Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/xdWwTqIEbBWD-ayZaCrJQr7xhvk.roa
File: xdWwTqIEbBWD-ayZaCrJQr7xhvk.roa (raw, json)
Hash identifier: XVK45wg0nZbg1ksXLgfN8TmYvrajdIvWajx9rGkrzcs=
Subject key identifier: C5:D5:B0:4E:A2:04:6C:15:83:F9:AC:99:68:2A:C9:42:BE:F1:86:F9
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 019428238160AB47B9E79C35820969889026
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/xdWwTqIEbBWD-ayZaCrJQr7xhvk.roa
Signing time: Thu 02 Jan 2025 17:50:02 +0000
ROA not before: Thu 02 Jan 2025 17:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26383
IP address blocks: 91.149.202.0/23 maxlen: 23
91.149.218.0/24 maxlen: 24
91.149.219.0/24 maxlen: 24
91.149.221.0/24 maxlen: 24
91.149.222.0/23 maxlen: 23
91.149.232.0/23 maxlen: 23
91.149.236.0/23 maxlen: 23
91.149.238.0/24 maxlen: 24
91.149.239.0/24 maxlen: 24
91.149.240.0/24 maxlen: 24
91.149.241.0/24 maxlen: 24
91.149.242.0/24 maxlen: 24
91.149.243.0/24 maxlen: 24
91.149.253.0/24 maxlen: 24
91.149.254.0/24 maxlen: 24
91.149.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 09:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:81:60:ab:47:b9:e7:9c:35:82:09:69:88:90:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Jan 2 17:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5d5b04ea2046c1583f9ac99682ac942bef186f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:bb:f4:54:1d:30:7f:c5:1e:cc:b3:cc:59:25:
29:f7:0c:3a:e6:5b:c5:bf:ff:2a:c4:df:42:b0:2d:
18:bf:6e:7f:d8:56:ca:c8:2c:1e:ec:5b:7d:ea:a9:
d4:a5:14:1a:b0:5b:3b:dd:b0:d1:dd:15:ac:56:77:
fc:ed:a7:1d:3a:92:b4:b5:11:c8:d4:6d:42:ab:61:
f0:f3:f2:eb:85:82:69:2d:14:a4:b6:ce:b4:51:b6:
e5:40:00:9e:8e:4a:0b:2a:81:88:54:cc:e7:af:95:
93:0e:95:2a:31:67:da:04:c0:bf:2a:34:b7:50:b8:
7d:99:f1:9f:8c:7b:13:14:2d:db:7d:76:d2:06:f3:
f5:1b:06:ae:6c:72:6f:da:22:ee:e4:ed:e8:47:73:
84:4f:48:1d:17:f6:0d:c9:5c:7c:2b:e9:dc:03:ed:
14:ff:d1:c1:e4:f0:b5:58:3f:46:07:3d:9d:62:cd:
f4:94:3a:5b:0e:4c:67:2e:e3:ff:a8:f2:14:60:f0:
17:13:95:ca:29:fe:97:c2:5f:47:c9:bf:1c:2c:ee:
33:7e:e9:5f:21:eb:fd:c0:89:8a:a5:43:1d:95:a6:
92:7c:37:2d:74:9c:01:b2:3a:ab:7e:ec:67:58:73:
32:be:01:ed:20:ab:89:25:d2:49:a5:d2:68:c9:e9:
d0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:D5:B0:4E:A2:04:6C:15:83:F9:AC:99:68:2A:C9:42:BE:F1:86:F9
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/xdWwTqIEbBWD-ayZaCrJQr7xhvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.202.0/23
91.149.218.0/23
91.149.221.0-91.149.223.255
91.149.232.0/23
91.149.236.0-91.149.243.255
91.149.253.0-91.149.255.255
Signature Algorithm: sha256WithRSAEncryption
1f:61:95:13:c7:7b:68:27:26:35:fd:c4:4d:46:6a:06:32:7a:
2a:6b:97:94:1e:35:1b:3f:d9:27:2a:7c:61:5c:af:56:b8:fd:
d9:c6:44:13:ba:b8:d8:3e:e0:b2:e0:0b:04:da:51:13:5b:40:
59:09:d9:c7:8d:40:94:33:98:aa:36:86:6d:23:cc:cf:b6:36:
1b:78:22:75:94:0e:a2:3d:7d:70:ed:a1:31:bc:fb:42:5b:f5:
77:15:3b:ac:c5:61:65:fd:69:55:9c:e5:f8:40:f6:8f:c4:65:
1f:98:62:5a:99:cc:eb:09:7e:55:06:d0:19:7a:03:ed:9d:8c:
e3:7f:f5:ee:06:86:2d:a1:c8:2d:b0:b7:b0:54:75:a5:58:af:
6f:d1:0c:58:3b:c4:64:83:b0:8e:02:4f:4a:da:fd:02:9f:ae:
3a:23:33:2e:46:c7:60:ea:08:6b:85:70:4d:8f:3f:89:a7:b4:
91:70:d0:c5:95:82:2d:94:f5:4b:f6:d3:6a:50:2b:f0:2c:6a:
73:ac:94:58:1f:04:92:0a:fd:c4:00:b1:09:de:e0:72:3c:be:
5e:a5:aa:fa:c6:06:af:9f:1b:1d:c6:43:4d:71:6c:69:ec:5c:
03:dc:05:c4:45:08:33:bc:26:04:80:d6:75:60:cd:54:3e:bf:
4b:1d:06:2f
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZQoI4Fgq0e555w1gglpiJAmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjUwMTAyMTc1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWQ1YjA0ZWEyMDQ2YzE1ODNmOWFjOTk2ODJhYzk0MmJlZjE4NmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7v0VB0wf8UezLPMWSUp9ww65lvF
v/8qxN9CsC0Yv25/2FbKyCwe7Ft96qnUpRQasFs73bDR3RWsVnf87acdOpK0tRHI
1G1Cq2Hw8/LrhYJpLRSkts60UbblQACejkoLKoGIVMznr5WTDpUqMWfaBMC/KjS3
ULh9mfGfjHsTFC3bfXbSBvP1GwaubHJv2iLu5O3oR3OET0gdF/YNyVx8K+ncA+0U
/9HB5PC1WD9GBz2dYs30lDpbDkxnLuP/qPIUYPAXE5XKKf6Xwl9Hyb8cLO4zfulf
Iev9wImKpUMdlaaSfDctdJwBsjqrfuxnWHMyvgHtIKuJJdJJpdJoyenQvQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFMXVsE6iBGwVg/msmWgqyUK+8Yb5MB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEveGRXd1RxSUViQldELWF5WmFDckpRcjd4aHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzBBBAIAATA7AwQBW5XKAwQB
W5XaMAwDBABbld0DBAVblcADBAFblegwDAMEAluV7AMEAluV8DALAwQAW5X9AwMB
W5QwDQYJKoZIhvcNAQELBQADggEBAB9hlRPHe2gnJjX9xE1GagYyeiprl5QeNRs/
2ScqfGFcr1a4/dnGRBO6uNg+4LLgCwTaURNbQFkJ2ceNQJQzmKo2hm0jzM+2Nht4
InWUDqI9fXDtoTG8+0Jb9XcVO6zFYWX9aVWc5fhA9o/EZR+YYlqZzOsJflUG0Bl6
A+2djON/9e4Ghi2hyC2wt7BUdaVYr2/RDFg7xGSDsI4CT0ra/QKfrjojMy5Gx2Dq
CGuFcE2PP4mntJFw0MWVgi2U9Uv202pQK/AsanOslFgfBJIK/cQAsQne4HI8vl6l
qvrGBq+fGx3GQ01xbGnsXAPcBcRFCDO8JgSA1nVgzVQ+v0sdBi8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:40:15 2025 by rpki-client