Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/L9ix8pw07x4PhUpkqGmls3mm4gM.roa
File: L9ix8pw07x4PhUpkqGmls3mm4gM.roa (raw, json)
Hash identifier: O7RkSci1TH3Sjpald3VvboQYxEi06vvVnFtQcOqBkgA=
Subject key identifier: 2F:D8:B1:F2:9C:34:EF:1E:0F:85:4A:64:A8:69:A5:B3:79:A6:E2:03
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 01954E9061797FDE59FFD75314DD1C1D6939
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/L9ix8pw07x4PhUpkqGmls3mm4gM.roa
Signing time: Fri 28 Feb 2025 21:57:19 +0000
ROA not before: Fri 28 Feb 2025 21:57:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21100
IP address blocks: 91.90.192.0/24 maxlen: 24
91.90.194.0/24 maxlen: 24
91.223.123.0/24 maxlen: 24
94.131.16.0/24 maxlen: 24
94.131.18.0/24 maxlen: 24
185.198.164.0/22 maxlen: 22
195.245.112.0/23 maxlen: 23
2001:67c:2f5c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.mft
rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4e:90:61:79:7f:de:59:ff:d7:53:14:dd:1c:1d:69:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: Feb 28 21:57:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fd8b1f29c34ef1e0f854a64a869a5b379a6e203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d3:e4:9b:75:c2:29:bc:f3:07:2d:22:6d:94:
5a:cd:e6:2e:e0:b9:60:aa:f3:71:1c:72:d7:93:8e:
71:2d:4a:51:6f:16:e8:57:9d:36:1c:d3:5b:de:90:
9d:99:04:70:14:46:41:c8:d2:28:01:d7:dc:ac:f9:
ff:67:bb:3c:04:4d:5b:44:05:39:52:44:96:8c:0b:
86:08:f3:26:2d:cc:83:a5:6f:97:03:a4:e0:81:70:
a7:41:18:17:c4:bb:e9:d1:e8:19:b7:14:42:3f:fd:
ce:6d:ae:8d:64:9e:14:d1:26:aa:d3:0f:12:dd:48:
55:40:6e:d5:5d:c0:80:15:d3:dc:1c:4a:f3:44:ab:
99:28:f7:5f:35:e3:29:c2:50:28:ff:ec:f2:54:5b:
79:51:f3:83:ef:91:9e:98:ef:64:24:fd:44:ad:09:
02:ec:1c:9c:98:48:bc:b2:c3:8b:04:19:43:d0:6d:
73:ee:27:9f:f7:11:d2:df:52:fa:c9:c1:d9:2e:e8:
b4:ad:18:9f:7f:6c:c9:d7:2d:74:ac:92:44:89:eb:
bf:72:e6:fc:79:32:29:76:21:57:c0:0f:e0:e9:18:
37:e0:1e:04:65:28:4d:c0:c3:2d:fd:07:a9:02:d9:
ec:4b:63:2a:5d:19:79:86:59:92:f5:b5:18:34:c0:
b2:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D8:B1:F2:9C:34:EF:1E:0F:85:4A:64:A8:69:A5:B3:79:A6:E2:03
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/L9ix8pw07x4PhUpkqGmls3mm4gM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.90.192.0/24
91.90.194.0/24
91.223.123.0/24
94.131.16.0/24
94.131.18.0/24
185.198.164.0/22
195.245.112.0/23
IPv6:
2001:67c:2f5c::/48
Signature Algorithm: sha256WithRSAEncryption
b9:d3:3d:6f:94:8c:6e:7a:17:2d:36:76:cd:a1:af:b6:5e:57:
ab:d2:c6:72:24:94:dd:98:f8:f1:a6:01:8d:0e:60:b1:b8:80:
ce:67:75:0a:9b:c7:e8:fb:65:8a:d7:3e:aa:42:22:51:b5:87:
e4:6f:20:05:11:c4:fc:fb:7a:95:7e:95:ee:b4:ab:d9:e3:3b:
86:4d:5c:ff:b0:fd:98:a8:d2:ad:6d:a8:75:8c:99:53:91:24:
83:30:20:74:31:c7:74:1a:f5:6d:3f:b3:f8:f4:ae:80:20:74:
f7:b5:e3:61:2c:34:22:86:c4:99:17:10:83:91:e5:9b:e9:94:
fd:1b:8a:17:4b:7a:77:43:28:c0:29:3a:0e:02:9e:1a:83:3c:
bc:5e:ff:6e:70:79:27:79:8d:fc:28:fe:03:5e:81:25:a2:65:
be:d8:42:f1:5e:78:a0:0f:52:67:96:5f:a6:99:72:b3:52:d1:
78:c2:bd:4e:1b:53:ad:af:98:73:38:7f:67:7e:3b:6a:7d:be:
ae:9e:f7:57:40:65:96:64:7a:fc:ec:c8:ca:98:58:8b:56:ca:
fb:b8:1a:b2:6d:42:f7:6f:73:b6:c8:cd:8b:33:09:d5:09:3b:
da:80:cd:c1:e4:d6:3c:bb:30:c0:54:14:34:07:ba:66:5c:7d:
d5:04:15:68
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZVOkGF5f95Z/9dTFN0cHWk5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2NkZmZkYTZhNGM0ODkxNGI1ZThjZGU3ZGE1ZDgyMGI5
Yzk3MTgwHhcNMjUwMjI4MjE1NzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmQ4YjFmMjljMzRlZjFlMGY4NTRhNjRhODY5YTViMzc5YTZlMjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdPkm3XCKbzzBy0ibZRazeYu4Llg
qvNxHHLXk45xLUpRbxboV502HNNb3pCdmQRwFEZByNIoAdfcrPn/Z7s8BE1bRAU5
UkSWjAuGCPMmLcyDpW+XA6TggXCnQRgXxLvp0egZtxRCP/3Oba6NZJ4U0Saq0w8S
3UhVQG7VXcCAFdPcHErzRKuZKPdfNeMpwlAo/+zyVFt5UfOD75GemO9kJP1ErQkC
7BycmEi8ssOLBBlD0G1z7ief9xHS31L6ycHZLui0rRiff2zJ1y10rJJEieu/cub8
eTIpdiFXwA/g6Rg34B4EZShNwMMt/QepAtnsS2MqXRl5hlmS9bUYNMCyHQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFC/YsfKcNO8eD4VKZKhppbN5puIDMB8GA1UdIwQY
MBaAFG/M3/2mpMSJFLXozefaXYILnJcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQt
YTc3NGU0MWQyNjRjLzEvTDlpeDhwdzA3eDRQaFVwa3FHbWxzM21tNGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQtYTc3NGU0MWQyNjRj
LzEvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQAW1rAAwQA
W1rCAwQAW997AwQAXoMQAwQAXoMSAwQCucakAwQBw/VwMA8EAgACMAkDBwAgAQZ8
L1wwDQYJKoZIhvcNAQELBQADggEBALnTPW+UjG56Fy02ds2hr7ZeV6vSxnIklN2Y
+PGmAY0OYLG4gM5ndQqbx+j7ZYrXPqpCIlG1h+RvIAURxPz7epV+le60q9njO4ZN
XP+w/Zio0q1tqHWMmVORJIMwIHQxx3Qa9W0/s/j0roAgdPe142EsNCKGxJkXEIOR
5ZvplP0bihdLendDKMApOg4CnhqDPLxe/25weSd5jfwo/gNegSWiZb7YQvFeeKAP
UmeWX6aZcrNS0XjCvU4bU62vmHM4f2d+O2p9vq6e91dAZZZkevzsyMqYWItWyvu4
GrJtQvdvc7bIzYszCdUJO9qAzcHk1jy7MMBUFDQHumZcfdUEFWg=
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:39:45 2025 by rpki-client