Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/f0767c-b019-463c-a0b1-8d4bfd0aace8/1/r1IMpiCHpPweMRkuWsw73RYDo3A.roa
File: r1IMpiCHpPweMRkuWsw73RYDo3A.roa (raw, json)
Hash identifier: H3EX+meKiUt0EpGIqmimp5m+RpOOJnWjXaAa27zBx8A=
Subject key identifier: AF:52:0C:A6:20:87:A4:FC:1E:31:19:2E:5A:CC:3B:DD:16:03:A3:70
Certificate issuer: /CN=925cecefe522817405d26fc92bb5104ac90cfdc5
Certificate serial: 019424B397C80AFB770DD418BBE0D8C13B37
Authority key identifier: 92:5C:EC:EF:E5:22:81:74:05:D2:6F:C9:2B:B5:10:4A:C9:0C:FD:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klzs7-UigXQF0m_JK7UQSskM_cU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/f0767c-b019-463c-a0b1-8d4bfd0aace8/1/r1IMpiCHpPweMRkuWsw73RYDo3A.roa
Signing time: Thu 02 Jan 2025 01:48:57 +0000
ROA not before: Thu 02 Jan 2025 01:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49601
IP address blocks: 91.229.56.0/24 maxlen: 24
91.229.182.0/24 maxlen: 24
91.229.210.0/24 maxlen: 24
185.189.124.0/22 maxlen: 22
185.189.124.0/24 maxlen: 24
185.189.125.0/24 maxlen: 24
185.189.126.0/24 maxlen: 24
185.189.127.0/24 maxlen: 24
185.226.60.0/22 maxlen: 22
185.226.60.0/24 maxlen: 24
185.226.61.0/24 maxlen: 24
185.226.62.0/24 maxlen: 24
185.226.63.0/24 maxlen: 24
185.252.96.0/22 maxlen: 22
185.252.96.0/24 maxlen: 24
185.252.97.0/24 maxlen: 24
185.252.98.0/24 maxlen: 24
185.252.99.0/24 maxlen: 24
2a0b:e680::/29 maxlen: 29
2a0c:3e00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/f0767c-b019-463c-a0b1-8d4bfd0aace8/1/klzs7-UigXQF0m_JK7UQSskM_cU.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/f0767c-b019-463c-a0b1-8d4bfd0aace8/1/klzs7-UigXQF0m_JK7UQSskM_cU.mft
rsync://rpki.ripe.net/repository/DEFAULT/klzs7-UigXQF0m_JK7UQSskM_cU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 13:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:97:c8:0a:fb:77:0d:d4:18:bb:e0:d8:c1:3b:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=925cecefe522817405d26fc92bb5104ac90cfdc5
Validity
Not Before: Jan 2 01:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af520ca62087a4fc1e31192e5acc3bdd1603a370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:09:7f:b0:e1:fc:bc:6d:c5:1d:b9:9d:a6:31:
0c:b3:26:15:76:0f:53:28:14:ee:01:61:6f:77:91:
89:d2:d1:04:73:ca:66:25:be:8c:81:23:d8:f5:ed:
6a:cb:71:3d:b8:6b:cd:53:08:d0:91:3a:d6:e2:dd:
9a:40:78:d4:32:b7:a3:c7:07:2c:63:97:18:1e:c6:
57:8e:dd:d3:cf:c5:2c:3f:6b:ed:ee:d7:25:24:9b:
f3:9d:67:94:9c:67:ce:24:eb:ad:a1:c3:47:f0:9e:
61:80:9f:78:c6:39:9d:50:00:69:0f:01:0d:9d:93:
0e:f5:44:ce:66:6a:94:1a:f9:7d:75:c3:38:8f:6f:
6f:0d:a4:08:c5:43:f1:a2:99:7d:73:52:68:e2:e8:
94:63:2e:64:66:34:e0:53:b1:d0:4d:eb:b9:5b:fa:
4d:cd:30:84:81:9e:f1:05:d0:ab:59:e1:7e:37:1e:
4c:f3:1c:73:5e:0d:61:9b:8f:cb:78:2d:db:ea:c6:
0f:3e:63:65:37:eb:3c:eb:ca:0b:33:03:1b:87:e7:
7e:b6:f7:4a:63:ca:d6:2b:9d:ed:e3:f6:bc:7d:fd:
5c:89:5c:6e:c2:d6:0a:c9:87:30:bf:c8:af:57:c4:
7d:c8:30:97:0b:48:97:b1:3e:ee:cb:b2:2d:76:c8:
75:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:52:0C:A6:20:87:A4:FC:1E:31:19:2E:5A:CC:3B:DD:16:03:A3:70
X509v3 Authority Key Identifier:
keyid:92:5C:EC:EF:E5:22:81:74:05:D2:6F:C9:2B:B5:10:4A:C9:0C:FD:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klzs7-UigXQF0m_JK7UQSskM_cU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/f0767c-b019-463c-a0b1-8d4bfd0aace8/1/r1IMpiCHpPweMRkuWsw73RYDo3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/f0767c-b019-463c-a0b1-8d4bfd0aace8/1/klzs7-UigXQF0m_JK7UQSskM_cU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.56.0/24
91.229.182.0/24
91.229.210.0/24
185.189.124.0/22
185.226.60.0/22
185.252.96.0/22
IPv6:
2a0b:e680::/29
2a0c:3e00::/29
Signature Algorithm: sha256WithRSAEncryption
7f:9f:48:f4:41:a4:2d:85:48:06:f3:9e:c3:86:ea:73:a9:3c:
9e:3e:09:00:5d:e3:c7:33:89:a9:00:a3:4c:ca:5c:47:37:1d:
b4:e0:57:04:49:c8:b0:aa:57:3e:dd:9c:74:be:18:47:1b:91:
e6:25:4c:c3:22:bf:24:05:92:c2:01:64:15:e5:02:cc:3c:fc:
5a:4f:29:f2:db:fb:c0:42:b6:f1:88:8a:a5:a1:35:25:de:af:
49:f2:67:ab:7f:b7:d9:eb:5f:02:91:70:2f:ea:b2:a5:d9:17:
c8:fb:2c:2e:02:75:8c:18:4f:ee:ce:c6:ce:25:88:97:8c:37:
3e:27:22:e4:76:ce:49:54:e6:0c:fb:63:ce:ba:d6:af:f2:b3:
ce:d3:36:ef:ea:39:bc:dd:e2:dc:00:82:12:f1:d6:47:a8:ad:
d8:63:4c:4b:5d:65:1f:2e:3b:f5:46:ba:8a:87:86:b6:cd:72:
4d:a0:a1:7b:80:1b:05:3f:74:2d:c7:8d:2a:77:94:d8:bc:76:
4f:00:1e:ce:8a:c5:15:32:a1:69:e7:78:67:01:18:a2:e6:be:
82:5e:60:5f:ea:46:40:78:75:47:f3:91:8b:84:dd:3f:42:80:
81:27:45:a7:f5:72:cf:96:ab:08:e3:3d:0a:bd:a7:d2:e3:ec:
4e:a6:45:a4
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQks5fICvt3DdQYu+DYwTs3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNWNlY2VmZTUyMjgxNzQwNWQyNmZjOTJiYjUxMDRhYzkw
Y2ZkYzUwHhcNMjUwMTAyMDE0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjUyMGNhNjIwODdhNGZjMWUzMTE5MmU1YWNjM2JkZDE2MDNhMzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQl/sOH8vG3FHbmdpjEMsyYVdg9T
KBTuAWFvd5GJ0tEEc8pmJb6MgSPY9e1qy3E9uGvNUwjQkTrW4t2aQHjUMrejxwcs
Y5cYHsZXjt3Tz8UsP2vt7tclJJvznWeUnGfOJOutocNH8J5hgJ94xjmdUABpDwEN
nZMO9UTOZmqUGvl9dcM4j29vDaQIxUPxopl9c1Jo4uiUYy5kZjTgU7HQTeu5W/pN
zTCEgZ7xBdCrWeF+Nx5M8xxzXg1hm4/LeC3b6sYPPmNlN+s868oLMwMbh+d+tvdK
Y8rWK53t4/a8ff1ciVxuwtYKyYcwv8ivV8R9yDCXC0iXsT7uy7Itdsh1iQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFK9SDKYgh6T8HjEZLlrMO90WA6NwMB8GA1UdIwQY
MBaAFJJc7O/lIoF0BdJvySu1EErJDP3FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2x6czctVWlnWFFGMG1fSks3VVFTc2tNX2NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mMDc2N2MtYjAxOS00NjNjLWEwYjEt
OGQ0YmZkMGFhY2U4LzEvcjFJTXBpQ0hwUHdlTVJrdVdzdzczUllEbzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mMDc2N2MtYjAxOS00NjNjLWEwYjEtOGQ0YmZkMGFhY2U4
LzEva2x6czctVWlnWFFGMG1fSks3VVFTc2tNX2NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQAW+U4AwQA
W+W2AwQAW+XSAwQCub18AwQCueI8AwQCufxgMBQEAgACMA4DBQMqC+aAAwUDKgw+
ADANBgkqhkiG9w0BAQsFAAOCAQEAf59I9EGkLYVIBvOew4bqc6k8nj4JAF3jxzOJ
qQCjTMpcRzcdtOBXBEnIsKpXPt2cdL4YRxuR5iVMwyK/JAWSwgFkFeUCzDz8Wk8p
8tv7wEK28YiKpaE1Jd6vSfJnq3+32etfApFwL+qypdkXyPssLgJ1jBhP7s7GziWI
l4w3Pici5HbOSVTmDPtjzrrWr/KzztM27+o5vN3i3ACCEvHWR6it2GNMS11lHy47
9Ua6ioeGts1yTaChe4AbBT90LceNKneU2Lx2TwAezorFFTKhaed4ZwEYoua+gl5g
X+pGQHh1R/ORi4TdP0KAgSdFp/Vyz5arCOM9Cr2n0uPsTqZFpA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:33:26 2025 by rpki-client