Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/yEes5OnD4YkYUSA14kYt4AMBnSY.roa
File: yEes5OnD4YkYUSA14kYt4AMBnSY.roa (raw, json)
Hash identifier: Fze/BIPFJAZjpwYmyAHhonKL78kHjYkgdApjhVIqeos=
Subject key identifier: C8:47:AC:E4:E9:C3:E1:89:18:51:20:35:E2:46:2D:E0:03:01:9D:26
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0195281B74FFE18537762893E5220323BBFF
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/yEes5OnD4YkYUSA14kYt4AMBnSY.roa
Signing time: Fri 21 Feb 2025 10:44:02 +0000
ROA not before: Fri 21 Feb 2025 10:44:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 81.22.130.0/24 maxlen: 24
81.22.135.0/24 maxlen: 24
89.185.1.0/24 maxlen: 24
89.185.3.0/24 maxlen: 24
109.72.117.0/24 maxlen: 24
109.72.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:28:1b:74:ff:e1:85:37:76:28:93:e5:22:03:23:bb:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Feb 21 10:44:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c847ace4e9c3e18918512035e2462de003019d26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:3f:ab:b0:19:22:b2:25:a8:bc:99:7f:f1:88:
f5:90:2c:a8:ea:ec:7e:b3:5f:6d:73:01:40:a0:50:
4d:cd:23:ec:60:39:ad:94:d8:6e:00:f5:e0:db:30:
b2:0a:ab:49:63:f8:30:a6:54:d1:86:ad:06:e9:e9:
dd:35:2f:c7:2e:81:73:67:7d:70:e7:4d:e8:3c:85:
08:43:ad:6a:78:f6:31:51:8a:49:46:e1:9f:46:ff:
f7:c1:33:c8:62:29:35:63:ed:5d:08:42:25:f2:e1:
eb:63:81:28:0b:13:e8:bf:30:4a:f6:e7:a8:d4:4e:
e7:7f:59:4e:ef:14:98:16:c1:b1:11:42:69:d4:18:
89:dc:bf:61:9f:60:36:44:40:75:b9:9e:df:74:93:
6a:04:77:45:e3:d0:58:e5:49:94:43:6e:e2:8a:fb:
8d:7e:a4:a0:79:43:6b:64:4a:6b:0f:f2:5c:c0:6e:
09:b3:08:50:be:11:cc:18:5a:12:4f:97:41:51:72:
3b:3f:e2:50:2b:a9:89:08:15:bb:26:40:06:ba:ea:
dd:f3:8f:34:99:fa:86:3a:3b:57:60:d5:f3:6f:59:
ae:8d:8d:09:b2:85:33:05:15:6a:61:ec:5b:be:be:
8a:9b:0b:b5:84:67:4b:00:e7:0c:a5:66:8d:dc:a9:
0e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:47:AC:E4:E9:C3:E1:89:18:51:20:35:E2:46:2D:E0:03:01:9D:26
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/yEes5OnD4YkYUSA14kYt4AMBnSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.130.0/24
81.22.135.0/24
89.185.1.0/24
89.185.3.0/24
109.72.117.0/24
109.72.127.0/24
Signature Algorithm: sha256WithRSAEncryption
91:ad:8b:45:c2:ad:54:c5:3c:9e:64:3a:ab:25:71:da:91:92:
27:67:9f:0e:e2:3b:29:1e:e4:61:f1:dd:4f:3d:3c:4a:a8:4a:
ec:a7:6b:d9:d6:26:de:bc:62:ab:71:b3:dd:1e:00:75:86:5d:
da:ea:58:41:39:92:f9:ed:59:4d:8d:30:e8:67:b8:45:4f:05:
7b:73:dd:dd:f3:85:ca:3a:85:58:e1:dc:a6:b3:27:6b:07:00:
68:9a:a8:35:49:66:e4:cf:55:9c:4e:2d:51:56:be:9e:63:e9:
bb:71:57:8e:cb:ae:2e:88:60:cd:9a:20:e4:ee:e7:20:1c:52:
8b:2b:f8:19:22:ba:3e:fa:9a:fe:37:0a:0e:f3:97:58:49:ef:
4f:79:98:0b:8b:64:dc:da:82:07:65:a6:11:7f:bf:e1:a4:3f:
72:df:60:0d:03:2c:f6:1d:dd:d7:2b:8e:25:89:8c:a6:9e:7d:
d4:c6:73:61:47:ee:14:32:64:ae:78:22:2e:36:6d:53:ff:3d:
32:7b:1e:f5:41:16:f9:cc:a9:aa:02:e7:96:7a:26:eb:4f:ff:
0f:52:b0:29:2d:ea:31:2b:59:f4:9c:80:38:2d:c5:73:f6:28:
60:94:4e:df:0e:e9:8e:9e:80:bb:2b:7d:ca:90:3b:97:07:0a:
cb:9a:87:a1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZUoG3T/4YU3diiT5SIDI7v/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjUwMjIxMTA0NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODQ3YWNlNGU5YzNlMTg5MTg1MTIwMzVlMjQ2MmRlMDAzMDE5ZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjT+rsBkisiWovJl/8Yj1kCyo6ux+
s19tcwFAoFBNzSPsYDmtlNhuAPXg2zCyCqtJY/gwplTRhq0G6endNS/HLoFzZ31w
503oPIUIQ61qePYxUYpJRuGfRv/3wTPIYik1Y+1dCEIl8uHrY4EoCxPovzBK9ueo
1E7nf1lO7xSYFsGxEUJp1BiJ3L9hn2A2REB1uZ7fdJNqBHdF49BY5UmUQ27iivuN
fqSgeUNrZEprD/JcwG4JswhQvhHMGFoST5dBUXI7P+JQK6mJCBW7JkAGuurd8480
mfqGOjtXYNXzb1mujY0JsoUzBRVqYexbvr6Kmwu1hGdLAOcMpWaN3KkOwwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMhHrOTpw+GJGFEgNeJGLeADAZ0mMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEveUVlczVPbkQ0WWtZVVNBMTRrWXQ0QU1CblNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAURaCAwQA
URaHAwQAWbkBAwQAWbkDAwQAbUh1AwQAbUh/MA0GCSqGSIb3DQEBCwUAA4IBAQCR
rYtFwq1UxTyeZDqrJXHakZInZ58O4jspHuRh8d1PPTxKqErsp2vZ1ibevGKrcbPd
HgB1hl3a6lhBOZL57VlNjTDoZ7hFTwV7c93d84XKOoVY4dymsydrBwBomqg1SWbk
z1WcTi1RVr6eY+m7cVeOy64uiGDNmiDk7ucgHFKLK/gZIro++pr+NwoO85dYSe9P
eZgLi2Tc2oIHZaYRf7/hpD9y32ANAyz2Hd3XK44liYymnn3UxnNhR+4UMmSueCIu
Nm1T/z0yex71QRb5zKmqAueWeibrT/8PUrApLeoxK1n0nIA4LcVz9ihglE7fDumO
noC7K33KkDuXBwrLmoeh
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:38:20 2025 by rpki-client