Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/f6f508-4b3e-422d-8fbc-1a2abda1a9e5/1/8sYphYrrmRM_ErwAJ8gqIzEpDGo.roa
File: 8sYphYrrmRM_ErwAJ8gqIzEpDGo.roa (raw, json)
Hash identifier: rt/OwZDBbcaVJA7rLlh63ti0IkxjXIhkThQceeCTgkI=
Subject key identifier: F2:C6:29:85:8A:EB:99:13:3F:12:BC:00:27:C8:2A:23:31:29:0C:6A
Certificate issuer: /CN=817cb14ce4014ac3269d70eeea89c87055b176f1
Certificate serial: 019422FB93E94522446D534E80240E063C02
Authority key identifier: 81:7C:B1:4C:E4:01:4A:C3:26:9D:70:EE:EA:89:C8:70:55:B1:76:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gXyxTOQBSsMmnXDu6onIcFWxdvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/f6f508-4b3e-422d-8fbc-1a2abda1a9e5/1/8sYphYrrmRM_ErwAJ8gqIzEpDGo.roa
Signing time: Wed 01 Jan 2025 17:48:20 +0000
ROA not before: Wed 01 Jan 2025 17:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42244
IP address blocks: 91.189.80.0/23 maxlen: 23
91.189.82.0/24 maxlen: 24
91.189.84.0/23 maxlen: 23
91.189.86.0/23 maxlen: 23
178.218.208.0/23 maxlen: 23
178.218.210.0/23 maxlen: 23
178.218.212.0/22 maxlen: 22
178.218.216.0/23 maxlen: 23
178.218.218.0/24 maxlen: 24
178.218.220.0/23 maxlen: 23
178.218.222.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/f6f508-4b3e-422d-8fbc-1a2abda1a9e5/1/gXyxTOQBSsMmnXDu6onIcFWxdvE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/f6f508-4b3e-422d-8fbc-1a2abda1a9e5/1/gXyxTOQBSsMmnXDu6onIcFWxdvE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gXyxTOQBSsMmnXDu6onIcFWxdvE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:93:e9:45:22:44:6d:53:4e:80:24:0e:06:3c:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=817cb14ce4014ac3269d70eeea89c87055b176f1
Validity
Not Before: Jan 1 17:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2c629858aeb99133f12bc0027c82a2331290c6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cc:32:cf:f8:ca:33:39:f2:3b:98:f1:59:62:
f8:37:bb:cb:10:16:75:98:89:e4:51:f1:37:c4:6a:
36:69:05:d2:57:a3:02:1c:68:ac:9f:28:89:cc:7b:
77:ae:22:7d:56:e5:c2:09:52:23:f4:ba:33:19:7d:
4d:a7:89:b0:31:f6:94:56:b3:ab:43:98:45:5f:c8:
2b:96:b6:20:84:84:70:a2:0c:6b:f5:7a:40:9e:f3:
1e:9f:2d:53:7e:30:30:8c:4d:f4:5b:a2:5e:a7:7a:
2b:1f:f4:af:2a:e6:87:19:9c:ff:69:bd:df:9b:20:
dd:60:dd:c2:d4:e6:ac:f2:45:00:86:ce:b7:32:f4:
9e:87:35:f2:de:79:4a:26:56:49:37:4d:a9:8f:d1:
66:17:31:76:1a:10:f9:f6:cc:cc:36:ac:75:9c:0a:
2e:52:c5:39:be:73:d1:21:70:46:ec:43:18:f2:0a:
90:f6:5e:e2:e5:86:59:53:98:e8:c9:2e:42:c1:1b:
02:d0:5f:54:4f:c7:bc:03:71:96:76:8a:ea:d4:a2:
5f:fe:3a:32:d8:5c:df:cc:ae:c1:8a:71:31:75:2a:
47:2a:83:06:90:a9:90:0d:4d:7b:d9:64:43:a7:39:
2e:ec:ba:51:4a:83:f2:f7:4b:ba:91:ce:52:a5:88:
51:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:C6:29:85:8A:EB:99:13:3F:12:BC:00:27:C8:2A:23:31:29:0C:6A
X509v3 Authority Key Identifier:
keyid:81:7C:B1:4C:E4:01:4A:C3:26:9D:70:EE:EA:89:C8:70:55:B1:76:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gXyxTOQBSsMmnXDu6onIcFWxdvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/f6f508-4b3e-422d-8fbc-1a2abda1a9e5/1/8sYphYrrmRM_ErwAJ8gqIzEpDGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/f6f508-4b3e-422d-8fbc-1a2abda1a9e5/1/gXyxTOQBSsMmnXDu6onIcFWxdvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.189.80.0-91.189.82.255
91.189.84.0/22
178.218.208.0-178.218.218.255
178.218.220.0/22
Signature Algorithm: sha256WithRSAEncryption
34:bf:da:70:a7:e0:f5:14:f3:ec:da:91:14:7b:71:fa:46:6a:
20:01:c8:19:52:01:94:13:3c:c1:b5:70:15:60:50:a7:36:94:
ea:ef:1e:a9:d8:74:db:38:ef:96:3c:c4:e2:22:13:86:8a:d2:
29:c0:92:88:bd:09:1b:de:31:31:0d:8a:84:50:7d:19:3f:df:
86:a9:15:11:c3:e4:94:da:c1:34:9c:e2:43:eb:40:81:b8:69:
4c:6a:f2:aa:98:d2:db:86:08:1b:5a:97:92:59:59:6f:8a:69:
06:d6:65:f6:c7:47:c3:2d:4d:41:3f:a2:0a:da:67:8f:ac:7d:
14:dd:ae:17:07:d2:7e:4f:e1:93:9f:ce:c2:b5:e9:37:50:6a:
e7:74:b8:9a:13:1a:db:1e:69:6e:da:8d:e0:7a:e2:bc:36:4b:
29:31:95:5d:4c:18:ac:82:55:a0:ab:b5:9d:34:ea:bb:2d:9e:
a9:0f:56:19:a4:a0:4b:74:23:b2:00:04:cd:0c:54:fb:dc:46:
58:ad:f9:ae:8b:47:02:66:70:a9:b8:9e:b7:71:5f:73:86:1f:
f1:ea:b9:81:99:c8:bd:36:38:ca:d8:f5:a4:9c:8f:ea:5f:c7:
1c:d0:f5:cd:5d:1d:b9:6a:b9:b1:1b:40:79:6f:1b:b9:45:8c:
fd:12:1d:a2
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQi+5PpRSJEbVNOgCQOBjwCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxN2NiMTRjZTQwMTRhYzMyNjlkNzBlZWVhODljODcwNTVi
MTc2ZjEwHhcNMjUwMTAxMTc0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmM2Mjk4NThhZWI5OTEzM2YxMmJjMDAyN2M4MmEyMzMxMjkwYzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsswyz/jKMznyO5jxWWL4N7vLEBZ1
mInkUfE3xGo2aQXSV6MCHGisnyiJzHt3riJ9VuXCCVIj9LozGX1Np4mwMfaUVrOr
Q5hFX8grlrYghIRwogxr9XpAnvMeny1TfjAwjE30W6Jep3orH/SvKuaHGZz/ab3f
myDdYN3C1Oas8kUAhs63MvSehzXy3nlKJlZJN02pj9FmFzF2GhD59szMNqx1nAou
UsU5vnPRIXBG7EMY8gqQ9l7i5YZZU5joyS5CwRsC0F9UT8e8A3GWdorq1KJf/joy
2FzfzK7BinExdSpHKoMGkKmQDU172WRDpzku7LpRSoPy90u6kc5SpYhRRwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPLGKYWK65kTPxK8ACfIKiMxKQxqMB8GA1UdIwQY
MBaAFIF8sUzkAUrDJp1w7uqJyHBVsXbxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1h5eFRPUUJTc01tblhEdTZvbkljRld4ZHZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9mNmY1MDgtNGIzZS00MjJkLThmYmMt
MWEyYWJkYTFhOWU1LzEvOHNZcGhZcnJtUk1fRXJ3QUo4Z3FJekVwREdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9mNmY1MDgtNGIzZS00MjJkLThmYmMtMWEyYWJkYTFhOWU1
LzEvZ1h5eFRPUUJTc01tblhEdTZvbkljRld4ZHZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBARbvVAD
BABbvVIDBAJbvVQwDAMEBLLa0AMEALLa2gMEArLa3DANBgkqhkiG9w0BAQsFAAOC
AQEANL/acKfg9RTz7NqRFHtx+kZqIAHIGVIBlBM8wbVwFWBQpzaU6u8eqdh02zjv
ljzE4iIThorSKcCSiL0JG94xMQ2KhFB9GT/fhqkVEcPklNrBNJziQ+tAgbhpTGry
qpjS24YIG1qXkllZb4ppBtZl9sdHwy1NQT+iCtpnj6x9FN2uFwfSfk/hk5/OwrXp
N1Bq53S4mhMa2x5pbtqN4HrivDZLKTGVXUwYrIJVoKu1nTTquy2eqQ9WGaSgS3Qj
sgAEzQxU+9xGWK35rotHAmZwqbiet3Ffc4Yf8eq5gZnIvTY4ytj1pJyP6l/HHND1
zV0duWq5sRtAeW8buUWM/RIdog==
-----END CERTIFICATE-----
Generated at Tue Apr 15 07:16:05 2025 by rpki-client