Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/rbSVHILo7KFdyfKkJiVN3ULREeA.roa
File: rbSVHILo7KFdyfKkJiVN3ULREeA.roa (raw, json)
Hash identifier: +QOKE2skzry0xtqfIBGKUWUhJ09lXvKf9/a8XMywLNU=
Subject key identifier: AD:B4:95:1C:82:E8:EC:A1:5D:C9:F2:A4:26:25:4D:DD:42:D1:11:E0
Certificate issuer: /CN=c1acf260d23263a7c6bb6c59c19eebc6759b60be
Certificate serial: 0194252237A2D274FEE85E3A69D5D56A6196
Authority key identifier: C1:AC:F2:60:D2:32:63:A7:C6:BB:6C:59:C1:9E:EB:C6:75:9B:60:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wazyYNIyY6fGu2xZwZ7rxnWbYL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/rbSVHILo7KFdyfKkJiVN3ULREeA.roa
Signing time: Thu 02 Jan 2025 03:49:46 +0000
ROA not before: Thu 02 Jan 2025 03:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5466
IP address blocks: 89.204.208.0/20 maxlen: 20
95.83.240.0/21 maxlen: 21
185.61.0.0/22 maxlen: 22
213.191.224.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/wazyYNIyY6fGu2xZwZ7rxnWbYL4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/wazyYNIyY6fGu2xZwZ7rxnWbYL4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wazyYNIyY6fGu2xZwZ7rxnWbYL4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:37:a2:d2:74:fe:e8:5e:3a:69:d5:d5:6a:61:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1acf260d23263a7c6bb6c59c19eebc6759b60be
Validity
Not Before: Jan 2 03:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=adb4951c82e8eca15dc9f2a426254ddd42d111e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bb:b2:32:14:36:ab:12:7c:2a:f8:00:bf:1c:
a0:b4:f0:9f:0a:b6:0e:e5:5a:33:70:75:dd:ef:0d:
5c:b4:79:ad:85:bc:56:2a:2d:a5:90:0c:58:7a:48:
1a:90:3f:4b:01:61:54:82:d5:f3:55:bf:1b:19:fe:
a4:23:86:ec:39:ca:69:3c:a3:2a:68:73:9b:21:42:
a5:41:01:9d:82:c2:3a:61:2f:53:6e:99:16:3c:fc:
6c:70:8d:16:8a:23:2c:a8:f1:19:94:2c:86:e6:d2:
48:9c:f1:09:4e:cb:0e:a2:84:e9:0e:77:8b:0c:a5:
cf:a2:08:da:5c:e1:0f:e4:15:b1:65:ed:e7:f8:96:
17:e4:20:f3:99:76:54:93:bf:14:d7:8e:8b:6f:aa:
36:3f:bd:a5:60:62:eb:98:66:0e:88:af:70:e0:c2:
ce:14:0f:de:3c:39:e5:6a:30:36:a0:b1:8f:f8:d6:
9f:ee:f0:5d:75:78:7d:bf:0b:ed:4a:84:ed:a4:74:
0a:0f:6d:7b:44:d1:37:76:ad:ae:a9:c2:33:e3:59:
91:81:d0:85:17:0c:44:67:af:d9:07:4a:6c:19:15:
a2:24:06:6f:88:ec:81:bf:38:7b:a7:90:ee:7c:50:
a4:35:f7:4e:82:e2:ec:04:f0:2a:5c:57:94:84:03:
55:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:B4:95:1C:82:E8:EC:A1:5D:C9:F2:A4:26:25:4D:DD:42:D1:11:E0
X509v3 Authority Key Identifier:
keyid:C1:AC:F2:60:D2:32:63:A7:C6:BB:6C:59:C1:9E:EB:C6:75:9B:60:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wazyYNIyY6fGu2xZwZ7rxnWbYL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/rbSVHILo7KFdyfKkJiVN3ULREeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/wazyYNIyY6fGu2xZwZ7rxnWbYL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.204.208.0/20
95.83.240.0/21
185.61.0.0/22
213.191.224.0/21
Signature Algorithm: sha256WithRSAEncryption
19:79:7e:62:b1:5a:c1:8f:5d:3c:3b:35:b4:cf:b9:de:38:a5:
e5:79:1a:fc:fa:3f:d9:9a:ae:44:b8:b1:28:35:19:c4:a5:24:
a9:c8:e6:2e:49:a8:71:ba:de:ff:3a:05:0d:e2:8d:0c:1c:d1:
26:95:4c:8c:29:6a:73:8a:ab:ca:2f:92:49:da:47:30:76:10:
9d:24:38:23:9c:7c:f4:4e:61:d6:ec:56:0d:ba:aa:1f:e6:68:
17:d4:7e:da:b0:f3:51:0d:e8:0e:22:8f:db:a3:14:3d:a8:f9:
2a:43:bf:4d:6b:dc:47:00:80:a5:67:27:b2:a5:8e:41:47:97:
2a:42:59:e3:f4:94:6a:5d:cc:e2:87:b8:b8:e3:8c:aa:17:de:
4a:0f:c7:46:12:6b:e2:f1:05:d2:2e:b6:94:39:ce:8e:ca:ab:
ea:69:26:29:db:7f:d9:d2:7f:89:83:d2:5f:74:f5:44:7a:fa:
54:93:26:91:2d:8e:90:86:b6:fa:73:c0:48:91:29:81:62:3f:
d3:67:ba:7b:ea:54:f5:d1:a6:e3:a5:d4:be:f5:d1:78:fb:07:
a9:f0:00:cb:c1:78:c4:46:d8:be:77:9c:da:68:f5:51:2a:c9:
93:7e:7a:99:0f:2a:ad:a2:1c:80:04:f1:6d:33:d2:d5:8c:07:
e6:1e:4e:13
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQlIjei0nT+6F46adXVamGWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYWNmMjYwZDIzMjYzYTdjNmJiNmM1OWMxOWVlYmM2NzU5
YjYwYmUwHhcNMjUwMTAyMDM0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGI0OTUxYzgyZThlY2ExNWRjOWYyYTQyNjI1NGRkZDQyZDExMWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7uyMhQ2qxJ8KvgAvxygtPCfCrYO
5VozcHXd7w1ctHmthbxWKi2lkAxYekgakD9LAWFUgtXzVb8bGf6kI4bsOcppPKMq
aHObIUKlQQGdgsI6YS9TbpkWPPxscI0WiiMsqPEZlCyG5tJInPEJTssOooTpDneL
DKXPogjaXOEP5BWxZe3n+JYX5CDzmXZUk78U146Lb6o2P72lYGLrmGYOiK9w4MLO
FA/ePDnlajA2oLGP+Naf7vBddXh9vwvtSoTtpHQKD217RNE3dq2uqcIz41mRgdCF
FwxEZ6/ZB0psGRWiJAZviOyBvzh7p5DufFCkNfdOguLsBPAqXFeUhANVrQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK20lRyC6OyhXcnypCYlTd1C0RHgMB8GA1UdIwQY
MBaAFMGs8mDSMmOnxrtsWcGe68Z1m2C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2F6eVlOSXlZNmZHdTJ4WndaN3J4bldiWUw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9kMGMxN2EtMTliNy00MTQyLWI5NDEt
ZmZkNjQ2ZDA1ZjY3LzEvcmJTVkhJTG83S0ZkeWZLa0ppVk4zVUxSRWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9kMGMxN2EtMTliNy00MTQyLWI5NDEtZmZkNjQ2ZDA1ZjY3
LzEvd2F6eVlOSXlZNmZHdTJ4WndaN3J4bldiWUw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEWczQAwQD
X1PwAwQCuT0AAwQD1b/gMA0GCSqGSIb3DQEBCwUAA4IBAQAZeX5isVrBj108OzW0
z7neOKXleRr8+j/Zmq5EuLEoNRnEpSSpyOYuSahxut7/OgUN4o0MHNEmlUyMKWpz
iqvKL5JJ2kcwdhCdJDgjnHz0TmHW7FYNuqof5mgX1H7asPNRDegOIo/boxQ9qPkq
Q79Na9xHAIClZyeypY5BR5cqQlnj9JRqXczih7i444yqF95KD8dGEmvi8QXSLraU
Oc6OyqvqaSYp23/Z0n+Jg9JfdPVEevpUkyaRLY6Qhrb6c8BIkSmBYj/TZ7p76lT1
0abjpdS+9dF4+wep8ADLwXjERti+d5zaaPVRKsmTfnqZDyqtohyABPFtM9LVjAfm
Hk4T
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:36:58 2025 by rpki-client