Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/pgY7a6E6tgPcuDGaJ9In9AClvQU.roa
File: pgY7a6E6tgPcuDGaJ9In9AClvQU.roa (raw, json)
Hash identifier: LI5gLLz864YQ5E9OGWp9/KKXRdmX9ZlNd6zL73F9k74=
Subject key identifier: A6:06:3B:6B:A1:3A:B6:03:DC:B8:31:9A:27:D2:27:F4:00:A5:BD:05
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 0195F041A98A17E2D3CD27FF5389894A49A4
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/pgY7a6E6tgPcuDGaJ9In9AClvQU.roa
Signing time: Tue 01 Apr 2025 07:29:49 +0000
ROA not before: Tue 01 Apr 2025 07:29:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50149
IP address blocks: 89.104.107.0/24 maxlen: 24
89.104.119.0/24 maxlen: 24
89.104.125.0/24 maxlen: 24
94.154.128.0/22 maxlen: 22
185.228.88.0/23 maxlen: 23
185.228.90.0/23 maxlen: 23
2a00:ab01::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.mft
rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 18:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f0:41:a9:8a:17:e2:d3:cd:27:ff:53:89:89:4a:49:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: Apr 1 07:29:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6063b6ba13ab603dcb8319a27d227f400a5bd05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:42:83:53:0d:71:38:81:9b:78:6e:2b:75:27:
38:33:53:b7:44:57:52:f2:80:0f:db:65:ae:6c:b8:
ff:4a:a8:b9:2a:17:eb:2c:47:63:69:1b:29:c8:7a:
31:00:b4:cf:92:04:10:61:f9:5a:8d:10:c0:58:34:
db:0b:00:2f:4b:a4:fa:21:9c:42:8d:5e:e4:9d:a6:
77:8f:2a:26:a7:cc:09:25:56:94:65:0a:a2:93:5a:
dc:dc:a9:6e:ba:05:34:ce:05:f6:b3:a8:a7:89:b3:
56:ff:07:ec:de:40:a0:39:37:c4:e1:96:f3:59:9a:
d0:67:ba:ca:05:cf:1a:fa:c0:33:46:0b:e5:ee:dc:
32:4b:01:9b:9e:8b:f2:25:b0:62:60:f1:9a:a9:a4:
55:bf:71:91:3d:4d:d0:ef:7a:1e:23:84:f7:b3:c3:
c4:66:72:49:73:b0:ad:ed:ca:9e:bf:7e:ed:8b:92:
36:14:cc:c8:04:82:a1:c4:8c:d1:43:20:6d:7a:04:
c4:e9:7a:50:79:67:0e:29:cb:b5:4d:cd:32:e6:2d:
55:00:33:25:dc:24:03:f3:32:1c:7f:85:7b:e6:7b:
2f:60:5f:61:f2:72:b8:84:2e:4e:8e:32:b6:5a:30:
80:b5:6a:61:ec:82:a9:9a:b0:25:d9:36:30:94:e2:
c5:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:06:3B:6B:A1:3A:B6:03:DC:B8:31:9A:27:D2:27:F4:00:A5:BD:05
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/pgY7a6E6tgPcuDGaJ9In9AClvQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.104.107.0/24
89.104.119.0/24
89.104.125.0/24
94.154.128.0/22
185.228.88.0/22
IPv6:
2a00:ab01::/32
Signature Algorithm: sha256WithRSAEncryption
53:90:a6:f6:d8:9f:c9:b7:69:93:10:ba:5c:d5:22:f8:37:a1:
5e:d8:c5:be:97:ed:9f:90:cf:23:f6:c4:40:23:60:ec:45:e5:
50:f5:c3:ff:8b:12:b5:54:2d:c2:6b:55:df:0a:5b:1e:c0:41:
ab:0f:1c:cd:25:9d:7d:36:a8:d7:73:06:01:5e:3f:33:04:83:
ff:78:e4:3a:37:c5:88:32:6d:49:8a:87:01:52:1f:4c:5e:ad:
46:f3:83:dc:d3:8d:5d:2f:9d:11:68:62:1a:66:23:a1:23:d8:
5e:3c:50:66:7b:93:5b:3e:b2:d1:0a:8d:a2:71:f8:05:68:34:
9f:01:0c:9e:02:e4:19:75:76:7f:8b:79:ac:54:41:c1:3e:ba:
85:c3:4c:29:f1:75:69:af:67:10:93:b2:71:b3:45:c3:ce:3e:
58:76:58:8a:8a:90:a6:b0:43:f4:e3:49:d4:b5:24:64:b4:fb:
6b:82:13:c3:f8:30:79:92:5e:e8:f2:47:b3:17:2a:2a:58:3d:
a4:f4:34:5c:ff:4f:8a:12:55:8f:77:09:cd:a8:d1:f0:8b:6b:
f0:05:7c:f5:cf:6f:7f:aa:87:5e:82:cf:ed:14:31:c6:64:7d:
40:51:1b:89:3e:4f:ba:8c:ba:ba:41:ce:c3:ba:34:05:3c:21:
6c:75:17:82
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZXwQamKF+LTzSf/U4mJSkmkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYjY5YjU5ZDE5ZjI5ODdlNDlmMTg1MmQ2MGJiMTc3N2Y4
MGEzMDEwHhcNMjUwNDAxMDcyOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjA2M2I2YmExM2FiNjAzZGNiODMxOWEyN2QyMjdmNDAwYTViZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUKDUw1xOIGbeG4rdSc4M1O3RFdS
8oAP22WubLj/Sqi5KhfrLEdjaRspyHoxALTPkgQQYflajRDAWDTbCwAvS6T6IZxC
jV7knaZ3jyomp8wJJVaUZQqik1rc3KluugU0zgX2s6inibNW/wfs3kCgOTfE4Zbz
WZrQZ7rKBc8a+sAzRgvl7twySwGbnovyJbBiYPGaqaRVv3GRPU3Q73oeI4T3s8PE
ZnJJc7Ct7cqev37ti5I2FMzIBIKhxIzRQyBtegTE6XpQeWcOKcu1Tc0y5i1VADMl
3CQD8zIcf4V75nsvYF9h8nK4hC5OjjK2WjCAtWph7IKpmrAl2TYwlOLFYQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKYGO2uhOrYD3LgxmifSJ/QApb0FMB8GA1UdIwQY
MBaAFBG2m1nRnymH5J8YUtYLsXd/gKMBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTIt
ZDE2OWMwODhiNDEyLzEvcGdZN2E2RTZ0Z1BjdURHYUo5SW45QUNsdlFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTItZDE2OWMwODhiNDEy
LzEvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAWWhrAwQA
WWh3AwQAWWh9AwQCXpqAAwQCueRYMA0EAgACMAcDBQAqAKsBMA0GCSqGSIb3DQEB
CwUAA4IBAQBTkKb22J/Jt2mTELpc1SL4N6Fe2MW+l+2fkM8j9sRAI2DsReVQ9cP/
ixK1VC3Ca1XfClsewEGrDxzNJZ19NqjXcwYBXj8zBIP/eOQ6N8WIMm1JiocBUh9M
Xq1G84Pc041dL50RaGIaZiOhI9hePFBme5NbPrLRCo2icfgFaDSfAQyeAuQZdXZ/
i3msVEHBPrqFw0wp8XVpr2cQk7Jxs0XDzj5YdliKipCmsEP040nUtSRktPtrghPD
+DB5kl7o8kezFyoqWD2k9DRc/0+KElWPdwnNqNHwi2vwBXz1z29/qodegs/tFDHG
ZH1AURuJPk+6jLq6Qc7DujQFPCFsdReC
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:12:15 2025 by rpki-client