Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/k9a98NqHjelrZVUWhKMb68LgxUE.roa
File: k9a98NqHjelrZVUWhKMb68LgxUE.roa (raw, json)
Hash identifier: 6VyAIEvjXORry2KtmNbj+FoMHc5b899/tsCBJkg8fEY=
Subject key identifier: 93:D6:BD:F0:DA:87:8D:E9:6B:65:55:16:84:A3:1B:EB:C2:E0:C5:41
Certificate issuer: /CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Certificate serial: 01942669F315E0F8B1DA162B1BB4F3C5E3B7
Authority key identifier: 50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/k9a98NqHjelrZVUWhKMb68LgxUE.roa
Signing time: Thu 02 Jan 2025 09:47:45 +0000
ROA not before: Thu 02 Jan 2025 09:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15763
IP address blocks: 195.138.36.0/24 maxlen: 24
195.138.42.0/23 maxlen: 23
195.138.44.0/22 maxlen: 22
195.138.48.0/22 maxlen: 22
195.138.52.0/24 maxlen: 24
195.138.59.0/24 maxlen: 24
195.253.8.0/21 maxlen: 21
195.253.16.0/22 maxlen: 22
195.253.21.0/24 maxlen: 24
195.253.24.0/22 maxlen: 22
195.253.28.0/23 maxlen: 23
195.253.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.mft
rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:69:f3:15:e0:f8:b1:da:16:2b:1b:b4:f3:c5:e3:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Validity
Not Before: Jan 2 09:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93d6bdf0da878de96b65551684a31bebc2e0c541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:12:2f:44:6e:45:5d:4d:7d:42:ee:f5:11:89:
d3:7f:59:e7:d9:60:ba:71:8b:5c:9e:37:65:17:6c:
62:fa:e5:a7:fa:71:04:e1:ce:f7:fd:e9:e6:15:fa:
ce:c6:48:f3:c7:76:3b:6f:55:8f:8b:ea:17:a1:28:
91:b2:e3:76:ea:c8:15:56:db:36:c6:cc:b9:d6:c8:
ba:b7:cf:56:7e:12:85:c7:14:0c:96:3b:86:db:bf:
f8:03:ed:d6:f4:03:cc:b3:c2:85:eb:3b:e9:5c:a0:
3f:71:0d:3f:63:05:22:31:39:f1:ef:e2:11:b4:15:
2e:35:cd:fd:a4:d3:bb:f8:af:75:15:60:9f:3d:36:
39:34:77:8f:01:bf:64:32:ca:4e:39:1b:a3:2a:1f:
d6:1e:d8:13:f5:11:9f:f0:6b:27:4d:da:dc:be:b1:
7b:79:33:9b:ac:8a:06:fa:e4:fe:00:75:75:ee:57:
bf:f4:c3:38:d1:54:61:0f:15:fa:cb:ba:da:13:45:
66:85:70:1f:65:77:32:f4:b0:f9:65:46:8d:93:c2:
8f:fa:79:f0:07:a0:96:fd:93:58:3c:67:5b:fd:ff:
e5:f7:7f:2c:2a:68:46:3f:1c:bc:75:8f:25:86:e2:
ad:91:68:65:d8:ba:14:6e:e9:16:03:5d:68:a1:50:
4c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:D6:BD:F0:DA:87:8D:E9:6B:65:55:16:84:A3:1B:EB:C2:E0:C5:41
X509v3 Authority Key Identifier:
keyid:50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/k9a98NqHjelrZVUWhKMb68LgxUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.138.36.0/24
195.138.42.0-195.138.52.255
195.138.59.0/24
195.253.8.0-195.253.19.255
195.253.21.0/24
195.253.24.0-195.253.30.255
Signature Algorithm: sha256WithRSAEncryption
53:19:c9:85:46:98:a9:38:6a:5c:10:5a:79:45:8c:58:48:75:
59:e8:98:80:fa:fa:83:5e:6c:cc:d1:1a:9a:a0:08:fd:ef:06:
c0:c7:af:68:e7:77:60:24:ae:77:c5:31:83:f1:8c:5d:72:09:
d0:85:96:63:44:e1:69:4e:92:0c:35:00:b6:9a:f6:4c:ee:ea:
77:d7:2f:67:ef:00:5b:55:c5:07:b1:88:e4:95:5b:ab:18:eb:
f5:fd:f8:70:b1:f5:ff:be:06:84:83:04:57:e9:3e:7c:e6:56:
2b:09:ce:ba:0a:13:a8:58:3d:28:29:8b:46:f0:74:84:b6:b9:
ae:8a:c1:98:e9:aa:cd:9f:5f:87:3d:d3:24:af:19:62:0f:0a:
e0:8b:d0:9b:ef:9e:0c:37:53:cc:9c:53:5e:18:ab:81:0c:4d:
9b:ac:21:f1:6f:07:10:f6:33:11:2c:b0:8a:79:eb:6d:90:f8:
83:43:3a:b7:36:ac:77:17:1e:3a:17:2d:45:29:a0:d4:3e:d9:
c6:8c:d5:6b:ab:b7:a3:8a:80:01:7a:bc:09:13:ac:d2:8c:da:
7b:03:82:4a:7f:19:60:14:02:0c:86:5b:e4:d7:11:20:bb:1f:
69:35:14:f5:e8:23:f4:5d:ba:7c:c6:c4:12:6d:94:25:d7:46:
c8:83:2f:b1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQmafMV4Pix2hYrG7TzxeO3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYzFlNDI2ZjU4ZTQyYWUzMGU1NmNkYjdmZjRkOGY5ZGRk
ODViMzAwHhcNMjUwMTAyMDk0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2Q2YmRmMGRhODc4ZGU5NmI2NTU1MTY4NGEzMWJlYmMyZTBjNTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5hIvRG5FXU19Qu71EYnTf1nn2WC6
cYtcnjdlF2xi+uWn+nEE4c73/enmFfrOxkjzx3Y7b1WPi+oXoSiRsuN26sgVVts2
xsy51si6t89WfhKFxxQMljuG27/4A+3W9APMs8KF6zvpXKA/cQ0/YwUiMTnx7+IR
tBUuNc39pNO7+K91FWCfPTY5NHePAb9kMspOORujKh/WHtgT9RGf8GsnTdrcvrF7
eTObrIoG+uT+AHV17le/9MM40VRhDxX6y7raE0VmhXAfZXcy9LD5ZUaNk8KP+nnw
B6CW/ZNYPGdb/f/l938sKmhGPxy8dY8lhuKtkWhl2LoUbukWA11ooVBMawIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJPWvfDah43pa2VVFoSjG+vC4MVBMB8GA1UdIwQY
MBaAFFDB5Cb1jkKuMOVs23/02Pnd2FswMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMt
MDYzY2U2Y2Y0NjBkLzEvazlhOThOcUhqZWxyWlZVV2hLTWI2OExneFVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMtMDYzY2U2Y2Y0NjBk
LzEvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAw4okMAwD
BAHDiioDBADDijQDBADDijswDAMEA8P9CAMEAsP9EAMEAMP9FTAMAwQDw/0YAwQA
w/0eMA0GCSqGSIb3DQEBCwUAA4IBAQBTGcmFRpipOGpcEFp5RYxYSHVZ6JiA+vqD
XmzM0RqaoAj97wbAx69o53dgJK53xTGD8YxdcgnQhZZjROFpTpIMNQC2mvZM7up3
1y9n7wBbVcUHsYjklVurGOv1/fhwsfX/vgaEgwRX6T585lYrCc66ChOoWD0oKYtG
8HSEtrmuisGY6arNn1+HPdMkrxliDwrgi9Cb754MN1PMnFNeGKuBDE2brCHxbwcQ
9jMRLLCKeettkPiDQzq3Nqx3Fx46Fy1FKaDUPtnGjNVrq7ejioABerwJE6zSjNp7
A4JKfxlgFAIMhlvk1xEgux9pNRT16CP0Xbp8xsQSbZQl10bIgy+x
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:21:17 2025 by rpki-client