Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/CtMnkVLzDO6NkCgcD7ECiqLcKm0.roa
File: CtMnkVLzDO6NkCgcD7ECiqLcKm0.roa (raw, json)
Hash identifier: 3ylNKs17RRY0DR06ximT73dQ6aPkr8hQsaOLRrt0rwI=
Subject key identifier: 0A:D3:27:91:52:F3:0C:EE:8D:90:28:1C:0F:B1:02:8A:A2:DC:2A:6D
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019423D6C48C34E775582ED7E0D7A77AEB63
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/CtMnkVLzDO6NkCgcD7ECiqLcKm0.roa
Signing time: Wed 01 Jan 2025 21:47:45 +0000
ROA not before: Wed 01 Jan 2025 21:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62390
IP address blocks: 89.33.13.0/24 maxlen: 24
89.37.116.0/24 maxlen: 24
89.37.117.0/24 maxlen: 24
89.45.12.0/23 maxlen: 23
89.45.12.0/24 maxlen: 24
89.45.13.0/24 maxlen: 24
89.47.232.0/24 maxlen: 24
93.119.105.0/24 maxlen: 24
188.240.210.0/24 maxlen: 24
188.240.221.0/24 maxlen: 24
2001:4d18:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 13:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:c4:8c:34:e7:75:58:2e:d7:e0:d7:a7:7a:eb:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 21:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ad3279152f30cee8d90281c0fb1028aa2dc2a6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d2:4f:30:f2:ff:f9:30:1b:9a:d7:df:56:7a:
be:49:c2:d8:6e:da:d5:6f:02:f7:1c:e2:8a:56:63:
98:3e:14:91:1f:aa:dc:ee:68:22:d7:33:65:d1:94:
55:09:c9:65:7e:03:11:dc:c6:a0:b6:4a:70:fc:02:
d9:65:12:30:2d:49:56:99:0c:b1:06:eb:77:dd:b5:
c1:23:83:1e:d3:b6:c9:e3:dd:66:05:df:40:15:17:
0f:ae:bb:cf:30:9a:f5:82:6d:73:5b:65:7a:7b:b5:
db:0b:bb:83:a1:f5:8e:9e:91:2c:f9:82:53:ef:f7:
aa:b3:ac:5e:0c:0c:1b:3d:4d:81:c9:da:ed:35:ba:
54:75:f0:36:ed:18:dd:c9:f1:73:da:a7:ba:f8:59:
a2:7e:2b:bf:fb:54:59:b2:e4:69:de:3c:52:b0:11:
3b:35:9f:f7:29:98:1a:94:d7:8b:3d:ac:b6:b9:be:
35:7d:81:37:bf:a1:75:c3:5d:30:10:e4:8e:86:a6:
af:c5:f7:90:68:15:39:1b:75:3a:b2:e9:0f:6d:15:
21:6c:63:3a:13:e1:25:4f:98:20:8b:4a:9e:25:1e:
03:3f:8b:4f:d1:f7:0f:c0:18:9a:57:2e:26:92:fb:
e5:0e:e6:35:4c:99:a4:0b:c2:ec:79:48:e7:34:fe:
58:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D3:27:91:52:F3:0C:EE:8D:90:28:1C:0F:B1:02:8A:A2:DC:2A:6D
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/CtMnkVLzDO6NkCgcD7ECiqLcKm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.13.0/24
89.37.116.0/23
89.45.12.0/23
89.47.232.0/24
93.119.105.0/24
188.240.210.0/24
188.240.221.0/24
IPv6:
2001:4d18:2::/48
Signature Algorithm: sha256WithRSAEncryption
23:70:44:0b:f7:6e:f1:ae:36:fe:1b:21:12:15:3c:8d:27:f2:
96:8d:50:ae:e1:d8:d5:3f:1a:39:96:d0:32:9c:6a:7a:09:22:
df:33:52:e6:f9:8a:35:a0:57:06:d4:2b:b9:2b:98:c2:96:5c:
53:b1:82:22:ad:76:95:2f:39:29:35:8b:e1:45:aa:36:08:13:
06:54:ed:51:ab:31:be:53:b0:7a:e4:ac:65:26:dd:08:9a:47:
fd:c2:6f:68:61:24:0a:70:69:d1:90:70:46:b8:ef:31:91:f7:
3c:50:61:71:22:da:b4:6a:7a:d9:a2:c0:c8:d3:81:c5:58:b3:
0b:9e:ab:c8:7b:12:8f:0d:13:19:19:b2:bc:6a:dc:a4:b6:fa:
8e:bd:93:ab:8f:48:63:1f:d3:e0:93:cc:fe:7e:c5:dc:a7:e2:
24:c0:68:4e:ab:a4:63:5a:90:83:e4:6c:2a:c7:0e:e4:9e:5d:
61:25:03:ed:b8:6f:c5:af:66:a2:29:9c:8a:04:a0:31:fc:8a:
29:70:9f:0f:aa:76:26:1c:dc:12:80:d6:e0:81:34:36:72:f9:
b5:95:27:c3:44:18:a6:c9:d3:60:c8:84:30:73:16:3c:92:07:
59:c4:e3:48:ee:93:ea:1e:6a:a7:5d:fe:97:64:ee:db:d8:24:
18:79:74:41
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZQj1sSMNOd1WC7X4NeneutjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTAxMjE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWQzMjc5MTUyZjMwY2VlOGQ5MDI4MWMwZmIxMDI4YWEyZGMyYTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NJPMPL/+TAbmtffVnq+ScLYbtrV
bwL3HOKKVmOYPhSRH6rc7mgi1zNl0ZRVCcllfgMR3Magtkpw/ALZZRIwLUlWmQyx
But33bXBI4Me07bJ491mBd9AFRcPrrvPMJr1gm1zW2V6e7XbC7uDofWOnpEs+YJT
7/eqs6xeDAwbPU2BydrtNbpUdfA27RjdyfFz2qe6+Fmifiu/+1RZsuRp3jxSsBE7
NZ/3KZgalNeLPay2ub41fYE3v6F1w10wEOSOhqavxfeQaBU5G3U6sukPbRUhbGM6
E+ElT5ggi0qeJR4DP4tP0fcPwBiaVy4mkvvlDuY1TJmkC8LseUjnNP5YKQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFArTJ5FS8wzujZAoHA+xAoqi3CptMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvQ3RNbmtWTHpETzZOa0NnY0Q3RUNpcUxjS20wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQAWSENAwQB
WSV0AwQBWS0MAwQAWS/oAwQAXXdpAwQAvPDSAwQAvPDdMA8EAgACMAkDBwAgAU0Y
AAIwDQYJKoZIhvcNAQELBQADggEBACNwRAv3bvGuNv4bIRIVPI0n8paNUK7h2NU/
GjmW0DKcanoJIt8zUub5ijWgVwbUK7krmMKWXFOxgiKtdpUvOSk1i+FFqjYIEwZU
7VGrMb5TsHrkrGUm3QiaR/3Cb2hhJApwadGQcEa47zGR9zxQYXEi2rRqetmiwMjT
gcVYswueq8h7Eo8NExkZsrxq3KS2+o69k6uPSGMf0+CTzP5+xdyn4iTAaE6rpGNa
kIPkbCrHDuSeXWElA+24b8WvZqIpnIoEoDH8iilwnw+qdiYc3BKA1uCBNDZy+bWV
J8NEGKbJ02DIhDBzFjySB1nE40juk+oeaqdd/pdk7tvYJBh5dEE=
-----END CERTIFICATE-----
Generated at Wed Feb 5 16:52:51 2025 by rpki-client