Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/cb6VE86KZTHT0so5FHvKXyPlF6s.roa
File: cb6VE86KZTHT0so5FHvKXyPlF6s.roa (raw, json)
Hash identifier: dyGuPpbSLX2JAalMyv39mIzEN5qhtxt18iaY1z9f54U=
Subject key identifier: 71:BE:95:13:CE:8A:65:31:D3:D2:CA:39:14:7B:CA:5F:23:E5:17:AB
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0195FF9A54F4E6E18324CE94EFE2237B41C9
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/cb6VE86KZTHT0so5FHvKXyPlF6s.roa
Signing time: Fri 04 Apr 2025 07:00:59 +0000
ROA not before: Fri 04 Apr 2025 07:00:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54339
IP address blocks: 89.37.119.0/24 maxlen: 24
89.38.229.0/24 maxlen: 24
89.42.89.0/24 maxlen: 24
89.42.92.0/24 maxlen: 24
89.42.93.0/24 maxlen: 24
89.43.142.0/24 maxlen: 24
89.46.4.0/24 maxlen: 24
89.47.123.0/24 maxlen: 24
89.47.124.0/24 maxlen: 24
93.113.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ff:9a:54:f4:e6:e1:83:24:ce:94:ef:e2:23:7b:41:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Apr 4 07:00:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71be9513ce8a6531d3d2ca39147bca5f23e517ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a6:2b:ee:42:a9:12:33:c9:cc:a9:fe:ef:0b:
ba:c3:4d:fb:42:98:1c:cb:9b:bf:82:13:7f:ec:e8:
8a:5b:ac:3b:b7:ac:7e:28:85:63:ec:27:2e:e0:bc:
f4:89:39:eb:bb:5c:49:3b:d9:a2:03:bf:58:07:cb:
fb:71:7f:10:76:f0:e5:d8:b6:4e:41:62:54:e5:61:
1a:84:bc:eb:d2:0b:88:e1:c6:55:7a:91:be:2b:16:
17:bf:77:f4:99:00:38:d6:25:c4:54:b1:a5:51:31:
78:69:79:7f:d4:bb:a2:1d:a2:a3:a2:97:60:16:e6:
4a:ca:8e:8e:7d:44:a8:26:37:67:9d:c7:15:26:d9:
fb:80:6b:45:86:c7:39:23:1a:ce:5b:72:f0:c6:65:
ba:9d:ed:57:4b:5b:a5:3b:24:e3:02:78:08:c0:66:
d6:d3:04:3a:6c:18:be:e7:43:a7:19:ac:75:1b:ca:
d4:40:d9:3b:51:10:47:7b:ed:5a:2e:1e:e3:5c:4b:
88:f7:b2:4b:37:06:93:01:11:38:ca:e6:1c:ba:ae:
a4:ee:5e:a1:7f:9e:16:32:54:eb:b5:ea:db:5a:ad:
44:4d:a1:b7:47:98:ee:30:d4:f6:45:61:a2:71:44:
b4:36:60:58:31:92:ba:37:2e:12:6a:8f:f3:3f:e2:
f1:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:BE:95:13:CE:8A:65:31:D3:D2:CA:39:14:7B:CA:5F:23:E5:17:AB
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/cb6VE86KZTHT0so5FHvKXyPlF6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.119.0/24
89.38.229.0/24
89.42.89.0/24
89.42.92.0/23
89.43.142.0/24
89.46.4.0/24
89.47.123.0-89.47.124.255
93.113.176.0/24
Signature Algorithm: sha256WithRSAEncryption
64:90:d1:f5:18:4e:08:fd:ad:f6:40:11:82:d6:30:fb:de:13:
68:11:63:92:9b:d5:06:5b:6d:a7:8c:41:fa:97:8c:19:ea:42:
93:82:24:a9:32:16:0b:f0:42:82:62:cb:dd:ed:c9:bc:31:84:
5f:5f:e7:02:64:cc:9b:73:62:d0:79:78:82:01:3f:15:0c:94:
f9:9c:91:db:ff:30:75:a3:ed:93:42:42:f0:38:36:d8:cc:f4:
d7:29:d4:09:82:e8:61:7e:60:90:c3:68:ab:52:cd:21:25:5b:
36:d0:60:16:22:02:4f:ef:52:1c:a9:03:b4:33:29:2f:a1:e8:
48:5a:6f:10:5e:0f:59:4e:df:c4:3c:c3:7c:84:47:b3:27:91:
f8:66:4a:15:47:87:a9:92:73:60:bd:e8:0a:1d:00:51:95:af:
16:d6:f0:a9:e8:e9:12:52:88:36:2d:6c:c2:a1:db:2e:4b:ec:
da:d4:3c:d9:dd:eb:8b:54:da:85:28:25:3b:a2:4b:f5:ba:e8:
03:22:f4:9a:5e:f6:05:f1:2c:85:9b:ba:46:ca:08:38:cf:1c:
60:9b:64:e6:03:63:2c:0c:6a:4a:0e:36:47:17:1d:64:9c:55:
1c:4b:14:ae:a8:7d:22:1c:8c:57:68:73:1f:71:16:99:c3:9f:
d5:de:aa:d1
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZX/mlT05uGDJM6U7+Ije0HJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwNDA0MDcwMDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWJlOTUxM2NlOGE2NTMxZDNkMmNhMzkxNDdiY2E1ZjIzZTUxN2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqYr7kKpEjPJzKn+7wu6w037Qpgc
y5u/ghN/7OiKW6w7t6x+KIVj7Ccu4Lz0iTnru1xJO9miA79YB8v7cX8QdvDl2LZO
QWJU5WEahLzr0guI4cZVepG+KxYXv3f0mQA41iXEVLGlUTF4aXl/1LuiHaKjopdg
FuZKyo6OfUSoJjdnnccVJtn7gGtFhsc5IxrOW3LwxmW6ne1XS1ulOyTjAngIwGbW
0wQ6bBi+50OnGax1G8rUQNk7URBHe+1aLh7jXEuI97JLNwaTARE4yuYcuq6k7l6h
f54WMlTrterbWq1ETaG3R5juMNT2RWGicUS0NmBYMZK6Ny4Sao/zP+LxBQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFHG+lRPOimUx09LKORR7yl8j5RerMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvY2I2VkU4NktaVEhUMHNvNUZIdktYeVBsRjZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAWSV3AwQA
WSblAwQAWSpZAwQBWSpcAwQAWSuOAwQAWS4EMAwDBABZL3sDBABZL3wDBABdcbAw
DQYJKoZIhvcNAQELBQADggEBAGSQ0fUYTgj9rfZAEYLWMPveE2gRY5Kb1QZbbaeM
QfqXjBnqQpOCJKkyFgvwQoJiy93tybwxhF9f5wJkzJtzYtB5eIIBPxUMlPmckdv/
MHWj7ZNCQvA4NtjM9Ncp1AmC6GF+YJDDaKtSzSElWzbQYBYiAk/vUhypA7QzKS+h
6EhabxBeD1lO38Q8w3yER7MnkfhmShVHh6mSc2C96AodAFGVrxbW8Kno6RJSiDYt
bMKh2y5L7NrUPNnd64tU2oUoJTuiS/W66AMi9Jpe9gXxLIWbukbKCDjPHGCbZOYD
YywMakoONkcXHWScVRxLFK6ofSIcjFdocx9xFpnDn9XeqtE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:26:47 2025 by rpki-client