Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/a0c3db-6545-45a8-a845-bb7ec3c8cde8/1/0vSFPoYxfJgGVZze9FXoh2RkpVA.roa
File: 0vSFPoYxfJgGVZze9FXoh2RkpVA.roa (raw, json)
Hash identifier: ZmZ0S6349yqHsdfm9IChX49SmL/P7lxaKuGOii7tvuA=
Subject key identifier: D2:F4:85:3E:86:31:7C:98:06:55:9C:DE:F4:55:E8:87:64:64:A5:50
Certificate issuer: /CN=5f1aa6a92931bfc7e14007c47c949cd5ee3e980f
Certificate serial: 019424B3E3C5AE037A42C58D36CD55564A80
Authority key identifier: 5F:1A:A6:A9:29:31:BF:C7:E1:40:07:C4:7C:94:9C:D5:EE:3E:98:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XxqmqSkxv8fhQAfEfJSc1e4-mA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/a0c3db-6545-45a8-a845-bb7ec3c8cde8/1/0vSFPoYxfJgGVZze9FXoh2RkpVA.roa
Signing time: Thu 02 Jan 2025 01:49:16 +0000
ROA not before: Thu 02 Jan 2025 01:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48964
IP address blocks: 91.222.36.0/22 maxlen: 22
91.226.44.0/23 maxlen: 23
185.137.216.0/23 maxlen: 23
185.137.218.0/23 maxlen: 23
185.181.16.0/22 maxlen: 22
195.140.160.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/a0c3db-6545-45a8-a845-bb7ec3c8cde8/1/XxqmqSkxv8fhQAfEfJSc1e4-mA8.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/a0c3db-6545-45a8-a845-bb7ec3c8cde8/1/XxqmqSkxv8fhQAfEfJSc1e4-mA8.mft
rsync://rpki.ripe.net/repository/DEFAULT/XxqmqSkxv8fhQAfEfJSc1e4-mA8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:e3:c5:ae:03:7a:42:c5:8d:36:cd:55:56:4a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1aa6a92931bfc7e14007c47c949cd5ee3e980f
Validity
Not Before: Jan 2 01:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2f4853e86317c9806559cdef455e8876464a550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a3:b1:02:d1:3f:ce:ed:04:7b:94:19:d3:54:
70:ea:17:64:75:af:b8:22:49:e1:d8:32:55:45:b0:
3d:02:03:e3:75:20:83:09:ec:c5:36:75:b9:c4:c5:
84:32:0f:41:92:fc:41:02:a5:fa:58:c1:40:5e:8a:
00:b2:3e:21:f4:22:42:dd:e5:27:9a:3d:31:12:69:
6b:da:4d:38:7a:7b:90:01:3e:c8:cc:1b:3b:31:57:
47:00:37:0b:79:d8:38:37:81:04:37:01:ba:0d:08:
e8:c5:01:42:48:2e:42:15:c3:cf:f3:b8:16:1b:7d:
c8:20:83:00:67:64:58:b5:62:a4:4f:70:ce:8f:19:
0c:a3:3a:75:2a:31:70:ae:92:37:3c:e3:9b:06:45:
7d:8b:8e:3d:cd:8c:8e:84:af:d0:e2:bf:f5:00:69:
75:c8:bd:a5:2a:bb:11:e7:3f:e6:e5:63:dc:92:47:
c6:08:d9:6d:57:35:df:41:b7:9e:ad:d2:a6:81:52:
f9:b7:9f:4a:a2:fb:38:61:fd:b8:dd:6b:82:c2:6d:
1b:ca:6f:ba:e4:96:69:f2:38:8c:4c:30:29:43:40:
f8:c6:e7:e2:21:85:b8:14:16:45:49:7d:a9:5e:31:
ab:d3:5c:c5:b7:a9:b0:86:a5:3a:e0:e5:f9:7d:1a:
24:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F4:85:3E:86:31:7C:98:06:55:9C:DE:F4:55:E8:87:64:64:A5:50
X509v3 Authority Key Identifier:
keyid:5F:1A:A6:A9:29:31:BF:C7:E1:40:07:C4:7C:94:9C:D5:EE:3E:98:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XxqmqSkxv8fhQAfEfJSc1e4-mA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/a0c3db-6545-45a8-a845-bb7ec3c8cde8/1/0vSFPoYxfJgGVZze9FXoh2RkpVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/a0c3db-6545-45a8-a845-bb7ec3c8cde8/1/XxqmqSkxv8fhQAfEfJSc1e4-mA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.36.0/22
91.226.44.0/23
185.137.216.0/22
185.181.16.0/22
195.140.160.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:c2:11:ff:41:20:21:a7:66:ec:e3:9d:67:81:49:8e:e0:8f:
c5:64:9f:0e:d8:07:ee:b3:45:ea:36:07:c5:11:1d:d3:b4:a6:
4e:1b:7e:22:9f:10:16:3f:a9:14:22:b7:c9:72:ce:88:70:c0:
cd:b2:31:13:a1:0b:35:25:d7:16:c3:2a:a4:07:d2:50:e2:8b:
2b:d9:e8:dc:22:3b:8a:d0:d1:4f:d8:e2:18:80:31:ad:4d:86:
27:ab:d6:1a:cc:53:d9:12:b3:34:59:b8:64:3f:77:ce:6e:d7:
87:d5:f8:16:16:7f:8c:d3:81:3d:6e:3d:46:3a:22:98:8e:3c:
70:a9:00:c9:e8:3b:23:27:6c:fe:bf:5b:d5:4a:3b:21:01:63:
22:68:29:81:7f:44:cb:60:98:9b:c1:a7:e6:01:ca:c7:63:a9:
85:b4:13:16:0f:1f:bd:c0:85:a5:f5:22:54:4f:7e:4b:b5:fc:
15:50:e5:fd:b3:b7:8d:ce:ca:0f:f7:93:83:cc:e1:51:c8:e4:
cb:a8:e1:6d:e4:d4:d1:ce:82:ac:e1:08:e8:89:13:cc:5f:d5:
f1:0d:f1:c1:9a:23:37:d3:4f:b4:35:17:c3:0e:c9:3b:c4:30:
7f:39:29:d6:43:87:87:f5:89:5a:6d:e0:d7:9f:0d:b4:8c:5b:
45:b2:bd:5d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQks+PFrgN6QsWNNs1VVkqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWFhNmE5MjkzMWJmYzdlMTQwMDdjNDdjOTQ5Y2Q1ZWUz
ZTk4MGYwHhcNMjUwMTAyMDE0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmY0ODUzZTg2MzE3Yzk4MDY1NTljZGVmNDU1ZTg4NzY0NjRhNTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKOxAtE/zu0Ee5QZ01Rw6hdkda+4
Iknh2DJVRbA9AgPjdSCDCezFNnW5xMWEMg9BkvxBAqX6WMFAXooAsj4h9CJC3eUn
mj0xEmlr2k04enuQAT7IzBs7MVdHADcLedg4N4EENwG6DQjoxQFCSC5CFcPP87gW
G33IIIMAZ2RYtWKkT3DOjxkMozp1KjFwrpI3POObBkV9i449zYyOhK/Q4r/1AGl1
yL2lKrsR5z/m5WPckkfGCNltVzXfQbeerdKmgVL5t59Kovs4Yf243WuCwm0bym+6
5JZp8jiMTDApQ0D4xufiIYW4FBZFSX2pXjGr01zFt6mwhqU64OX5fRokswIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNL0hT6GMXyYBlWc3vRV6IdkZKVQMB8GA1UdIwQY
MBaAFF8apqkpMb/H4UAHxHyUnNXuPpgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHhxbXFTa3h2OGZoUUFmRWZKU2MxZTQtbUE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9hMGMzZGItNjU0NS00NWE4LWE4NDUt
YmI3ZWMzYzhjZGU4LzEvMHZTRlBvWXhmSmdHVlp6ZTlGWG9oMlJrcFZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9hMGMzZGItNjU0NS00NWE4LWE4NDUtYmI3ZWMzYzhjZGU4
LzEvWHhxbXFTa3h2OGZoUUFmRWZKU2MxZTQtbUE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW94kAwQB
W+IsAwQCuYnYAwQCubUQAwQCw4ygMA0GCSqGSIb3DQEBCwUAA4IBAQAKwhH/QSAh
p2bs451ngUmO4I/FZJ8O2Afus0XqNgfFER3TtKZOG34inxAWP6kUIrfJcs6IcMDN
sjEToQs1JdcWwyqkB9JQ4osr2ejcIjuK0NFP2OIYgDGtTYYnq9YazFPZErM0Wbhk
P3fObteH1fgWFn+M04E9bj1GOiKYjjxwqQDJ6DsjJ2z+v1vVSjshAWMiaCmBf0TL
YJibwafmAcrHY6mFtBMWDx+9wIWl9SJUT35LtfwVUOX9s7eNzsoP95ODzOFRyOTL
qOFt5NTRzoKs4QjoiRPMX9XxDfHBmiM300+0NRfDDsk7xDB/OSnWQ4eH9YlabeDX
nw20jFtFsr1d
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:08:46 2025 by rpki-client