Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/4uK0mtvpi_7WWZ7AJgnIBWzlJZs.roa
File: 4uK0mtvpi_7WWZ7AJgnIBWzlJZs.roa (raw, json)
Hash identifier: tRCHQ0pSvKy+pHBgU1RJlxzGVnrPdrSmNbx8dSM1tXg=
Subject key identifier: E2:E2:B4:9A:DB:E9:8B:FE:D6:59:9E:C0:26:09:C8:05:6C:E5:25:9B
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019423D6BB0DA7A5F7C4E94A2FB9F8EA5FFE
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/4uK0mtvpi_7WWZ7AJgnIBWzlJZs.roa
Signing time: Wed 01 Jan 2025 21:47:42 +0000
ROA not before: Wed 01 Jan 2025 21:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33911
IP address blocks: 77.81.181.0/24 maxlen: 24
89.34.24.0/23 maxlen: 23
89.35.158.0/24 maxlen: 24
89.41.176.0/23 maxlen: 23
89.41.182.0/24 maxlen: 24
89.41.183.0/24 maxlen: 24
188.214.88.0/24 maxlen: 24
2001:4d18:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:bb:0d:a7:a5:f7:c4:e9:4a:2f:b9:f8:ea:5f:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 21:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2e2b49adbe98bfed6599ec02609c8056ce5259b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:99:fe:70:19:80:28:39:28:4c:84:17:83:46:
d5:17:f9:cb:81:55:93:ff:f6:f4:63:e3:7a:40:88:
33:f3:b7:59:87:64:92:16:14:7c:d9:e2:da:85:2e:
a8:37:b7:4b:26:51:67:4a:f1:22:33:1d:64:c1:c5:
99:e4:82:7d:15:71:05:f0:71:d0:d8:f9:dd:f9:df:
1e:00:ff:58:83:83:52:ba:60:5e:fa:71:a2:f3:ba:
a2:d6:78:f7:4e:d9:a1:1e:f9:8b:23:62:b3:5b:ff:
14:14:0c:ee:f9:43:cc:11:7a:86:80:b8:fb:dd:ba:
1c:0b:fb:2f:43:aa:25:6c:13:c9:7d:14:e2:c1:9c:
08:c6:07:c6:2d:18:0c:09:1f:0b:88:80:4d:d8:f4:
38:21:6c:6b:bd:0d:f4:db:8f:f1:eb:51:8c:dc:b2:
61:6b:e0:1e:51:14:03:b4:8f:51:2a:d5:f3:c0:b9:
34:cb:49:9a:3a:1f:88:90:e9:bb:6a:fd:99:c6:a3:
96:75:cd:77:75:b9:9d:dd:5b:9a:e1:e9:20:0c:02:
6d:78:0d:09:31:3b:12:1d:db:d6:5a:bd:97:16:ee:
4a:55:bd:c0:11:8a:66:6c:79:81:09:64:88:f7:6f:
1e:e9:05:08:a2:68:15:ea:a3:64:51:61:12:c2:cc:
40:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:E2:B4:9A:DB:E9:8B:FE:D6:59:9E:C0:26:09:C8:05:6C:E5:25:9B
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/4uK0mtvpi_7WWZ7AJgnIBWzlJZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.181.0/24
89.34.24.0/23
89.35.158.0/24
89.41.176.0/23
89.41.182.0/23
188.214.88.0/24
IPv6:
2001:4d18:2::/48
Signature Algorithm: sha256WithRSAEncryption
4d:af:f3:90:f5:83:38:6b:ac:cd:8c:d4:00:5c:9c:a8:94:46:
fb:57:76:44:03:e5:d5:08:a3:ca:67:55:59:4c:86:fb:84:75:
52:94:4b:08:05:ab:a3:3c:c5:a2:35:7a:fe:7e:e1:af:46:0f:
29:f2:f8:9c:bd:28:08:c9:9f:8b:27:2f:62:61:2d:47:95:33:
ad:38:9e:6c:9d:90:44:1d:2b:1e:0e:13:a1:62:fb:b1:a2:6c:
8d:0f:f6:23:de:5a:af:52:96:a2:44:3d:b4:ea:9e:9d:cb:b8:
68:db:95:5c:56:94:64:8d:25:41:48:ca:fb:73:ae:f0:db:85:
c1:89:0e:d2:48:8a:49:84:d1:a7:bb:ec:bd:ad:2b:a8:f3:0b:
3f:2a:5e:b4:c2:8f:30:38:b6:e8:e2:a7:8d:46:0a:e8:dc:88:
0d:28:2a:84:39:b9:37:3f:8f:25:15:7b:5c:89:a3:13:1d:71:
77:13:75:ba:63:1d:5d:b3:75:81:e0:6f:81:4a:c9:31:75:04:
d2:cb:c7:b1:67:9b:16:98:ef:68:f9:1f:4c:9e:e3:49:a3:b6:
10:01:49:c4:0b:ae:1d:03:3a:2b:0a:88:14:06:b7:f1:ed:2c:
14:73:b8:81:82:8d:2f:5c:a6:ed:24:28:cb:4f:12:b1:d5:0a:
cb:70:62:04
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQj1rsNp6X3xOlKL7n46l/+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTAxMjE0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmUyYjQ5YWRiZTk4YmZlZDY1OTllYzAyNjA5YzgwNTZjZTUyNTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5n+cBmAKDkoTIQXg0bVF/nLgVWT
//b0Y+N6QIgz87dZh2SSFhR82eLahS6oN7dLJlFnSvEiMx1kwcWZ5IJ9FXEF8HHQ
2Pnd+d8eAP9Yg4NSumBe+nGi87qi1nj3TtmhHvmLI2KzW/8UFAzu+UPMEXqGgLj7
3bocC/svQ6olbBPJfRTiwZwIxgfGLRgMCR8LiIBN2PQ4IWxrvQ3024/x61GM3LJh
a+AeURQDtI9RKtXzwLk0y0maOh+IkOm7av2ZxqOWdc13dbmd3Vua4ekgDAJteA0J
MTsSHdvWWr2XFu5KVb3AEYpmbHmBCWSI928e6QUIomgV6qNkUWESwsxAvwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFOLitJrb6Yv+1lmewCYJyAVs5SWbMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvNHVLMG10dnBpXzdXV1o3QUpnbklCV3psSlpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQATVG1AwQB
WSIYAwQAWSOeAwQBWSmwAwQBWSm2AwQAvNZYMA8EAgACMAkDBwAgAU0YAAIwDQYJ
KoZIhvcNAQELBQADggEBAE2v85D1gzhrrM2M1ABcnKiURvtXdkQD5dUIo8pnVVlM
hvuEdVKUSwgFq6M8xaI1ev5+4a9GDyny+Jy9KAjJn4snL2JhLUeVM604nmydkEQd
Kx4OE6Fi+7GibI0P9iPeWq9SlqJEPbTqnp3LuGjblVxWlGSNJUFIyvtzrvDbhcGJ
DtJIikmE0ae77L2tK6jzCz8qXrTCjzA4tujip41GCujciA0oKoQ5uTc/jyUVe1yJ
oxMdcXcTdbpjHV2zdYHgb4FKyTF1BNLLx7FnmxaY72j5H0ye40mjthABScQLrh0D
OisKiBQGt/HtLBRzuIGCjS9cpu0kKMtPErHVCstwYgQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:38:54 2025 by rpki-client