:91:78:37:
b1:7a:ad:fd:c5:b1:77:26:0f:33:08:10:98:c6:03:
8d:b3:6a:0a:7a:cf:96:9a:12:c6:50:1f:18:40:65:
a1:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:21:A7:F7:E3:78:FD:8F:BB:E3:0B:6F:F3:8B:C8:82:06:D4:80:61
X509v3 Authority Key Identifier:
keyid:B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/iyGn9-N4_Y-74wtv84vIggbUgGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.104.0/21
84.18.0.0/19
92.60.160.0/20
176.98.220.0/22
185.66.60.0/22
185.145.224.0/22
185.155.64.0/22
185.173.44.0/22
185.187.180.0/22
185.224.76.0/22
193.34.240.0/22
195.5.64.0/19
212.49.128.0/18
212.66.161.0-212.66.191.255
212.163.0.0/16
213.9.128.0/17
213.192.192.0/18
IPv6:
2001:ac0::/29
2a0d:59c0::/29
Signature Algorithm: sha256WithRSAEncryption
32:58:d5:61:cc:99:66:be:70:aa:af:78:91:c9:9c:55:70:51:
e7:77:ca:52:93:e8:67:fd:f7:a0:6d:df:bc:19:d5:9c:e4:fb:
5c:ff:7c:2b:1e:46:14:ea:60:dc:a1:0f:5f:58:5d:9d:44:43:
fa:9b:9c:72:be:60:0e:3a:38:82:b9:ca:10:ec:03:b0:7a:76:
d9:bf:c6:7f:f0:45:aa:68:75:c5:cb:b9:db:c0:e5:2f:1a:41:
ca:f8:af:1b:20:8c:7a:98:c6:43:a9:39:78:9b:29:a2:08:5d:
e9:f5:62:5d:49:81:04:4d:eb:b0:2e:bb:d9:c9:f7:3a:0b:33:
fa:27:1a:9d:ba:cf:60:ec:c3:b2:f8:14:3e:b3:3c:19:38:af:
6c:4b:df:03:de:89:9b:84:8a:3e:cc:df:de:1a:a3:89:62:2b:
c9:83:79:4f:7a:24:a5:30:d8:c4:fa:e2:e0:a1:9e:50:d9:07:
69:9b:1b:9b:0b:bb:ec:66:de:37:17:5b:3d:0a:7a:44:fe:cd:
19:d7:f2:76:9a:95:cb:f2:6a:24:c0:2d:ef:94:13:6c:61:c7:
56:f1:bc:ff:65:6a:15:6d:e8:d8:3c:0e:17:3d:cc:a2:5b:2c:
c9:f5:d2:b2:5d:cb:c6:61:a2:59:17:a4:e0:39:08:f3:0c:fd:
22:60:d9:35
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAZSO/iBYODBsiqd2RA07fDmxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQ5NjFmNjdmMjJjNjFlODRhNjZjOGFkOWMxYThjZTUx
ZDA5OWIwHhcNMjUwMTIyMTcxMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjIxYTdmN2UzNzhmZDhmYmJlMzBiNmZmMzhiYzg4MjA2ZDQ4MDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufitPfaMryE9/pvs/eEsntnkxVA9
D0EnMrjp3rpVPizFqIT6ZvWUaH2xhf7hloWsOkJLXAgZ8R8/qv08rB80aCHszJH4
zM0+26/8gazoRQQ3rMsrXZXd/x9gaXp6hORoiDv4jyDALWCLarWhIRnZ2+3DeB4l
43mU7W3jyKdp4BgOv2IGwCZv3IJWNTAi1ELjx9K3DwS1hyw2mM3pbhbtns/IbVe/
uIpXR2JANdSFyuBOrRFGbvPExONgnwKK2hIPOJVjrYp8mSO7VPnZa7Q+1BAq0LcF
YthLZ4eND6GReDexeq39xbF3Jg8zCBCYxgONs2oKes+WmhLGUB8YQGWhVQIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFIshp/fjeP2Pu+MLb/OLyIIG1IBhMB8GA1UdIwQY
MBaAFLkUlh9n8ixh6EpmyK2cGozlHQmbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTIt
Mjc0NzNjYTYxMmRlLzEvaXlHbjktTjRfWS03NHd0djg0dklnZ2JVZ0dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTItMjc0NzNjYTYxMmRl
LzEvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizBzBAIAATBtAwQDTUho
AwQFVBIAAwQEXDygAwQCsGLcAwQCuUI8AwQCuZHgAwQCuZtAAwQCua0sAwQCubu0
AwQCueBMAwQCwSLwAwQFwwVAAwQG1DGAMAwDBADUQqEDBAbUQoADAwDUowMEB9UJ
gAMEBtXAwDAUBAIAAjAOAwUDIAEKwAMFAyoNWcAwDQYJKoZIhvcNAQELBQADggEB
ADJY1WHMmWa+cKqveJHJnFVwUed3ylKT6Gf996Bt37wZ1Zzk+1z/fCseRhTqYNyh
D19YXZ1EQ/qbnHK+YA46OIK5yhDsA7B6dtm/xn/wRapodcXLudvA5S8aQcr4rxsg
jHqYxkOpOXibKaIIXen1Yl1JgQRN67Auu9nJ9zoLM/onGp26z2Dsw7L4FD6zPBk4
r2xL3wPeiZuEij7M394ao4liK8mDeU96JKUw2MT64uChnlDZB2mbG5sLu+xm3jcX
Wz0KekT+zRnX8naalcvyaiTALe+UE2xhx1bxvP9lahVt6Ng8Dhc9zKJbLMn10rJd
y8ZholkXpOA5CPMM/SJg2TU=
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:46:51 2025 by rpki-client