Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/IvOVPi4Jk0LAA7IyC_lBmoedUPk.roa
File: IvOVPi4Jk0LAA7IyC_lBmoedUPk.roa (raw, json)
Hash identifier: iVbMNdqQVbnDfCnhCbcyzkADBiETtoTlj0kjeIAta6w=
Subject key identifier: 22:F3:95:3E:2E:09:93:42:C0:03:B2:32:0B:F9:41:9A:87:9D:50:F9
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 0194236A3A51320CD787FDA99B79807980BA
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/IvOVPi4Jk0LAA7IyC_lBmoedUPk.roa
Signing time: Wed 01 Jan 2025 19:49:11 +0000
ROA not before: Wed 01 Jan 2025 19:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42571
IP address blocks: 94.250.64.0/24 maxlen: 24
94.250.65.0/24 maxlen: 24
94.250.66.0/24 maxlen: 24
94.250.67.0/24 maxlen: 24
94.250.68.0/22 maxlen: 22
94.250.72.0/21 maxlen: 21
94.250.80.0/23 maxlen: 24
94.250.82.0/23 maxlen: 24
94.250.96.0/20 maxlen: 24
94.250.112.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.mft
rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 10:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:3a:51:32:0c:d7:87:fd:a9:9b:79:80:79:80:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Jan 1 19:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22f3953e2e099342c003b2320bf9419a879d50f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:30:53:9c:39:84:02:27:84:96:b1:36:d1:9d:
39:54:1c:70:e4:7a:3a:fe:6a:5e:5b:13:9c:ba:d1:
4f:10:76:da:9d:1e:1a:0f:3d:54:70:45:91:ee:17:
e1:8c:cd:2a:a0:22:14:30:8d:44:85:43:1d:88:b0:
c5:d3:b6:49:f9:11:df:02:f4:3f:2c:be:a8:d8:ef:
ef:7b:31:0a:0c:c8:76:9a:4c:99:0d:24:80:47:ca:
db:a8:28:86:ea:7e:6d:df:2d:32:8b:af:f2:14:e1:
72:37:39:99:89:99:40:4a:ec:9f:01:89:c8:0a:6b:
c3:ac:86:5f:3c:a3:43:c4:18:9f:16:a0:fd:00:32:
c9:b1:9d:a5:01:fa:38:92:d1:f5:4c:8a:9e:42:5e:
4f:c5:32:94:c1:04:49:5d:79:fb:02:95:87:88:e5:
30:61:2f:29:21:d8:e6:eb:6d:4f:15:55:d8:48:1e:
6f:e6:ec:49:f3:02:49:69:78:aa:69:97:a6:95:43:
4f:4c:bd:ff:a1:23:92:46:f3:9f:3f:44:13:cd:84:
b5:87:e9:4c:a1:0a:a4:ff:b2:e8:e4:48:07:7f:9e:
eb:11:7e:0e:fc:89:cf:38:ca:75:03:a8:b0:8f:fc:
03:69:2f:b0:07:a1:82:a6:79:eb:93:4a:ad:20:92:
a1:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:F3:95:3E:2E:09:93:42:C0:03:B2:32:0B:F9:41:9A:87:9D:50:F9
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/IvOVPi4Jk0LAA7IyC_lBmoedUPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.250.64.0-94.250.83.255
94.250.96.0-94.250.115.255
Signature Algorithm: sha256WithRSAEncryption
51:37:0c:91:ae:60:c8:9f:49:c1:58:87:57:c4:0d:b3:a1:a3:
7d:4d:0f:81:44:35:92:e4:c7:05:92:5f:ec:66:fd:7c:87:5e:
89:35:22:b8:b5:25:46:59:0a:21:84:c8:e8:c6:4f:01:e5:ac:
83:73:94:a3:c7:da:99:2a:c4:c9:f1:bc:2a:b7:e4:ae:ec:ae:
3c:62:40:29:c9:a9:e2:28:9e:ed:45:2b:49:ca:64:12:72:e8:
bd:fa:9a:d2:8d:42:5b:3b:08:c1:b8:1d:07:d4:fc:5c:b3:29:
a0:29:79:c5:52:0a:d5:7e:96:de:3c:9e:2c:3a:4e:80:ea:da:
25:4e:05:1d:7b:65:ff:81:ab:66:78:8e:40:98:15:de:15:43:
da:6d:0c:40:50:4a:df:57:02:7f:df:95:66:db:3c:35:3d:e5:
29:d7:33:c4:00:4c:7d:72:19:3e:61:b1:04:de:db:10:47:01:
d6:cb:5e:98:e8:f5:0f:1e:f0:9b:9b:c8:eb:e4:01:4c:8c:94:
2c:6c:d3:7f:26:f7:30:9d:f3:a4:4a:9b:91:e3:fe:f1:b1:32:
2c:53:9f:b8:a8:c9:03:ad:67:35:15:f5:4b:97:97:db:be:68:
dc:44:77:be:f9:9e:47:88:63:c6:f4:e2:57:76:68:c2:2b:a5:
ae:ac:b9:b6
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQjajpRMgzXh/2pm3mAeYC6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjUwMTAxMTk0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmYzOTUzZTJlMDk5MzQyYzAwM2IyMzIwYmY5NDE5YTg3OWQ1MGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDBTnDmEAieElrE20Z05VBxw5Ho6
/mpeWxOcutFPEHbanR4aDz1UcEWR7hfhjM0qoCIUMI1EhUMdiLDF07ZJ+RHfAvQ/
LL6o2O/vezEKDMh2mkyZDSSAR8rbqCiG6n5t3y0yi6/yFOFyNzmZiZlASuyfAYnI
CmvDrIZfPKNDxBifFqD9ADLJsZ2lAfo4ktH1TIqeQl5PxTKUwQRJXXn7ApWHiOUw
YS8pIdjm621PFVXYSB5v5uxJ8wJJaXiqaZemlUNPTL3/oSOSRvOfP0QTzYS1h+lM
oQqk/7Lo5EgHf57rEX4O/InPOMp1A6iwj/wDaS+wB6GCpnnrk0qtIJKh4wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCLzlT4uCZNCwAOyMgv5QZqHnVD5MB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvSXZPVlBpNEprMExBQTdJeUNfbEJtb2VkVVBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAZe+kAD
BAJe+lAwDAMEBV76YAMEAl76cDANBgkqhkiG9w0BAQsFAAOCAQEAUTcMka5gyJ9J
wViHV8QNs6GjfU0PgUQ1kuTHBZJf7Gb9fIdeiTUiuLUlRlkKIYTI6MZPAeWsg3OU
o8famSrEyfG8KrfkruyuPGJAKcmp4iie7UUrScpkEnLovfqa0o1CWzsIwbgdB9T8
XLMpoCl5xVIK1X6W3jyeLDpOgOraJU4FHXtl/4GrZniOQJgV3hVD2m0MQFBK31cC
f9+VZts8NT3lKdczxABMfXIZPmGxBN7bEEcB1stemOj1Dx7wm5vI6+QBTIyULGzT
fyb3MJ3zpEqbkeP+8bEyLFOfuKjJA61nNRX1S5eX275o3ER3vvmeR4hjxvTiV3Zo
wiulrqy5tg==
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:03:23 2025 by rpki-client