Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/95fe44-b039-4c93-b975-46ee99a1ee30/1/0ya4sfz42L60TJ0bcAyUqtENC28.roa
File: 0ya4sfz42L60TJ0bcAyUqtENC28.roa (raw, json)
Hash identifier: 8fugK/0QqnnO0V3k6nBzfLlx/GUIRpJ1ovogrf7zS2I=
Subject key identifier: D3:26:B8:B1:FC:F8:D8:BE:B4:4C:9D:1B:70:0C:94:AA:D1:0D:0B:6F
Certificate issuer: /CN=0054882401b0724864a8cccbaeafe42c85240456
Certificate serial: 01942747EC4D7B919229BE354D1EE68E36CF
Authority key identifier: 00:54:88:24:01:B0:72:48:64:A8:CC:CB:AE:AF:E4:2C:85:24:04:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AFSIJAGwckhkqMzLrq_kLIUkBFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/95fe44-b039-4c93-b975-46ee99a1ee30/1/0ya4sfz42L60TJ0bcAyUqtENC28.roa
Signing time: Thu 02 Jan 2025 13:50:12 +0000
ROA not before: Thu 02 Jan 2025 13:50:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201863
IP address blocks: 89.207.12.0/24 maxlen: 24
89.207.13.0/24 maxlen: 24
89.207.14.0/24 maxlen: 24
89.207.15.0/24 maxlen: 24
185.32.12.0/24 maxlen: 24
185.32.13.0/24 maxlen: 24
185.32.14.0/24 maxlen: 24
185.32.15.0/24 maxlen: 24
185.187.184.0/24 maxlen: 24
185.187.185.0/24 maxlen: 24
185.187.186.0/24 maxlen: 24
185.187.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/95fe44-b039-4c93-b975-46ee99a1ee30/1/AFSIJAGwckhkqMzLrq_kLIUkBFY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/95fe44-b039-4c93-b975-46ee99a1ee30/1/AFSIJAGwckhkqMzLrq_kLIUkBFY.mft
rsync://rpki.ripe.net/repository/DEFAULT/AFSIJAGwckhkqMzLrq_kLIUkBFY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 07:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:ec:4d:7b:91:92:29:be:35:4d:1e:e6:8e:36:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0054882401b0724864a8cccbaeafe42c85240456
Validity
Not Before: Jan 2 13:50:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d326b8b1fcf8d8beb44c9d1b700c94aad10d0b6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:06:50:07:3b:32:be:8d:bc:7f:e6:c1:50:67:
1b:4c:0d:21:af:2f:33:f4:7e:59:ab:20:6d:b6:75:
5c:d4:5c:fe:99:7d:ab:3f:8d:74:18:48:91:4d:3f:
1d:54:a3:28:a1:e1:74:db:3b:76:16:c1:2d:0c:f5:
33:93:ec:74:a4:47:6b:db:59:f7:95:a4:b6:35:5e:
7c:8c:27:0c:68:e1:cc:86:db:8e:33:6a:20:c5:46:
3c:f7:66:04:ea:50:6e:4f:04:d4:55:a2:9b:cd:67:
48:c5:c9:5d:97:f0:16:ba:8c:6b:53:14:5d:14:0b:
2d:52:0f:29:0d:ee:6b:b5:4f:cd:7a:51:8e:c7:14:
9a:73:cf:c7:86:7c:cf:62:b0:bd:ab:28:2b:70:97:
ed:79:97:2d:de:4c:3e:05:dd:b4:fd:48:df:61:68:
c7:fb:d9:2b:ec:68:80:61:97:50:61:53:f0:98:d4:
2d:39:83:65:c7:01:b5:95:76:29:c0:16:88:2d:9d:
91:32:c8:e3:23:df:1a:b0:a7:7b:9a:a9:59:0f:53:
72:cf:e1:9b:cd:20:1c:b4:0d:43:10:c1:a6:26:13:
b3:dc:fe:e6:f4:81:a1:55:09:75:3f:8d:ff:d8:e9:
f5:52:dc:02:94:0e:f1:7e:01:6f:d2:1b:4f:f6:5e:
da:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:26:B8:B1:FC:F8:D8:BE:B4:4C:9D:1B:70:0C:94:AA:D1:0D:0B:6F
X509v3 Authority Key Identifier:
keyid:00:54:88:24:01:B0:72:48:64:A8:CC:CB:AE:AF:E4:2C:85:24:04:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AFSIJAGwckhkqMzLrq_kLIUkBFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/95fe44-b039-4c93-b975-46ee99a1ee30/1/0ya4sfz42L60TJ0bcAyUqtENC28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/95fe44-b039-4c93-b975-46ee99a1ee30/1/AFSIJAGwckhkqMzLrq_kLIUkBFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.12.0/22
185.32.12.0/22
185.187.184.0/22
Signature Algorithm: sha256WithRSAEncryption
00:ae:37:e8:b9:bc:67:f4:85:72:3f:fb:36:1c:9c:43:db:8c:
db:66:4b:31:23:41:92:28:28:13:2e:bb:59:e3:51:1d:23:43:
a2:e9:68:5e:8c:21:6e:b4:63:94:af:a2:e9:a8:06:fb:30:b9:
cc:15:7c:f4:55:e7:fd:e6:f7:9f:5c:fa:23:cf:bd:8d:b9:79:
74:08:68:ee:d5:6f:27:37:26:b8:f8:65:00:ab:18:cb:91:08:
4d:6d:11:9f:6d:6c:e9:4b:4f:4f:2f:d9:1c:4f:1e:48:26:d5:
67:9a:51:31:11:54:ec:15:a4:69:96:ac:38:15:87:e0:0e:d1:
f8:4e:c5:c9:b6:cd:c1:05:b8:9a:1c:4e:e2:fd:db:df:f7:f3:
01:d2:a3:3b:64:44:63:a5:fb:a1:92:c7:44:36:23:a9:c6:bf:
ec:72:59:f4:6f:d2:6f:bf:16:1d:fd:37:95:e2:24:60:5f:29:
0e:5d:f4:97:98:9f:e6:8d:7a:73:f2:96:6f:1e:0c:3d:1e:81:
5a:75:39:e1:de:81:fb:4c:86:53:32:89:18:96:65:dc:1f:e9:
6d:33:a5:67:6d:24:ec:5f:e6:84:54:f5:3b:40:2f:90:19:b3:
23:9a:ab:53:7b:7d:86:c0:c4:4b:85:9a:87:d7:3c:cc:a0:31:
d8:25:d6:80
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnR+xNe5GSKb41TR7mjjbPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNTQ4ODI0MDFiMDcyNDg2NGE4Y2NjYmFlYWZlNDJjODUy
NDA0NTYwHhcNMjUwMTAyMTM1MDEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzI2YjhiMWZjZjhkOGJlYjQ0YzlkMWI3MDBjOTRhYWQxMGQwYjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAZQBzsyvo28f+bBUGcbTA0hry8z
9H5ZqyBttnVc1Fz+mX2rP410GEiRTT8dVKMooeF02zt2FsEtDPUzk+x0pEdr21n3
laS2NV58jCcMaOHMhtuOM2ogxUY892YE6lBuTwTUVaKbzWdIxcldl/AWuoxrUxRd
FAstUg8pDe5rtU/NelGOxxSac8/HhnzPYrC9qygrcJfteZct3kw+Bd20/UjfYWjH
+9kr7GiAYZdQYVPwmNQtOYNlxwG1lXYpwBaILZ2RMsjjI98asKd7mqlZD1Nyz+Gb
zSActA1DEMGmJhOz3P7m9IGhVQl1P43/2On1UtwClA7xfgFv0htP9l7aSwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNMmuLH8+Ni+tEydG3AMlKrRDQtvMB8GA1UdIwQY
MBaAFABUiCQBsHJIZKjMy66v5CyFJARWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZTSUpBR3dja2hrcU16THJxX2tMSVVrQkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85NWZlNDQtYjAzOS00YzkzLWI5NzUt
NDZlZTk5YTFlZTMwLzEvMHlhNHNmejQyTDYwVEowYmNBeVVxdEVOQzI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85NWZlNDQtYjAzOS00YzkzLWI5NzUtNDZlZTk5YTFlZTMw
LzEvQUZTSUpBR3dja2hrcU16THJxX2tMSVVrQkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWc8MAwQC
uSAMAwQCubu4MA0GCSqGSIb3DQEBCwUAA4IBAQAArjfoubxn9IVyP/s2HJxD24zb
ZksxI0GSKCgTLrtZ41EdI0Oi6WhejCFutGOUr6LpqAb7MLnMFXz0Vef95vefXPoj
z72NuXl0CGju1W8nNya4+GUAqxjLkQhNbRGfbWzpS09PL9kcTx5IJtVnmlExEVTs
FaRplqw4FYfgDtH4TsXJts3BBbiaHE7i/dvf9/MB0qM7ZERjpfuhksdENiOpxr/s
cln0b9JvvxYd/TeV4iRgXykOXfSXmJ/mjXpz8pZvHgw9HoFadTnh3oH7TIZTMokY
lmXcH+ltM6VnbSTsX+aEVPU7QC+QGbMjmqtTe32GwMRLhZqH1zzMoDHYJdaA
-----END CERTIFICATE-----
Generated at Tue Apr 15 14:10:28 2025 by rpki-client