Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Y8XqRNlJ2ySAzQPu89iOHWgzQDk.roa
File: Y8XqRNlJ2ySAzQPu89iOHWgzQDk.roa (raw, json)
Hash identifier: X8t1d+jN3dpwGlzgvY6L1s6hdaWchkRT6UMKDvHnFOg=
Subject key identifier: 63:C5:EA:44:D9:49:DB:24:80:CD:03:EE:F3:D8:8E:1D:68:33:40:39
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01941F8CC85F414C0C9E205ED3735600EC9D
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Y8XqRNlJ2ySAzQPu89iOHWgzQDk.roa
Signing time: Wed 01 Jan 2025 01:48:27 +0000
ROA not before: Wed 01 Jan 2025 01:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213138
IP address blocks: 91.215.48.0/22 maxlen: 24
185.19.188.0/23 maxlen: 24
185.19.190.0/24 maxlen: 24
185.240.80.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:c8:5f:41:4c:0c:9e:20:5e:d3:73:56:00:ec:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 01:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63c5ea44d949db2480cd03eef3d88e1d68334039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0b:b5:38:06:5a:18:4a:45:44:f3:6d:2e:72:
57:7c:58:09:48:83:8c:bb:6d:b7:b7:18:d8:f2:4b:
0f:68:b5:b1:58:ad:21:07:a1:09:f3:4f:0a:43:24:
5c:67:d0:07:56:4f:c7:87:b4:46:94:68:8e:19:ce:
20:05:95:75:c9:87:47:b4:53:da:11:ba:f5:7b:10:
d3:00:0e:af:00:37:7f:9f:23:d1:78:2d:1a:6a:48:
27:ba:c2:ec:59:48:f9:d0:21:c2:3f:6b:0e:a0:76:
41:00:90:87:e0:2e:65:85:8e:2d:25:61:7d:62:92:
d6:a1:5a:84:47:ad:04:5f:e2:4c:46:88:b9:44:b8:
1c:0b:81:0a:f6:fc:6c:69:95:9d:a3:88:6e:85:de:
5f:b9:68:d7:9c:7b:dc:ed:38:b3:ab:a9:7a:c7:97:
e0:5e:e0:ed:a0:eb:dc:9a:fb:4b:83:a6:3a:a8:a1:
68:cd:0d:6a:20:06:55:3d:f3:8f:45:26:44:e3:3b:
73:65:05:ca:40:e9:2e:7a:f8:96:d6:3e:d9:c1:24:
38:a9:09:9d:97:62:28:3e:b3:a6:38:01:f0:25:8a:
fa:c4:16:5f:b6:c2:e0:a6:82:69:d8:e2:5c:f4:bc:
56:b5:9e:72:ad:fd:ee:88:65:94:b1:7c:a6:79:08:
60:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C5:EA:44:D9:49:DB:24:80:CD:03:EE:F3:D8:8E:1D:68:33:40:39
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Y8XqRNlJ2ySAzQPu89iOHWgzQDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.48.0/22
185.19.188.0-185.19.190.255
185.240.80.0/22
Signature Algorithm: sha256WithRSAEncryption
34:5b:3f:6f:6d:87:36:ad:d5:0f:87:ec:68:44:8b:c5:08:46:
fa:7b:4e:ea:bb:4f:d2:ed:4d:b5:3e:22:7b:f6:df:2f:e1:48:
5c:f5:07:7b:5f:c6:e0:e4:37:3b:8b:49:28:6d:bc:4f:23:7a:
85:5d:46:26:72:25:47:21:a8:b6:7f:92:0f:c1:50:db:ba:95:
17:43:fe:4a:88:eb:c0:d9:20:eb:5f:3e:d7:6f:ee:d3:0c:43:
d1:8c:17:76:af:91:a2:02:8d:fc:01:23:fd:41:21:a1:ab:ee:
1c:8c:dd:17:a5:91:15:d8:33:1d:40:db:11:a4:e8:97:ce:f3:
6c:af:b3:ea:55:4e:71:b6:07:2d:08:aa:5b:ef:9c:01:c0:16:
6e:9c:cf:32:ce:a4:1e:8a:f4:ac:a0:74:73:b7:53:05:54:5b:
aa:8f:d3:b9:90:5a:42:70:4c:08:97:a2:1d:3d:1e:de:8e:9e:
44:1c:79:99:cd:9a:10:81:da:ca:8b:38:fa:f7:5f:8b:f2:b6:
53:24:17:19:8a:02:4a:b4:e6:f8:b5:01:01:7a:20:22:78:fc:
bf:f2:e7:8f:00:0a:69:fa:de:13:7d:50:67:f5:c2:76:fe:3b:
aa:e1:0d:cb:74:97:ae:b9:8a:68:3e:66:9f:d5:71:68:a1:13:
54:1d:6b:8e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQfjMhfQUwMniBe03NWAOydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjUwMTAxMDE0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2M1ZWE0NGQ5NDlkYjI0ODBjZDAzZWVmM2Q4OGUxZDY4MzM0MDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAu1OAZaGEpFRPNtLnJXfFgJSIOM
u223txjY8ksPaLWxWK0hB6EJ808KQyRcZ9AHVk/Hh7RGlGiOGc4gBZV1yYdHtFPa
Ebr1exDTAA6vADd/nyPReC0aakgnusLsWUj50CHCP2sOoHZBAJCH4C5lhY4tJWF9
YpLWoVqER60EX+JMRoi5RLgcC4EK9vxsaZWdo4huhd5fuWjXnHvc7Tizq6l6x5fg
XuDtoOvcmvtLg6Y6qKFozQ1qIAZVPfOPRSZE4ztzZQXKQOkueviW1j7ZwSQ4qQmd
l2IoPrOmOAHwJYr6xBZftsLgpoJp2OJc9LxWtZ5yrf3uiGWUsXymeQhgXwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGPF6kTZSdskgM0D7vPYjh1oM0A5MB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvWThYcVJObEoyeVNBelFQdTg5aU9IV2d6UURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCW9cwMAwD
BAK5E7wDBAC5E74DBAK58FAwDQYJKoZIhvcNAQELBQADggEBADRbP29thzat1Q+H
7GhEi8UIRvp7Tuq7T9LtTbU+Inv23y/hSFz1B3tfxuDkNzuLSShtvE8jeoVdRiZy
JUchqLZ/kg/BUNu6lRdD/kqI68DZIOtfPtdv7tMMQ9GMF3avkaICjfwBI/1BIaGr
7hyM3RelkRXYMx1A2xGk6JfO82yvs+pVTnG2By0IqlvvnAHAFm6czzLOpB6K9Kyg
dHO3UwVUW6qP07mQWkJwTAiXoh09Ht6OnkQceZnNmhCB2sqLOPr3X4vytlMkFxmK
Akq05vi1AQF6ICJ4/L/y548ACmn63hN9UGf1wnb+O6rhDct0l665img+Zp/VcWih
E1Qda44=
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:50:38 2025 by rpki-client