Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/mQfuYDhcQ_uLiN8TuC8vArT48n0.roa
File: mQfuYDhcQ_uLiN8TuC8vArT48n0.roa (raw, json)
Hash identifier: q6GrLFR9Jvk7SkT0Gz0aQLhMWCRoiLx7tXQ4Qt2xjP0=
Subject key identifier: 99:07:EE:60:38:5C:43:FB:8B:88:DF:13:B8:2F:2F:02:B4:F8:F2:7D
Certificate issuer: /CN=71051b0e2ce9a4c9e6121e983d165feab87ec354
Certificate serial: 01943B6149A26032A0C48687C1464A121B76
Authority key identifier: 71:05:1B:0E:2C:E9:A4:C9:E6:12:1E:98:3D:16:5F:EA:B8:7E:C3:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cQUbDizppMnmEh6YPRZf6rh-w1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/mQfuYDhcQ_uLiN8TuC8vArT48n0.roa
Signing time: Mon 06 Jan 2025 11:30:19 +0000
ROA not before: Mon 06 Jan 2025 11:30:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 81.92.80.0/24 maxlen: 24
81.92.81.0/24 maxlen: 24
81.92.84.0/24 maxlen: 24
81.92.85.0/24 maxlen: 24
81.92.86.0/24 maxlen: 24
81.92.87.0/24 maxlen: 24
81.92.88.0/24 maxlen: 24
81.92.89.0/24 maxlen: 24
81.92.90.0/24 maxlen: 24
81.92.91.0/24 maxlen: 24
81.92.94.0/24 maxlen: 24
81.92.95.0/24 maxlen: 24
152.89.172.0/24 maxlen: 24
152.89.174.0/24 maxlen: 24
185.65.56.0/24 maxlen: 24
185.65.58.0/24 maxlen: 24
2a01:c8::/48 maxlen: 48
2a01:c8:1::/48 maxlen: 48
2a01:c8:2::/48 maxlen: 48
2a01:c8:100::/48 maxlen: 48
2a01:c8:101::/48 maxlen: 48
2a01:c8:200::/48 maxlen: 48
2a01:c8:300::/48 maxlen: 48
2a01:c8:ff00::/48 maxlen: 48
2a09:35c0:102::/48 maxlen: 48
2a09:35c0:203::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/cQUbDizppMnmEh6YPRZf6rh-w1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/cQUbDizppMnmEh6YPRZf6rh-w1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/cQUbDizppMnmEh6YPRZf6rh-w1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3b:61:49:a2:60:32:a0:c4:86:87:c1:46:4a:12:1b:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71051b0e2ce9a4c9e6121e983d165feab87ec354
Validity
Not Before: Jan 6 11:30:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9907ee60385c43fb8b88df13b82f2f02b4f8f27d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:57:6a:85:8d:30:e5:c4:d1:94:f0:ab:71:2b:
d2:3f:41:83:46:5b:69:f8:54:d7:27:5e:b2:2d:75:
c0:88:0f:c4:75:b9:da:f0:0d:9f:3d:25:00:b1:6f:
88:dc:0d:8b:5f:49:4f:15:52:ac:fe:0b:87:96:92:
0f:6f:0b:ca:e9:18:02:1d:c5:32:f5:9f:53:91:78:
c5:a0:42:60:f5:e1:2d:4f:20:04:66:eb:5d:f6:a1:
75:8b:e7:40:74:1a:89:26:e8:eb:73:eb:78:10:14:
99:fe:53:22:ef:a3:f5:d1:98:b0:9f:ff:e7:02:d2:
bf:9b:fe:38:8f:48:e7:65:be:7b:c7:c5:67:96:79:
43:bc:50:ed:80:6f:57:c3:64:ce:99:ce:06:17:11:
78:86:b5:2c:75:f0:c0:45:79:d8:52:bc:1c:78:0f:
5a:11:ee:9f:c5:69:77:0b:96:b2:71:ae:da:02:86:
ac:59:95:b4:dc:cb:40:50:e8:98:d2:6c:20:67:9a:
14:e5:66:a0:1f:75:99:02:36:40:ee:df:62:81:14:
4d:ff:19:12:53:a2:8c:11:9f:7d:89:3d:b1:a4:c7:
40:1e:58:3e:3f:99:32:c6:5e:f5:b0:dc:c8:bb:35:
84:fc:d1:21:27:30:93:94:84:f9:89:6e:ea:f6:ad:
15:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:07:EE:60:38:5C:43:FB:8B:88:DF:13:B8:2F:2F:02:B4:F8:F2:7D
X509v3 Authority Key Identifier:
keyid:71:05:1B:0E:2C:E9:A4:C9:E6:12:1E:98:3D:16:5F:EA:B8:7E:C3:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cQUbDizppMnmEh6YPRZf6rh-w1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/mQfuYDhcQ_uLiN8TuC8vArT48n0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/cQUbDizppMnmEh6YPRZf6rh-w1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.92.80.0/23
81.92.84.0-81.92.91.255
81.92.94.0/23
152.89.172.0/24
152.89.174.0/24
185.65.56.0/24
185.65.58.0/24
IPv6:
2a01:c8::-2a01:c8:2:ffff:ffff:ffff:ffff:ffff
2a01:c8:100::/47
2a01:c8:200::/48
2a01:c8:300::/48
2a01:c8:ff00::/48
2a09:35c0:102::/48
2a09:35c0:203::/48
Signature Algorithm: sha256WithRSAEncryption
17:f5:1b:04:cf:b3:d4:f1:96:03:01:77:60:93:9c:b4:80:3d:
ab:46:69:0b:9c:80:db:4a:ec:03:c7:4e:27:20:51:e0:2d:85:
81:22:a4:ed:4a:7d:0e:c6:ec:2e:9f:05:bc:98:45:15:4b:56:
c5:59:e1:8f:8f:b6:51:42:d7:2e:ea:91:de:5a:6b:ca:98:6b:
56:de:b2:1f:b7:2f:e7:12:34:fa:13:86:7b:c5:33:33:c0:fd:
36:49:1a:ad:63:7b:45:e1:14:d6:6f:10:9c:47:39:e4:38:96:
17:9f:3d:9c:83:c5:d7:eb:fd:db:3d:43:d3:78:fa:50:1f:d2:
c0:6a:45:df:c2:c6:49:39:d8:bf:82:c8:fe:83:ef:da:77:b1:
98:8b:7d:73:b9:fc:ea:66:1e:f5:dc:20:84:59:5d:35:4f:ef:
8f:12:db:fe:29:30:e7:ef:bd:28:ce:13:a6:3e:7b:ba:a0:77:
15:ea:91:d1:2a:50:da:e1:c3:2a:ab:d8:3c:7d:09:19:05:d2:
dd:4d:6d:05:ac:95:bc:f7:a5:62:22:2a:3b:8a:4f:dd:46:bc:
06:d7:1b:6a:5a:17:22:be:3a:cb:cb:ca:f5:72:c5:1a:fc:1f:
74:32:cb:63:51:84:b5:db:6e:3a:16:85:59:60:65:41:a8:18:
2b:df:15:fa
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZQ7YUmiYDKgxIaHwUZKEht2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMDUxYjBlMmNlOWE0YzllNjEyMWU5ODNkMTY1ZmVhYjg3
ZWMzNTQwHhcNMjUwMTA2MTEzMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTA3ZWU2MDM4NWM0M2ZiOGI4OGRmMTNiODJmMmYwMmI0ZjhmMjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9FdqhY0w5cTRlPCrcSvSP0GDRltp
+FTXJ16yLXXAiA/Edbna8A2fPSUAsW+I3A2LX0lPFVKs/guHlpIPbwvK6RgCHcUy
9Z9TkXjFoEJg9eEtTyAEZutd9qF1i+dAdBqJJujrc+t4EBSZ/lMi76P10Ziwn//n
AtK/m/44j0jnZb57x8VnlnlDvFDtgG9Xw2TOmc4GFxF4hrUsdfDARXnYUrwceA9a
Ee6fxWl3C5ayca7aAoasWZW03MtAUOiY0mwgZ5oU5WagH3WZAjZA7t9igRRN/xkS
U6KMEZ99iT2xpMdAHlg+P5kyxl71sNzIuzWE/NEhJzCTlIT5iW7q9q0V8QIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFJkH7mA4XEP7i4jfE7gvLwK0+PJ9MB8GA1UdIwQY
MBaAFHEFGw4s6aTJ5hIemD0WX+q4fsNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1FVYkRpenBwTW5tRWg2WVBSWmY2cmgtdzFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9lNTE1ODMtZjU1Yy00OTNiLWI5NTAt
NzM2YWI4MzQ5NGFjLzEvbVFmdVlEaGNRX3VMaU44VHVDOHZBclQ0OG4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9lNTE1ODMtZjU1Yy00OTNiLWI5NTAtNzM2YWI4MzQ5NGFj
LzEvY1FVYkRpenBwTW5tRWg2WVBSWmY2cmgtdzFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijA4BAIAATAyAwQBUVxQ
MAwDBAJRXFQDBAJRXFgDBAFRXF4DBACYWawDBACYWa4DBAC5QTgDBAC5QTowTgQC
AAIwSDAQAwUDKgEAyAMHACoBAMgAAgMHASoBAMgBAAMHACoBAMgCAAMHACoBAMgD
AAMHACoBAMj/AAMHACoJNcABAgMHACoJNcACAzANBgkqhkiG9w0BAQsFAAOCAQEA
F/UbBM+z1PGWAwF3YJOctIA9q0ZpC5yA20rsA8dOJyBR4C2FgSKk7Up9DsbsLp8F
vJhFFUtWxVnhj4+2UULXLuqR3lpryphrVt6yH7cv5xI0+hOGe8UzM8D9NkkarWN7
ReEU1m8QnEc55DiWF589nIPF1+v92z1D03j6UB/SwGpF38LGSTnYv4LI/oPv2nex
mIt9c7n86mYe9dwghFldNU/vjxLb/ikw5++9KM4Tpj57uqB3FeqR0SpQ2uHDKqvY
PH0JGQXS3U1tBayVvPelYiIqO4pP3Ua8BtcbaloXIr46y8vK9XLFGvwfdDLLY1GE
tdtuOhaFWWBlQagYK98V+g==
-----END CERTIFICATE-----
Generated at Sat Apr 12 15:51:26 2025 by rpki-client