Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/Ypy0H2Bsr39UgswuoV5q1-sR_N4.roa
File: Ypy0H2Bsr39UgswuoV5q1-sR_N4.roa (raw, json)
Hash identifier: pHbM4Rba/93pouqqIiXpHU4F3MQUwXB/YNEqfbXWHBc=
Subject key identifier: 62:9C:B4:1F:60:6C:AF:7F:54:82:CC:2E:A1:5E:6A:D7:EB:11:FC:DE
Certificate issuer: /CN=d894365b28a082834a751a97771b791124524dec
Certificate serial: 0194221FDA266D3902CB228B2EFE6605471C
Authority key identifier: D8:94:36:5B:28:A0:82:83:4A:75:1A:97:77:1B:79:11:24:52:4D:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JQ2WyiggoNKdRqXdxt5ESRSTew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/Ypy0H2Bsr39UgswuoV5q1-sR_N4.roa
Signing time: Wed 01 Jan 2025 13:48:20 +0000
ROA not before: Wed 01 Jan 2025 13:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41107
IP address blocks: 91.108.160.0/21 maxlen: 21
109.68.196.0/22 maxlen: 22
159.253.160.0/21 maxlen: 21
159.253.160.0/22 maxlen: 22
159.253.164.0/22 maxlen: 22
185.31.152.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/2JQ2WyiggoNKdRqXdxt5ESRSTew.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/2JQ2WyiggoNKdRqXdxt5ESRSTew.mft
rsync://rpki.ripe.net/repository/DEFAULT/2JQ2WyiggoNKdRqXdxt5ESRSTew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:da:26:6d:39:02:cb:22:8b:2e:fe:66:05:47:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d894365b28a082834a751a97771b791124524dec
Validity
Not Before: Jan 1 13:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=629cb41f606caf7f5482cc2ea15e6ad7eb11fcde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:98:4d:86:da:a1:6e:45:83:c5:2f:58:1f:34:
7a:d8:58:5b:00:c9:8d:52:97:07:66:eb:06:fb:9e:
64:87:87:ff:6b:45:bd:5a:df:6c:4e:6d:aa:59:c3:
3c:51:67:d3:f6:eb:fc:1d:73:ba:c9:b7:57:ad:96:
04:cf:48:3a:85:10:ec:1f:35:5a:17:d2:fc:46:9f:
61:2b:19:c3:6b:c7:90:df:68:04:9b:4e:fd:4a:24:
19:ac:49:e7:79:49:e4:04:41:f7:88:3f:86:90:00:
3f:76:65:96:19:92:fd:06:e7:b8:51:ad:dc:cb:62:
16:83:bf:3f:2d:63:9a:19:99:30:af:8a:15:6b:e6:
35:b2:b7:3d:d6:df:15:d8:41:f4:c4:7b:fb:0d:72:
eb:ae:72:66:08:e0:60:5e:8b:1d:f4:b4:35:78:82:
56:32:9a:2d:76:a3:60:e9:1b:ec:bf:9b:1c:e0:2f:
5e:f0:a1:ba:3f:c6:1f:40:b9:8d:76:97:24:b3:19:
7c:66:a6:50:3a:93:3d:d9:d4:dd:a6:20:16:5e:2f:
37:5f:bb:a0:32:fb:25:ed:13:0f:14:f8:6c:ee:02:
19:c4:84:a7:95:75:21:56:10:bd:23:bc:ad:0d:d9:
23:ee:49:69:6d:0e:49:d3:37:d9:36:c9:5f:8c:02:
9b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:9C:B4:1F:60:6C:AF:7F:54:82:CC:2E:A1:5E:6A:D7:EB:11:FC:DE
X509v3 Authority Key Identifier:
keyid:D8:94:36:5B:28:A0:82:83:4A:75:1A:97:77:1B:79:11:24:52:4D:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JQ2WyiggoNKdRqXdxt5ESRSTew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/Ypy0H2Bsr39UgswuoV5q1-sR_N4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/2JQ2WyiggoNKdRqXdxt5ESRSTew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.160.0/21
109.68.196.0/22
159.253.160.0/21
185.31.152.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:88:06:68:0f:19:7a:bd:6c:36:ac:7c:36:fd:45:26:4b:6a:
36:1e:1b:68:49:eb:4b:f0:f4:d9:59:64:fe:b1:53:23:43:ac:
0e:33:a8:09:31:2c:0f:64:08:67:5c:ee:aa:dd:ad:6c:06:0b:
51:e2:11:2c:a9:ea:20:94:43:e3:00:08:57:ae:ee:ee:64:0d:
64:49:f9:f3:ef:20:47:bb:1e:13:ee:66:9b:20:63:0b:be:44:
b7:45:b5:ae:f1:25:3d:cf:55:90:d1:1a:10:6f:5a:af:76:78:
21:f5:58:ce:e9:59:fc:59:0c:d2:ed:27:d3:d6:de:7a:93:19:
f1:99:7f:83:b8:93:07:5e:9f:a5:38:f2:33:02:90:3d:84:58:
8e:07:d3:4b:0a:14:0a:43:45:dd:9d:14:c8:0e:96:9e:e1:b5:
52:57:da:81:9f:e8:74:37:b2:27:27:23:37:c4:ce:c3:07:f9:
85:76:da:06:89:32:50:78:4e:ac:12:84:84:5a:05:6d:80:c3:
b9:63:7e:9d:03:3d:25:7d:d3:76:1c:ed:16:2b:1b:44:1e:6e:
d5:ed:79:7d:61:45:85:d0:08:df:35:61:c1:76:f5:c9:6c:86:
3c:dd:52:d1:a4:07:b1:80:c7:8c:fe:50:3c:26:73:20:0a:fc:
a3:17:40:62
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQiH9ombTkCyyKLLv5mBUccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OTQzNjViMjhhMDgyODM0YTc1MWE5Nzc3MWI3OTExMjQ1
MjRkZWMwHhcNMjUwMTAxMTM0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjljYjQxZjYwNmNhZjdmNTQ4MmNjMmVhMTVlNmFkN2ViMTFmY2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsphNhtqhbkWDxS9YHzR62FhbAMmN
UpcHZusG+55kh4f/a0W9Wt9sTm2qWcM8UWfT9uv8HXO6ybdXrZYEz0g6hRDsHzVa
F9L8Rp9hKxnDa8eQ32gEm079SiQZrEnneUnkBEH3iD+GkAA/dmWWGZL9Bue4Ua3c
y2IWg78/LWOaGZkwr4oVa+Y1src91t8V2EH0xHv7DXLrrnJmCOBgXosd9LQ1eIJW
MpotdqNg6Rvsv5sc4C9e8KG6P8YfQLmNdpcksxl8ZqZQOpM92dTdpiAWXi83X7ug
Mvsl7RMPFPhs7gIZxISnlXUhVhC9I7ytDdkj7klpbQ5J0zfZNslfjAKb4QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGKctB9gbK9/VILMLqFeatfrEfzeMB8GA1UdIwQY
MBaAFNiUNlsooIKDSnUal3cbeREkUk3sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkpRMld5aWdnb05LZFJxWGR4dDVFU1JTVGV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9hNjA3ZjQtMTVkYy00ZGI1LTk2MDEt
MjE0NjE3OWQ4ZTJiLzEvWXB5MEgyQnNyMzlVZ3N3dW9WNXExLXNSX040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9hNjA3ZjQtMTVkYy00ZGI1LTk2MDEtMjE0NjE3OWQ4ZTJi
LzEvMkpRMld5aWdnb05LZFJxWGR4dDVFU1JTVGV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDW2ygAwQC
bUTEAwQDn/2gAwQCuR+YMA0GCSqGSIb3DQEBCwUAA4IBAQAciAZoDxl6vWw2rHw2
/UUmS2o2HhtoSetL8PTZWWT+sVMjQ6wOM6gJMSwPZAhnXO6q3a1sBgtR4hEsqeog
lEPjAAhXru7uZA1kSfnz7yBHux4T7mabIGMLvkS3RbWu8SU9z1WQ0RoQb1qvdngh
9VjO6Vn8WQzS7SfT1t56kxnxmX+DuJMHXp+lOPIzApA9hFiOB9NLChQKQ0XdnRTI
Dpae4bVSV9qBn+h0N7InJyM3xM7DB/mFdtoGiTJQeE6sEoSEWgVtgMO5Y36dAz0l
fdN2HO0WKxtEHm7V7Xl9YUWF0AjfNWHBdvXJbIY83VLRpAexgMeM/lA8JnMgCvyj
F0Bi
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:58:18 2025 by rpki-client