Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/91g6z08m8q3UiOGe0AbrizL7h14.roa
File: 91g6z08m8q3UiOGe0AbrizL7h14.roa (raw, json)
Hash identifier: UzCeyAV+fH+ahYJC2yen3wKx/EfixsvWeeKacTQ1cHk=
Subject key identifier: F7:58:3A:CF:4F:26:F2:AD:D4:88:E1:9E:D0:06:EB:8B:32:FB:87:5E
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 019424B3D8E93582B43AAECF2E1769125F91
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/91g6z08m8q3UiOGe0AbrizL7h14.roa
Signing time: Thu 02 Jan 2025 01:49:13 +0000
ROA not before: Thu 02 Jan 2025 01:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48635
IP address blocks: 185.69.232.0/22 maxlen: 22
185.84.72.0/22 maxlen: 22
185.105.204.0/22 maxlen: 22
185.105.216.0/22 maxlen: 22
2a05:a280::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 11:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:d8:e9:35:82:b4:3a:ae:cf:2e:17:69:12:5f:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jan 2 01:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7583acf4f26f2add488e19ed006eb8b32fb875e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:52:fe:fd:bf:35:9e:2f:ae:69:2e:ce:19:56:
80:4e:0f:0f:d1:3a:16:d2:4e:28:2f:7c:1a:ed:f8:
9f:60:64:6c:6e:02:95:e3:95:33:b9:2a:52:36:8b:
8a:a1:dd:09:1c:2d:a9:e5:c4:b8:4c:ff:f1:ee:98:
13:35:c7:8d:a5:ea:82:2f:c3:f1:0b:0e:7a:27:57:
d9:ac:3a:6c:7d:f9:2c:f9:75:9d:a7:b4:c8:f3:8d:
55:fd:01:99:b9:a0:50:05:2d:d3:eb:04:76:37:43:
76:f7:c2:69:ff:73:05:4c:1e:5d:e9:92:bd:a0:d0:
3c:0c:ba:7e:6d:31:2e:1f:78:49:8a:d8:58:83:ec:
15:d0:a9:5e:ff:b1:c8:b6:1e:33:ca:6a:c1:c1:87:
21:56:f0:0e:3c:43:2e:84:08:bd:88:f9:c4:28:ac:
a0:a2:b4:fb:b4:23:5c:22:55:0f:31:59:c7:5e:7e:
54:6e:f4:9f:37:59:e9:c4:32:ca:7a:81:b9:1d:f9:
fa:b0:9a:24:22:94:1c:b0:6a:99:08:ee:8d:5b:24:
77:2e:c2:77:d5:e5:c7:c1:6c:7c:22:50:c8:1e:88:
4f:5c:16:c7:30:4f:75:ea:10:a9:73:27:fd:b0:0d:
df:d3:ab:5a:95:8b:95:37:28:4d:6c:dc:8d:3e:1c:
b5:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:58:3A:CF:4F:26:F2:AD:D4:88:E1:9E:D0:06:EB:8B:32:FB:87:5E
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/91g6z08m8q3UiOGe0AbrizL7h14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.232.0/22
185.84.72.0/22
185.105.204.0/22
185.105.216.0/22
IPv6:
2a05:a280::/29
Signature Algorithm: sha256WithRSAEncryption
5e:1c:70:7d:92:d3:4e:6d:b2:71:fc:f0:75:48:90:f9:4b:fe:
d1:76:92:93:13:46:89:ad:73:1b:4e:c1:d8:a4:5a:5e:68:b8:
2f:52:67:5b:5b:1d:c9:c0:57:2b:8b:17:db:7e:7f:dc:1a:f4:
64:9a:cb:38:82:cc:ca:1a:4c:99:ae:db:4c:66:6a:5a:74:97:
20:9a:96:56:44:d3:59:30:e1:3c:2b:43:92:76:cc:4d:ed:81:
60:a0:1a:31:ba:60:3a:4c:da:1b:7e:34:1d:3e:fa:5b:0d:21:
15:28:19:24:0b:d6:e0:b9:82:31:a9:f9:cd:e8:03:4b:7b:7e:
c4:29:b3:f4:d1:21:e6:db:55:80:31:5d:5c:fc:bc:1d:74:63:
1f:82:78:75:0c:07:56:99:66:75:10:a0:7b:59:4a:e3:5b:a5:
a3:7e:a6:68:ab:9c:6a:4b:b9:b6:ab:cb:2d:fd:c1:12:1a:25:
8d:86:c6:d6:2f:a1:7b:85:95:4f:56:4a:ad:93:41:7d:0f:57:
ec:c8:fe:c3:5e:c6:fd:7e:00:ca:60:1e:dd:f8:b1:1f:1d:13:
79:33:52:d5:a0:0a:02:f2:bf:ef:c4:29:e9:72:ad:38:cf:b6:
83:2b:4d:62:fd:18:98:f0:25:a1:57:fc:4d:d5:92:aa:36:c7:
23:16:e2:fd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQks9jpNYK0Oq7PLhdpEl+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjUwMTAyMDE0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzU4M2FjZjRmMjZmMmFkZDQ4OGUxOWVkMDA2ZWI4YjMyZmI4NzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1L+/b81ni+uaS7OGVaATg8P0ToW
0k4oL3wa7fifYGRsbgKV45UzuSpSNouKod0JHC2p5cS4TP/x7pgTNceNpeqCL8Px
Cw56J1fZrDpsffks+XWdp7TI841V/QGZuaBQBS3T6wR2N0N298Jp/3MFTB5d6ZK9
oNA8DLp+bTEuH3hJithYg+wV0Kle/7HIth4zymrBwYchVvAOPEMuhAi9iPnEKKyg
orT7tCNcIlUPMVnHXn5UbvSfN1npxDLKeoG5Hfn6sJokIpQcsGqZCO6NWyR3LsJ3
1eXHwWx8IlDIHohPXBbHME916hCpcyf9sA3f06talYuVNyhNbNyNPhy1cwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPdYOs9PJvKt1IjhntAG64sy+4deMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvOTFnNnowOG04cTNVaU9HZTBBYnJpekw3aDE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuUXoAwQC
uVRIAwQCuWnMAwQCuWnYMA0EAgACMAcDBQMqBaKAMA0GCSqGSIb3DQEBCwUAA4IB
AQBeHHB9ktNObbJx/PB1SJD5S/7RdpKTE0aJrXMbTsHYpFpeaLgvUmdbWx3JwFcr
ixfbfn/cGvRkmss4gszKGkyZrttMZmpadJcgmpZWRNNZMOE8K0OSdsxN7YFgoBox
umA6TNobfjQdPvpbDSEVKBkkC9bguYIxqfnN6ANLe37EKbP00SHm21WAMV1c/Lwd
dGMfgnh1DAdWmWZ1EKB7WUrjW6WjfqZoq5xqS7m2q8st/cESGiWNhsbWL6F7hZVP
Vkqtk0F9D1fsyP7DXsb9fgDKYB7d+LEfHRN5M1LVoAoC8r/vxCnpcq04z7aDK01i
/RiY8CWhV/xN1ZKqNscjFuL9
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:10:09 2025 by rpki-client