Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/L2H6UwduWaJxFicdgN2P7eBtiHA.roa
File: L2H6UwduWaJxFicdgN2P7eBtiHA.roa (raw, json)
Hash identifier: P4+4JbqGYS4bGYqfrHMMZckY8WsOqty8P+Ix09bzckQ=
Subject key identifier: 2F:61:FA:53:07:6E:59:A2:71:16:27:1D:80:DD:8F:ED:E0:6D:88:70
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 019427B5C856E93B039DE6C4DBF7DF3DFB32
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/L2H6UwduWaJxFicdgN2P7eBtiHA.roa
Signing time: Thu 02 Jan 2025 15:50:12 +0000
ROA not before: Thu 02 Jan 2025 15:50:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 89.187.9.0/24 maxlen: 24
89.187.20.0/24 maxlen: 24
89.187.27.0/24 maxlen: 24
89.187.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:c8:56:e9:3b:03:9d:e6:c4:db:f7:df:3d:fb:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: Jan 2 15:50:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f61fa53076e59a27116271d80dd8fede06d8870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:18:28:d3:70:a7:78:4b:91:79:40:a6:bf:93:
e3:3d:ef:e3:3b:5e:10:b1:3b:f5:85:d2:32:c5:03:
00:0e:1c:d9:32:41:28:d0:73:09:63:1d:3c:52:ee:
ac:31:e6:d2:d7:fc:83:4b:7b:36:b9:85:24:2f:9e:
bf:16:7b:bf:f1:98:81:68:17:d0:11:88:5f:dc:60:
25:e5:dd:da:c3:d6:43:03:5f:e5:61:a4:c8:54:ec:
83:7b:f3:80:d5:67:a6:fb:8d:5b:02:0d:f6:b3:3c:
0f:bf:b4:8a:b9:ab:bb:8b:d6:51:37:05:df:31:f3:
c9:10:ac:10:bf:ca:c1:06:ed:9a:21:bc:87:1a:32:
25:39:31:d0:b0:74:c2:4f:3d:32:65:1c:17:47:47:
de:1e:f7:ee:ed:20:b1:22:17:40:4f:4f:41:00:54:
de:a1:c2:39:e2:1a:89:5b:56:c9:75:77:c4:34:7e:
ef:de:9d:c6:14:6e:d9:23:c7:77:c4:ce:9f:79:4b:
b7:8a:20:92:fa:95:93:9d:4a:ec:d0:2b:a1:23:7f:
71:b1:49:2b:0b:ef:fa:1a:92:3d:7f:2a:89:6e:f9:
8e:34:4d:8d:f2:6e:c0:02:98:15:3c:9c:4e:cd:e6:
d7:d1:a8:0d:cb:d7:95:d5:7c:c8:66:84:58:73:f7:
cc:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:61:FA:53:07:6E:59:A2:71:16:27:1D:80:DD:8F:ED:E0:6D:88:70
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/L2H6UwduWaJxFicdgN2P7eBtiHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.9.0/24
89.187.20.0/24
89.187.27.0/24
89.187.31.0/24
Signature Algorithm: sha256WithRSAEncryption
33:55:51:5b:e9:17:8f:4c:a4:5d:b6:39:f5:e3:e1:e4:7f:2e:
8c:88:7d:c3:22:34:97:bf:34:1b:f4:0b:9b:17:85:0c:7b:34:
a5:94:1f:dd:c8:5b:c1:85:6f:62:f4:10:a6:e0:4c:17:05:7e:
4a:41:82:ca:f1:51:4a:cb:82:df:ed:db:a4:a8:8a:9a:63:38:
92:eb:df:f0:37:17:a2:49:91:05:e4:b7:a0:19:c7:9a:f0:2e:
b4:c9:47:7d:87:8a:89:34:6a:ef:0a:c2:4f:8e:8c:e7:36:3b:
0f:28:02:eb:47:d6:1f:48:cc:05:4c:73:01:2e:e6:e6:e4:e5:
9d:9d:7c:02:37:30:ed:c5:8f:e1:02:59:da:63:a4:96:c8:0c:
24:c4:f0:77:07:81:ef:f7:c5:57:ee:4f:7c:19:8c:bb:ab:94:
87:9a:09:48:1d:ed:da:51:e7:04:74:2e:00:e9:25:9a:ac:ad:
41:81:e9:15:67:a8:99:56:e3:fb:af:b6:5a:38:d3:5f:b5:aa:
b1:f8:ed:89:2d:66:18:4b:44:2c:3a:0e:cd:c1:b2:b2:70:4f:
a3:b9:0b:9b:da:3a:83:7d:c3:01:b5:80:ba:f9:9e:cd:00:53:
40:50:14:84:91:a8:26:66:88:e9:7e:89:83:13:f0:cf:ad:9d:
8e:42:5f:90
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQntchW6TsDnebE2/ffPfsyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjUwMTAyMTU1MDEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjYxZmE1MzA3NmU1OWEyNzExNjI3MWQ4MGRkOGZlZGUwNmQ4ODcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxgo03CneEuReUCmv5PjPe/jO14Q
sTv1hdIyxQMADhzZMkEo0HMJYx08Uu6sMebS1/yDS3s2uYUkL56/Fnu/8ZiBaBfQ
EYhf3GAl5d3aw9ZDA1/lYaTIVOyDe/OA1Wem+41bAg32szwPv7SKuau7i9ZRNwXf
MfPJEKwQv8rBBu2aIbyHGjIlOTHQsHTCTz0yZRwXR0feHvfu7SCxIhdAT09BAFTe
ocI54hqJW1bJdXfENH7v3p3GFG7ZI8d3xM6feUu3iiCS+pWTnUrs0CuhI39xsUkr
C+/6GpI9fyqJbvmONE2N8m7AApgVPJxOzebX0agNy9eV1XzIZoRYc/fMhQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC9h+lMHblmicRYnHYDdj+3gbYhwMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvTDJINlV3ZHVXYUp4RmljZGdOMlA3ZUJ0aUhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWbsJAwQA
WbsUAwQAWbsbAwQAWbsfMA0GCSqGSIb3DQEBCwUAA4IBAQAzVVFb6RePTKRdtjn1
4+Hkfy6MiH3DIjSXvzQb9AubF4UMezSllB/dyFvBhW9i9BCm4EwXBX5KQYLK8VFK
y4Lf7dukqIqaYziS69/wNxeiSZEF5LegGcea8C60yUd9h4qJNGrvCsJPjoznNjsP
KALrR9YfSMwFTHMBLubm5OWdnXwCNzDtxY/hAlnaY6SWyAwkxPB3B4Hv98VX7k98
GYy7q5SHmglIHe3aUecEdC4A6SWarK1BgekVZ6iZVuP7r7ZaONNftaqx+O2JLWYY
S0QsOg7NwbKycE+juQub2jqDfcMBtYC6+Z7NAFNAUBSEkagmZojpfomDE/DPrZ2O
Ql+Q
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:25:31 2025 by rpki-client