Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/m8Tdxvep8gBoC6AvkeleXRfcmoc.roa
File: m8Tdxvep8gBoC6AvkeleXRfcmoc.roa (raw, json)
Hash identifier: JYOwdAc9iDDM7jQ9HDSgVBqUbsa0fTnhwbYX6eo7TMw=
Subject key identifier: 9B:C4:DD:C6:F7:A9:F2:00:68:0B:A0:2F:91:E9:5E:5D:17:DC:9A:87
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 01946DC13655BEF26DCD7B02CEDA6FF0EDC7
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/m8Tdxvep8gBoC6AvkeleXRfcmoc.roa
Signing time: Thu 16 Jan 2025 06:16:06 +0000
ROA not before: Thu 16 Jan 2025 06:16:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6830
IP address blocks: 91.149.215.0/24 maxlen: 24
91.149.228.0/24 maxlen: 24
91.149.244.0/22 maxlen: 22
91.149.248.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6d:c1:36:55:be:f2:6d:cd:7b:02:ce:da:6f:f0:ed:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Jan 16 06:16:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9bc4ddc6f7a9f200680ba02f91e95e5d17dc9a87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:57:db:69:79:8f:38:81:2f:b8:15:ab:d7:95:
aa:42:cf:1a:61:b3:40:cf:6f:0b:73:2a:8c:9f:b8:
4e:78:1f:4d:6b:cf:8e:9f:ac:8d:fa:74:19:ce:96:
e7:bb:69:2c:eb:03:e3:06:c0:a7:40:2a:63:74:bb:
1f:35:0d:86:30:6c:a0:94:b2:02:a3:66:00:19:e5:
26:22:dd:01:c8:3b:18:0e:48:fc:ad:35:65:43:fe:
75:cf:f9:e1:76:2c:8b:cf:5d:a9:77:0b:10:e0:cf:
ec:16:4f:e3:49:6c:19:06:35:a1:2d:60:d7:02:cd:
d6:65:60:1b:eb:b6:be:72:49:f2:17:23:7d:1a:a9:
7d:45:0f:68:cc:b2:72:31:2f:11:47:0f:05:b4:16:
39:5e:b8:88:64:74:69:d9:04:1c:b3:42:33:5b:a4:
07:41:f5:0d:27:c7:0e:ec:47:fd:ba:ec:ab:a0:82:
0b:33:d6:15:56:6c:52:a7:3e:76:1d:85:b2:c6:c2:
f0:4a:be:de:16:3b:8b:dd:f4:7a:96:33:18:7b:b9:
d0:8a:4a:10:8b:74:c5:33:25:30:65:9f:89:32:6f:
bc:cf:25:e4:29:e9:42:5d:9f:5b:3a:b8:66:9c:90:
a7:7e:8c:ef:86:46:83:db:36:76:ca:4d:c0:1e:b2:
19:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:C4:DD:C6:F7:A9:F2:00:68:0B:A0:2F:91:E9:5E:5D:17:DC:9A:87
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/m8Tdxvep8gBoC6AvkeleXRfcmoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.215.0/24
91.149.228.0/24
91.149.244.0-91.149.251.255
Signature Algorithm: sha256WithRSAEncryption
17:cb:05:c2:bf:b7:6c:6c:a1:d2:2a:88:7e:0d:dd:01:a8:1e:
d7:c0:79:f8:09:50:8d:f3:0f:26:da:0e:23:96:42:d0:de:0d:
84:05:ac:4e:d4:2d:3c:86:bc:9e:68:a6:8e:e1:27:88:11:e4:
d5:18:52:37:1b:d8:8f:1e:41:95:64:ca:36:f7:f8:59:df:bb:
21:e9:f7:47:25:a6:f9:f7:23:22:05:5b:a0:a3:dc:21:70:ee:
94:6c:89:fb:7f:93:ce:b4:96:14:f2:f3:72:61:2a:93:88:2f:
92:cc:af:cb:34:ed:12:0c:a9:6b:52:fc:ed:da:32:7c:8b:88:
02:e1:13:50:1a:b1:bc:b7:f9:58:70:64:cf:31:8b:42:89:aa:
44:8b:cf:18:e1:50:02:98:55:33:c2:33:11:57:8a:3f:e8:9e:
1c:c6:d0:cb:fd:13:3d:2a:aa:0e:d6:7a:38:2f:a7:a9:ff:05:
a5:e4:5b:52:aa:25:c6:6e:3e:84:fa:49:e0:d5:f1:38:d4:b7:
fe:b0:57:5c:83:0e:b9:5c:b7:db:f9:5d:2d:1e:80:69:e1:33:
05:12:74:96:10:d3:69:8a:05:36:b6:d5:67:0a:f1:99:eb:9d:
e2:db:2f:22:40:2b:c6:93:65:cd:1d:0d:8c:33:98:bd:ee:c8:
29:01:79:be
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZRtwTZVvvJtzXsCztpv8O3HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjUwMTE2MDYxNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmM0ZGRjNmY3YTlmMjAwNjgwYmEwMmY5MWU5NWU1ZDE3ZGM5YTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFfbaXmPOIEvuBWr15WqQs8aYbNA
z28LcyqMn7hOeB9Na8+On6yN+nQZzpbnu2ks6wPjBsCnQCpjdLsfNQ2GMGyglLIC
o2YAGeUmIt0ByDsYDkj8rTVlQ/51z/nhdiyLz12pdwsQ4M/sFk/jSWwZBjWhLWDX
As3WZWAb67a+cknyFyN9Gql9RQ9ozLJyMS8RRw8FtBY5XriIZHRp2QQcs0IzW6QH
QfUNJ8cO7Ef9uuyroIILM9YVVmxSpz52HYWyxsLwSr7eFjuL3fR6ljMYe7nQikoQ
i3TFMyUwZZ+JMm+8zyXkKelCXZ9bOrhmnJCnfozvhkaD2zZ2yk3AHrIZ+wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJvE3cb3qfIAaAugL5HpXl0X3JqHMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvbThUZHh2ZXA4Z0JvQzZBdmtlbGVYUmZjbW9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW5XXAwQA
W5XkMAwDBAJblfQDBAJblfgwDQYJKoZIhvcNAQELBQADggEBABfLBcK/t2xsodIq
iH4N3QGoHtfAefgJUI3zDybaDiOWQtDeDYQFrE7ULTyGvJ5opo7hJ4gR5NUYUjcb
2I8eQZVkyjb3+FnfuyHp90clpvn3IyIFW6Cj3CFw7pRsift/k860lhTy83JhKpOI
L5LMr8s07RIMqWtS/O3aMnyLiALhE1Aasby3+VhwZM8xi0KJqkSLzxjhUAKYVTPC
MxFXij/onhzG0Mv9Ez0qqg7Wejgvp6n/BaXkW1KqJcZuPoT6SeDV8TjUt/6wV1yD
Drlct9v5XS0egGnhMwUSdJYQ02mKBTa21WcK8ZnrneLbLyJAK8aTZc0dDYwzmL3u
yCkBeb4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:20:34 2025 by rpki-client