Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/SulUHxM5I6cxawTxa87OHP4l10g.roa
File: SulUHxM5I6cxawTxa87OHP4l10g.roa (raw, json)
Hash identifier: rSa5gvVuwfUAUs+cMufUiuLSIvSHBcOKdSfl8pkoj54=
Subject key identifier: 4A:E9:54:1F:13:39:23:A7:31:6B:04:F1:6B:CE:CE:1C:FE:25:D7:48
Certificate issuer: /CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Certificate serial: 0195F8112BEF9F7950600E16054C1AEDA867
Authority key identifier: 99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/SulUHxM5I6cxawTxa87OHP4l10g.roa
Signing time: Wed 02 Apr 2025 19:53:49 +0000
ROA not before: Wed 02 Apr 2025 19:53:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132892
IP address blocks: 141.101.88.0/24 maxlen: 24
141.101.89.0/24 maxlen: 24
2a06:98c0:3600::/48 maxlen: 48
2a06:98c0:3601::/48 maxlen: 48
2a06:98c0:3602::/48 maxlen: 48
2a06:98c0:3603::/48 maxlen: 48
2a06:98c0:3604::/48 maxlen: 48
2a06:98c0:3605::/48 maxlen: 48
2a06:98c0:3606::/48 maxlen: 48
2a06:98c0:3607::/48 maxlen: 48
2a06:98c0:3608::/48 maxlen: 48
2a06:98c0:3609::/48 maxlen: 48
2a06:98c0:360a::/48 maxlen: 48
2a06:98c0:360b::/48 maxlen: 48
2a06:98c0:360c::/48 maxlen: 48
2a06:98c0:360d::/48 maxlen: 48
2a06:98c0:360f::/48 maxlen: 48
2a06:98c0:3610::/48 maxlen: 48
2a06:98c0:3611::/48 maxlen: 48
2a06:98c0:3613::/48 maxlen: 48
2a06:98c0:3614::/48 maxlen: 48
2a06:98c0:3615::/48 maxlen: 48
2a06:98c0:361c::/48 maxlen: 48
2a06:98c0:361d::/48 maxlen: 48
2a06:98c0:361f::/48 maxlen: 48
2a06:98c0:3620::/48 maxlen: 48
2a06:98c0:3621::/48 maxlen: 48
2a06:98c0:3622::/48 maxlen: 48
2a06:98c0:3623::/48 maxlen: 48
2a06:98c0:3624::/48 maxlen: 48
2a06:98c0:3625::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f8:11:2b:ef:9f:79:50:60:0e:16:05:4c:1a:ed:a8:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Validity
Not Before: Apr 2 19:53:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ae9541f133923a7316b04f16bcece1cfe25d748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b1:97:0f:5e:df:0d:76:01:b5:f1:ca:5b:d4:
80:ba:ab:82:2a:be:b2:30:e8:a6:c1:3b:10:e4:02:
a7:98:37:73:4d:ea:7f:84:3f:a1:ce:a8:9b:de:97:
e7:dc:9d:60:09:55:17:7e:cb:0c:e6:47:7b:a5:64:
a9:82:04:ed:e5:53:03:52:51:15:cf:54:31:a5:e0:
77:27:bb:9d:1a:f7:5e:4b:0e:c2:2d:89:d5:5b:28:
b9:58:77:05:56:a4:7b:1a:7b:8e:07:e8:2f:f3:ca:
75:a8:69:b3:59:ef:7d:54:b2:d3:bc:98:47:23:cf:
82:cb:04:a8:26:42:47:33:56:e1:41:44:ba:b5:f1:
50:4e:0c:30:1b:4f:31:68:ba:60:ee:0f:b6:86:a8:
40:f1:3f:c1:24:51:d1:6e:ec:da:59:44:14:89:67:
30:28:66:e6:99:50:60:73:53:0f:87:f7:76:a5:72:
89:27:9f:16:f9:29:c7:ae:f5:9d:e6:76:95:a4:7e:
fd:c0:91:30:e6:cf:64:a3:73:7c:64:9e:50:4c:44:
41:93:7d:69:c5:55:d6:2e:fb:b8:6a:8a:15:a3:5d:
a3:2a:75:93:55:9d:f5:6f:8f:01:82:81:1d:ce:94:
a1:27:d0:1e:cf:98:d9:90:10:5b:fd:63:e9:0b:cd:
b8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:E9:54:1F:13:39:23:A7:31:6B:04:F1:6B:CE:CE:1C:FE:25:D7:48
X509v3 Authority Key Identifier:
keyid:99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/SulUHxM5I6cxawTxa87OHP4l10g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.101.88.0/23
IPv6:
2a06:98c0:3600::-2a06:98c0:360d:ffff:ffff:ffff:ffff:ffff
2a06:98c0:360f::-2a06:98c0:3611:ffff:ffff:ffff:ffff:ffff
2a06:98c0:3613::-2a06:98c0:3615:ffff:ffff:ffff:ffff:ffff
2a06:98c0:361c::/47
2a06:98c0:361f::-2a06:98c0:3625:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7f:4c:83:2c:f9:42:5b:ca:be:2d:ff:1d:e3:f2:bd:80:0e:15:
12:70:f3:ae:22:15:a8:e8:f8:26:1e:ac:1f:c0:aa:7d:09:61:
c6:76:e0:56:5b:bf:54:17:24:c4:71:81:60:ca:55:be:d7:21:
d6:b9:e0:d6:aa:1f:1a:76:bf:19:05:43:97:cd:ff:a8:8c:8a:
4e:4c:d8:3a:60:b1:09:b2:fc:34:89:4a:45:31:d2:2c:e4:24:
bf:16:52:8a:b7:a9:e7:3e:94:e7:bc:99:2d:e6:91:44:5f:0a:
79:c7:3e:58:7a:93:7c:1e:41:7a:b4:9f:e6:d5:1c:f4:b8:56:
45:ec:2a:19:9b:44:ed:b8:ca:a4:6c:8c:ca:66:b3:4b:6b:8a:
d8:4d:96:01:f9:29:28:4c:84:e5:a0:da:a0:84:a4:65:17:74:
d3:a7:c8:eb:64:13:17:6b:e4:2b:c2:d0:a6:d2:50:b4:0a:73:
43:9e:08:3c:4b:a8:2e:e2:8d:38:87:23:ca:d9:cf:2a:5d:c3:
e0:4f:e1:19:93:2c:8b:9a:8f:99:7a:3e:da:7c:9b:c6:b8:bc:
33:3e:1f:58:6e:cf:84:2f:b6:11:8d:32:b0:44:3f:55:a7:1f:
62:2e:0f:9f:ea:7b:03:34:d3:a1:dc:a8:18:cb:5e:42:9e:1b:
9a:15:ed:95
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZX4ESvvn3lQYA4WBUwa7ahnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDViZmFkNDVkN2M2NWE2ZTM0MzAyODUwOWZkMTg5MmU5
N2I5ZDAwHhcNMjUwNDAyMTk1MzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWU5NTQxZjEzMzkyM2E3MzE2YjA0ZjE2YmNlY2UxY2ZlMjVkNzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7GXD17fDXYBtfHKW9SAuquCKr6y
MOimwTsQ5AKnmDdzTep/hD+hzqib3pfn3J1gCVUXfssM5kd7pWSpggTt5VMDUlEV
z1QxpeB3J7udGvdeSw7CLYnVWyi5WHcFVqR7GnuOB+gv88p1qGmzWe99VLLTvJhH
I8+CywSoJkJHM1bhQUS6tfFQTgwwG08xaLpg7g+2hqhA8T/BJFHRbuzaWUQUiWcw
KGbmmVBgc1MPh/d2pXKJJ58W+SnHrvWd5naVpH79wJEw5s9ko3N8ZJ5QTERBk31p
xVXWLvu4aooVo12jKnWTVZ31b48BgoEdzpShJ9Aez5jZkBBb/WPpC824CwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFErpVB8TOSOnMWsE8WvOzhz+JddIMB8GA1UdIwQY
MBaAFJnVv61F18ZabjQwKFCf0Ykul7nQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQt
NzU1MTgwOWNiNzMxLzEvU3VsVUh4TTVJNmN4YXdUeGE4N09IUDRsMTBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQtNzU1MTgwOWNiNzMx
LzEvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjAMBAIAATAGAwQBjWVYMF4E
AgACMFgwEQMGASoGmMA2AwcBKgaYwDYMMBIDBwAqBpjANg8DBwEqBpjANhAwEgMH
ACoGmMA2EwMHASoGmMA2FAMHASoGmMA2HDASAwcAKgaYwDYfAwcBKgaYwDYkMA0G
CSqGSIb3DQEBCwUAA4IBAQB/TIMs+UJbyr4t/x3j8r2ADhUScPOuIhWo6PgmHqwf
wKp9CWHGduBWW79UFyTEcYFgylW+1yHWueDWqh8adr8ZBUOXzf+ojIpOTNg6YLEJ
svw0iUpFMdIs5CS/FlKKt6nnPpTnvJkt5pFEXwp5xz5YepN8HkF6tJ/m1Rz0uFZF
7CoZm0TtuMqkbIzKZrNLa4rYTZYB+SkoTITloNqghKRlF3TTp8jrZBMXa+QrwtCm
0lC0CnNDngg8S6gu4o04hyPK2c8qXcPgT+EZkyyLmo+Zej7afJvGuLwzPh9Ybs+E
L7YRjTKwRD9Vpx9iLg+f6nsDNNOh3KgYy15CnhuaFe2V
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:44:41 2025 by rpki-client