Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/ltR8O9eT6M3oAU_gxp7pcWB8yvg.roa
File: ltR8O9eT6M3oAU_gxp7pcWB8yvg.roa (raw, json)
Hash identifier: 5GhoLYlXlz1l2KGazssc6/9eGWn++CM1C2ZU91tWclU=
Subject key identifier: 96:D4:7C:3B:D7:93:E8:CD:E8:01:4F:E0:C6:9E:E9:71:60:7C:CA:F8
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 019424456E3D1216C65B37CDEE3903E33383
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/ltR8O9eT6M3oAU_gxp7pcWB8yvg.roa
Signing time: Wed 01 Jan 2025 23:48:37 +0000
ROA not before: Wed 01 Jan 2025 23:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 92.50.0.0/24 maxlen: 24
92.50.1.0/24 maxlen: 24
92.50.2.0/24 maxlen: 24
92.50.3.0/24 maxlen: 24
92.50.4.0/24 maxlen: 24
92.50.5.0/24 maxlen: 24
92.50.6.0/24 maxlen: 24
92.50.7.0/24 maxlen: 24
92.50.8.0/24 maxlen: 24
92.50.9.0/24 maxlen: 24
92.50.10.0/24 maxlen: 24
92.50.11.0/24 maxlen: 24
92.50.12.0/24 maxlen: 24
92.50.13.0/24 maxlen: 24
147.136.72.0/22 maxlen: 24
147.136.80.0/22 maxlen: 24
147.136.92.0/22 maxlen: 24
185.171.253.0/24 maxlen: 24
192.95.92.0/24 maxlen: 24
192.95.93.0/24 maxlen: 24
192.95.94.0/24 maxlen: 24
192.95.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 11:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:6e:3d:12:16:c6:5b:37:cd:ee:39:03:e3:33:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 1 23:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96d47c3bd793e8cde8014fe0c69ee971607ccaf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8c:c5:94:f2:01:a0:9c:84:c5:f8:9e:c7:8b:
ba:c6:ed:89:be:2c:72:53:92:6a:cc:95:16:11:16:
56:27:41:4d:fb:a3:79:2c:41:2d:d4:09:e7:d2:84:
ad:df:d0:ec:47:9a:12:31:13:3d:7a:ab:02:86:4d:
eb:32:bd:ee:11:dc:08:c4:22:25:91:13:c5:b4:3e:
16:d4:63:36:f2:b9:1e:81:aa:11:50:af:69:8f:e3:
02:ff:39:56:07:95:71:b6:e6:0c:15:8c:d8:cf:05:
3a:2a:b6:2c:1d:ef:8e:8f:4b:f1:f0:39:43:5c:20:
82:00:66:d9:6b:48:01:ab:b8:17:cc:86:09:3f:63:
db:66:a4:32:25:37:b2:e1:ac:8b:df:0d:a5:f4:66:
12:ff:68:73:32:d3:b3:ed:d7:3f:6f:15:5f:3e:d6:
ec:c1:5a:74:66:e3:10:d3:44:84:21:11:3c:b3:48:
cf:96:dc:54:0f:26:b6:b0:58:d7:d6:b2:ec:72:a9:
08:2c:74:3c:88:af:e3:62:8a:bd:64:2f:0e:4f:51:
d6:7a:dd:f9:94:ba:e4:f4:75:66:27:9b:50:44:ea:
7a:a5:61:37:df:cf:96:33:6d:3c:73:d4:0e:fc:67:
28:f2:63:46:a2:85:c7:1d:80:85:9d:20:aa:0a:71:
d0:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:D4:7C:3B:D7:93:E8:CD:E8:01:4F:E0:C6:9E:E9:71:60:7C:CA:F8
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/ltR8O9eT6M3oAU_gxp7pcWB8yvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.50.0.0-92.50.13.255
147.136.72.0/22
147.136.80.0/22
147.136.92.0/22
185.171.253.0/24
192.95.92.0/22
Signature Algorithm: sha256WithRSAEncryption
68:17:ea:e5:6c:33:b4:a7:8e:0e:26:6a:17:75:17:b9:4d:28:
87:7c:11:59:6d:94:88:08:e7:af:2e:55:9f:77:23:d6:e3:40:
ac:19:18:0c:d6:fd:81:88:56:27:c1:be:61:10:a9:ce:70:3d:
f5:37:4f:31:6a:bf:d4:47:15:52:40:28:aa:52:b0:8b:2e:d8:
9e:8e:f1:22:b8:24:5a:4c:8d:29:f5:73:80:83:ce:33:16:ef:
3b:ad:7e:18:d8:9a:fd:eb:e3:29:ec:83:fd:21:3e:8d:c7:fe:
e9:b3:4c:9c:39:26:11:c2:ef:21:dd:27:18:fc:44:03:9e:c9:
6b:6d:2d:05:00:38:d4:13:7b:18:5f:f4:b6:b0:f5:e0:8a:e3:
66:d9:16:b6:a8:8f:22:5e:57:3b:9f:a0:ce:68:60:14:cc:cf:
d7:08:04:3f:52:25:42:a5:e3:c3:10:df:fe:bb:fc:5b:2b:c7:
29:e3:3d:f7:66:65:87:ac:16:f1:c8:5c:4b:78:03:15:04:97:
16:4e:84:e7:3b:55:db:f5:44:28:78:20:e0:ce:2a:0f:16:9e:
cc:32:87:8a:bb:42:75:6c:38:68:ee:b4:c4:a0:0a:ae:f7:9a:
85:33:18:b7:5d:58:21:b6:8e:4c:fa:94:b4:5e:e9:61:b4:b2:
89:20:22:23
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZQkRW49EhbGWzfN7jkD4zODMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjUwMTAxMjM0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmQ0N2MzYmQ3OTNlOGNkZTgwMTRmZTBjNjllZTk3MTYwN2NjYWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYzFlPIBoJyExfiex4u6xu2Jvixy
U5JqzJUWERZWJ0FN+6N5LEEt1Ann0oSt39DsR5oSMRM9eqsChk3rMr3uEdwIxCIl
kRPFtD4W1GM28rkegaoRUK9pj+MC/zlWB5VxtuYMFYzYzwU6KrYsHe+Oj0vx8DlD
XCCCAGbZa0gBq7gXzIYJP2PbZqQyJTey4ayL3w2l9GYS/2hzMtOz7dc/bxVfPtbs
wVp0ZuMQ00SEIRE8s0jPltxUDya2sFjX1rLscqkILHQ8iK/jYoq9ZC8OT1HWet35
lLrk9HVmJ5tQROp6pWE338+WM208c9QO/Gco8mNGooXHHYCFnSCqCnHQSQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFJbUfDvXk+jN6AFP4Mae6XFgfMr4MB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvbHRSOE85ZVQ2TTNvQVVfZ3hwN3BjV0I4eXZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAxBAIAATArMAsDAwFcMgME
AVwyDAMEApOISAMEApOIUAMEApOIXAMEALmr/QMEAsBfXDANBgkqhkiG9w0BAQsF
AAOCAQEAaBfq5WwztKeODiZqF3UXuU0oh3wRWW2UiAjnry5Vn3cj1uNArBkYDNb9
gYhWJ8G+YRCpznA99TdPMWq/1EcVUkAoqlKwiy7Yno7xIrgkWkyNKfVzgIPOMxbv
O61+GNia/evjKeyD/SE+jcf+6bNMnDkmEcLvId0nGPxEA57Ja20tBQA41BN7GF/0
trD14IrjZtkWtqiPIl5XO5+gzmhgFMzP1wgEP1IlQqXjwxDf/rv8WyvHKeM992Zl
h6wW8chcS3gDFQSXFk6E5ztV2/VEKHgg4M4qDxaezDKHirtCdWw4aO60xKAKrvea
hTMYt11YIbaOTPqUtF7pYbSyiSAiIw==
-----END CERTIFICATE-----
Generated at Wed Feb 5 18:59:16 2025 by rpki-client