Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/7f3546-4a87-4627-a019-341b9d64645d/1/K1yirsr-iaS7nREQciotspB8RVo.roa
File: K1yirsr-iaS7nREQciotspB8RVo.roa (raw, json)
Hash identifier: hy+JqcAOeQKytaM3EAomiIfLy4MHrS39bRFVCLNpTzc=
Subject key identifier: 2B:5C:A2:AE:CA:FE:89:A4:BB:9D:11:10:72:2A:2D:B2:90:7C:45:5A
Certificate issuer: /CN=6ff9ca5c76bb35a9353e9b13e3fce80f36316180
Certificate serial: 0194266C44896934B64E16DA2967BB266D52
Authority key identifier: 6F:F9:CA:5C:76:BB:35:A9:35:3E:9B:13:E3:FC:E8:0F:36:31:61:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b_nKXHa7Nak1PpsT4_zoDzYxYYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/7f3546-4a87-4627-a019-341b9d64645d/1/K1yirsr-iaS7nREQciotspB8RVo.roa
Signing time: Thu 02 Jan 2025 09:50:17 +0000
ROA not before: Thu 02 Jan 2025 09:50:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197750
IP address blocks: 91.229.93.0/24 maxlen: 24
185.6.100.0/24 maxlen: 24
185.6.101.0/24 maxlen: 24
185.6.102.0/24 maxlen: 24
185.6.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/7f3546-4a87-4627-a019-341b9d64645d/1/b_nKXHa7Nak1PpsT4_zoDzYxYYA.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/7f3546-4a87-4627-a019-341b9d64645d/1/b_nKXHa7Nak1PpsT4_zoDzYxYYA.mft
rsync://rpki.ripe.net/repository/DEFAULT/b_nKXHa7Nak1PpsT4_zoDzYxYYA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:44:89:69:34:b6:4e:16:da:29:67:bb:26:6d:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ff9ca5c76bb35a9353e9b13e3fce80f36316180
Validity
Not Before: Jan 2 09:50:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b5ca2aecafe89a4bb9d1110722a2db2907c455a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:69:5b:7d:91:53:03:9b:db:0b:0d:4d:fc:34:
c6:bf:d1:13:a3:78:8a:88:70:4b:31:98:ee:de:c1:
67:fd:0b:7b:3a:c7:65:d6:80:aa:1c:03:45:f5:7c:
fc:4f:62:b3:c1:5b:e1:2a:72:55:43:ef:48:ae:0e:
1a:06:30:33:2c:da:08:96:0c:10:e5:e3:9e:9d:0e:
e4:51:50:c3:02:45:46:50:5c:5b:f5:32:b5:a0:23:
b3:97:ef:5b:2e:72:1d:2b:70:52:5d:82:08:e8:a6:
06:85:42:34:82:79:6c:63:52:9e:75:c4:32:4e:02:
63:13:48:4e:31:dc:fc:3f:f7:62:1c:d6:1d:3a:a4:
54:95:cb:1b:d7:9d:31:92:1c:c6:1b:a4:32:55:36:
fb:d7:7b:5a:ad:6f:c8:10:52:67:a4:d4:ee:08:7f:
a5:e7:df:6e:c8:08:76:04:8e:95:8a:22:c4:45:d9:
5c:00:19:aa:e9:da:62:b3:bb:f1:14:8a:56:b9:97:
46:5e:36:d6:6c:f2:48:14:06:ee:5c:35:70:ca:88:
59:52:18:5f:dc:a8:60:34:97:3a:55:08:5a:c3:5a:
30:b7:f7:b7:c8:50:92:18:55:6a:f5:c4:24:03:2f:
bf:8f:87:22:54:1a:4d:d2:c8:ce:9c:e3:59:bd:d5:
d6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:5C:A2:AE:CA:FE:89:A4:BB:9D:11:10:72:2A:2D:B2:90:7C:45:5A
X509v3 Authority Key Identifier:
keyid:6F:F9:CA:5C:76:BB:35:A9:35:3E:9B:13:E3:FC:E8:0F:36:31:61:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_nKXHa7Nak1PpsT4_zoDzYxYYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/7f3546-4a87-4627-a019-341b9d64645d/1/K1yirsr-iaS7nREQciotspB8RVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/7f3546-4a87-4627-a019-341b9d64645d/1/b_nKXHa7Nak1PpsT4_zoDzYxYYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.93.0/24
185.6.100.0/22
Signature Algorithm: sha256WithRSAEncryption
62:07:62:9f:c7:3a:dc:ab:a0:0c:56:33:8c:44:6a:16:53:45:
db:f6:19:11:22:43:95:89:88:5a:7a:fc:18:72:4c:ef:75:da:
1f:1b:25:0b:6f:58:75:fc:40:bf:67:e6:07:3e:7e:70:41:d9:
ff:a6:a2:f6:e3:f7:02:e8:63:85:34:dc:80:4b:3b:e4:c4:fc:
be:4d:92:db:1e:66:2d:52:01:da:58:3f:e0:64:0e:25:ec:7f:
72:39:28:b6:8e:d3:e6:54:77:b0:7a:40:db:05:8c:1b:a1:1a:
f0:81:5a:64:4e:92:23:c7:79:2d:1c:aa:d3:99:01:48:3e:d7:
8f:b4:2b:8d:2e:e2:07:4d:d9:6d:57:dc:50:2d:08:80:17:e2:
d0:f2:ad:ce:c1:90:02:d2:2a:67:be:21:ad:45:aa:73:6d:91:
1a:3b:94:72:87:79:20:a7:f7:af:50:3a:56:25:90:b8:26:42:
84:d8:94:cb:ca:55:15:55:d9:3f:28:b0:22:63:9c:00:82:01:
9f:63:e3:f6:35:a0:ef:1b:a7:3e:7c:fc:d0:78:4f:79:60:fa:
db:6e:6a:f7:c3:27:2a:7a:27:c4:3b:f5:35:67:9f:76:5e:46:
64:d6:6a:92:16:83:a5:cc:cc:92:a1:4b:4a:e0:37:7d:fe:c4:
29:a4:dd:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQmbESJaTS2ThbaKWe7Jm1SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZjljYTVjNzZiYjM1YTkzNTNlOWIxM2UzZmNlODBmMzYz
MTYxODAwHhcNMjUwMTAyMDk1MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjVjYTJhZWNhZmU4OWE0YmI5ZDExMTA3MjJhMmRiMjkwN2M0NTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02lbfZFTA5vbCw1N/DTGv9ETo3iK
iHBLMZju3sFn/Qt7Osdl1oCqHANF9Xz8T2KzwVvhKnJVQ+9Irg4aBjAzLNoIlgwQ
5eOenQ7kUVDDAkVGUFxb9TK1oCOzl+9bLnIdK3BSXYII6KYGhUI0gnlsY1KedcQy
TgJjE0hOMdz8P/diHNYdOqRUlcsb150xkhzGG6QyVTb713tarW/IEFJnpNTuCH+l
599uyAh2BI6ViiLERdlcABmq6dpis7vxFIpWuZdGXjbWbPJIFAbuXDVwyohZUhhf
3KhgNJc6VQhaw1owt/e3yFCSGFVq9cQkAy+/j4ciVBpN0sjOnONZvdXWGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCtcoq7K/omku50REHIqLbKQfEVaMB8GA1UdIwQY
MBaAFG/5ylx2uzWpNT6bE+P86A82MWGAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl9uS1hIYTdOYWsxUHBzVDRfem9Eell4WVlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi83ZjM1NDYtNGE4Ny00NjI3LWEwMTkt
MzQxYjlkNjQ2NDVkLzEvSzF5aXJzci1pYVM3blJFUWNpb3RzcEI4UlZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi83ZjM1NDYtNGE4Ny00NjI3LWEwMTktMzQxYjlkNjQ2NDVk
LzEvYl9uS1hIYTdOYWsxUHBzVDRfem9Eell4WVlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+VdAwQC
uQZkMA0GCSqGSIb3DQEBCwUAA4IBAQBiB2Kfxzrcq6AMVjOMRGoWU0Xb9hkRIkOV
iYhaevwYckzvddofGyULb1h1/EC/Z+YHPn5wQdn/pqL24/cC6GOFNNyASzvkxPy+
TZLbHmYtUgHaWD/gZA4l7H9yOSi2jtPmVHewekDbBYwboRrwgVpkTpIjx3ktHKrT
mQFIPtePtCuNLuIHTdltV9xQLQiAF+LQ8q3OwZAC0ipnviGtRapzbZEaO5Ryh3kg
p/evUDpWJZC4JkKE2JTLylUVVdk/KLAiY5wAggGfY+P2NaDvG6c+fPzQeE95YPrb
bmr3wycqeifEO/U1Z592XkZk1mqSFoOlzMySoUtK4Dd9/sQppN0i
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:29:23 2025 by rpki-client