Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/0IndqmA5xgu2CF_jwxX-2bd09ko.roa
File: 0IndqmA5xgu2CF_jwxX-2bd09ko.roa (raw, json)
Hash identifier: CG/Zn9dtirhwk2tnBTHiZTYDu08mvtaBnxe37T6W3lo=
Subject key identifier: D0:89:DD:AA:60:39:C6:0B:B6:08:5F:E3:C3:15:FE:D9:B7:74:F6:4A
Certificate issuer: /CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Certificate serial: 019425FC5FC90339C1FCF418A47CCED4A64B
Authority key identifier: 89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/0IndqmA5xgu2CF_jwxX-2bd09ko.roa
Signing time: Thu 02 Jan 2025 07:48:03 +0000
ROA not before: Thu 02 Jan 2025 07:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199739
IP address blocks: 109.224.2.0/24 maxlen: 24
109.224.3.0/24 maxlen: 24
109.224.32.0/24 maxlen: 24
109.224.44.0/24 maxlen: 24
109.224.45.0/24 maxlen: 24
109.224.46.0/24 maxlen: 24
109.224.47.0/24 maxlen: 24
185.141.9.0/24 maxlen: 24
185.141.10.0/24 maxlen: 24
185.141.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.mft
rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:5f:c9:03:39:c1:fc:f4:18:a4:7c:ce:d4:a6:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Validity
Not Before: Jan 2 07:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d089ddaa6039c60bb6085fe3c315fed9b774f64a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4a:a0:4a:68:c3:f3:23:60:47:a8:58:e6:6a:
04:ee:f8:ea:d9:67:72:29:5b:2b:97:4b:1b:fe:6e:
fd:68:b6:48:1a:fb:5d:43:4e:1c:17:3a:2c:6c:a1:
f0:de:ef:bc:b1:fd:87:92:c3:d5:08:d1:d8:39:c2:
37:a6:3a:14:c9:23:5d:42:24:7f:6c:48:ec:68:26:
75:f2:6a:70:01:a3:01:f3:c6:85:38:1f:45:fa:35:
f2:c6:fe:b4:ef:62:6b:eb:c3:76:46:6a:64:7e:5d:
5f:f5:01:8a:93:97:5c:dc:30:21:8b:85:b9:3e:99:
4f:26:08:84:57:2f:61:1e:0f:f8:65:eb:73:56:e0:
f6:32:a4:8a:fd:4f:b1:75:a6:3a:b6:ea:2f:2d:91:
2f:6a:79:cf:88:b8:c7:5d:b1:3d:71:a9:79:86:13:
a1:0d:23:6c:89:21:a4:f6:86:c6:07:00:80:df:dd:
c5:c4:6a:2a:6f:9f:b3:30:bb:81:28:f7:14:da:12:
a6:22:24:74:3a:c0:a3:60:c0:b4:7f:26:15:27:6e:
b3:6a:d9:9f:65:04:40:f3:32:a7:52:b4:88:0d:97:
08:4b:77:8a:74:fe:2a:17:29:45:49:f4:3a:25:46:
04:ee:c6:0d:c6:42:6d:1f:fd:97:df:ed:13:cb:aa:
5b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:89:DD:AA:60:39:C6:0B:B6:08:5F:E3:C3:15:FE:D9:B7:74:F6:4A
X509v3 Authority Key Identifier:
keyid:89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/0IndqmA5xgu2CF_jwxX-2bd09ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.2.0/23
109.224.32.0/24
109.224.44.0/22
185.141.9.0-185.141.11.255
Signature Algorithm: sha256WithRSAEncryption
40:f3:f4:85:35:14:ec:83:4c:e8:0d:25:9b:8e:ff:0c:be:eb:
b0:83:a8:d6:b4:fa:d8:d2:aa:04:7d:f9:df:85:90:bc:68:e6:
4d:9d:87:46:e6:cb:8a:08:f4:6e:c8:64:a5:b3:35:db:85:11:
f3:bd:e2:f2:13:af:f4:1c:a1:ef:48:7f:d5:2a:be:b9:2c:a1:
92:23:27:19:c1:d1:94:dc:e5:bc:a8:5c:79:1d:01:75:70:cf:
84:54:5b:aa:8f:3f:0c:e0:ac:a5:fd:79:f7:3a:cc:57:c3:f4:
c6:ce:cd:8e:cd:9a:d9:52:a0:49:e6:08:52:e6:f0:1e:e2:3d:
27:20:ab:83:5d:b9:dd:af:54:6d:f4:ad:91:f9:1d:e8:83:71:
c1:f0:e0:b7:ab:0f:04:d1:68:2f:e4:94:de:f0:52:63:29:46:
73:be:ea:89:b2:80:39:3c:f0:a9:2f:fd:33:45:a3:07:1d:c0:
ee:a1:dd:8c:cd:58:a0:2e:aa:84:fb:da:54:b3:56:d8:3e:6e:
7f:96:77:a5:51:ab:a2:5b:69:49:fb:5c:76:e7:af:dd:05:26:
65:31:98:ed:35:e3:7f:02:7f:a0:bd:4b:b9:68:a1:1a:22:3a:
fc:91:31:bc:44:f2:9f:15:d1:a0:e9:54:80:3d:a5:25:6c:da:
75:ec:ee:a6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQl/F/JAznB/PQYpHzO1KZLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmVkNmU0YjVjN2MxOWRiOThjNTc0MzJhZjRkY2Y2MzBi
ZjYwYWUwHhcNMjUwMTAyMDc0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDg5ZGRhYTYwMzljNjBiYjYwODVmZTNjMzE1ZmVkOWI3NzRmNjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0qgSmjD8yNgR6hY5moE7vjq2Wdy
KVsrl0sb/m79aLZIGvtdQ04cFzosbKHw3u+8sf2HksPVCNHYOcI3pjoUySNdQiR/
bEjsaCZ18mpwAaMB88aFOB9F+jXyxv6072Jr68N2Rmpkfl1f9QGKk5dc3DAhi4W5
PplPJgiEVy9hHg/4ZetzVuD2MqSK/U+xdaY6tuovLZEvannPiLjHXbE9cal5hhOh
DSNsiSGk9obGBwCA393FxGoqb5+zMLuBKPcU2hKmIiR0OsCjYMC0fyYVJ26zatmf
ZQRA8zKnUrSIDZcIS3eKdP4qFylFSfQ6JUYE7sYNxkJtH/2X3+0Ty6pbbQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNCJ3apgOcYLtghf48MV/tm3dPZKMB8GA1UdIwQY
MBaAFIlu1uS1x8GduYxXQyr03PYwv2CuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYt
ZGMxZmY2NzQ2ZDJlLzEvMEluZHFtQTV4Z3UyQ0Zfand4WC0yYmQwOWtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYtZGMxZmY2NzQ2ZDJl
LzEvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBbeACAwQA
beAgAwQCbeAsMAwDBAC5jQkDBAK5jQgwDQYJKoZIhvcNAQELBQADggEBAEDz9IU1
FOyDTOgNJZuO/wy+67CDqNa0+tjSqgR9+d+FkLxo5k2dh0bmy4oI9G7IZKWzNduF
EfO94vITr/Qcoe9If9UqvrksoZIjJxnB0ZTc5byoXHkdAXVwz4RUW6qPPwzgrKX9
efc6zFfD9MbOzY7NmtlSoEnmCFLm8B7iPScgq4Ndud2vVG30rZH5HeiDccHw4Ler
DwTRaC/klN7wUmMpRnO+6omygDk88Kkv/TNFowcdwO6h3YzNWKAuqoT72lSzVtg+
bn+Wd6VRq6JbaUn7XHbnr90FJmUxmO01438Cf6C9S7looRoiOvyRMbxE8p8V0aDp
VIA9pSVs2nXs7qY=
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:25:20 2025 by rpki-client