Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/9tr6yx1y8_YEiVByZ-MjQoIJAHM.roa
File: 9tr6yx1y8_YEiVByZ-MjQoIJAHM.roa (raw, json)
Hash identifier: jRgj+xVS51Pyi7Ww5Lf3Hkb3VrgrulAoFq5wFotKWJs=
Subject key identifier: F6:DA:FA:CB:1D:72:F3:F6:04:89:50:72:67:E3:23:42:82:09:00:73
Certificate issuer: /CN=4c87389ef41f18c1fcc82754349ea7096980b1e3
Certificate serial: 0194228D6718B05F8FA37545EE5513BA5A41
Authority key identifier: 4C:87:38:9E:F4:1F:18:C1:FC:C8:27:54:34:9E:A7:09:69:80:B1:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIc4nvQfGMH8yCdUNJ6nCWmAseM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/9tr6yx1y8_YEiVByZ-MjQoIJAHM.roa
Signing time: Wed 01 Jan 2025 15:47:59 +0000
ROA not before: Wed 01 Jan 2025 15:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57822
IP address blocks: 94.247.106.0/24 maxlen: 24
94.247.107.0/24 maxlen: 24
94.247.108.0/24 maxlen: 24
94.247.109.0/24 maxlen: 24
185.54.245.0/24 maxlen: 24
185.54.246.0/24 maxlen: 24
185.54.247.0/24 maxlen: 24
2a02:47a0:3::/48 maxlen: 48
2a02:47a0:4::/48 maxlen: 48
2a02:47a0:201::/48 maxlen: 48
2a02:47a0:202::/48 maxlen: 48
2a02:47a0:203::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/TIc4nvQfGMH8yCdUNJ6nCWmAseM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/TIc4nvQfGMH8yCdUNJ6nCWmAseM.mft
rsync://rpki.ripe.net/repository/DEFAULT/TIc4nvQfGMH8yCdUNJ6nCWmAseM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:67:18:b0:5f:8f:a3:75:45:ee:55:13:ba:5a:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c87389ef41f18c1fcc82754349ea7096980b1e3
Validity
Not Before: Jan 1 15:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6dafacb1d72f3f60489507267e3234282090073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:94:4f:4d:a7:50:61:fd:96:a4:90:14:da:52:
ae:f5:20:3d:e3:63:50:b2:b9:82:06:7a:55:a5:c7:
01:00:f3:1d:a8:d9:e0:a1:cc:3d:81:a0:e6:86:72:
88:bb:09:33:86:88:db:35:10:5e:ba:2e:72:48:ba:
cb:21:46:22:f3:69:50:d5:a9:b3:1f:c4:95:5f:c6:
19:9d:2e:19:95:14:06:e1:74:ee:df:0d:c6:bb:df:
96:1d:37:34:cf:f7:5e:68:16:d7:d2:99:3a:ea:95:
86:69:23:96:be:82:88:9e:9a:92:f7:6a:fa:a2:ed:
e1:22:fb:51:9e:c4:59:c4:d1:e8:39:85:92:92:7b:
10:6c:86:ee:7d:b3:59:91:ef:9e:7a:72:b9:09:de:
ac:30:fa:8a:bd:59:c1:5d:08:8b:a4:ac:1e:cb:a2:
45:55:1c:05:26:ff:f9:e5:7b:39:0f:5c:5e:bd:9e:
fe:83:10:01:38:fe:59:6f:8b:49:41:d4:6d:ac:fd:
d9:e5:8c:82:78:56:16:cc:78:bd:2f:63:e0:5d:bd:
b3:ad:b5:b8:7a:54:25:9c:a5:3d:0b:ec:3e:c8:f3:
12:7a:c1:47:79:c8:70:36:0c:d0:77:7b:7d:3e:2d:
9a:c2:82:ac:e6:b6:2e:70:5d:e4:d7:03:ef:1f:c6:
2f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:DA:FA:CB:1D:72:F3:F6:04:89:50:72:67:E3:23:42:82:09:00:73
X509v3 Authority Key Identifier:
keyid:4C:87:38:9E:F4:1F:18:C1:FC:C8:27:54:34:9E:A7:09:69:80:B1:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIc4nvQfGMH8yCdUNJ6nCWmAseM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/9tr6yx1y8_YEiVByZ-MjQoIJAHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/TIc4nvQfGMH8yCdUNJ6nCWmAseM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.106.0-94.247.109.255
185.54.245.0-185.54.247.255
IPv6:
2a02:47a0:3::-2a02:47a0:4:ffff:ffff:ffff:ffff:ffff
2a02:47a0:201::-2a02:47a0:203:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
02:1e:9b:be:95:cf:f0:e2:e6:25:6f:fc:8a:13:b8:ec:25:cc:
ab:7c:64:59:76:ae:94:37:1e:93:94:c9:2c:88:46:47:18:ca:
12:94:f4:12:56:f0:4f:dd:a0:2a:d1:1f:01:29:90:83:02:98:
48:1e:24:9b:1f:24:4b:a4:1e:fb:7a:ea:88:4d:3e:81:9e:4c:
91:d2:1b:95:6c:e2:61:c2:1c:87:1b:26:88:eb:36:1e:c0:9e:
fe:7b:9a:a2:18:5e:81:a7:5d:89:6f:7f:4b:17:68:d2:df:84:
50:03:8e:5a:a8:6c:02:be:e3:db:8d:05:9b:65:1f:88:0a:75:
fa:95:fe:a3:25:5a:c6:85:72:f2:c1:3d:af:10:77:43:7a:90:
d5:7a:07:cd:2c:f9:80:24:6f:47:c8:76:15:f5:29:95:b7:fa:
47:1c:bd:56:3c:b1:40:82:b6:50:7d:71:ca:6a:5f:9a:8a:b4:
6f:cb:d1:76:93:6f:0b:fc:7c:94:2a:a7:db:1d:ad:8a:be:8d:
35:ef:2b:9b:ab:81:5e:d7:19:27:d2:ba:a0:c1:ee:78:57:6e:
82:23:17:db:56:fa:2a:63:19:19:66:b0:da:3c:58:6a:be:20:
6b:04:ef:1d:0a:83:e8:5e:b3:60:4f:55:14:02:e7:9e:22:57:
5a:6b:39:16
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZQijWcYsF+Po3VF7lUTulpBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODczODllZjQxZjE4YzFmY2M4Mjc1NDM0OWVhNzA5Njk4
MGIxZTMwHhcNMjUwMTAxMTU0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmRhZmFjYjFkNzJmM2Y2MDQ4OTUwNzI2N2UzMjM0MjgyMDkwMDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZRPTadQYf2WpJAU2lKu9SA942NQ
srmCBnpVpccBAPMdqNngocw9gaDmhnKIuwkzhojbNRBeui5ySLrLIUYi82lQ1amz
H8SVX8YZnS4ZlRQG4XTu3w3Gu9+WHTc0z/deaBbX0pk66pWGaSOWvoKInpqS92r6
ou3hIvtRnsRZxNHoOYWSknsQbIbufbNZke+eenK5Cd6sMPqKvVnBXQiLpKwey6JF
VRwFJv/55Xs5D1xevZ7+gxABOP5Zb4tJQdRtrP3Z5YyCeFYWzHi9L2PgXb2zrbW4
elQlnKU9C+w+yPMSesFHechwNgzQd3t9Pi2awoKs5rYucF3k1wPvH8YvLQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFPba+ssdcvP2BIlQcmfjI0KCCQBzMB8GA1UdIwQY
MBaAFEyHOJ70HxjB/MgnVDSepwlpgLHjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEljNG52UWZHTUg4eUNkVU5KNm5DV21Bc2VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yMjE1ZjctODg3YS00YmQ1LWJmOTct
ZmZiNzA5Zjc2NjhjLzEvOXRyNnl4MXk4X1lFaVZCeVotTWpRb0lKQUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8yMjE1ZjctODg3YS00YmQ1LWJmOTctZmZiNzA5Zjc2Njhj
LzEvVEljNG52UWZHTUg4eUNkVU5KNm5DV21Bc2VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDAiBAIAATAcMAwDBAFe92oD
BAFe92wwDAMEALk29QMEA7k28DAuBAIAAjAoMBIDBwAqAkegAAMDBwAqAkegAAQw
EgMHACoCR6ACAQMHAioCR6ACADANBgkqhkiG9w0BAQsFAAOCAQEAAh6bvpXP8OLm
JW/8ihO47CXMq3xkWXaulDcek5TJLIhGRxjKEpT0ElbwT92gKtEfASmQgwKYSB4k
mx8kS6Qe+3rqiE0+gZ5MkdIblWziYcIchxsmiOs2HsCe/nuaohhegaddiW9/Sxdo
0t+EUAOOWqhsAr7j240Fm2UfiAp1+pX+oyVaxoVy8sE9rxB3Q3qQ1XoHzSz5gCRv
R8h2FfUplbf6Rxy9VjyxQIK2UH1xympfmoq0b8vRdpNvC/x8lCqn2x2tir6NNe8r
m6uBXtcZJ9K6oMHueFdugiMX21b6KmMZGWaw2jxYar4gawTvHQqD6F6zYE9VFALn
niJXWms5Fg==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:19 2025 by rpki-client