Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/I_bpWg0R3egNIDsS4TuRO0l5OuU.roa
File: I_bpWg0R3egNIDsS4TuRO0l5OuU.roa (raw, json)
Hash identifier: LRu8t+U5R8q5/eiZJh5eELy1hDAqVLOXRVMDxnKLw3I=
Subject key identifier: 23:F6:E9:5A:0D:11:DD:E8:0D:20:3B:12:E1:3B:91:3B:49:79:3A:E5
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019423D6B8FABC3E1569E555C10284C1F4FC
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/I_bpWg0R3egNIDsS4TuRO0l5OuU.roa
Signing time: Wed 01 Jan 2025 21:47:41 +0000
ROA not before: Wed 01 Jan 2025 21:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25198
IP address blocks: 86.107.178.0/24 maxlen: 24
86.107.179.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.36.94.0/24 maxlen: 24
89.36.95.0/24 maxlen: 24
89.41.180.0/24 maxlen: 24
89.41.181.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
185.101.107.0/24 maxlen: 24
188.211.233.0/24 maxlen: 24
188.241.218.0/24 maxlen: 24
188.241.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:b8:fa:bc:3e:15:69:e5:55:c1:02:84:c1:f4:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 21:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23f6e95a0d11dde80d203b12e13b913b49793ae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:87:99:64:ac:d4:b9:68:bc:6c:ed:f0:cc:08:
f5:c7:3b:ba:3b:d1:f7:bb:2a:a8:0b:15:60:c8:c2:
35:7a:26:c7:ea:36:d9:91:7a:27:ff:80:8d:ad:a9:
e0:1f:9f:bb:f4:51:06:bc:bd:71:2a:fa:33:2e:06:
f9:c6:e0:ba:4e:cc:ef:60:b6:c1:e4:94:ec:4e:04:
06:f9:6a:00:73:ac:ff:a3:1c:9e:3a:0f:2b:6e:ee:
a2:06:d4:48:f6:09:aa:38:3d:16:68:b3:85:c3:ed:
87:c0:4c:e9:44:a2:14:8a:ac:40:f4:af:5a:28:aa:
66:a9:19:4d:5e:0b:b6:4a:a7:0b:16:7e:4a:8b:89:
08:d0:e5:e5:bd:80:3c:73:ec:4f:84:26:72:70:40:
34:c2:39:cc:32:80:72:a9:a7:0d:ba:71:20:9a:e7:
ee:fa:53:f0:ba:86:c7:a7:2e:54:19:a8:51:42:dc:
b4:6d:82:1e:dd:5b:98:ed:71:d7:6e:b5:cf:38:6a:
41:8c:09:8c:65:2f:93:c6:57:c5:d9:df:a5:5c:ba:
56:ee:0e:a3:0b:3a:0c:7c:4e:cb:71:d5:41:c5:22:
9c:c5:3d:5d:19:fb:ff:87:3f:ce:53:52:e7:e4:8e:
1e:80:cd:08:17:80:22:31:17:70:6d:48:1d:45:4c:
92:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F6:E9:5A:0D:11:DD:E8:0D:20:3B:12:E1:3B:91:3B:49:79:3A:E5
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/I_bpWg0R3egNIDsS4TuRO0l5OuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.178.0/23
89.34.27.0/24
89.36.94.0/23
89.41.180.0/23
93.114.194.0/24
185.101.107.0/24
188.211.233.0/24
188.241.218.0/23
Signature Algorithm: sha256WithRSAEncryption
70:88:23:7a:b9:f2:2d:f5:44:5d:e4:ee:85:25:70:65:41:f2:
95:b5:b3:1d:55:8e:78:a5:19:85:17:c3:c5:f5:ea:cf:c2:f7:
10:41:fb:30:6e:76:d3:c9:ef:d7:95:1c:84:e4:e6:86:14:ac:
3d:02:8e:5e:37:cc:d9:bb:11:16:36:f6:85:aa:d1:9e:5b:dc:
64:e6:1c:2b:c9:b6:99:cf:59:69:88:47:1e:1a:0c:4a:ab:32:
eb:f7:93:a9:5e:0f:52:9e:1b:71:af:7f:fe:b6:23:67:29:29:
0d:13:f5:2f:a1:71:48:b0:c9:aa:61:d6:73:2e:65:ae:bc:35:
d8:0c:2d:da:1e:37:32:4e:0c:39:93:bd:77:8a:43:70:26:3d:
bf:e1:b9:99:05:fb:e1:fb:39:44:46:f1:c3:66:88:ed:68:50:
52:b7:06:ad:61:bc:39:2a:15:6c:b4:6b:8a:56:70:ee:b8:c8:
96:0f:60:9d:d5:2f:70:bf:fe:12:f3:f0:1c:ba:45:15:21:af:
87:39:b6:de:fc:94:91:cc:ba:ec:53:3a:68:af:aa:a9:73:eb:
d9:80:76:f7:6c:df:c9:42:bb:51:aa:2e:39:2f:0b:da:27:76:
23:d4:86:ee:2f:46:66:18:d2:69:9f:b1:9a:20:98:f1:3b:6d:
9e:7d:9a:2c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQj1rj6vD4VaeVVwQKEwfT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTAxMjE0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2Y2ZTk1YTBkMTFkZGU4MGQyMDNiMTJlMTNiOTEzYjQ5NzkzYWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YeZZKzUuWi8bO3wzAj1xzu6O9H3
uyqoCxVgyMI1eibH6jbZkXon/4CNrangH5+79FEGvL1xKvozLgb5xuC6TszvYLbB
5JTsTgQG+WoAc6z/oxyeOg8rbu6iBtRI9gmqOD0WaLOFw+2HwEzpRKIUiqxA9K9a
KKpmqRlNXgu2SqcLFn5Ki4kI0OXlvYA8c+xPhCZycEA0wjnMMoByqacNunEgmufu
+lPwuobHpy5UGahRQty0bYIe3VuY7XHXbrXPOGpBjAmMZS+TxlfF2d+lXLpW7g6j
CzoMfE7LcdVBxSKcxT1dGfv/hz/OU1Ln5I4egM0IF4AiMRdwbUgdRUySKwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCP26VoNEd3oDSA7EuE7kTtJeTrlMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSV9icFdnMFIzZWdOSURzUzRUdVJPMGw1T3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBVmuyAwQA
WSIbAwQBWSReAwQBWSm0AwQAXXLCAwQAuWVrAwQAvNPpAwQBvPHaMA0GCSqGSIb3
DQEBCwUAA4IBAQBwiCN6ufIt9URd5O6FJXBlQfKVtbMdVY54pRmFF8PF9erPwvcQ
QfswbnbTye/XlRyE5OaGFKw9Ao5eN8zZuxEWNvaFqtGeW9xk5hwrybaZz1lpiEce
GgxKqzLr95OpXg9Snhtxr3/+tiNnKSkNE/UvoXFIsMmqYdZzLmWuvDXYDC3aHjcy
Tgw5k713ikNwJj2/4bmZBfvh+zlERvHDZojtaFBStwatYbw5KhVstGuKVnDuuMiW
D2Cd1S9wv/4S8/AcukUVIa+HObbe/JSRzLrsUzpor6qpc+vZgHb3bN/JQrtRqi45
LwvaJ3Yj1IbuL0ZmGNJpn7GaIJjxO22efZos
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:21:28 2025 by rpki-client