Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yW0Ha_94iEvAY39Xnp5X0bU71Do.roa
File: yW0Ha_94iEvAY39Xnp5X0bU71Do.roa (raw, json)
Hash identifier: utgBtL9irba12atb30UISDRq7m11u+8KQM5+t5g3JbM=
Subject key identifier: C9:6D:07:6B:FF:78:88:4B:C0:63:7F:57:9E:9E:57:D1:B5:3B:D4:3A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194DB4AE84001E2618300B7135DDD853968
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yW0Ha_94iEvAY39Xnp5X0bU71Do.roa
Signing time: Thu 06 Feb 2025 12:45:06 +0000
ROA not before: Thu 06 Feb 2025 12:45:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.98.0/24 maxlen: 24
82.153.205.0/24 maxlen: 24
89.213.50.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
212.38.79.0/24 maxlen: 24
213.218.234.0/24 maxlen: 24
213.218.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 09:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:db:4a:e8:40:01:e2:61:83:00:b7:13:5d:dd:85:39:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 6 12:45:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c96d076bff78884bc0637f579e9e57d1b53bd43a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c8:1e:61:b5:c0:a3:c7:9c:54:b0:1c:cf:6f:
8d:45:56:f5:ec:8f:70:cc:2e:fe:f5:e7:b2:74:15:
66:cb:ee:ab:63:be:a0:bb:03:2b:aa:ac:48:9a:99:
6c:ee:2e:3d:ac:42:5a:db:42:4f:78:eb:8b:7a:60:
e0:d2:c6:5c:c4:48:00:35:f8:dd:3f:bb:a7:58:64:
12:f8:ff:f4:84:be:9e:2c:df:e6:91:e5:4e:29:fa:
8b:b4:4f:b4:3a:fe:96:2c:10:6a:94:1e:1d:70:f8:
03:26:92:66:d8:87:f9:a7:77:45:29:86:e6:52:85:
0a:96:0d:6b:2b:c2:2e:13:25:52:70:31:ad:fb:2c:
df:1b:e9:f7:79:11:07:46:59:28:cc:a6:0f:c3:98:
0c:1f:93:44:0f:5b:38:5a:86:7f:5f:90:21:98:bc:
30:c1:6e:10:1c:59:4b:5b:2f:9f:60:51:1a:84:21:
ef:1d:12:87:1c:e6:ac:bc:4f:93:c4:77:af:22:bd:
07:55:01:3c:51:69:5c:3b:45:f2:44:2a:40:91:f0:
21:72:06:7a:00:10:33:b9:77:3a:a6:5a:72:c8:49:
18:47:c7:c2:95:48:c9:3c:00:13:4b:1e:90:a9:fc:
af:1b:d9:a8:28:ce:09:f4:61:b7:87:f8:33:7f:45:
bf:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:6D:07:6B:FF:78:88:4B:C0:63:7F:57:9E:9E:57:D1:B5:3B:D4:3A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yW0Ha_94iEvAY39Xnp5X0bU71Do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.98.0/24
82.153.205.0/24
89.213.50.0/24
109.176.244.0/24
212.38.79.0/24
213.218.234.0/24
213.218.238.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:11:61:a2:de:97:0a:53:3e:67:ca:39:4a:7b:1b:85:00:a3:
45:57:c4:2b:f0:6b:0a:ab:31:a3:2e:87:14:22:7a:76:74:ff:
07:e8:bd:28:01:63:3a:5f:e4:9e:6d:e0:36:e5:2b:9d:cb:f0:
a0:07:85:d9:26:d9:36:13:b8:5d:7e:cf:de:86:ae:83:f6:a8:
a1:60:3b:d6:da:9d:c5:6e:f3:ac:fc:17:2b:bb:e3:31:20:4a:
e6:db:68:8c:7e:11:ce:e0:50:78:ca:35:4d:19:28:cf:47:e0:
83:56:db:f3:12:f2:6c:bf:15:b6:08:c1:e9:c0:7f:5e:e1:37:
d1:41:81:42:04:07:96:a6:b5:86:d3:9f:d7:18:10:18:c5:5b:
de:5b:22:e0:46:dc:e7:41:ad:fb:5a:17:33:5a:2a:63:5c:ea:
32:ae:3e:1b:4e:cb:a1:6c:1b:32:ab:87:1f:86:48:b3:47:b3:
2b:37:21:e9:61:01:a2:ba:1b:ab:68:f3:8b:94:e7:92:9b:db:
12:c2:cf:c6:8d:96:8c:77:1f:6a:df:b7:5b:86:65:1a:69:7a:
6d:0a:f8:fc:c4:e6:95:bb:f7:70:8f:f4:2a:fd:d5:d7:71:ee:
22:6d:54:f0:49:50:96:7a:6e:74:ab:0a:ee:dd:0f:d1:fb:61:
65:f4:8b:f6
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZTbSuhAAeJhgwC3E13dhTloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMjA2MTI0NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTZkMDc2YmZmNzg4ODRiYzA2MzdmNTc5ZTllNTdkMWI1M2JkNDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMgeYbXAo8ecVLAcz2+NRVb17I9w
zC7+9eeydBVmy+6rY76guwMrqqxImpls7i49rEJa20JPeOuLemDg0sZcxEgANfjd
P7unWGQS+P/0hL6eLN/mkeVOKfqLtE+0Ov6WLBBqlB4dcPgDJpJm2If5p3dFKYbm
UoUKlg1rK8IuEyVScDGt+yzfG+n3eREHRlkozKYPw5gMH5NED1s4WoZ/X5AhmLww
wW4QHFlLWy+fYFEahCHvHRKHHOasvE+TxHevIr0HVQE8UWlcO0XyRCpAkfAhcgZ6
ABAzuXc6plpyyEkYR8fClUjJPAATSx6QqfyvG9moKM4J9GG3h/gzf0W/JwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFMltB2v/eIhLwGN/V56eV9G1O9Q6MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveVcwSGFfOTRpRXZBWTM5WG5wNVgwYlU3MURvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUpgIAwQA
UphiAwQAUpnNAwQAWdUyAwQAbbD0AwQA1CZPAwQA1drqAwQA1druMA0GCSqGSIb3
DQEBCwUAA4IBAQAqEWGi3pcKUz5nyjlKexuFAKNFV8Qr8GsKqzGjLocUInp2dP8H
6L0oAWM6X+SebeA25Sudy/CgB4XZJtk2E7hdfs/ehq6D9qihYDvW2p3FbvOs/Bcr
u+MxIErm22iMfhHO4FB4yjVNGSjPR+CDVtvzEvJsvxW2CMHpwH9e4TfRQYFCBAeW
prWG05/XGBAYxVveWyLgRtznQa37WhczWipjXOoyrj4bTsuhbBsyq4cfhkizR7Mr
NyHpYQGiuhuraPOLlOeSm9sSws/GjZaMdx9q37dbhmUaaXptCvj8xOaVu/dwj/Qq
/dXXce4ibVTwSVCWem50qwru3Q/R+2Fl9Iv2
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:20:59 2025 by rpki-client