Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/9yJMSsETdxmERob21EjWbfoYJgA.roa
File: 9yJMSsETdxmERob21EjWbfoYJgA.roa (raw, json)
Hash identifier: THU7bTD3XgN3sT9z5T96RQGdDL0nWXBPbvvvurGuhZ0=
Subject key identifier: F7:22:4C:4A:C1:13:77:19:84:46:86:F6:D4:48:D6:6D:FA:18:26:00
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01941FFA3DE23C28F5214BD251A456D78345
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/9yJMSsETdxmERob21EjWbfoYJgA.roa
Signing time: Wed 01 Jan 2025 03:48:01 +0000
ROA not before: Wed 01 Jan 2025 03:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61139
IP address blocks: 86.106.129.0/24 maxlen: 24
86.106.130.0/24 maxlen: 24
89.39.126.0/23 maxlen: 23
93.113.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 12:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:3d:e2:3c:28:f5:21:4b:d2:51:a4:56:d7:83:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 03:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7224c4ac1137719844686f6d448d66dfa182600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:03:9c:8c:06:41:4f:6a:5c:9b:6c:d2:3c:f8:
38:31:fc:eb:6e:d0:04:0c:be:42:43:d5:b3:7f:cb:
8a:b4:30:92:34:e5:ed:b4:a3:46:25:d8:34:2f:22:
32:7a:cf:7c:c1:62:5a:35:cf:91:e7:f5:78:4e:31:
44:da:e4:1f:e5:87:0d:76:35:d2:9e:e4:88:90:c4:
41:f3:09:df:28:76:f0:53:33:72:2b:c2:91:60:8e:
df:28:77:f5:3d:11:dc:60:66:76:06:c0:bd:16:85:
4d:40:4f:93:d5:b1:b5:e3:1a:b7:08:0a:37:4f:70:
37:df:41:0b:06:e3:00:51:09:6d:a8:b3:2d:48:b7:
7e:dc:42:fe:c0:30:44:68:bf:32:40:51:2e:f3:e2:
7a:45:db:5a:a4:07:1a:8f:8f:a5:46:d4:24:c6:0e:
0c:6b:2d:a4:dd:20:1c:86:f0:41:4b:86:3b:19:76:
3d:2e:24:ac:e4:69:05:de:6f:25:4d:79:53:d5:3f:
f0:ea:29:56:7a:60:b8:1a:e6:eb:cf:f2:b9:21:0f:
e0:06:b3:3c:38:a9:7c:1f:3d:7a:80:e4:a3:72:df:
9b:de:cf:e8:81:94:fc:4b:f7:47:6c:e3:22:51:d5:
3c:36:78:7e:ec:fb:31:29:3a:a0:46:ac:f3:d5:3d:
a4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:22:4C:4A:C1:13:77:19:84:46:86:F6:D4:48:D6:6D:FA:18:26:00
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/9yJMSsETdxmERob21EjWbfoYJgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.129.0-86.106.130.255
89.39.126.0/23
93.113.34.0/24
Signature Algorithm: sha256WithRSAEncryption
42:ba:9f:72:6f:dd:5f:22:6d:6a:46:67:6e:da:61:bd:5f:b0:
47:61:3c:f9:07:94:f6:5c:ea:7b:e4:cf:70:91:f6:67:8e:ea:
b8:cd:26:59:85:c3:23:0c:0a:a8:fb:a5:6e:0c:4b:d4:20:b7:
da:01:39:44:71:a7:02:2e:1b:33:bd:86:b7:a4:d4:47:22:0f:
5b:0f:cc:04:76:df:f5:8b:4b:1c:29:47:8f:21:12:ec:00:2a:
70:17:ec:30:a3:db:ab:38:39:ec:e1:8b:08:6d:18:1c:ee:62:
e1:dd:01:65:02:05:88:25:e8:22:0a:cb:23:82:37:e2:0f:5a:
ff:ae:dd:f1:bd:d0:3d:71:ae:24:ea:68:a6:27:d4:00:39:40:
76:cf:a4:eb:bd:16:59:99:52:4a:df:b0:8d:81:3d:cd:4f:f0:
9f:af:3c:ab:50:08:67:f9:3a:4f:0c:0a:42:ed:0c:43:0a:4a:
b6:62:11:ec:d7:63:3b:69:37:e3:4f:cb:e7:bd:39:56:02:cd:
e6:7f:f3:b0:e9:bd:61:ea:cd:5b:96:15:bc:bc:5f:69:a7:a6:
02:5f:da:18:c2:80:88:37:82:a7:9e:80:a3:a8:3d:39:82:e6:
e0:c3:fe:33:84:36:58:6c:0c:d2:a5:57:57:66:b1:8f:2f:78:
a6:07:09:8a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQf+j3iPCj1IUvSUaRW14NFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjUwMTAxMDM0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzIyNGM0YWMxMTM3NzE5ODQ0Njg2ZjZkNDQ4ZDY2ZGZhMTgyNjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAOcjAZBT2pcm2zSPPg4MfzrbtAE
DL5CQ9Wzf8uKtDCSNOXttKNGJdg0LyIyes98wWJaNc+R5/V4TjFE2uQf5YcNdjXS
nuSIkMRB8wnfKHbwUzNyK8KRYI7fKHf1PRHcYGZ2BsC9FoVNQE+T1bG14xq3CAo3
T3A330ELBuMAUQltqLMtSLd+3EL+wDBEaL8yQFEu8+J6RdtapAcaj4+lRtQkxg4M
ay2k3SAchvBBS4Y7GXY9LiSs5GkF3m8lTXlT1T/w6ilWemC4Gubrz/K5IQ/gBrM8
OKl8Hz16gOSjct+b3s/ogZT8S/dHbOMiUdU8Nnh+7PsxKTqgRqzz1T2khQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPciTErBE3cZhEaG9tRI1m36GCYAMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvOXlKTVNzRVRkeG1FUm9iMjFFaldiZm9ZSmdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABWaoED
BABWaoIDBAFZJ34DBABdcSIwDQYJKoZIhvcNAQELBQADggEBAEK6n3Jv3V8ibWpG
Z27aYb1fsEdhPPkHlPZc6nvkz3CR9meO6rjNJlmFwyMMCqj7pW4MS9Qgt9oBOURx
pwIuGzO9hrek1EciD1sPzAR23/WLSxwpR48hEuwAKnAX7DCj26s4OezhiwhtGBzu
YuHdAWUCBYgl6CIKyyOCN+IPWv+u3fG90D1xriTqaKYn1AA5QHbPpOu9FlmZUkrf
sI2BPc1P8J+vPKtQCGf5Ok8MCkLtDEMKSrZiEezXYztpN+NPy+e9OVYCzeZ/87Dp
vWHqzVuWFby8X2mnpgJf2hjCgIg3gqeegKOoPTmC5uDD/jOENlhsDNKlV1dmsY8v
eKYHCYo=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:15:14 2025 by rpki-client