Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/_vsjWI5yfirlYBEQFo7GYfCcJuY.roa
File: _vsjWI5yfirlYBEQFo7GYfCcJuY.roa (raw, json)
Hash identifier: cWFUVNFFAdcN3FLLUOZOmGlMNCedYLfmkMjDFDAXLTg=
Subject key identifier: FE:FB:23:58:8E:72:7E:2A:E5:60:11:10:16:8E:C6:61:F0:9C:26:E6
Certificate issuer: /CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Certificate serial: 01953864C3B8DFC01643CA5443B398FDA8B7
Authority key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/_vsjWI5yfirlYBEQFo7GYfCcJuY.roa
Signing time: Mon 24 Feb 2025 14:38:02 +0000
ROA not before: Mon 24 Feb 2025 14:38:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 85.204.181.0/24 maxlen: 24
86.105.58.0/24 maxlen: 24
86.105.211.0/24 maxlen: 24
86.107.164.0/24 maxlen: 24
89.39.97.0/24 maxlen: 24
93.113.70.0/24 maxlen: 24
93.119.201.0/24 maxlen: 24
93.119.232.0/24 maxlen: 24
188.208.124.0/24 maxlen: 24
188.208.125.0/24 maxlen: 24
188.209.223.0/24 maxlen: 24
188.214.136.0/24 maxlen: 24
188.214.137.0/24 maxlen: 24
188.214.138.0/24 maxlen: 24
188.214.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:38:64:c3:b8:df:c0:16:43:ca:54:43:b3:98:fd:a8:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Validity
Not Before: Feb 24 14:38:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fefb23588e727e2ae5601110168ec661f09c26e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:38:b0:6d:b9:3a:55:6a:c4:11:ec:37:01:3e:
f8:bd:e8:e2:40:c6:f5:72:da:f5:82:03:94:7a:22:
ed:f9:06:b0:46:1d:6c:3b:cf:80:41:4a:ad:1b:69:
e3:c4:5c:40:41:50:ae:a9:c3:58:3a:4d:05:f1:a3:
a2:f2:f4:b1:54:38:cf:62:12:f8:6b:ec:7f:bb:a1:
00:47:b0:de:9d:a9:68:d9:7b:d7:30:17:dd:6b:2a:
66:1f:32:c7:57:c0:3b:f9:1d:e4:4e:96:ed:06:c4:
4c:57:a2:bb:66:e5:89:a9:88:53:4b:50:2f:5a:7e:
74:9d:58:0c:f9:b9:20:98:8a:87:50:9a:b3:b8:23:
04:26:f9:c7:77:91:b7:e5:28:72:6c:60:4c:bd:2a:
43:e3:9b:18:3c:6f:07:5f:ac:82:b4:4f:c8:1e:26:
7e:6a:55:47:44:f7:a1:b4:43:32:a3:08:67:37:00:
d6:22:5a:04:86:68:03:fa:48:e5:e8:76:cd:80:d9:
4b:ce:1f:6d:59:54:14:29:2a:c9:90:25:7a:20:ca:
a8:37:42:61:df:fb:fd:7f:d7:79:99:1c:b2:92:c5:
90:15:49:2f:f5:fa:ff:09:28:b4:93:4b:32:8e:ea:
65:c4:9d:1a:7f:8d:78:47:dd:57:ba:40:40:79:93:
74:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:FB:23:58:8E:72:7E:2A:E5:60:11:10:16:8E:C6:61:F0:9C:26:E6
X509v3 Authority Key Identifier:
keyid:A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/_vsjWI5yfirlYBEQFo7GYfCcJuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.181.0/24
86.105.58.0/24
86.105.211.0/24
86.107.164.0/24
89.39.97.0/24
93.113.70.0/24
93.119.201.0/24
93.119.232.0/24
188.208.124.0/23
188.209.223.0/24
188.214.136.0/22
Signature Algorithm: sha256WithRSAEncryption
40:5d:c7:86:db:bc:6c:6d:29:3a:e2:69:51:8c:62:74:23:a4:
72:c1:5a:ee:da:9d:65:b9:82:e4:2e:d6:c4:85:8f:43:ae:24:
07:b7:76:73:43:1f:75:c8:22:66:06:f0:87:ad:26:b6:ba:12:
03:13:ca:48:6d:60:cb:4b:ef:b8:8a:84:a1:01:d0:1f:22:18:
2f:38:f2:91:f0:9f:fa:40:f2:08:10:44:cd:27:d2:2c:d2:3c:
a2:70:92:e8:b6:9c:b6:a8:22:81:17:3a:12:95:0e:6e:70:d3:
93:d3:6c:d1:26:5e:c7:e7:a9:6c:ff:3f:22:4c:58:01:db:d1:
2a:74:86:84:20:ad:dc:02:d2:e8:c1:5d:36:02:c7:1d:27:ab:
55:cb:38:79:a3:fe:08:cb:b0:d1:d0:93:76:eb:d3:86:9b:5b:
9b:ff:8c:a6:57:e9:60:f0:8b:18:15:24:89:a1:fb:97:75:1e:
00:92:3e:b0:5e:73:bb:5d:4a:f3:b5:48:56:25:2a:8b:b9:aa:
cb:30:69:b3:9b:88:53:ee:0d:63:c7:7e:12:ba:b5:76:5f:ef:
70:89:1f:d5:6b:a8:fd:86:f4:a5:9f:23:35:6b:42:1c:c4:01:
bf:32:3f:0e:35:9b:41:51:32:99:a1:d7:1f:6d:82:c5:b7:0c:
47:43:a8:bd
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZU4ZMO438AWQ8pUQ7OY/ai3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDg4ZTA2ZDU1M2NmZjI5M2QyNzdmNGQ3NmMzYTcxMGJk
OGIyZjcwHhcNMjUwMjI0MTQzODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWZiMjM1ODhlNzI3ZTJhZTU2MDExMTAxNjhlYzY2MWYwOWMyNmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Tiwbbk6VWrEEew3AT74vejiQMb1
ctr1ggOUeiLt+QawRh1sO8+AQUqtG2njxFxAQVCuqcNYOk0F8aOi8vSxVDjPYhL4
a+x/u6EAR7Denalo2XvXMBfdaypmHzLHV8A7+R3kTpbtBsRMV6K7ZuWJqYhTS1Av
Wn50nVgM+bkgmIqHUJqzuCMEJvnHd5G35ShybGBMvSpD45sYPG8HX6yCtE/IHiZ+
alVHRPehtEMyowhnNwDWIloEhmgD+kjl6HbNgNlLzh9tWVQUKSrJkCV6IMqoN0Jh
3/v9f9d5mRyyksWQFUkv9fr/CSi0k0syjuplxJ0af414R91XukBAeZN02wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFP77I1iOcn4q5WAREBaOxmHwnCbmMB8GA1UdIwQY
MBaAFKIIjgbVU8/yk9J39NdsOnEL2LL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTct
YmJlYTI5MThlMTAyLzEvX3ZzaldJNXlmaXJsWUJFUUZvN0dZZkNjSnVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTctYmJlYTI5MThlMTAy
LzEvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAVcy1AwQA
Vmk6AwQAVmnTAwQAVmukAwQAWSdhAwQAXXFGAwQAXXfJAwQAXXfoAwQBvNB8AwQA
vNHfAwQCvNaIMA0GCSqGSIb3DQEBCwUAA4IBAQBAXceG27xsbSk64mlRjGJ0I6Ry
wVru2p1luYLkLtbEhY9DriQHt3ZzQx91yCJmBvCHrSa2uhIDE8pIbWDLS++4ioSh
AdAfIhgvOPKR8J/6QPIIEETNJ9Is0jyicJLotpy2qCKBFzoSlQ5ucNOT02zRJl7H
56ls/z8iTFgB29EqdIaEIK3cAtLowV02AscdJ6tVyzh5o/4Iy7DR0JN269OGm1ub
/4ymV+lg8IsYFSSJofuXdR4Akj6wXnO7XUrztUhWJSqLuarLMGmzm4hT7g1jx34S
urV2X+9wiR/Va6j9hvSlnyM1a0IcxAG/Mj8ONZtBUTKZodcfbYLFtwxHQ6i9
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:18:59 2025 by rpki-client