Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/Sn1YHf-JTelJa8AbFEu9eCrJc-Y.roa
File: Sn1YHf-JTelJa8AbFEu9eCrJc-Y.roa (raw, json)
Hash identifier: 4RQ4/nSSdbUjaSMtOe+F2ienAydzSYTXwrbRmuUcEJY=
Subject key identifier: 4A:7D:58:1D:FF:89:4D:E9:49:6B:C0:1B:14:4B:BD:78:2A:C9:73:E6
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 0194221F755EC5CA647CB3543890C00BF4A2
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/Sn1YHf-JTelJa8AbFEu9eCrJc-Y.roa
Signing time: Wed 01 Jan 2025 13:47:54 +0000
ROA not before: Wed 01 Jan 2025 13:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9050
IP address blocks: 89.39.0.0/24 maxlen: 24
89.39.1.0/24 maxlen: 24
89.39.2.0/24 maxlen: 24
89.39.3.0/24 maxlen: 24
89.39.4.0/24 maxlen: 24
89.39.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:75:5e:c5:ca:64:7c:b3:54:38:90:c0:0b:f4:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 13:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a7d581dff894de9496bc01b144bbd782ac973e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:bb:03:37:e8:06:9a:d2:03:14:39:31:98:5d:
c7:c1:29:bf:88:6d:63:5f:77:b9:d6:00:a0:d9:ec:
2c:b3:90:57:f6:70:c3:98:d4:43:cb:d8:f2:7f:1e:
31:5d:fe:1d:7b:f1:dd:b8:7d:3c:15:c8:3b:da:d8:
9c:08:81:74:09:59:a7:b8:cb:b9:1c:6e:5f:48:ac:
4e:85:d4:21:8f:5a:50:4e:29:f9:ad:32:07:5b:89:
9c:16:6a:d6:08:af:14:3f:16:d1:38:0f:c5:b5:b6:
24:93:ad:a5:ed:7f:c9:7c:3b:44:25:ed:b8:9c:02:
6d:aa:1e:46:63:90:ca:06:52:93:71:61:be:8e:54:
e5:88:da:de:2e:c8:02:c0:9f:68:0e:31:92:b2:3f:
76:43:00:9c:bd:e1:1d:4d:bb:4f:86:97:e3:f0:10:
8f:26:b8:c1:53:92:84:63:b9:20:cf:6c:34:e4:79:
9e:29:c2:3f:6a:ff:22:28:3e:05:29:d3:de:ce:d7:
f5:32:1e:39:0a:1b:f8:b0:6b:d5:5b:94:2b:71:97:
0b:42:cc:c6:41:be:a5:de:c5:de:0f:d0:a0:8f:0d:
b6:92:51:52:f3:b8:36:45:75:cc:de:56:6d:de:10:
67:d7:1f:06:b8:aa:0f:3c:db:a0:b1:b4:08:72:52:
63:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:7D:58:1D:FF:89:4D:E9:49:6B:C0:1B:14:4B:BD:78:2A:C9:73:E6
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/Sn1YHf-JTelJa8AbFEu9eCrJc-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.0.0-89.39.5.255
Signature Algorithm: sha256WithRSAEncryption
c6:c4:e8:a9:77:3f:a1:15:61:c1:9e:21:f6:2a:a9:9c:8b:b9:
0d:bb:1d:7c:bb:04:6a:85:e9:3e:0f:d5:37:51:68:74:ba:f1:
e2:ea:45:41:c3:44:e2:27:98:8f:af:26:73:1b:83:f0:89:bc:
91:cf:af:6f:90:5a:5b:f1:3a:66:2f:67:4e:4f:50:88:ec:3c:
f4:ca:d9:32:2c:40:d2:b6:3e:b1:64:16:c7:f6:cc:9e:ef:c1:
8b:b9:cb:7f:77:f9:06:cf:0d:9c:ec:64:1c:44:2c:68:41:f2:
bd:2d:9f:c0:bc:84:e5:0e:15:42:0c:4a:6e:11:fc:4c:90:14:
8f:36:16:24:b3:0f:13:cb:39:4e:38:a3:7b:17:1b:6c:44:f9:
c6:ed:42:35:07:a4:d1:fd:97:1a:3a:44:9a:60:e5:9b:1a:4b:
5c:a0:dc:a9:aa:3b:20:50:42:c7:e9:b6:24:4c:39:dc:34:a0:
d1:63:10:06:31:c9:78:b5:2b:96:21:84:1b:40:47:57:ca:89:
ed:49:51:ba:a7:26:05:83:a3:2b:d0:de:bc:bd:44:20:ad:3c:
d7:8b:10:9f:22:c8:5f:a9:24:84:0d:53:b7:ab:49:a5:87:c5:
2e:e5:ee:f6:f1:5f:fd:95:13:1a:7d:ec:ee:9b:db:fd:0a:e4:
6f:0b:33:86
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZQiH3VexcpkfLNUOJDAC/SiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjUwMTAxMTM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTdkNTgxZGZmODk0ZGU5NDk2YmMwMWIxNDRiYmQ3ODJhYzk3M2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrsDN+gGmtIDFDkxmF3HwSm/iG1j
X3e51gCg2ewss5BX9nDDmNRDy9jyfx4xXf4de/HduH08Fcg72ticCIF0CVmnuMu5
HG5fSKxOhdQhj1pQTin5rTIHW4mcFmrWCK8UPxbROA/FtbYkk62l7X/JfDtEJe24
nAJtqh5GY5DKBlKTcWG+jlTliNreLsgCwJ9oDjGSsj92QwCcveEdTbtPhpfj8BCP
JrjBU5KEY7kgz2w05HmeKcI/av8iKD4FKdPeztf1Mh45Chv4sGvVW5QrcZcLQszG
Qb6l3sXeD9Cgjw22klFS87g2RXXM3lZt3hBn1x8GuKoPPNugsbQIclJjxwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFEp9WB3/iU3pSWvAGxRLvXgqyXPmMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvU24xWUhmLUpUZWxKYThBYkZFdTllQ3JKYy1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwBZJwME
AVknBDANBgkqhkiG9w0BAQsFAAOCAQEAxsToqXc/oRVhwZ4h9iqpnIu5DbsdfLsE
aoXpPg/VN1FodLrx4upFQcNE4ieYj68mcxuD8Im8kc+vb5BaW/E6Zi9nTk9QiOw8
9MrZMixA0rY+sWQWx/bMnu/Bi7nLf3f5Bs8NnOxkHEQsaEHyvS2fwLyE5Q4VQgxK
bhH8TJAUjzYWJLMPE8s5TjijexcbbET5xu1CNQek0f2XGjpEmmDlmxpLXKDcqao7
IFBCx+m2JEw53DSg0WMQBjHJeLUrliGEG0BHV8qJ7UlRuqcmBYOjK9DevL1EIK08
14sQnyLIX6kkhA1Tt6tJpYfFLuXu9vFf/ZUTGn3s7pvb/Qrkbwszhg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:42:34 2025 by rpki-client