Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/Rgi2MqRe28scNXwPSUaBJHXLnRM.roa
File: Rgi2MqRe28scNXwPSUaBJHXLnRM.roa (raw, json)
Hash identifier: miWc+jt8vObsSbUl+pf5rxC6Fyzqxyz42FOUYU27xXk=
Subject key identifier: 46:08:B6:32:A4:5E:DB:CB:1C:35:7C:0F:49:46:81:24:75:CB:9D:13
Certificate issuer: /CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Certificate serial: 019425FC5E3FCED6A4A89BA9C85BB16B068E
Authority key identifier: 89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/Rgi2MqRe28scNXwPSUaBJHXLnRM.roa
Signing time: Thu 02 Jan 2025 07:48:03 +0000
ROA not before: Thu 02 Jan 2025 07:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 109.224.0.0/18 maxlen: 18
109.224.1.0/24 maxlen: 24
109.224.2.0/23 maxlen: 23
109.224.4.0/22 maxlen: 22
109.224.5.0/24 maxlen: 24
109.224.8.0/22 maxlen: 22
109.224.12.0/24 maxlen: 24
109.224.13.0/24 maxlen: 24
109.224.14.0/24 maxlen: 24
109.224.15.0/24 maxlen: 24
109.224.16.0/22 maxlen: 22
109.224.20.0/22 maxlen: 22
109.224.24.0/22 maxlen: 22
109.224.28.0/24 maxlen: 24
109.224.29.0/24 maxlen: 24
109.224.30.0/23 maxlen: 23
109.224.32.0/22 maxlen: 22
109.224.32.0/24 maxlen: 24
109.224.36.0/22 maxlen: 22
109.224.41.0/24 maxlen: 24
109.224.43.0/24 maxlen: 24
109.224.44.0/22 maxlen: 22
109.224.48.0/22 maxlen: 22
109.224.52.0/22 maxlen: 22
109.224.56.0/22 maxlen: 22
109.224.60.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.mft
rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:5e:3f:ce:d6:a4:a8:9b:a9:c8:5b:b1:6b:06:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Validity
Not Before: Jan 2 07:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4608b632a45edbcb1c357c0f4946812475cb9d13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2b:cb:76:f4:f7:09:65:68:93:d7:f5:f0:f7:
66:3d:db:c0:cc:c2:ca:3e:5d:04:ed:3d:cc:04:e7:
97:bb:7f:83:bc:10:3a:97:d7:d9:0e:b1:cc:a1:39:
cf:0d:9c:c9:69:ae:30:b9:f5:13:d4:3c:73:a2:c1:
17:ac:07:19:bb:93:fa:37:b9:19:e2:0b:12:a4:2d:
ee:4e:0e:44:76:97:38:4d:1c:ed:aa:9c:0b:69:d5:
23:5b:e3:71:27:48:64:94:1d:cd:61:d8:e8:b9:31:
71:e4:d5:20:d5:cc:3c:31:d8:b4:67:8c:be:b1:0a:
87:ec:86:96:69:77:04:7d:fc:2d:0e:6d:03:08:4d:
2b:e3:da:86:7d:d7:8f:34:47:f0:3a:26:f2:63:49:
c8:be:e2:07:ca:b7:50:88:6e:df:04:12:d1:cf:8c:
f8:b3:79:ff:93:a3:d4:51:83:05:0c:6b:8a:f0:d2:
62:ee:f9:39:df:e8:a4:b8:35:34:7f:c0:be:af:b0:
7b:c0:bf:fb:40:29:6d:69:47:9f:fa:64:92:f1:fb:
81:f9:f2:82:a7:4a:b4:d3:38:59:ca:d0:8b:2b:d3:
b3:dc:dd:98:99:d0:9d:b9:56:9c:28:20:d8:0e:3e:
43:a0:f8:d0:d0:28:2f:5a:f4:e3:c3:4a:33:32:b4:
e9:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:08:B6:32:A4:5E:DB:CB:1C:35:7C:0F:49:46:81:24:75:CB:9D:13
X509v3 Authority Key Identifier:
keyid:89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/Rgi2MqRe28scNXwPSUaBJHXLnRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.0.0/18
Signature Algorithm: sha256WithRSAEncryption
4a:cb:17:3b:49:68:1a:f6:e9:85:3f:55:07:b4:ca:36:0f:5e:
9d:94:7a:ed:ed:50:31:a5:d3:67:fc:b2:b7:ae:48:42:12:8f:
b8:7c:d3:ef:e7:a3:3a:ec:af:90:c3:57:8b:61:45:a5:b7:6c:
13:f4:39:a5:f4:09:01:9e:09:22:bb:06:71:92:50:6c:2b:0d:
7e:46:fe:04:1d:20:07:c9:71:ea:17:b1:1f:9e:23:69:32:47:
51:43:ba:7d:bb:88:07:94:f6:42:0c:9e:0d:45:45:1d:9e:c9:
1b:80:02:33:a4:6a:4d:c5:45:10:38:2c:1c:75:79:d1:c7:4e:
0a:0e:8b:18:5c:fb:b8:bc:73:42:b1:97:a4:2c:12:d0:68:a9:
d0:ec:99:da:cd:db:ee:e9:53:df:ef:dc:1e:20:53:35:d0:62:
1d:c7:ed:21:c9:24:2f:cc:84:78:19:1b:88:03:3e:f8:0b:25:
73:d4:e1:95:7b:e7:6d:df:5f:57:0d:a9:83:21:21:13:4b:89:
21:29:8a:f1:46:11:24:f9:c2:1c:1b:f7:ba:9f:50:5f:bb:5e:
53:ae:c7:f6:d1:48:13:a7:f2:eb:48:17:48:40:a6:da:33:88:
ed:e8:9a:33:d9:07:e7:c3:14:83:78:d5:66:2e:d9:47:b0:ae:
e3:97:be:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/F4/ztakqJupyFuxawaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmVkNmU0YjVjN2MxOWRiOThjNTc0MzJhZjRkY2Y2MzBi
ZjYwYWUwHhcNMjUwMTAyMDc0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjA4YjYzMmE0NWVkYmNiMWMzNTdjMGY0OTQ2ODEyNDc1Y2I5ZDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsivLdvT3CWVok9f18PdmPdvAzMLK
Pl0E7T3MBOeXu3+DvBA6l9fZDrHMoTnPDZzJaa4wufUT1DxzosEXrAcZu5P6N7kZ
4gsSpC3uTg5Edpc4TRztqpwLadUjW+NxJ0hklB3NYdjouTFx5NUg1cw8Mdi0Z4y+
sQqH7IaWaXcEffwtDm0DCE0r49qGfdePNEfwOibyY0nIvuIHyrdQiG7fBBLRz4z4
s3n/k6PUUYMFDGuK8NJi7vk53+ikuDU0f8C+r7B7wL/7QCltaUef+mSS8fuB+fKC
p0q00zhZytCLK9Oz3N2YmdCduVacKCDYDj5DoPjQ0CgvWvTjw0ozMrTpQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEYItjKkXtvLHDV8D0lGgSR1y50TMB8GA1UdIwQY
MBaAFIlu1uS1x8GduYxXQyr03PYwv2CuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYt
ZGMxZmY2NzQ2ZDJlLzEvUmdpMk1xUmUyOHNjTlh3UFNVYUJKSFhMblJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYtZGMxZmY2NzQ2ZDJl
LzEvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGbeAAMA0G
CSqGSIb3DQEBCwUAA4IBAQBKyxc7SWga9umFP1UHtMo2D16dlHrt7VAxpdNn/LK3
rkhCEo+4fNPv56M67K+Qw1eLYUWlt2wT9Dml9AkBngkiuwZxklBsKw1+Rv4EHSAH
yXHqF7EfniNpMkdRQ7p9u4gHlPZCDJ4NRUUdnskbgAIzpGpNxUUQOCwcdXnRx04K
DosYXPu4vHNCsZekLBLQaKnQ7Jnazdvu6VPf79weIFM10GIdx+0hySQvzIR4GRuI
Az74CyVz1OGVe+dt319XDamDISETS4khKYrxRhEk+cIcG/e6n1Bfu15Trsf20UgT
p/LrSBdIQKbaM4jt6Joz2QfnwxSDeNVmLtlHsK7jl75G
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:19:57 2025 by rpki-client