Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/7dd289-6cb5-4371-846c-93dec735f717/1/a9P-AA4M71AoAQl3T5rg8IgqWV8.roa
File: a9P-AA4M71AoAQl3T5rg8IgqWV8.roa (raw, json)
Hash identifier: p+vdBIjmH5hq5HNOBx9P2IYX3IN+k3FDRRTfZzHcnHA=
Subject key identifier: 6B:D3:FE:00:0E:0C:EF:50:28:01:09:77:4F:9A:E0:F0:88:2A:59:5F
Certificate issuer: /CN=9907c7b89656dd339cb98fb7c2b0371c5926a641
Certificate serial: 01942444E1AB473018A84AD2035EDCD75167
Authority key identifier: 99:07:C7:B8:96:56:DD:33:9C:B9:8F:B7:C2:B0:37:1C:59:26:A6:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mQfHuJZW3TOcuY-3wrA3HFkmpkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/7dd289-6cb5-4371-846c-93dec735f717/1/a9P-AA4M71AoAQl3T5rg8IgqWV8.roa
Signing time: Wed 01 Jan 2025 23:48:01 +0000
ROA not before: Wed 01 Jan 2025 23:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199483
IP address blocks: 31.14.0.0/22 maxlen: 24
91.209.103.0/24 maxlen: 24
185.15.24.0/22 maxlen: 24
185.15.24.0/24 maxlen: 24
185.15.25.0/24 maxlen: 24
185.15.26.0/24 maxlen: 24
185.15.27.0/24 maxlen: 24
185.167.0.0/22 maxlen: 24
185.221.88.0/22 maxlen: 24
185.221.88.0/23 maxlen: 23
185.221.90.0/24 maxlen: 24
185.221.91.0/24 maxlen: 24
193.164.151.0/24 maxlen: 24
2a02:f840::/29 maxlen: 48
2a02:f840::/32 maxlen: 32
2a02:f840:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/7dd289-6cb5-4371-846c-93dec735f717/1/mQfHuJZW3TOcuY-3wrA3HFkmpkE.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/7dd289-6cb5-4371-846c-93dec735f717/1/mQfHuJZW3TOcuY-3wrA3HFkmpkE.mft
rsync://rpki.ripe.net/repository/DEFAULT/mQfHuJZW3TOcuY-3wrA3HFkmpkE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 23:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:e1:ab:47:30:18:a8:4a:d2:03:5e:dc:d7:51:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9907c7b89656dd339cb98fb7c2b0371c5926a641
Validity
Not Before: Jan 1 23:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bd3fe000e0cef50280109774f9ae0f0882a595f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9f:08:f1:6b:bc:2c:67:1f:29:09:33:7d:f4:
f0:43:f8:df:0d:89:27:48:f5:6b:51:fb:56:b6:ab:
92:f5:9d:c9:8f:e6:30:59:82:2f:63:46:41:18:1d:
e5:82:0f:b7:de:89:16:14:27:9e:4c:62:0f:d5:7c:
f6:5f:84:e3:59:ad:f1:29:f3:11:45:4f:44:a5:de:
19:b8:5f:a0:55:c9:1f:c5:2f:20:2f:28:30:40:a0:
2f:34:ed:6b:92:66:bc:c6:17:3d:cd:36:bc:34:41:
82:a9:be:e4:19:62:b2:4b:ef:eb:49:24:53:2c:a9:
b0:1b:53:f1:b7:9e:38:ed:98:86:c6:c4:7b:16:5b:
a9:2b:2d:3f:e4:19:51:43:84:f3:33:33:01:db:91:
f8:e1:c3:33:e7:5b:0d:c3:f8:d4:aa:01:2f:62:e1:
b8:5d:c2:37:78:69:e5:b7:fc:97:18:4b:fe:a6:95:
af:5e:60:f5:cc:d2:5e:f8:1b:72:da:b5:be:d2:fd:
f5:70:1c:44:a7:69:a8:93:26:f2:3b:9d:99:c8:4a:
e8:17:0a:71:08:df:e8:05:7f:b0:50:97:05:2a:df:
56:a4:62:21:6b:a9:53:ee:0b:06:b6:a4:73:ac:12:
cb:bc:09:52:77:c8:61:54:6d:d4:10:9d:17:2b:97:
69:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D3:FE:00:0E:0C:EF:50:28:01:09:77:4F:9A:E0:F0:88:2A:59:5F
X509v3 Authority Key Identifier:
keyid:99:07:C7:B8:96:56:DD:33:9C:B9:8F:B7:C2:B0:37:1C:59:26:A6:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mQfHuJZW3TOcuY-3wrA3HFkmpkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7dd289-6cb5-4371-846c-93dec735f717/1/a9P-AA4M71AoAQl3T5rg8IgqWV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7dd289-6cb5-4371-846c-93dec735f717/1/mQfHuJZW3TOcuY-3wrA3HFkmpkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.0.0/22
91.209.103.0/24
185.15.24.0/22
185.167.0.0/22
185.221.88.0/22
193.164.151.0/24
IPv6:
2a02:f840::/29
Signature Algorithm: sha256WithRSAEncryption
7e:5a:09:0d:f3:a8:00:28:e7:82:97:f7:eb:ef:66:49:cf:b0:
be:ea:cd:d2:f3:f7:a0:fc:4f:c4:f8:de:2f:b1:34:0c:76:d8:
53:bd:8e:c7:60:fa:ca:e4:e3:81:c3:5a:c1:73:eb:2e:d0:ac:
e4:3e:a4:f3:bf:75:fe:18:fc:ef:a6:f4:87:f4:b2:46:c3:60:
e5:b5:25:e1:ce:b0:fc:81:95:84:08:b5:5a:a0:4c:28:04:7a:
b7:12:56:7e:28:d4:4e:d3:e6:21:66:48:6a:87:53:9c:22:69:
a4:bb:66:d5:85:6c:09:0b:37:d0:da:08:65:3c:75:2f:81:56:
b1:9c:e5:5e:e3:08:5a:74:73:7c:85:40:16:23:28:71:a2:73:
99:33:93:09:c1:45:f5:47:ce:d0:32:06:51:40:03:42:3a:68:
fa:02:53:49:97:d1:05:ec:a0:56:cd:42:6d:99:74:59:fc:36:
78:a3:38:18:c5:dc:39:bf:08:e9:1c:ad:3e:1a:bd:2f:04:16:
ed:e4:8a:da:70:82:bb:b3:02:93:d2:01:03:e9:18:25:34:5d:
0a:77:94:80:57:a0:df:31:3a:e9:73:9f:29:83:41:b3:49:65:
62:9c:e9:6d:ce:a4:85:85:9c:42:6a:e0:58:26:95:41:08:b2:
39:0e:a6:5b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQkROGrRzAYqErSA17c11FnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MDdjN2I4OTY1NmRkMzM5Y2I5OGZiN2MyYjAzNzFjNTky
NmE2NDEwHhcNMjUwMTAxMjM0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmQzZmUwMDBlMGNlZjUwMjgwMTA5Nzc0ZjlhZTBmMDg4MmE1OTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZ8I8Wu8LGcfKQkzffTwQ/jfDYkn
SPVrUftWtquS9Z3Jj+YwWYIvY0ZBGB3lgg+33okWFCeeTGIP1Xz2X4TjWa3xKfMR
RU9Epd4ZuF+gVckfxS8gLygwQKAvNO1rkma8xhc9zTa8NEGCqb7kGWKyS+/rSSRT
LKmwG1Pxt5447ZiGxsR7FlupKy0/5BlRQ4TzMzMB25H44cMz51sNw/jUqgEvYuG4
XcI3eGnlt/yXGEv+ppWvXmD1zNJe+Bty2rW+0v31cBxEp2mokybyO52ZyEroFwpx
CN/oBX+wUJcFKt9WpGIha6lT7gsGtqRzrBLLvAlSd8hhVG3UEJ0XK5dpwQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFGvT/gAODO9QKAEJd0+a4PCIKllfMB8GA1UdIwQY
MBaAFJkHx7iWVt0znLmPt8KwNxxZJqZBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVFmSHVKWlczVE9jdVktM3dyQTNIRmttcGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS83ZGQyODktNmNiNS00MzcxLTg0NmMt
OTNkZWM3MzVmNzE3LzEvYTlQLUFBNE03MUFvQVFsM1Q1cmc4SWdxV1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS83ZGQyODktNmNiNS00MzcxLTg0NmMtOTNkZWM3MzVmNzE3
LzEvbVFmSHVKWlczVE9jdVktM3dyQTNIRmttcGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCHw4AAwQA
W9FnAwQCuQ8YAwQCuacAAwQCud1YAwQAwaSXMA0EAgACMAcDBQMqAvhAMA0GCSqG
SIb3DQEBCwUAA4IBAQB+WgkN86gAKOeCl/fr72ZJz7C+6s3S8/eg/E/E+N4vsTQM
dthTvY7HYPrK5OOBw1rBc+su0KzkPqTzv3X+GPzvpvSH9LJGw2DltSXhzrD8gZWE
CLVaoEwoBHq3ElZ+KNRO0+YhZkhqh1OcImmku2bVhWwJCzfQ2ghlPHUvgVaxnOVe
4whadHN8hUAWIyhxonOZM5MJwUX1R87QMgZRQANCOmj6AlNJl9EF7KBWzUJtmXRZ
/DZ4ozgYxdw5vwjpHK0+Gr0vBBbt5IracIK7swKT0gED6RglNF0Kd5SAV6DfMTrp
c58pg0GzSWVinOltzqSFhZxCauBYJpVBCLI5DqZb
-----END CERTIFICATE-----
Generated at Mon Apr 14 05:12:17 2025 by rpki-client