Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/tIGmW-EI2nrWk4qC7j5FTTvEcKw.roa
File: tIGmW-EI2nrWk4qC7j5FTTvEcKw.roa (raw, json)
Hash identifier: KGRsrUvfWuNnw7M6OrT2LhIDhaEzLkzjBqoyrd5RfaE=
Subject key identifier: B4:81:A6:5B:E1:08:DA:7A:D6:93:8A:82:EE:3E:45:4D:3B:C4:70:AC
Certificate issuer: /CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Certificate serial: 0194921AA23F33E259169F6DAA2879923DDE
Authority key identifier: 4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/tIGmW-EI2nrWk4qC7j5FTTvEcKw.roa
Signing time: Thu 23 Jan 2025 07:40:06 +0000
ROA not before: Thu 23 Jan 2025 07:40:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 85.234.101.0/24 maxlen: 24
85.234.106.0/24 maxlen: 24
85.234.107.0/24 maxlen: 24
85.234.110.0/24 maxlen: 24
185.154.192.0/24 maxlen: 24
185.154.193.0/24 maxlen: 24
185.154.194.0/24 maxlen: 24
185.154.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.mft
rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 04:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:92:1a:a2:3f:33:e2:59:16:9f:6d:aa:28:79:92:3d:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Validity
Not Before: Jan 23 07:40:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b481a65be108da7ad6938a82ee3e454d3bc470ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:00:31:bf:9d:55:60:2d:e7:e1:9e:ed:c8:bf:
3b:c7:9c:f5:67:19:42:f2:8b:ff:e5:c8:ae:fc:44:
9c:38:60:33:3f:e3:b0:89:4b:1c:4a:a0:08:8b:f6:
81:b4:60:fd:8e:0b:c6:66:40:0d:85:70:4c:c0:47:
1f:59:f8:d9:66:65:1a:2c:a2:05:5f:0b:e6:2f:63:
dd:a5:41:0c:06:62:4a:44:17:b9:f5:fb:0a:4b:ef:
15:9a:24:d3:71:19:76:42:b5:0e:b9:24:2e:9f:44:
09:99:46:46:8a:71:64:59:bf:73:44:61:ef:a7:cd:
01:61:cb:90:6b:50:64:f7:27:22:72:40:49:74:92:
b9:4b:4d:82:b8:fa:9a:ea:9e:68:ef:52:90:2b:ba:
56:45:08:71:96:8c:90:47:a9:8f:14:d8:69:53:ce:
57:e3:80:a6:12:db:fe:3a:e7:c0:a9:96:73:bf:e1:
c3:43:25:0b:d0:0a:c1:77:7a:86:84:b8:9c:9a:29:
98:9b:fb:65:0e:25:21:64:c4:dc:9b:88:77:ec:30:
76:c4:2a:91:bb:6c:d5:6b:54:89:5c:80:44:50:db:
07:2e:4e:f9:05:8a:d7:2b:e7:89:12:91:6a:89:df:
6d:b0:77:15:8c:9e:94:7a:2c:bc:25:cf:89:02:2e:
7b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:81:A6:5B:E1:08:DA:7A:D6:93:8A:82:EE:3E:45:4D:3B:C4:70:AC
X509v3 Authority Key Identifier:
keyid:4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/tIGmW-EI2nrWk4qC7j5FTTvEcKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.101.0/24
85.234.106.0/23
85.234.110.0/24
185.154.192.0/22
Signature Algorithm: sha256WithRSAEncryption
95:05:d9:54:95:4f:aa:61:aa:da:87:4f:81:87:e4:16:1d:b4:
06:6c:11:4c:84:13:4d:9b:94:22:23:7c:81:98:d7:39:f6:22:
90:30:9d:da:7b:d3:52:cf:fa:ec:c4:65:54:b3:60:4a:07:a6:
f4:79:e3:ab:bd:31:c0:e5:01:c9:57:38:c3:10:55:86:0e:b2:
03:70:51:e3:96:2f:c4:41:41:2b:28:cd:4e:35:5e:56:11:f3:
e8:01:41:2a:b1:18:d3:62:8b:f8:23:28:39:f0:41:f0:d5:bc:
77:2c:2c:ff:45:5b:f7:ce:92:ff:c1:7a:41:b0:76:4c:a9:8b:
7a:a4:02:8c:03:90:a2:05:1f:5d:9d:33:71:3f:fe:a2:16:64:
6b:58:93:d8:e0:1d:3b:81:09:03:a1:d3:11:a3:94:c9:6b:45:
f5:a1:47:99:26:c4:db:a3:8e:f6:94:47:03:14:cd:93:e5:3e:
08:4f:c8:5b:4d:4d:e3:f6:25:25:fe:5c:68:aa:52:ce:b4:49:
11:70:d8:7a:01:bc:2d:26:8b:96:49:42:1b:ac:5a:7b:ce:ba:
ef:f4:00:6c:d4:03:42:42:10:64:cb:03:43:78:6c:ef:d8:7f:
9d:c0:77:d0:f9:6b:7b:00:72:ba:e2:eb:14:27:4c:a8:7a:9f:
e3:50:af:06
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZSSGqI/M+JZFp9tqih5kj3eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMmI4OWMzYzU3YTNlMjk2YWE0MDYxZTk2Mjg0MGJlN2Fl
OGYwMTgwHhcNMjUwMTIzMDc0MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDgxYTY1YmUxMDhkYTdhZDY5MzhhODJlZTNlNDU0ZDNiYzQ3MGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQAxv51VYC3n4Z7tyL87x5z1ZxlC
8ov/5ciu/EScOGAzP+OwiUscSqAIi/aBtGD9jgvGZkANhXBMwEcfWfjZZmUaLKIF
XwvmL2PdpUEMBmJKRBe59fsKS+8VmiTTcRl2QrUOuSQun0QJmUZGinFkWb9zRGHv
p80BYcuQa1Bk9ycickBJdJK5S02CuPqa6p5o71KQK7pWRQhxloyQR6mPFNhpU85X
44CmEtv+OufAqZZzv+HDQyUL0ArBd3qGhLicmimYm/tlDiUhZMTcm4h37DB2xCqR
u2zVa1SJXIBEUNsHLk75BYrXK+eJEpFqid9tsHcVjJ6Ueiy8Jc+JAi57vwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLSBplvhCNp61pOKgu4+RU07xHCsMB8GA1UdIwQY
MBaAFEwricPFej4paqQGHpYoQL566PAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQt
MTEyOGU1Y2U2YTViLzEvdElHbVctRUkybnJXazRxQzdqNUZUVHZFY0t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQtMTEyOGU1Y2U2YTVi
LzEvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVeplAwQB
VepqAwQAVepuAwQCuZrAMA0GCSqGSIb3DQEBCwUAA4IBAQCVBdlUlU+qYarah0+B
h+QWHbQGbBFMhBNNm5QiI3yBmNc59iKQMJ3ae9NSz/rsxGVUs2BKB6b0eeOrvTHA
5QHJVzjDEFWGDrIDcFHjli/EQUErKM1ONV5WEfPoAUEqsRjTYov4Iyg58EHw1bx3
LCz/RVv3zpL/wXpBsHZMqYt6pAKMA5CiBR9dnTNxP/6iFmRrWJPY4B07gQkDodMR
o5TJa0X1oUeZJsTbo472lEcDFM2T5T4IT8hbTU3j9iUl/lxoqlLOtEkRcNh6Abwt
JouWSUIbrFp7zrrv9ABs1ANCQhBkywNDeGzv2H+dwHfQ+Wt7AHK64usUJ0yoep/j
UK8G
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:20:19 2025 by rpki-client