Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/leB_64ybrz6UnuQ8ONDuXBRfKSQ.roa
File: leB_64ybrz6UnuQ8ONDuXBRfKSQ.roa (raw, json)
Hash identifier: YpGN6vj+lQckfcrcDFagKzWYTJIRBq12KtLk9dWRtqI=
Subject key identifier: 95:E0:7F:EB:8C:9B:AF:3E:94:9E:E4:3C:38:D0:EE:5C:14:5F:29:24
Certificate issuer: /CN=926b9336fcaf3657cedeba53c47e948010877e20
Certificate serial: 019421B1C82EF1A037CC6FF8878F79AB28BE
Authority key identifier: 92:6B:93:36:FC:AF:36:57:CE:DE:BA:53:C4:7E:94:80:10:87:7E:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmuTNvyvNlfO3rpTxH6UgBCHfiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/leB_64ybrz6UnuQ8ONDuXBRfKSQ.roa
Signing time: Wed 01 Jan 2025 11:48:06 +0000
ROA not before: Wed 01 Jan 2025 11:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200428
IP address blocks: 185.151.60.0/22 maxlen: 22
185.163.4.0/22 maxlen: 22
185.229.208.0/22 maxlen: 22
2a0a:2640::/29 maxlen: 29
2a0a:5800::/29 maxlen: 29
2a0d:ce00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/kmuTNvyvNlfO3rpTxH6UgBCHfiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/kmuTNvyvNlfO3rpTxH6UgBCHfiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kmuTNvyvNlfO3rpTxH6UgBCHfiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 13:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:c8:2e:f1:a0:37:cc:6f:f8:87:8f:79:ab:28:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=926b9336fcaf3657cedeba53c47e948010877e20
Validity
Not Before: Jan 1 11:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95e07feb8c9baf3e949ee43c38d0ee5c145f2924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a9:9e:ed:ef:d6:61:80:19:d4:90:23:da:cc:
42:10:de:3d:65:04:19:aa:19:99:80:9c:89:d4:f7:
37:b5:e9:14:b6:4a:50:5a:a3:04:a2:16:4c:73:7d:
01:47:c2:36:11:ad:60:97:4e:69:ee:ce:5a:3a:fd:
51:3c:a5:27:37:e1:72:82:ea:ab:fe:50:ff:2e:66:
fe:da:6f:9d:c8:64:a8:04:2e:2c:e8:e9:c1:2e:3c:
92:61:f5:52:39:28:54:91:95:34:56:e5:8a:3d:41:
f6:1a:6e:2f:0b:24:94:7a:85:a2:88:b5:ab:cd:29:
9e:45:f4:dd:46:f6:10:d0:85:72:e7:64:fc:9e:36:
2e:3d:f3:69:9f:ed:86:af:f0:f4:c6:6d:26:e7:6a:
dc:c1:fa:e0:5e:b0:7c:ef:8f:26:e7:e6:fd:36:fb:
a7:dc:1e:63:06:43:cf:e3:6f:78:6a:ee:21:2b:6b:
c1:95:5b:ef:e0:d3:79:ec:ff:b3:96:fb:cc:68:09:
54:1a:58:3d:73:67:e3:ce:2a:23:1b:3f:5a:a7:a7:
5a:22:6b:9c:e5:b9:ca:45:6b:c7:ba:db:4c:c1:1a:
fe:3e:0d:93:37:b1:62:28:ed:f9:43:66:c1:c1:d9:
07:7a:5f:a9:d2:bc:81:25:af:0c:da:da:85:ff:08:
54:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:E0:7F:EB:8C:9B:AF:3E:94:9E:E4:3C:38:D0:EE:5C:14:5F:29:24
X509v3 Authority Key Identifier:
keyid:92:6B:93:36:FC:AF:36:57:CE:DE:BA:53:C4:7E:94:80:10:87:7E:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmuTNvyvNlfO3rpTxH6UgBCHfiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/leB_64ybrz6UnuQ8ONDuXBRfKSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/kmuTNvyvNlfO3rpTxH6UgBCHfiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.60.0/22
185.163.4.0/22
185.229.208.0/22
IPv6:
2a0a:2640::/29
2a0a:5800::/29
2a0d:ce00::/29
Signature Algorithm: sha256WithRSAEncryption
4e:6b:b6:a9:fb:05:43:1e:e1:a7:ae:85:a5:8f:3e:a0:cb:3d:
32:23:78:5d:94:e0:39:f1:58:82:72:eb:6e:d6:c8:fe:3c:e2:
10:34:8a:d2:eb:1b:72:8b:36:c7:d7:a8:92:d5:a2:d3:4b:84:
49:80:03:b9:1f:35:c0:ff:93:71:01:0d:e0:ba:d4:f1:d7:0f:
81:f3:20:51:a0:f3:30:c3:08:31:9f:d2:08:0b:16:6a:84:a5:
de:7a:6e:96:63:ca:f8:5a:77:92:39:c2:7c:f8:2d:1a:e0:0f:
1d:22:85:72:5c:cb:fe:37:86:80:0c:7e:97:97:61:5b:f5:79:
44:0a:93:2f:f0:7e:be:bb:66:bb:09:b8:c2:65:73:30:88:c4:
5b:7c:9b:10:a0:49:08:16:8f:8c:8a:c2:e8:b2:14:a4:2f:5c:
97:e4:7b:4b:b3:e0:0f:1e:2e:89:40:cf:16:58:e5:c0:0d:29:
46:34:a9:2d:a5:0c:20:f2:68:eb:5a:96:96:8e:b6:61:0a:df:
e5:e2:e8:bb:a8:70:01:02:8c:bb:2f:96:cf:96:6e:37:1b:ee:
96:d6:4d:0b:35:7c:a5:d8:f4:1e:8e:95:b6:98:f3:8d:c6:a1:
c5:65:74:2e:70:f3:f6:af:73:2e:3b:c3:7b:eb:ac:06:39:92:
1f:91:f8:51
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQhscgu8aA3zG/4h495qyi+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNmI5MzM2ZmNhZjM2NTdjZWRlYmE1M2M0N2U5NDgwMTA4
NzdlMjAwHhcNMjUwMTAxMTE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWUwN2ZlYjhjOWJhZjNlOTQ5ZWU0M2MzOGQwZWU1YzE0NWYyOTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqme7e/WYYAZ1JAj2sxCEN49ZQQZ
qhmZgJyJ1Pc3tekUtkpQWqMEohZMc30BR8I2Ea1gl05p7s5aOv1RPKUnN+Fyguqr
/lD/Lmb+2m+dyGSoBC4s6OnBLjySYfVSOShUkZU0VuWKPUH2Gm4vCySUeoWiiLWr
zSmeRfTdRvYQ0IVy52T8njYuPfNpn+2Gr/D0xm0m52rcwfrgXrB8748m5+b9Nvun
3B5jBkPP4294au4hK2vBlVvv4NN57P+zlvvMaAlUGlg9c2fjziojGz9ap6daImuc
5bnKRWvHuttMwRr+Pg2TN7FiKO35Q2bBwdkHel+p0ryBJa8M2tqF/whUuwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFJXgf+uMm68+lJ7kPDjQ7lwUXykkMB8GA1UdIwQY
MBaAFJJrkzb8rzZXzt66U8R+lIAQh34gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva211VE52eXZObGZPM3JwVHhINlVnQkNIZmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9lZmJiZjAtZTRmYS00NDMxLWIxZTct
MDZhMjRmYTc0NjY3LzEvbGVCXzY0eWJyejZVbnVROE9ORHVYQlJmS1NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9lZmJiZjAtZTRmYS00NDMxLWIxZTctMDZhMjRmYTc0NjY3
LzEva211VE52eXZObGZPM3JwVHhINlVnQkNIZmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCuZc8AwQC
uaMEAwQCueXQMBsEAgACMBUDBQMqCiZAAwUDKgpYAAMFAyoNzgAwDQYJKoZIhvcN
AQELBQADggEBAE5rtqn7BUMe4aeuhaWPPqDLPTIjeF2U4DnxWIJy627WyP484hA0
itLrG3KLNsfXqJLVotNLhEmAA7kfNcD/k3EBDeC61PHXD4HzIFGg8zDDCDGf0ggL
FmqEpd56bpZjyvhad5I5wnz4LRrgDx0ihXJcy/43hoAMfpeXYVv1eUQKky/wfr67
ZrsJuMJlczCIxFt8mxCgSQgWj4yKwuiyFKQvXJfke0uz4A8eLolAzxZY5cANKUY0
qS2lDCDyaOtalpaOtmEK3+Xi6LuocAECjLsvls+Wbjcb7pbWTQs1fKXY9B6OlbaY
843GocVldC5w8/avcy47w3vrrAY5kh+R+FE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:19 2025 by rpki-client