Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/4EDvDSCIPe0YYvYx7Str0IpAPeM.roa
File: 4EDvDSCIPe0YYvYx7Str0IpAPeM.roa (raw, json)
Hash identifier: A9xeZgyOfSqqIMRvaPEIhp5b1RhtdrlitB+v147UkT4=
Subject key identifier: E0:40:EF:0D:20:88:3D:ED:18:62:F6:31:ED:2B:6B:D0:8A:40:3D:E3
Certificate issuer: /CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Certificate serial: 0194258E4443C66D865A49829218A5CE174D
Authority key identifier: 39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/4EDvDSCIPe0YYvYx7Str0IpAPeM.roa
Signing time: Thu 02 Jan 2025 05:47:48 +0000
ROA not before: Thu 02 Jan 2025 05:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29286
IP address blocks: 90.159.28.0/24 maxlen: 24
90.159.208.0/20 maxlen: 20
90.159.220.0/24 maxlen: 24
90.159.224.0/20 maxlen: 20
90.159.224.0/21 maxlen: 21
90.159.232.0/22 maxlen: 22
90.159.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/ORnyrZFYS6_wRnRHusj7l40fndM.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/ORnyrZFYS6_wRnRHusj7l40fndM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:44:43:c6:6d:86:5a:49:82:92:18:a5:ce:17:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Validity
Not Before: Jan 2 05:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e040ef0d20883ded1862f631ed2b6bd08a403de3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3c:03:f3:76:35:6f:f5:22:79:39:bb:be:98:
be:ed:f7:dd:0a:9e:7a:a8:ea:25:8a:a5:09:74:e2:
8e:0a:f2:8b:27:40:87:50:7f:ff:de:60:34:12:de:
a4:75:a5:e9:dd:6d:e9:d3:61:9d:31:ba:09:8b:c6:
ce:d5:93:fc:85:c8:c3:d5:5b:7c:6d:45:1a:13:45:
b7:00:36:bd:75:f6:5c:07:a8:8a:a0:b2:80:bd:32:
94:ac:36:99:15:f8:08:2a:98:b1:d5:53:64:f9:75:
4a:de:8e:c7:35:71:e7:0d:26:bd:fc:43:3a:2d:74:
b1:50:8d:f7:67:9d:22:97:8c:d3:c0:b9:6a:17:89:
b8:6e:34:3a:ac:91:dc:45:ea:ef:d5:86:f5:c7:cf:
44:b4:04:88:79:4d:83:c5:58:ed:c6:c7:4f:20:3e:
c5:bf:95:73:5b:a3:0b:b4:4d:ce:54:96:b3:8f:df:
a6:c7:9d:58:3e:e0:09:88:7a:6d:87:79:73:38:30:
20:95:ae:5f:e0:d2:d6:f8:a5:85:17:72:86:1e:ae:
e0:ec:a9:52:63:ee:9b:4e:ca:60:d7:1a:71:7b:4e:
35:c5:58:e5:1d:25:78:53:ab:b3:bb:d4:f0:9b:36:
86:e2:b4:d0:b7:8f:31:62:35:7a:5d:3e:7b:1c:c7:
c4:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:40:EF:0D:20:88:3D:ED:18:62:F6:31:ED:2B:6B:D0:8A:40:3D:E3
X509v3 Authority Key Identifier:
keyid:39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/4EDvDSCIPe0YYvYx7Str0IpAPeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/ORnyrZFYS6_wRnRHusj7l40fndM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.159.28.0/24
90.159.208.0-90.159.239.255
Signature Algorithm: sha256WithRSAEncryption
33:dd:a9:34:24:80:e2:b2:29:cc:90:86:74:02:62:67:37:8b:
07:96:58:b2:af:b3:4c:36:e1:a4:85:47:71:95:e5:d0:9d:c5:
7a:bd:71:27:53:e6:73:73:68:87:f8:46:9d:3d:a8:fe:f2:dc:
b6:f5:b8:11:0a:0b:d4:88:ee:6f:e6:aa:45:54:b8:53:63:c0:
8b:4f:22:e6:66:4f:f4:a8:c8:a8:b1:38:68:f6:a9:da:22:0f:
03:8f:d2:67:a8:53:7d:6c:89:9a:ef:e6:66:80:2f:43:e7:7a:
db:ce:bb:58:e6:d0:cf:00:8c:df:47:65:53:ca:58:ef:4a:01:
6d:7b:e0:1e:19:45:56:dd:7f:c8:57:10:07:b6:fd:7f:3f:97:
96:96:74:8d:dc:97:a7:20:06:ad:0e:08:76:ac:3f:2b:52:21:
4f:08:f3:1d:6f:09:b9:42:60:8d:94:f2:c9:01:e2:ab:c4:9d:
6b:52:65:7d:e9:7c:3c:ee:6b:9f:3c:52:cc:25:f6:3f:75:5d:
91:df:18:24:15:ca:25:95:9a:0c:64:52:5a:39:7d:06:5c:ec:
ae:0c:1c:fb:23:3e:38:17:e4:f2:96:46:34:7b:63:ea:9a:95:
71:c4:ea:5c:76:64:50:d0:29:40:59:a5:3a:4b:88:c1:55:f2:
d2:0d:cc:c1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQljkRDxm2GWkmCkhilzhdNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MTlmMmFkOTE1ODRiYWZmMDQ2NzQ0N2JhYzhmYjk3OGQx
ZjlkZDMwHhcNMjUwMTAyMDU0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDQwZWYwZDIwODgzZGVkMTg2MmY2MzFlZDJiNmJkMDhhNDAzZGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjwD83Y1b/UieTm7vpi+7ffdCp56
qOoliqUJdOKOCvKLJ0CHUH//3mA0Et6kdaXp3W3p02GdMboJi8bO1ZP8hcjD1Vt8
bUUaE0W3ADa9dfZcB6iKoLKAvTKUrDaZFfgIKpix1VNk+XVK3o7HNXHnDSa9/EM6
LXSxUI33Z50il4zTwLlqF4m4bjQ6rJHcRerv1Yb1x89EtASIeU2DxVjtxsdPID7F
v5VzW6MLtE3OVJazj9+mx51YPuAJiHpth3lzODAgla5f4NLW+KWFF3KGHq7g7KlS
Y+6bTspg1xpxe041xVjlHSV4U6uzu9TwmzaG4rTQt48xYjV6XT57HMfEDwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOBA7w0giD3tGGL2Me0ra9CKQD3jMB8GA1UdIwQY
MBaAFDkZ8q2RWEuv8EZ0R7rI+5eNH53TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1JueXJaRllTNl93Um5SSHVzajdsNDBmbmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85MTE4ZTItYWU3NC00YzI0LWE3NzUt
MzJhYTY3MzFjMjkxLzEvNEVEdkRTQ0lQZTBZWXZZeDdTdHIwSXBBUGVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85MTE4ZTItYWU3NC00YzI0LWE3NzUtMzJhYTY3MzFjMjkx
LzEvT1JueXJaRllTNl93Um5SSHVzajdsNDBmbmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAWp8cMAwD
BARan9ADBARan+AwDQYJKoZIhvcNAQELBQADggEBADPdqTQkgOKyKcyQhnQCYmc3
iweWWLKvs0w24aSFR3GV5dCdxXq9cSdT5nNzaIf4Rp09qP7y3Lb1uBEKC9SI7m/m
qkVUuFNjwItPIuZmT/SoyKixOGj2qdoiDwOP0meoU31siZrv5maAL0PnetvOu1jm
0M8AjN9HZVPKWO9KAW174B4ZRVbdf8hXEAe2/X8/l5aWdI3cl6cgBq0OCHasPytS
IU8I8x1vCblCYI2U8skB4qvEnWtSZX3pfDzua588Uswl9j91XZHfGCQVyiWVmgxk
Ulo5fQZc7K4MHPsjPjgX5PKWRjR7Y+qalXHE6lx2ZFDQKUBZpTpLiMFV8tINzME=
-----END CERTIFICATE-----
Generated at Sat Apr 12 04:14:52 2025 by rpki-client