Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/9svgo4bGRBf8fMpSXvge7RoyrHM.roa
File: 9svgo4bGRBf8fMpSXvge7RoyrHM.roa (raw, json)
Hash identifier: teVQdkK97LTCrE/CLpJAuLsspKcnHRjqSI/rfD5Q6hA=
Subject key identifier: F6:CB:E0:A3:86:C6:44:17:FC:7C:CA:52:5E:F8:1E:ED:1A:32:AC:73
Certificate issuer: /CN=b23eb849e0b6940e4ff547de0b41b003f9e1105c
Certificate serial: 0194221FFF92A7429D507559BC86B2FE22F8
Authority key identifier: B2:3E:B8:49:E0:B6:94:0E:4F:F5:47:DE:0B:41:B0:03:F9:E1:10:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sj64SeC2lA5P9UfeC0GwA_nhEFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/9svgo4bGRBf8fMpSXvge7RoyrHM.roa
Signing time: Wed 01 Jan 2025 13:48:29 +0000
ROA not before: Wed 01 Jan 2025 13:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20911
IP address blocks: 195.230.28.0/22 maxlen: 24
195.230.28.0/23 maxlen: 24
195.230.28.0/24 maxlen: 24
195.230.29.0/24 maxlen: 24
195.230.30.0/24 maxlen: 24
195.230.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/sj64SeC2lA5P9UfeC0GwA_nhEFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/sj64SeC2lA5P9UfeC0GwA_nhEFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/sj64SeC2lA5P9UfeC0GwA_nhEFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ff:92:a7:42:9d:50:75:59:bc:86:b2:fe:22:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b23eb849e0b6940e4ff547de0b41b003f9e1105c
Validity
Not Before: Jan 1 13:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6cbe0a386c64417fc7cca525ef81eed1a32ac73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ae:f0:1e:67:c5:eb:5b:fb:c2:e7:d5:12:86:
ca:e0:a1:02:f7:63:ea:9c:cb:03:0d:35:66:31:24:
24:98:7c:81:25:b0:f1:c3:59:31:12:51:44:fd:c3:
7d:62:c3:37:b1:e4:29:f1:ac:41:f8:fe:02:a3:73:
00:cc:cd:c8:99:fc:c4:9d:e4:0e:18:b7:25:ae:d8:
65:50:55:13:8a:e9:16:37:0d:db:82:3e:25:d6:4a:
82:54:85:3b:10:7c:65:60:5c:a5:f2:52:fe:ec:bf:
b6:fe:d9:ec:53:f3:5e:bf:f0:4d:01:cd:18:ab:aa:
fb:de:b2:0e:95:1a:4c:57:e9:cc:5e:ba:ae:74:65:
e8:6c:b9:a3:87:ca:df:27:90:49:40:96:d0:71:34:
c6:79:d6:0e:eb:78:fd:53:b0:3f:cc:39:35:e5:6a:
9a:08:cc:30:fe:ec:ce:f0:66:58:b1:eb:ee:43:a8:
d4:9a:a8:d6:0c:2f:66:63:ce:13:47:45:85:20:1e:
67:6f:aa:8e:da:57:91:b0:5e:6d:ca:62:90:f2:39:
02:e6:5c:fb:3c:95:e4:43:90:40:23:a2:11:7e:26:
67:89:74:55:4a:0c:e3:6a:d6:0d:e9:8e:8b:5b:22:
3b:cd:77:6a:54:af:63:e1:ee:7c:7f:b8:37:14:3a:
9a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:CB:E0:A3:86:C6:44:17:FC:7C:CA:52:5E:F8:1E:ED:1A:32:AC:73
X509v3 Authority Key Identifier:
keyid:B2:3E:B8:49:E0:B6:94:0E:4F:F5:47:DE:0B:41:B0:03:F9:E1:10:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sj64SeC2lA5P9UfeC0GwA_nhEFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/9svgo4bGRBf8fMpSXvge7RoyrHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/sj64SeC2lA5P9UfeC0GwA_nhEFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.230.28.0/22
Signature Algorithm: sha256WithRSAEncryption
99:54:1e:6b:1c:67:13:d6:6d:08:aa:82:cb:44:62:b8:79:6e:
f5:c3:6a:21:db:71:83:fe:84:a8:70:ce:f9:60:2e:08:55:8e:
0b:9a:94:ee:f6:f7:9a:4a:2b:b3:0b:25:41:d1:fd:18:a9:1c:
01:56:54:cc:3e:ea:57:9c:e5:fa:98:70:66:d9:a6:f0:6a:16:
f7:cb:5a:68:30:8b:03:50:3d:f5:d7:5e:e8:d8:53:52:a5:f3:
bf:d7:53:13:40:79:96:4a:bd:ac:d2:8b:fe:d5:22:e0:65:3a:
7c:52:7c:db:a4:21:5a:c8:c0:f6:c3:61:16:c8:a1:28:b1:f4:
65:f0:0c:df:ef:51:5a:42:71:ab:31:de:a1:a4:54:09:4d:ae:
f9:ad:73:e8:43:90:e7:a0:35:11:fb:10:ed:82:19:fe:19:bf:
48:c9:3f:aa:45:d8:a6:21:9f:7b:e3:3d:6d:b2:3d:2a:50:a3:
9e:af:28:70:01:67:64:ea:ad:27:c1:18:2a:78:91:8e:38:a4:
94:b9:b7:b7:50:d4:e9:62:3d:48:c4:9d:7e:c9:73:60:4d:26:
0b:86:fe:55:ca:bb:71:10:6a:3d:c9:1c:93:38:78:fa:05:ff:
20:09:33:bd:91:a9:62:8f:85:da:95:9a:e7:99:c2:13:a9:c9:
95:56:8c:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH/+Sp0KdUHVZvIay/iL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyM2ViODQ5ZTBiNjk0MGU0ZmY1NDdkZTBiNDFiMDAzZjll
MTEwNWMwHhcNMjUwMTAxMTM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmNiZTBhMzg2YzY0NDE3ZmM3Y2NhNTI1ZWY4MWVlZDFhMzJhYzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA267wHmfF61v7wufVEobK4KEC92Pq
nMsDDTVmMSQkmHyBJbDxw1kxElFE/cN9YsM3seQp8axB+P4Co3MAzM3ImfzEneQO
GLclrthlUFUTiukWNw3bgj4l1kqCVIU7EHxlYFyl8lL+7L+2/tnsU/Nev/BNAc0Y
q6r73rIOlRpMV+nMXrqudGXobLmjh8rfJ5BJQJbQcTTGedYO63j9U7A/zDk15Wqa
CMww/uzO8GZYsevuQ6jUmqjWDC9mY84TR0WFIB5nb6qO2leRsF5tymKQ8jkC5lz7
PJXkQ5BAI6IRfiZniXRVSgzjatYN6Y6LWyI7zXdqVK9j4e58f7g3FDqaeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPbL4KOGxkQX/HzKUl74Hu0aMqxzMB8GA1UdIwQY
MBaAFLI+uEngtpQOT/VH3gtBsAP54RBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2o2NFNlQzJsQTVQOVVmZUMwR3dBX25oRUZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8xMWJmMmUtYjU4YS00YTMxLTg5YzAt
MTU1ZjQyZGNhYTczLzEvOXN2Z280YkdSQmY4Zk1wU1h2Z2U3Um95ckhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8xMWJmMmUtYjU4YS00YTMxLTg5YzAtMTU1ZjQyZGNhYTcz
LzEvc2o2NFNlQzJsQTVQOVVmZUMwR3dBX25oRUZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw+YcMA0G
CSqGSIb3DQEBCwUAA4IBAQCZVB5rHGcT1m0IqoLLRGK4eW71w2oh23GD/oSocM75
YC4IVY4LmpTu9veaSiuzCyVB0f0YqRwBVlTMPupXnOX6mHBm2abwahb3y1poMIsD
UD31117o2FNSpfO/11MTQHmWSr2s0ov+1SLgZTp8UnzbpCFayMD2w2EWyKEosfRl
8Azf71FaQnGrMd6hpFQJTa75rXPoQ5DnoDUR+xDtghn+Gb9IyT+qRdimIZ974z1t
sj0qUKOeryhwAWdk6q0nwRgqeJGOOKSUube3UNTpYj1IxJ1+yXNgTSYLhv5Vyrtx
EGo9yRyTOHj6Bf8gCTO9kalij4XalZrnmcITqcmVVoxc
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:13:07 2025 by rpki-client