Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/YfrssvNZwD5AZRP5wjIDlwhUYus.roa
File: YfrssvNZwD5AZRP5wjIDlwhUYus.roa (raw, json)
Hash identifier: tPXQTvoaXcl4YYnl0ID2xIvC18Gr1STlvJkQBWEziQ0=
Subject key identifier: 61:FA:EC:B2:F3:59:C0:3E:40:65:13:F9:C2:32:03:97:08:54:62:EB
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 0194221FFA871D60889207F5A39895B8DE3D
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/YfrssvNZwD5AZRP5wjIDlwhUYus.roa
Signing time: Wed 01 Jan 2025 13:48:28 +0000
ROA not before: Wed 01 Jan 2025 13:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 5.181.168.0/24 maxlen: 24
5.181.169.0/24 maxlen: 24
5.183.255.0/24 maxlen: 24
83.171.224.0/24 maxlen: 24
83.171.226.0/24 maxlen: 24
83.171.227.0/24 maxlen: 24
141.98.87.0/24 maxlen: 24
185.68.184.0/24 maxlen: 24
185.68.246.0/24 maxlen: 24
185.68.247.0/24 maxlen: 24
185.81.174.0/24 maxlen: 24
185.81.184.0/24 maxlen: 24
185.81.187.0/24 maxlen: 24
185.88.36.0/24 maxlen: 24
185.89.42.0/24 maxlen: 24
185.89.43.0/24 maxlen: 24
185.89.104.0/23 maxlen: 24
185.89.108.0/22 maxlen: 24
185.95.101.0/24 maxlen: 24
185.95.102.0/23 maxlen: 24
185.96.38.0/24 maxlen: 24
185.97.1.0/24 maxlen: 24
185.97.3.0/24 maxlen: 24
194.104.10.0/24 maxlen: 24
213.232.120.0/24 maxlen: 24
213.232.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:fa:87:1d:60:88:92:07:f5:a3:98:95:b8:de:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jan 1 13:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61faecb2f359c03e406513f9c2320397085462eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d9:ca:86:41:a8:61:e5:94:7f:31:8d:e8:c1:
a3:28:80:c2:7f:65:10:3d:53:ec:8f:74:f2:f7:dd:
76:cc:7d:0d:cc:7c:ff:36:69:56:57:29:75:f8:15:
64:87:2b:36:2f:04:cc:99:81:58:61:f9:5e:6a:00:
8b:2a:9e:b1:fb:c5:0a:f4:36:ae:96:18:a7:41:02:
10:5a:1d:a2:7f:c5:1c:be:99:2b:78:39:0e:47:68:
94:74:a4:d9:d0:1b:e4:e2:cd:dd:2c:49:98:f0:9b:
72:0f:da:d2:6b:ab:ac:72:7a:f8:04:35:83:e6:1e:
db:73:6d:8b:81:dc:de:5c:37:81:43:b7:60:2c:44:
33:73:bc:8c:92:7c:2f:47:13:7e:7a:25:07:7f:2d:
f5:e8:36:a8:e2:2d:9e:69:30:4a:13:50:fc:64:fc:
bb:b8:06:00:67:01:b4:d4:e5:d4:b6:0d:d9:52:a3:
b3:23:67:1c:72:b3:bb:8a:7f:7b:da:ec:f3:fa:52:
3d:82:fa:42:06:fb:f3:aa:8f:b7:ce:e8:20:b2:a4:
19:21:3c:92:b6:3b:96:63:cf:5a:4f:a6:cd:ba:70:
be:5e:b1:b3:a2:4a:fe:62:72:6c:66:d3:ba:0e:da:
14:2d:d4:45:ba:10:4d:25:24:23:40:12:c6:ba:35:
a2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:FA:EC:B2:F3:59:C0:3E:40:65:13:F9:C2:32:03:97:08:54:62:EB
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/YfrssvNZwD5AZRP5wjIDlwhUYus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.168.0/23
5.183.255.0/24
83.171.224.0/24
83.171.226.0/23
141.98.87.0/24
185.68.184.0/24
185.68.246.0/23
185.81.174.0/24
185.81.184.0/24
185.81.187.0/24
185.88.36.0/24
185.89.42.0/23
185.89.104.0/23
185.89.108.0/22
185.95.101.0-185.95.103.255
185.96.38.0/24
185.97.1.0/24
185.97.3.0/24
194.104.10.0/24
213.232.120.0/24
213.232.122.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:78:fa:c2:27:b4:33:e0:d2:38:f2:3a:53:00:68:63:a3:ba:
0c:b6:63:7f:02:5b:5e:54:44:de:10:48:0d:f2:34:b0:d8:b1:
24:8e:ab:b7:6a:21:b3:ad:12:ea:d1:32:2b:ed:75:5b:51:24:
89:c6:1d:40:13:ec:8c:52:57:eb:5d:90:f1:26:14:c8:c8:13:
ac:99:3a:5f:dc:8a:0c:6c:79:08:a6:03:a3:ff:8c:b1:6e:57:
eb:37:09:61:b2:73:f9:2f:43:2e:c1:2d:03:78:f0:9f:10:c2:
43:92:6a:f9:65:0e:9e:73:01:6b:4f:35:26:0d:9e:42:7b:57:
ba:93:a2:4a:6f:66:82:47:b3:ef:6c:1e:36:dd:d4:76:25:54:
66:cf:ff:c6:a8:96:80:ae:89:80:4a:f4:a1:94:7d:62:48:fe:
1e:f5:b5:de:83:7f:ce:35:17:58:a5:cc:75:e9:ca:8a:ee:85:
a0:e7:31:24:da:10:d4:eb:72:47:79:27:d9:89:dc:e8:bd:0c:
cd:4e:7c:bc:a7:3f:60:81:a7:1c:88:f8:5c:65:e2:a2:a0:96:
9e:fe:9a:de:6d:a8:71:40:8d:ef:68:aa:58:f9:3a:42:1e:80:
f0:1f:65:bb:92:c2:a2:e6:98:33:81:4a:e5:7a:6c:e7:cd:64:
b5:ae:17:c2
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZQiH/qHHWCIkgf1o5iVuN49MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwMTAxMTM0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWZhZWNiMmYzNTljMDNlNDA2NTEzZjljMjMyMDM5NzA4NTQ2MmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9nKhkGoYeWUfzGN6MGjKIDCf2UQ
PVPsj3Ty9912zH0NzHz/NmlWVyl1+BVkhys2LwTMmYFYYfleagCLKp6x+8UK9Dau
lhinQQIQWh2if8UcvpkreDkOR2iUdKTZ0Bvk4s3dLEmY8JtyD9rSa6uscnr4BDWD
5h7bc22LgdzeXDeBQ7dgLEQzc7yMknwvRxN+eiUHfy316Dao4i2eaTBKE1D8ZPy7
uAYAZwG01OXUtg3ZUqOzI2cccrO7in972uzz+lI9gvpCBvvzqo+3zuggsqQZITyS
tjuWY89aT6bNunC+XrGzokr+YnJsZtO6DtoULdRFuhBNJSQjQBLGujWiBwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFGH67LLzWcA+QGUT+cIyA5cIVGLrMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvWWZyc3N2Tlp3RDVBWlJQNXdqSURsd2hVWXVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAEF
tagDBAAFt/8DBABTq+ADBAFTq+IDBACNYlcDBAC5RLgDBAG5RPYDBAC5Ua4DBAC5
UbgDBAC5UbsDBAC5WCQDBAG5WSoDBAG5WWgDBAK5WWwwDAMEALlfZQMEA7lfYAME
ALlgJgMEALlhAQMEALlhAwMEAMJoCgMEANXoeAMEANXoejANBgkqhkiG9w0BAQsF
AAOCAQEAonj6wie0M+DSOPI6UwBoY6O6DLZjfwJbXlRE3hBIDfI0sNixJI6rt2oh
s60S6tEyK+11W1EkicYdQBPsjFJX612Q8SYUyMgTrJk6X9yKDGx5CKYDo/+MsW5X
6zcJYbJz+S9DLsEtA3jwnxDCQ5Jq+WUOnnMBa081Jg2eQntXupOiSm9mgkez72we
Nt3UdiVUZs//xqiWgK6JgEr0oZR9Ykj+HvW13oN/zjUXWKXMdenKiu6FoOcxJNoQ
1OtyR3kn2Ync6L0MzU58vKc/YIGnHIj4XGXioqCWnv6a3m2ocUCN72iqWPk6Qh6A
8B9lu5LCouaYM4FK5Xps581kta4Xwg==
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:45:04 2025 by rpki-client