Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/de9139-a9d0-493a-9260-ed0f256a5fe3/1/Dmpy31ijG2f6hXZqP5vPJHMC7fc.roa
File: Dmpy31ijG2f6hXZqP5vPJHMC7fc.roa (raw, json)
Hash identifier: a19ubK1sseKa07iYGs0SfWBGmOIfQnOOnA1DdC09cIs=
Subject key identifier: 0E:6A:72:DF:58:A3:1B:67:FA:85:76:6A:3F:9B:CF:24:73:02:ED:F7
Certificate issuer: /CN=292d120970515846360ea223e9a0e6a3c3896934
Certificate serial: 0194266C4668602DDCFC0CE5B3BE3D18B3CF
Authority key identifier: 29:2D:12:09:70:51:58:46:36:0E:A2:23:E9:A0:E6:A3:C3:89:69:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KS0SCXBRWEY2DqIj6aDmo8OJaTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/de9139-a9d0-493a-9260-ed0f256a5fe3/1/Dmpy31ijG2f6hXZqP5vPJHMC7fc.roa
Signing time: Thu 02 Jan 2025 09:50:17 +0000
ROA not before: Thu 02 Jan 2025 09:50:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56550
IP address blocks: 31.14.28.0/24 maxlen: 24
31.177.40.0/21 maxlen: 21
31.214.153.0/24 maxlen: 24
46.102.188.0/23 maxlen: 23
85.204.119.0/24 maxlen: 24
85.204.147.0/24 maxlen: 24
86.105.177.0/24 maxlen: 24
89.32.168.0/23 maxlen: 23
89.32.186.0/23 maxlen: 23
89.33.133.0/24 maxlen: 24
89.34.161.0/24 maxlen: 24
89.36.228.0/24 maxlen: 24
89.42.25.0/24 maxlen: 24
93.115.62.0/23 maxlen: 23
93.117.152.0/23 maxlen: 23
93.117.172.0/23 maxlen: 23
94.177.127.0/24 maxlen: 24
95.142.208.0/21 maxlen: 21
109.230.212.0/24 maxlen: 24
128.0.122.0/23 maxlen: 23
128.0.123.0/24 maxlen: 24
128.0.124.0/22 maxlen: 22
185.8.24.0/22 maxlen: 22
185.157.52.0/22 maxlen: 22
185.163.172.0/22 maxlen: 22
188.241.154.0/24 maxlen: 24
2a03:1140::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/de9139-a9d0-493a-9260-ed0f256a5fe3/1/KS0SCXBRWEY2DqIj6aDmo8OJaTQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/de9139-a9d0-493a-9260-ed0f256a5fe3/1/KS0SCXBRWEY2DqIj6aDmo8OJaTQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KS0SCXBRWEY2DqIj6aDmo8OJaTQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:46:68:60:2d:dc:fc:0c:e5:b3:be:3d:18:b3:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=292d120970515846360ea223e9a0e6a3c3896934
Validity
Not Before: Jan 2 09:50:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e6a72df58a31b67fa85766a3f9bcf247302edf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:45:a8:25:84:59:3b:ae:0f:b7:dd:8e:98:7e:
6c:d1:96:ea:cf:09:93:93:14:65:2f:ad:74:ee:12:
ef:e7:db:4f:11:fc:15:2b:26:cc:4e:91:94:bd:4f:
eb:d0:71:e7:8d:df:be:8d:68:91:38:bb:e4:c6:2e:
1e:ad:96:0d:36:51:de:e5:48:29:ed:b8:df:72:c4:
da:d8:a6:00:b9:5c:e8:ee:4e:b6:8b:44:42:2b:a7:
8f:12:b7:f7:92:00:95:d3:59:6d:b1:5d:67:5b:a9:
d4:39:3f:f7:b9:f6:bc:0e:cf:0b:cb:4a:8f:1c:f7:
8f:c5:b3:5f:5c:8d:ac:5a:0d:88:cb:dc:c7:43:4e:
6b:b4:31:3e:47:68:1b:54:dd:90:a1:c5:1e:d2:ac:
30:17:d7:70:62:0c:b6:15:7b:fb:cc:90:91:c5:97:
6c:56:d8:ea:e9:ba:19:85:54:4d:eb:6c:4a:77:94:
cd:9d:33:86:f4:52:6e:65:e6:6d:38:bf:74:5a:fe:
03:cd:aa:45:3c:90:22:47:0c:be:40:8b:e5:62:5a:
fa:6b:19:e1:92:73:4e:5c:ff:80:b1:ba:3a:59:1d:
ac:5f:64:45:f4:3c:db:3a:97:09:80:a1:d3:e6:0a:
d7:f3:c4:1a:f8:b6:37:51:f8:6c:4a:86:8d:97:f7:
ea:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:6A:72:DF:58:A3:1B:67:FA:85:76:6A:3F:9B:CF:24:73:02:ED:F7
X509v3 Authority Key Identifier:
keyid:29:2D:12:09:70:51:58:46:36:0E:A2:23:E9:A0:E6:A3:C3:89:69:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KS0SCXBRWEY2DqIj6aDmo8OJaTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/de9139-a9d0-493a-9260-ed0f256a5fe3/1/Dmpy31ijG2f6hXZqP5vPJHMC7fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/de9139-a9d0-493a-9260-ed0f256a5fe3/1/KS0SCXBRWEY2DqIj6aDmo8OJaTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.28.0/24
31.177.40.0/21
31.214.153.0/24
46.102.188.0/23
85.204.119.0/24
85.204.147.0/24
86.105.177.0/24
89.32.168.0/23
89.32.186.0/23
89.33.133.0/24
89.34.161.0/24
89.36.228.0/24
89.42.25.0/24
93.115.62.0/23
93.117.152.0/23
93.117.172.0/23
94.177.127.0/24
95.142.208.0/21
109.230.212.0/24
128.0.122.0-128.0.127.255
185.8.24.0/22
185.157.52.0/22
185.163.172.0/22
188.241.154.0/24
IPv6:
2a03:1140::/32
Signature Algorithm: sha256WithRSAEncryption
74:bb:0a:a3:1e:64:de:01:c1:1c:77:07:65:cc:2e:94:5a:69:
4d:2d:11:3f:f9:49:70:48:f2:7e:53:4f:41:44:bd:3c:0e:b6:
ce:e1:7f:96:69:f6:ae:6b:3c:97:b0:0c:39:46:50:f7:fa:c9:
0b:96:48:78:3d:84:d2:49:c8:7d:da:04:b6:46:ff:e2:85:93:
e9:24:e8:b8:c1:d1:6c:3e:7e:42:44:05:76:4e:0a:a6:d4:9d:
b3:e0:b4:a8:9e:04:76:c3:14:30:0f:34:5f:b9:05:31:f5:06:
b3:9d:3c:92:e6:c7:1c:3f:10:89:9f:46:e3:3d:52:99:02:13:
08:57:88:04:6b:87:1a:4f:4f:ed:59:ab:72:0d:c2:7c:79:71:
8b:d9:b8:df:18:33:1c:34:0b:a7:13:1d:cb:6d:90:7d:6b:72:
85:47:a7:96:72:51:cd:13:54:c3:4b:54:12:9f:2c:5c:77:67:
eb:3b:ba:48:11:4a:9f:2a:fa:11:b4:36:63:35:64:24:7a:a1:
4a:52:04:4a:87:5e:20:ae:ae:e1:1e:b1:dd:3a:91:2d:87:a5:
80:d9:c7:98:7f:37:c5:aa:62:63:a7:9a:db:df:6a:ae:bb:02:
9f:b8:f9:fe:c2:1b:ad:14:9f:39:91:b4:a1:bc:63:a3:00:d1:
39:71:a3:0b
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQmbEZoYC3c/Azls749GLPPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MmQxMjA5NzA1MTU4NDYzNjBlYTIyM2U5YTBlNmEzYzM4
OTY5MzQwHhcNMjUwMTAyMDk1MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTZhNzJkZjU4YTMxYjY3ZmE4NTc2NmEzZjliY2YyNDczMDJlZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3UWoJYRZO64Pt92OmH5s0ZbqzwmT
kxRlL6107hLv59tPEfwVKybMTpGUvU/r0HHnjd++jWiROLvkxi4erZYNNlHe5Ugp
7bjfcsTa2KYAuVzo7k62i0RCK6ePErf3kgCV01ltsV1nW6nUOT/3ufa8Ds8Ly0qP
HPePxbNfXI2sWg2Iy9zHQ05rtDE+R2gbVN2QocUe0qwwF9dwYgy2FXv7zJCRxZds
Vtjq6boZhVRN62xKd5TNnTOG9FJuZeZtOL90Wv4DzapFPJAiRwy+QIvlYlr6axnh
knNOXP+Asbo6WR2sX2RF9DzbOpcJgKHT5grX88Qa+LY3UfhsSoaNl/fqBwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFA5qct9Yoxtn+oV2aj+bzyRzAu33MB8GA1UdIwQY
MBaAFCktEglwUVhGNg6iI+mg5qPDiWk0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1MwU0NYQlJXRVkyRHFJajZhRG1vOE9KYVRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9kZTkxMzktYTlkMC00OTNhLTkyNjAt
ZWQwZjI1NmE1ZmUzLzEvRG1weTMxaWpHMmY2aFhacVA1dlBKSE1DN2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9kZTkxMzktYTlkMC00OTNhLTkyNjAtZWQwZjI1NmE1ZmUz
LzEvS1MwU0NYQlJXRVkyRHFJajZhRG1vOE9KYVRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBnwQCAAEwgZgDBAAf
DhwDBAMfsSgDBAAf1pkDBAEuZrwDBABVzHcDBABVzJMDBABWabEDBAFZIKgDBAFZ
ILoDBABZIYUDBABZIqEDBABZJOQDBABZKhkDBAFdcz4DBAFddZgDBAFddawDBABe
sX8DBANfjtADBABt5tQwDAMEAYAAegMEB4AAAAMEArkIGAMEArmdNAMEArmjrAME
ALzxmjANBAIAAjAHAwUAKgMRQDANBgkqhkiG9w0BAQsFAAOCAQEAdLsKox5k3gHB
HHcHZcwulFppTS0RP/lJcEjyflNPQUS9PA62zuF/lmn2rms8l7AMOUZQ9/rJC5ZI
eD2E0knIfdoEtkb/4oWT6STouMHRbD5+QkQFdk4KptSds+C0qJ4EdsMUMA80X7kF
MfUGs508kubHHD8QiZ9G4z1SmQITCFeIBGuHGk9P7Vmrcg3CfHlxi9m43xgzHDQL
pxMdy22QfWtyhUenlnJRzRNUw0tUEp8sXHdn6zu6SBFKnyr6EbQ2YzVkJHqhSlIE
SodeIK6u4R6x3TqRLYelgNnHmH83xapiY6ea299qrrsCn7j5/sIbrRSfOZG0obxj
owDROXGjCw==
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:59:56 2025 by rpki-client