Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/oTU6jls5Cbp2h-8jJVa1y-YZLoo.roa
File: oTU6jls5Cbp2h-8jJVa1y-YZLoo.roa (raw, json)
Hash identifier: UlQbXDO/2Z5fLH/VOiXf6qQdUrJ+q43vGjJDK0Fi6XA=
Subject key identifier: A1:35:3A:8E:5B:39:09:BA:76:87:EF:23:25:56:B5:CB:E6:19:2E:8A
Certificate issuer: /CN=dcfae7d4e69d42e4f4c95d99f482b9a944dbefc8
Certificate serial: 019426D9D902933BFF65506B4AB91479D44E
Authority key identifier: DC:FA:E7:D4:E6:9D:42:E4:F4:C9:5D:99:F4:82:B9:A9:44:DB:EF:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Prn1OadQuT0yV2Z9IK5qUTb78g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/oTU6jls5Cbp2h-8jJVa1y-YZLoo.roa
Signing time: Thu 02 Jan 2025 11:49:58 +0000
ROA not before: Thu 02 Jan 2025 11:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212329
IP address blocks: 91.236.64.0/22 maxlen: 24
185.216.48.0/24 maxlen: 24
2a10:a700::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/3Prn1OadQuT0yV2Z9IK5qUTb78g.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/3Prn1OadQuT0yV2Z9IK5qUTb78g.mft
rsync://rpki.ripe.net/repository/DEFAULT/3Prn1OadQuT0yV2Z9IK5qUTb78g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:d9:02:93:3b:ff:65:50:6b:4a:b9:14:79:d4:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcfae7d4e69d42e4f4c95d99f482b9a944dbefc8
Validity
Not Before: Jan 2 11:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1353a8e5b3909ba7687ef232556b5cbe6192e8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:79:57:0c:63:c3:fb:9d:83:37:3b:3d:cb:f2:
3a:76:66:a5:52:e1:a5:96:3b:a9:cd:51:d9:fb:24:
d4:b8:90:be:cc:ba:e3:8b:96:f6:e5:88:b6:6a:a9:
76:12:97:b5:ed:7e:7e:9f:3c:ad:c5:b6:39:ce:a5:
a0:29:28:80:93:39:a3:71:d6:04:e5:fa:76:71:92:
e6:78:2c:02:da:cd:0a:56:44:ab:fa:9e:f5:25:3b:
0e:91:32:61:d9:f4:1a:df:a5:d2:e9:9e:df:7d:0f:
f8:90:89:f2:0a:03:8e:30:fb:18:ba:80:2c:8e:f0:
d5:4e:9a:b7:f5:11:ec:d9:33:13:f7:2f:28:ce:57:
6a:09:fa:61:36:1b:0c:60:b0:28:bb:69:b8:92:c9:
b3:e7:43:dd:84:04:d7:0d:35:c7:c2:40:af:35:52:
38:98:b0:18:82:8b:05:13:96:df:c9:15:67:b4:9b:
f3:80:8f:72:6a:26:de:8c:b2:dd:33:7e:f7:34:db:
3c:54:7c:91:a7:4f:ae:83:88:f9:2b:4c:59:b5:4b:
7a:2d:ea:29:ff:6d:0f:f1:c8:b5:5e:4a:93:1b:16:
19:02:39:dd:96:7f:fb:87:1e:63:57:48:ca:5c:0d:
67:54:67:e3:72:94:3f:95:26:b8:41:c8:62:0f:61:
ef:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:35:3A:8E:5B:39:09:BA:76:87:EF:23:25:56:B5:CB:E6:19:2E:8A
X509v3 Authority Key Identifier:
keyid:DC:FA:E7:D4:E6:9D:42:E4:F4:C9:5D:99:F4:82:B9:A9:44:DB:EF:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Prn1OadQuT0yV2Z9IK5qUTb78g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/oTU6jls5Cbp2h-8jJVa1y-YZLoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/3Prn1OadQuT0yV2Z9IK5qUTb78g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.64.0/22
185.216.48.0/24
IPv6:
2a10:a700::/29
Signature Algorithm: sha256WithRSAEncryption
88:4d:fb:17:4e:ac:ed:8a:3e:a6:fb:03:2e:92:c8:b2:16:1d:
38:ae:e7:4c:0b:aa:ce:52:60:06:2a:39:8f:74:c0:14:e2:bd:
af:10:0a:82:41:5f:9e:38:8e:62:8e:9e:9f:6f:fe:4e:c9:a9:
58:1c:d9:88:01:2f:64:f1:31:86:3f:24:de:43:f0:0e:c2:bc:
1c:d1:10:a2:b2:ec:ef:c7:c3:89:c9:1d:16:51:68:36:2d:e4:
65:74:8d:ab:ed:db:a8:c4:c0:55:8e:6f:1c:c4:76:80:99:7c:
c3:b2:13:77:fd:47:38:8e:8a:d1:79:aa:c9:5a:42:22:83:36:
16:e8:ee:b8:b5:83:bd:8a:a3:09:9f:31:ca:db:51:28:40:13:
39:ad:1c:04:b8:aa:f4:36:d7:34:18:a2:4b:f8:49:a4:9a:b3:
dc:d4:20:0b:f3:12:a9:d1:d6:a3:ba:e0:9c:93:27:81:54:ba:
44:4b:d7:ea:e7:cc:3b:4b:08:f4:bf:ea:ce:cb:a0:77:3e:d3:
14:cf:f9:b2:6c:9a:33:6c:8f:eb:b2:f8:1b:3f:6b:61:cf:7a:
c9:70:9f:fe:5a:09:08:1d:f2:4d:b3:74:c5:68:eb:aa:54:cb:
32:05:12:a4:c9:c4:de:77:03:ae:98:ac:46:64:55:df:ff:fa:
39:91:45:9f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQm2dkCkzv/ZVBrSrkUedROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZmFlN2Q0ZTY5ZDQyZTRmNGM5NWQ5OWY0ODJiOWE5NDRk
YmVmYzgwHhcNMjUwMTAyMTE0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTM1M2E4ZTViMzkwOWJhNzY4N2VmMjMyNTU2YjVjYmU2MTkyZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3lXDGPD+52DNzs9y/I6dmalUuGl
ljupzVHZ+yTUuJC+zLrji5b25Yi2aql2Epe17X5+nzytxbY5zqWgKSiAkzmjcdYE
5fp2cZLmeCwC2s0KVkSr+p71JTsOkTJh2fQa36XS6Z7ffQ/4kInyCgOOMPsYuoAs
jvDVTpq39RHs2TMT9y8ozldqCfphNhsMYLAou2m4ksmz50PdhATXDTXHwkCvNVI4
mLAYgosFE5bfyRVntJvzgI9yaibejLLdM373NNs8VHyRp0+ug4j5K0xZtUt6Leop
/20P8ci1XkqTGxYZAjndln/7hx5jV0jKXA1nVGfjcpQ/lSa4QchiD2HvEwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKE1Oo5bOQm6dofvIyVWtcvmGS6KMB8GA1UdIwQY
MBaAFNz659TmnULk9MldmfSCualE2+/IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1BybjFPYWRRdVQweVYyWjlJSzVxVVRiNzhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85MzQyZjgtZGY5ZS00NWJiLTk3MmYt
MzcyNzNkZjM5MDFjLzEvb1RVNmpsczVDYnAyaC04akpWYTF5LVlaTG9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85MzQyZjgtZGY5ZS00NWJiLTk3MmYtMzcyNzNkZjM5MDFj
LzEvM1BybjFPYWRRdVQweVYyWjlJSzVxVVRiNzhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW+xAAwQA
udgwMA0EAgACMAcDBQMqEKcAMA0GCSqGSIb3DQEBCwUAA4IBAQCITfsXTqztij6m
+wMuksiyFh04rudMC6rOUmAGKjmPdMAU4r2vEAqCQV+eOI5ijp6fb/5OyalYHNmI
AS9k8TGGPyTeQ/AOwrwc0RCisuzvx8OJyR0WUWg2LeRldI2r7duoxMBVjm8cxHaA
mXzDshN3/Uc4jorRearJWkIigzYW6O64tYO9iqMJnzHK21EoQBM5rRwEuKr0Ntc0
GKJL+EmkmrPc1CAL8xKp0dajuuCckyeBVLpES9fq58w7Swj0v+rOy6B3PtMUz/my
bJozbI/rsvgbP2thz3rJcJ/+WgkIHfJNs3TFaOuqVMsyBRKkycTedwOumKxGZFXf
//o5kUWf
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:53:46 2025 by rpki-client