Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/4bMtkdss6ipZLuaULzydMUpyiaQ.roa
File: 4bMtkdss6ipZLuaULzydMUpyiaQ.roa (raw, json)
Hash identifier: ftsUwXeTU/zCajSXbJ3x6QJLG4thVRnSbA76L16HZhs=
Subject key identifier: E1:B3:2D:91:DB:2C:EA:2A:59:2E:E6:94:2F:3C:9D:31:4A:72:89:A4
Certificate issuer: /CN=089c8c7f334053c8a90a3408009ef3d3b7a82e3d
Certificate serial: 019425FCCDAD56D33434D9989EEA7EC5476E
Authority key identifier: 08:9C:8C:7F:33:40:53:C8:A9:0A:34:08:00:9E:F3:D3:B7:A8:2E:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CJyMfzNAU8ipCjQIAJ7z07eoLj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/4bMtkdss6ipZLuaULzydMUpyiaQ.roa
Signing time: Thu 02 Jan 2025 07:48:32 +0000
ROA not before: Thu 02 Jan 2025 07:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203380
IP address blocks: 195.137.221.0/24 maxlen: 24
2a13:2440:a0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/CJyMfzNAU8ipCjQIAJ7z07eoLj0.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/CJyMfzNAU8ipCjQIAJ7z07eoLj0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CJyMfzNAU8ipCjQIAJ7z07eoLj0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:cd:ad:56:d3:34:34:d9:98:9e:ea:7e:c5:47:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=089c8c7f334053c8a90a3408009ef3d3b7a82e3d
Validity
Not Before: Jan 2 07:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1b32d91db2cea2a592ee6942f3c9d314a7289a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:43:80:78:cd:d2:ed:cc:9d:a9:39:6c:be:fa:
48:95:81:ad:47:15:55:47:f4:7d:31:d1:2f:52:b9:
40:a8:fa:83:03:f6:65:6c:1c:9b:d8:e0:4c:27:1b:
3e:a6:e2:ae:93:5a:5b:58:11:8f:ab:6f:93:9a:36:
1e:cf:51:35:c7:17:e7:ea:04:cd:d7:1f:dd:3e:41:
f5:5f:d5:fa:5a:71:2f:4f:41:ce:d5:4d:97:92:c8:
ef:a8:24:06:6e:15:c6:9f:58:58:15:10:6b:42:49:
a3:55:7f:80:7e:82:86:6a:1c:be:d1:fc:1f:e6:e8:
a4:e7:98:a8:2b:bf:05:8c:d3:9b:32:e4:33:06:1a:
9d:74:a4:26:66:8f:a1:ae:9a:83:cb:52:01:c8:5e:
a0:c3:0a:20:49:4c:4f:e9:87:e8:d0:bc:44:03:53:
d8:cf:8a:e4:aa:3d:90:1a:fa:d1:08:93:21:19:6b:
f9:4a:04:63:58:74:10:16:b6:67:52:8a:68:f2:d6:
3d:a3:5d:85:c5:d1:8f:aa:c8:a1:86:c3:a4:00:c1:
15:20:e9:e1:5d:ae:4c:48:71:d8:93:cb:f9:34:e0:
33:5e:1c:dd:e4:09:fc:7d:21:05:11:e6:a2:62:cf:
2c:0e:6d:fc:ec:b9:9c:19:26:1b:d5:bb:8d:96:73:
fb:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:B3:2D:91:DB:2C:EA:2A:59:2E:E6:94:2F:3C:9D:31:4A:72:89:A4
X509v3 Authority Key Identifier:
keyid:08:9C:8C:7F:33:40:53:C8:A9:0A:34:08:00:9E:F3:D3:B7:A8:2E:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CJyMfzNAU8ipCjQIAJ7z07eoLj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/4bMtkdss6ipZLuaULzydMUpyiaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/CJyMfzNAU8ipCjQIAJ7z07eoLj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.137.221.0/24
IPv6:
2a13:2440:a0::/44
Signature Algorithm: sha256WithRSAEncryption
0d:12:18:51:8d:52:69:8c:99:f5:ad:e6:13:70:3c:6c:44:f2:
50:cf:05:ff:aa:2e:83:22:90:e7:a9:be:00:c5:fd:53:ca:e2:
7d:c7:09:ea:04:1b:77:be:87:4d:6c:c7:45:94:7a:ac:82:2e:
f1:df:82:3e:d2:fa:f9:06:ee:bb:b8:a3:cb:fe:5b:9e:d1:c6:
f1:a7:55:e7:64:f2:34:ac:eb:52:99:6c:7a:4f:ae:38:c0:2a:
f3:5b:fe:a3:66:25:d2:6f:0f:c2:91:5d:aa:9d:bc:54:6e:28:
57:45:44:9d:a3:a9:3a:36:91:b7:dd:21:9b:35:09:42:40:47:
8f:e0:60:1d:fb:97:53:a4:f6:e5:48:cd:8a:cf:03:50:d3:cc:
1f:13:e1:96:70:d8:17:6d:ec:d5:2d:42:ce:ca:de:84:d3:01:
85:fb:8c:d6:03:61:df:df:39:16:a1:93:66:ce:f2:a8:bf:45:
0e:50:da:68:2e:cc:60:30:d2:84:a1:4f:ed:fd:28:38:86:d9:
96:aa:9c:d7:79:fd:47:ac:9e:38:67:b9:91:09:b0:7d:fd:33:
ee:fe:2c:13:f4:5b:2d:6e:eb:17:05:e9:c6:89:7c:cc:61:09:
89:89:06:29:e7:21:55:d8:1d:62:dd:a5:b1:39:67:d3:06:de:
07:51:c7:bd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQl/M2tVtM0NNmYnup+xUduMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4OWM4YzdmMzM0MDUzYzhhOTBhMzQwODAwOWVmM2QzYjdh
ODJlM2QwHhcNMjUwMTAyMDc0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWIzMmQ5MWRiMmNlYTJhNTkyZWU2OTQyZjNjOWQzMTRhNzI4OWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUOAeM3S7cydqTlsvvpIlYGtRxVV
R/R9MdEvUrlAqPqDA/ZlbByb2OBMJxs+puKuk1pbWBGPq2+TmjYez1E1xxfn6gTN
1x/dPkH1X9X6WnEvT0HO1U2XksjvqCQGbhXGn1hYFRBrQkmjVX+AfoKGahy+0fwf
5uik55ioK78FjNObMuQzBhqddKQmZo+hrpqDy1IByF6gwwogSUxP6Yfo0LxEA1PY
z4rkqj2QGvrRCJMhGWv5SgRjWHQQFrZnUopo8tY9o12FxdGPqsihhsOkAMEVIOnh
Xa5MSHHYk8v5NOAzXhzd5An8fSEFEeaiYs8sDm387LmcGSYb1buNlnP7RwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOGzLZHbLOoqWS7mlC88nTFKcomkMB8GA1UdIwQY
MBaAFAicjH8zQFPIqQo0CACe89O3qC49MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0p5TWZ6TkFVOGlwQ2pRSUFKN3owN2VvTGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9mNGUwM2UtMjdiMi00OTRiLThjMGYt
NmY3MDA5YmVlOTE1LzEvNGJNdGtkc3M2aXBaTHVhVUx6eWRNVXB5aWFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9mNGUwM2UtMjdiMi00OTRiLThjMGYtNmY3MDA5YmVlOTE1
LzEvQ0p5TWZ6TkFVOGlwQ2pRSUFKN3owN2VvTGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw4ndMA8E
AgACMAkDBwQqEyRAAKAwDQYJKoZIhvcNAQELBQADggEBAA0SGFGNUmmMmfWt5hNw
PGxE8lDPBf+qLoMikOepvgDF/VPK4n3HCeoEG3e+h01sx0WUeqyCLvHfgj7S+vkG
7ru4o8v+W57RxvGnVedk8jSs61KZbHpPrjjAKvNb/qNmJdJvD8KRXaqdvFRuKFdF
RJ2jqTo2kbfdIZs1CUJAR4/gYB37l1Ok9uVIzYrPA1DTzB8T4ZZw2Bdt7NUtQs7K
3oTTAYX7jNYDYd/fORahk2bO8qi/RQ5Q2mguzGAw0oShT+39KDiG2ZaqnNd5/Ues
njhnuZEJsH39M+7+LBP0Wy1u6xcF6caJfMxhCYmJBinnIVXYHWLdpbE5Z9MG3gdR
x70=
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:19:12 2025 by rpki-client