Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/OmRK258WRmdVFaT1b4UKAJEmXF8.roa
File: OmRK258WRmdVFaT1b4UKAJEmXF8.roa (raw, json)
Hash identifier: S9zpMDpc5tR1fodrfsOibu5FLjUO5h2bsiNgqTRPaIQ=
Subject key identifier: 3A:64:4A:DB:9F:16:46:67:55:15:A4:F5:6F:85:0A:00:91:26:5C:5F
Certificate issuer: /CN=ca290db2f72905f0db626b005bacf08878d17bac
Certificate serial: 01942444BF0C7577C12EC314003D58F9E709
Authority key identifier: CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/OmRK258WRmdVFaT1b4UKAJEmXF8.roa
Signing time: Wed 01 Jan 2025 23:47:52 +0000
ROA not before: Wed 01 Jan 2025 23:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34549
IP address blocks: 89.37.101.0/24 maxlen: 24
89.47.58.0/24 maxlen: 24
185.131.52.0/24 maxlen: 24
188.241.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.mft
rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:bf:0c:75:77:c1:2e:c3:14:00:3d:58:f9:e7:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca290db2f72905f0db626b005bacf08878d17bac
Validity
Not Before: Jan 1 23:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a644adb9f1646675515a4f56f850a0091265c5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fb:30:36:1e:79:1f:40:5f:57:ba:2d:0d:98:
09:ba:ff:b2:8b:6d:90:d8:9a:e3:08:76:f6:7a:c7:
dc:d0:90:a6:99:8f:99:0f:f7:b5:0a:bb:db:0d:84:
7f:ae:46:d8:6a:f6:ef:9b:3a:25:61:f8:a7:14:0a:
3f:1a:9d:a9:c4:f8:1a:24:f0:bb:c2:0e:f8:83:ca:
68:cc:fc:c7:04:4d:e5:b3:e3:7a:44:8e:4c:03:34:
8f:7c:62:9e:00:8e:57:22:69:50:ba:0e:34:95:a0:
8e:17:83:3c:52:0f:ca:01:d6:55:f1:82:c6:d3:e5:
bc:94:2c:f8:00:af:5e:9a:71:9b:08:1d:d4:f1:e4:
36:2f:93:b7:ff:06:9e:d6:1b:d7:a8:80:14:bc:38:
6f:71:7b:62:e7:df:cf:19:ae:0b:5a:c0:6e:47:3a:
31:02:c5:5f:fd:25:91:ae:9a:2b:8c:90:e1:a4:a3:
8e:c1:01:d1:71:f1:6c:06:98:8f:4a:c9:a6:c4:29:
2a:65:6b:69:43:2b:33:60:cb:06:42:52:d2:7f:2d:
37:42:0c:31:b7:78:3c:d9:13:0c:f5:c4:d4:99:99:
ec:d6:82:9e:94:11:a2:c4:88:33:b6:83:30:5a:6a:
4c:74:52:35:c8:17:eb:f5:d3:c1:81:9a:b2:cb:8a:
78:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:64:4A:DB:9F:16:46:67:55:15:A4:F5:6F:85:0A:00:91:26:5C:5F
X509v3 Authority Key Identifier:
keyid:CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/OmRK258WRmdVFaT1b4UKAJEmXF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.101.0/24
89.47.58.0/24
185.131.52.0/24
188.241.187.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:a4:45:c1:84:95:7f:d9:1e:e5:96:1f:fe:1b:21:5a:4a:1f:
68:a6:51:80:7d:c5:52:0c:64:1f:41:b4:f2:a8:04:db:e0:76:
9e:94:a2:7c:cc:e9:c8:a4:5c:4c:af:e6:2e:2b:09:2f:70:25:
f5:c5:53:6d:5e:1f:ca:cd:03:c0:c5:28:fa:3e:ee:28:a6:b0:
9d:6d:b7:3e:ca:28:50:c0:a6:bd:e3:09:f0:1c:2b:c7:da:b3:
98:8e:56:f8:ec:42:2c:78:3f:c5:df:04:51:6c:03:5c:a5:a4:
25:a6:1f:17:f1:97:52:9f:ab:3c:ea:7e:99:05:9f:79:bb:8b:
4c:69:47:36:1f:b7:02:e1:10:0d:c2:7c:41:57:5d:7f:ea:5b:
06:9b:fb:53:11:43:6d:49:20:bf:82:5e:03:e7:b3:dd:86:7b:
17:a7:7d:93:9d:28:ac:4b:58:c0:08:24:aa:0b:07:15:34:7a:
49:c0:5e:77:31:2b:95:b8:8c:9b:89:26:61:61:8d:b1:3c:75:
08:39:a3:65:76:72:54:d4:cf:fd:87:54:62:ba:fa:e4:8d:1b:
03:f9:5c:a6:69:1d:c1:b3:16:30:7e:03:6d:76:42:e2:04:e8:
7c:c5:cc:1c:c4:bc:90:18:8d:8b:37:6f:d7:d9:08:bd:d3:46:
55:b3:1f:33
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQkRL8MdXfBLsMUAD1Y+ecJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjkwZGIyZjcyOTA1ZjBkYjYyNmIwMDViYWNmMDg4Nzhk
MTdiYWMwHhcNMjUwMTAxMjM0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTY0NGFkYjlmMTY0NjY3NTUxNWE0ZjU2Zjg1MGEwMDkxMjY1YzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvswNh55H0BfV7otDZgJuv+yi22Q
2JrjCHb2esfc0JCmmY+ZD/e1CrvbDYR/rkbYavbvmzolYfinFAo/Gp2pxPgaJPC7
wg74g8pozPzHBE3ls+N6RI5MAzSPfGKeAI5XImlQug40laCOF4M8Ug/KAdZV8YLG
0+W8lCz4AK9emnGbCB3U8eQ2L5O3/wae1hvXqIAUvDhvcXti59/PGa4LWsBuRzox
AsVf/SWRrporjJDhpKOOwQHRcfFsBpiPSsmmxCkqZWtpQyszYMsGQlLSfy03Qgwx
t3g82RMM9cTUmZns1oKelBGixIgztoMwWmpMdFI1yBfr9dPBgZqyy4p4LQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDpkStufFkZnVRWk9W+FCgCRJlxfMB8GA1UdIwQY
MBaAFMopDbL3KQXw22JrAFus8Ih40XusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQt
N2Y0MzViZjU1MDFjLzEvT21SSzI1OFdSbWRWRmFUMWI0VUtBSkVtWEY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQtN2Y0MzViZjU1MDFj
LzEveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSVlAwQA
WS86AwQAuYM0AwQAvPG7MA0GCSqGSIb3DQEBCwUAA4IBAQCgpEXBhJV/2R7llh/+
GyFaSh9oplGAfcVSDGQfQbTyqATb4HaelKJ8zOnIpFxMr+YuKwkvcCX1xVNtXh/K
zQPAxSj6Pu4oprCdbbc+yihQwKa94wnwHCvH2rOYjlb47EIseD/F3wRRbANcpaQl
ph8X8ZdSn6s86n6ZBZ95u4tMaUc2H7cC4RANwnxBV11/6lsGm/tTEUNtSSC/gl4D
57PdhnsXp32TnSisS1jACCSqCwcVNHpJwF53MSuVuIybiSZhYY2xPHUIOaNldnJU
1M/9h1RiuvrkjRsD+VymaR3BsxYwfgNtdkLiBOh8xcwcxLyQGI2LN2/X2Qi900ZV
sx8z
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:19 2025 by rpki-client