Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/dee1ee-9384-45ab-a70a-5eae6ed58375/1/Yes96KlqbG0mr87JhVnZBvHYB_g.roa
File: Yes96KlqbG0mr87JhVnZBvHYB_g.roa (raw, json)
Hash identifier: n9jcRd3MdFn9mVFhJ/Pv7xaxOHOW7HhKsR2CUBypqZw=
Subject key identifier: 61:EB:3D:E8:A9:6A:6C:6D:26:AF:CE:C9:85:59:D9:06:F1:D8:07:F8
Certificate issuer: /CN=0032534e8d560d73553c632bba10344a7c816614
Certificate serial: 019427B5C8C3AA3A186375C387D9AD0F3CCE
Authority key identifier: 00:32:53:4E:8D:56:0D:73:55:3C:63:2B:BA:10:34:4A:7C:81:66:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ADJTTo1WDXNVPGMruhA0SnyBZhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/dee1ee-9384-45ab-a70a-5eae6ed58375/1/Yes96KlqbG0mr87JhVnZBvHYB_g.roa
Signing time: Thu 02 Jan 2025 15:50:12 +0000
ROA not before: Thu 02 Jan 2025 15:50:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1820
IP address blocks: 91.202.108.0/22 maxlen: 32
193.110.100.0/23 maxlen: 32
194.28.196.0/22 maxlen: 32
194.246.99.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/dee1ee-9384-45ab-a70a-5eae6ed58375/1/ADJTTo1WDXNVPGMruhA0SnyBZhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/dee1ee-9384-45ab-a70a-5eae6ed58375/1/ADJTTo1WDXNVPGMruhA0SnyBZhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ADJTTo1WDXNVPGMruhA0SnyBZhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 09:01:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:c8:c3:aa:3a:18:63:75:c3:87:d9:ad:0f:3c:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0032534e8d560d73553c632bba10344a7c816614
Validity
Not Before: Jan 2 15:50:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61eb3de8a96a6c6d26afcec98559d906f1d807f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:30:90:2b:d1:16:21:c1:26:e1:d3:d6:83:ba:
32:6d:29:3b:c7:33:d2:dd:24:2e:82:fb:51:69:b5:
87:53:ab:5f:e9:75:7d:1a:6d:42:a1:dd:7c:49:dc:
bf:64:2e:5f:88:23:41:fd:d6:36:26:d2:a4:9c:ee:
f4:68:ec:3e:c1:da:e0:75:a8:e5:66:b4:48:cc:fc:
e8:0b:0e:37:66:0d:11:3e:a4:1f:93:52:a5:81:86:
59:18:f0:27:f1:c2:18:dc:3b:e2:84:2c:2b:e8:15:
44:1b:c5:1b:72:c3:67:10:04:86:26:19:56:15:e6:
bc:1e:1e:fd:0b:69:8f:15:49:92:b7:ff:30:30:43:
1e:b9:f2:8f:20:d2:a4:36:0d:e7:f3:07:4f:d8:a8:
fb:28:ad:b1:b6:a5:2d:3e:0d:ed:2d:5e:a0:ce:16:
38:0b:74:ff:6b:e5:00:44:7f:6e:bc:3f:a8:fa:c4:
a4:7d:d3:47:73:d8:27:7a:82:05:27:c4:9f:45:24:
7c:1a:1c:89:1b:6d:77:27:69:5f:bd:98:bf:38:68:
5d:8d:08:5c:a8:72:b6:39:d6:4a:d8:dc:e3:6e:b9:
1f:12:77:cc:32:a1:99:81:35:43:fd:85:7e:7d:70:
d6:53:27:ee:26:8e:25:9e:42:e1:3a:fa:5b:28:fd:
9e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:EB:3D:E8:A9:6A:6C:6D:26:AF:CE:C9:85:59:D9:06:F1:D8:07:F8
X509v3 Authority Key Identifier:
keyid:00:32:53:4E:8D:56:0D:73:55:3C:63:2B:BA:10:34:4A:7C:81:66:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ADJTTo1WDXNVPGMruhA0SnyBZhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/dee1ee-9384-45ab-a70a-5eae6ed58375/1/Yes96KlqbG0mr87JhVnZBvHYB_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/dee1ee-9384-45ab-a70a-5eae6ed58375/1/ADJTTo1WDXNVPGMruhA0SnyBZhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.108.0/22
193.110.100.0/23
194.28.196.0/22
194.246.99.0/24
Signature Algorithm: sha256WithRSAEncryption
81:fc:27:5a:c2:86:7d:51:fe:b5:8d:91:6c:98:c2:cf:bd:56:
97:d0:2a:e1:cf:b3:fb:33:e6:a5:63:d8:37:9e:b6:b9:e1:27:
fe:45:1a:ff:9f:f0:70:e4:02:6a:07:e0:4e:3b:e5:86:89:86:
ae:53:21:c1:f1:2b:04:93:6a:9f:3d:2e:00:f0:1f:8b:39:05:
03:b7:83:44:5c:34:e2:b2:85:01:03:4e:f6:25:d6:e9:01:ba:
66:ee:f0:12:62:16:47:f8:eb:5e:62:2c:5b:23:3e:26:4f:43:
1a:97:c8:b2:f8:62:66:e3:58:e5:6e:18:a7:fe:dd:ff:1f:fe:
c3:b7:3d:f8:0b:cd:93:1c:6d:8d:96:bf:41:3b:f0:be:2a:c9:
1c:11:d5:97:41:25:61:6c:46:06:34:5f:c0:ce:f1:be:1b:65:
3c:54:58:5a:8f:21:38:eb:55:d8:91:81:92:86:d4:f9:ba:46:
e9:ff:fc:93:bd:e4:e7:92:fd:e1:30:26:f6:bd:6a:39:df:0a:
e2:98:7f:31:f0:3e:97:32:71:92:74:14:ab:d4:86:57:d6:2c:
aa:87:18:2d:6e:fd:d3:a1:34:94:a0:13:f4:f2:0f:e1:6f:60:
5e:14:01:55:21:0a:45:88:51:66:fc:9d:da:dc:7c:88:c9:df:
03:eb:6e:77
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQntcjDqjoYY3XDh9mtDzzOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMzI1MzRlOGQ1NjBkNzM1NTNjNjMyYmJhMTAzNDRhN2M4
MTY2MTQwHhcNMjUwMTAyMTU1MDEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWViM2RlOGE5NmE2YzZkMjZhZmNlYzk4NTU5ZDkwNmYxZDgwN2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzCQK9EWIcEm4dPWg7oybSk7xzPS
3SQugvtRabWHU6tf6XV9Gm1Cod18Sdy/ZC5fiCNB/dY2JtKknO70aOw+wdrgdajl
ZrRIzPzoCw43Zg0RPqQfk1KlgYZZGPAn8cIY3DvihCwr6BVEG8UbcsNnEASGJhlW
Fea8Hh79C2mPFUmSt/8wMEMeufKPINKkNg3n8wdP2Kj7KK2xtqUtPg3tLV6gzhY4
C3T/a+UARH9uvD+o+sSkfdNHc9gneoIFJ8SfRSR8GhyJG213J2lfvZi/OGhdjQhc
qHK2OdZK2NzjbrkfEnfMMqGZgTVD/YV+fXDWUyfuJo4lnkLhOvpbKP2ehwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGHrPeipamxtJq/OyYVZ2Qbx2Af4MB8GA1UdIwQY
MBaAFAAyU06NVg1zVTxjK7oQNEp8gWYUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQURKVFRvMVdEWE5WUEdNcnVoQTBTbnlCWmhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9kZWUxZWUtOTM4NC00NWFiLWE3MGEt
NWVhZTZlZDU4Mzc1LzEvWWVzOTZLbHFiRzBtcjg3SmhWblpCdkhZQl9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9kZWUxZWUtOTM4NC00NWFiLWE3MGEtNWVhZTZlZDU4Mzc1
LzEvQURKVFRvMVdEWE5WUEdNcnVoQTBTbnlCWmhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW8psAwQB
wW5kAwQCwhzEAwQAwvZjMA0GCSqGSIb3DQEBCwUAA4IBAQCB/CdawoZ9Uf61jZFs
mMLPvVaX0Crhz7P7M+alY9g3nra54Sf+RRr/n/Bw5AJqB+BOO+WGiYauUyHB8SsE
k2qfPS4A8B+LOQUDt4NEXDTisoUBA072JdbpAbpm7vASYhZH+OteYixbIz4mT0Ma
l8iy+GJm41jlbhin/t3/H/7Dtz34C82THG2Nlr9BO/C+KskcEdWXQSVhbEYGNF/A
zvG+G2U8VFhajyE461XYkYGShtT5ukbp//yTveTnkv3hMCb2vWo53wrimH8x8D6X
MnGSdBSr1IZX1iyqhxgtbv3ToTSUoBP08g/hb2BeFAFVIQpFiFFm/J3a3HyIyd8D
6253
-----END CERTIFICATE-----
Generated at Sat Apr 12 19:11:18 2025 by rpki-client