Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/cRJHBNdmbpUyHqOEUpwKzTFuNCk.roa
File: cRJHBNdmbpUyHqOEUpwKzTFuNCk.roa (raw, json)
Hash identifier: SS69vXe4PhGUYENzPrsqk18OCamPGc10AVGsVohBJGk=
Subject key identifier: 71:12:47:04:D7:66:6E:95:32:1E:A3:84:52:9C:0A:CD:31:6E:34:29
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 019425217B92995D233E31DB94BB2F98072E
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/cRJHBNdmbpUyHqOEUpwKzTFuNCk.roa
Signing time: Thu 02 Jan 2025 03:48:58 +0000
ROA not before: Thu 02 Jan 2025 03:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44682
IP address blocks: 86.107.68.0/23 maxlen: 23
89.35.33.0/24 maxlen: 24
89.35.50.0/24 maxlen: 24
89.42.28.0/24 maxlen: 24
89.42.59.0/24 maxlen: 24
89.43.194.0/23 maxlen: 23
89.45.163.0/24 maxlen: 24
89.46.220.0/23 maxlen: 23
93.113.156.0/24 maxlen: 24
93.114.172.0/22 maxlen: 22
188.210.88.0/24 maxlen: 24
188.213.2.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:7b:92:99:5d:23:3e:31:db:94:bb:2f:98:07:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Jan 2 03:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71124704d7666e95321ea384529c0acd316e3429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f2:b1:bc:39:52:43:66:f2:b8:27:e8:32:b3:
52:8c:4a:0d:b5:a4:c4:8d:66:e7:f7:b5:08:71:93:
89:d6:4a:cc:32:6f:c8:d2:45:66:49:c0:1d:7a:78:
e5:69:9d:00:b6:00:95:5e:ee:7b:92:d7:68:18:86:
b3:2a:92:bf:41:15:11:ae:c1:6a:b4:85:27:d8:10:
ae:b1:0b:ba:fb:25:6c:b7:f8:f6:cf:15:ce:b5:5a:
87:cc:03:30:46:96:4b:95:9b:16:06:54:74:94:15:
77:ee:03:b1:d1:9b:31:aa:02:36:1a:ea:39:8e:ae:
b7:da:c3:5e:d4:ec:d6:6a:da:22:36:de:5b:57:22:
8b:39:43:98:a2:86:54:fe:cc:29:6d:0c:df:1a:7e:
b8:90:51:d1:87:c3:b4:99:f0:99:1f:4f:9e:94:73:
f8:c8:35:46:b8:0c:44:09:10:91:11:78:07:6b:76:
88:d9:5d:20:58:ef:f7:66:e9:be:aa:ad:df:ef:6f:
6d:14:56:f2:50:15:58:4d:b0:b9:3c:b1:85:9a:5a:
85:99:02:ed:55:d2:cc:b2:9f:02:00:22:34:5e:d3:
75:21:ed:95:de:0d:4e:5c:1e:8c:56:7f:e9:bd:0a:
18:55:88:12:bd:f3:a1:4b:f9:7d:5e:ef:07:05:e8:
ea:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:12:47:04:D7:66:6E:95:32:1E:A3:84:52:9C:0A:CD:31:6E:34:29
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/cRJHBNdmbpUyHqOEUpwKzTFuNCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.68.0/23
89.35.33.0/24
89.35.50.0/24
89.42.28.0/24
89.42.59.0/24
89.43.194.0/23
89.45.163.0/24
89.46.220.0/23
93.113.156.0/24
93.114.172.0/22
188.210.88.0/24
188.213.2.0/23
Signature Algorithm: sha256WithRSAEncryption
23:08:7c:c9:e3:ed:a3:36:88:26:93:38:9e:55:8a:90:8b:72:
02:0f:f5:64:52:1f:04:ae:3e:79:87:c4:37:d4:41:38:07:f0:
d1:6c:5c:14:ef:1b:08:0d:6d:7a:f9:5c:d6:e1:ad:30:32:67:
69:bf:ea:72:1c:c9:42:a6:d5:2f:26:58:c0:36:13:31:29:93:
36:4b:4a:33:6f:06:89:c1:01:2a:ec:b4:06:90:d2:b1:a4:1e:
9b:a8:ce:20:12:32:c6:51:20:2d:22:92:96:94:3b:cf:66:33:
4b:a7:ab:8a:02:71:02:4e:1a:f7:fc:88:ae:3d:7f:58:4f:16:
db:c9:cd:5b:0b:74:23:61:99:c2:10:0c:31:f6:65:70:2b:5e:
2a:d2:6f:80:da:93:81:0d:5f:68:f0:23:a2:74:82:c5:c5:3c:
e4:26:d4:aa:16:17:dd:c7:10:25:97:37:d2:9b:38:e6:36:07:
f3:3d:ae:0e:54:b3:94:cc:1e:25:cb:c7:ac:43:d3:cc:c8:eb:
62:b8:5e:41:a8:1b:bd:3f:fa:f1:3e:e6:8a:4c:42:61:5d:4b:
e7:bd:21:f9:ad:6c:ea:ee:74:e0:cb:3d:38:6d:ba:a4:57:60:
1e:09:fa:9f:a6:1a:36:31:70:53:9d:f5:94:3e:a1:ea:7d:58:
ed:01:1b:55
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZQlIXuSmV0jPjHblLsvmAcuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjUwMTAyMDM0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTEyNDcwNGQ3NjY2ZTk1MzIxZWEzODQ1MjljMGFjZDMxNmUzNDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vKxvDlSQ2byuCfoMrNSjEoNtaTE
jWbn97UIcZOJ1krMMm/I0kVmScAdenjlaZ0AtgCVXu57ktdoGIazKpK/QRURrsFq
tIUn2BCusQu6+yVst/j2zxXOtVqHzAMwRpZLlZsWBlR0lBV37gOx0ZsxqgI2Guo5
jq632sNe1OzWatoiNt5bVyKLOUOYooZU/swpbQzfGn64kFHRh8O0mfCZH0+elHP4
yDVGuAxECRCREXgHa3aI2V0gWO/3Zum+qq3f729tFFbyUBVYTbC5PLGFmlqFmQLt
VdLMsp8CACI0XtN1Ie2V3g1OXB6MVn/pvQoYVYgSvfOhS/l9Xu8HBejqxQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHESRwTXZm6VMh6jhFKcCs0xbjQpMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvY1JKSEJOZG1icFV5SHFPRVVwd0t6VEZ1TkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQBVmtEAwQA
WSMhAwQAWSMyAwQAWSocAwQAWSo7AwQBWSvCAwQAWS2jAwQBWS7cAwQAXXGcAwQC
XXKsAwQAvNJYAwQBvNUCMA0GCSqGSIb3DQEBCwUAA4IBAQAjCHzJ4+2jNogmkzie
VYqQi3ICD/VkUh8Erj55h8Q31EE4B/DRbFwU7xsIDW16+VzW4a0wMmdpv+pyHMlC
ptUvJljANhMxKZM2S0ozbwaJwQEq7LQGkNKxpB6bqM4gEjLGUSAtIpKWlDvPZjNL
p6uKAnECThr3/IiuPX9YTxbbyc1bC3QjYZnCEAwx9mVwK14q0m+A2pOBDV9o8COi
dILFxTzkJtSqFhfdxxAllzfSmzjmNgfzPa4OVLOUzB4ly8esQ9PMyOtiuF5BqBu9
P/rxPuaKTEJhXUvnvSH5rWzq7nTgyz04bbqkV2AeCfqfpho2MXBTnfWUPqHqfVjt
ARtV
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:48 2025 by rpki-client