Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/Y1iEUL6HkZgDZU0_OFEdoFw8lAQ.roa
File: Y1iEUL6HkZgDZU0_OFEdoFw8lAQ.roa (raw, json)
Hash identifier: CDvGigjNlLt/aSYIESg4jn5aQHhCGPQhN6LUC2qBNmo=
Subject key identifier: 63:58:84:50:BE:87:91:98:03:65:4D:3F:38:51:1D:A0:5C:3C:94:04
Certificate issuer: /CN=d90d2681514aefee9d3c86e1eae35736c84d1c09
Certificate serial: 019420D65EE7DCCA0729C709A4557920858C
Authority key identifier: D9:0D:26:81:51:4A:EF:EE:9D:3C:86:E1:EA:E3:57:36:C8:4D:1C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Q0mgVFK7-6dPIbh6uNXNshNHAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/Y1iEUL6HkZgDZU0_OFEdoFw8lAQ.roa
Signing time: Wed 01 Jan 2025 07:48:27 +0000
ROA not before: Wed 01 Jan 2025 07:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13101
IP address blocks: 81.91.104.0/21 maxlen: 21
103.204.204.0/22 maxlen: 22
193.143.2.0/23 maxlen: 23
193.143.6.0/23 maxlen: 23
199.175.220.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/2Q0mgVFK7-6dPIbh6uNXNshNHAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/2Q0mgVFK7-6dPIbh6uNXNshNHAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Q0mgVFK7-6dPIbh6uNXNshNHAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 13:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:5e:e7:dc:ca:07:29:c7:09:a4:55:79:20:85:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d90d2681514aefee9d3c86e1eae35736c84d1c09
Validity
Not Before: Jan 1 07:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63588450be87919803654d3f38511da05c3c9404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8f:c7:0a:d5:3e:c5:2e:a3:d0:6a:ca:bf:9b:
fb:34:ec:2e:c2:45:1a:87:d1:fe:aa:14:64:0e:75:
60:b7:f1:d5:e3:f9:26:48:d8:9d:c0:f0:e4:44:4d:
47:be:8e:00:8a:b0:89:0b:c5:84:3c:61:0f:af:22:
3a:f1:cc:1c:0b:60:79:a7:96:95:7e:1e:e4:25:dd:
44:c9:f1:49:1f:9d:e8:93:13:38:5c:64:a1:0c:5f:
42:be:0a:b2:a0:b5:c6:db:1e:63:f3:5d:4e:9a:45:
a7:9a:29:49:ed:05:8d:26:fe:8d:df:ab:da:b9:91:
83:22:91:4a:91:93:15:b1:34:af:da:12:77:28:91:
3d:f3:ac:24:a4:7c:40:8d:cc:ee:37:b6:55:e6:38:
46:73:3c:66:86:b6:64:94:28:0b:71:ca:ba:c7:cf:
c2:95:5b:61:4f:1f:ec:ea:e1:b1:8f:72:c8:60:2d:
09:e8:c8:53:f7:46:dd:8a:bf:59:4c:be:6a:01:0f:
d1:b0:b5:b2:fa:f1:66:96:0f:60:2d:a8:55:db:7b:
32:bb:e3:af:8c:7e:f8:6b:d6:d4:53:b6:f2:fc:e8:
df:28:76:f6:05:a4:f3:6a:6b:42:f1:64:08:5e:e4:
84:0a:05:fe:f8:8f:57:23:e5:3a:2d:35:77:cf:fc:
3b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:58:84:50:BE:87:91:98:03:65:4D:3F:38:51:1D:A0:5C:3C:94:04
X509v3 Authority Key Identifier:
keyid:D9:0D:26:81:51:4A:EF:EE:9D:3C:86:E1:EA:E3:57:36:C8:4D:1C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Q0mgVFK7-6dPIbh6uNXNshNHAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/Y1iEUL6HkZgDZU0_OFEdoFw8lAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/2Q0mgVFK7-6dPIbh6uNXNshNHAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.104.0/21
103.204.204.0/22
193.143.2.0/23
193.143.6.0/23
199.175.220.0/22
Signature Algorithm: sha256WithRSAEncryption
86:f7:01:87:2a:41:0f:aa:25:6a:21:73:fa:04:be:2c:66:9f:
43:b2:ab:51:ea:b7:7c:7c:d0:fc:cc:67:ae:2c:85:22:ab:2e:
a3:15:24:47:68:ff:61:ce:6a:ad:ae:e4:03:f2:11:45:e6:29:
23:a3:57:55:38:f9:3e:48:99:61:57:07:3f:e1:48:a2:71:ba:
08:ae:d1:74:9f:7c:33:fd:b4:1d:66:b9:d8:39:c2:33:de:37:
3c:aa:8a:52:14:b0:46:16:5c:4a:30:df:f6:ca:7e:c8:bd:02:
78:97:c1:91:6c:3a:52:c9:53:a4:68:bb:1f:8e:4d:28:64:09:
42:d2:51:6e:ec:a2:cf:cb:e7:06:ad:f7:18:6f:e9:31:49:cd:
d7:a2:ca:8f:61:a4:79:7d:af:a1:6f:d5:cc:f4:46:dd:f5:14:
90:fe:df:6f:d0:3d:60:3d:2c:28:63:82:07:92:27:7f:df:ac:
ea:4e:58:7d:8d:9b:a2:1f:4e:e5:d5:7b:36:a0:b5:99:66:93:
02:38:13:08:12:9c:1e:c3:2f:b7:f9:38:07:7c:2e:41:b5:89:
b7:26:a6:68:a9:1d:cb:30:60:d4:b0:c5:f4:53:f3:79:a7:85:
84:35:51:41:86:eb:98:b7:de:e8:64:13:2b:fe:1a:09:64:a1:
5e:df:c8:78
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQg1l7n3MoHKccJpFV5IIWMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MGQyNjgxNTE0YWVmZWU5ZDNjODZlMWVhZTM1NzM2Yzg0
ZDFjMDkwHhcNMjUwMTAxMDc0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzU4ODQ1MGJlODc5MTk4MDM2NTRkM2YzODUxMWRhMDVjM2M5NDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4/HCtU+xS6j0GrKv5v7NOwuwkUa
h9H+qhRkDnVgt/HV4/kmSNidwPDkRE1Hvo4AirCJC8WEPGEPryI68cwcC2B5p5aV
fh7kJd1EyfFJH53okxM4XGShDF9CvgqyoLXG2x5j811OmkWnmilJ7QWNJv6N36va
uZGDIpFKkZMVsTSv2hJ3KJE986wkpHxAjczuN7ZV5jhGczxmhrZklCgLccq6x8/C
lVthTx/s6uGxj3LIYC0J6MhT90bdir9ZTL5qAQ/RsLWy+vFmlg9gLahV23syu+Ov
jH74a9bUU7by/OjfKHb2BaTzamtC8WQIXuSECgX++I9XI+U6LTV3z/w7pQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGNYhFC+h5GYA2VNPzhRHaBcPJQEMB8GA1UdIwQY
MBaAFNkNJoFRSu/unTyG4erjVzbITRwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlEwbWdWRks3LTZkUEliaDZ1TlhOc2hOSEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9lMGQ5NTYtN2I4Ny00ZWRkLWI5NDQt
MWQwZjI5YjRiOTdmLzEvWTFpRVVMNkhrWmdEWlUwX09GRWRvRnc4bEFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9lMGQ5NTYtN2I4Ny00ZWRkLWI5NDQtMWQwZjI5YjRiOTdm
LzEvMlEwbWdWRks3LTZkUEliaDZ1TlhOc2hOSEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDUVtoAwQC
Z8zMAwQBwY8CAwQBwY8GAwQCx6/cMA0GCSqGSIb3DQEBCwUAA4IBAQCG9wGHKkEP
qiVqIXP6BL4sZp9DsqtR6rd8fND8zGeuLIUiqy6jFSRHaP9hzmqtruQD8hFF5ikj
o1dVOPk+SJlhVwc/4UiicboIrtF0n3wz/bQdZrnYOcIz3jc8qopSFLBGFlxKMN/2
yn7IvQJ4l8GRbDpSyVOkaLsfjk0oZAlC0lFu7KLPy+cGrfcYb+kxSc3XosqPYaR5
fa+hb9XM9Ebd9RSQ/t9v0D1gPSwoY4IHkid/36zqTlh9jZuiH07l1Xs2oLWZZpMC
OBMIEpwewy+3+TgHfC5BtYm3JqZoqR3LMGDUsMX0U/N5p4WENVFBhuuYt97oZBMr
/hoJZKFe38h4
-----END CERTIFICATE-----
Generated at Tue Apr 15 21:35:26 2025 by rpki-client