Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/Y7MCndXsFTXJQ9JQMk8qe5DbA3I.roa
File: Y7MCndXsFTXJQ9JQMk8qe5DbA3I.roa (raw, json)
Hash identifier: czsRXCWC1Pe09oI3RL5+Wn/UEu1+T8qYOVriAgl/ENI=
Subject key identifier: 63:B3:02:9D:D5:EC:15:35:C9:43:D2:50:32:4F:2A:7B:90:DB:03:72
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 0196337CCF760C11B45BD151A8C4AFD72D3F
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/Y7MCndXsFTXJQ9JQMk8qe5DbA3I.roa
Signing time: Mon 14 Apr 2025 08:48:59 +0000
ROA not before: Mon 14 Apr 2025 08:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210976
IP address blocks: 92.51.36.0/24 maxlen: 24
92.51.37.0/24 maxlen: 24
92.51.44.0/24 maxlen: 24
92.51.45.0/24 maxlen: 24
92.51.46.0/24 maxlen: 24
92.51.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.mft
rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:33:7c:cf:76:0c:11:b4:5b:d1:51:a8:c4:af:d7:2d:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Apr 14 08:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63b3029dd5ec1535c943d250324f2a7b90db0372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cd:26:1f:83:96:0e:52:84:e7:77:82:3e:b4:
1f:d5:2c:1a:c4:23:6a:46:fd:e6:67:83:04:b7:99:
7e:3e:a1:31:2a:bc:38:17:21:d2:e9:1c:72:81:48:
95:4b:55:84:c9:d9:9c:43:30:bd:9e:b5:b5:d6:b8:
0a:29:62:9d:a8:9e:ed:8f:9d:93:2a:02:05:48:4e:
fa:60:8c:78:f0:ec:b4:d7:7b:ac:80:97:8e:bb:ef:
6f:8f:9a:f6:6f:01:94:4c:f2:9e:a1:c6:d7:da:7c:
88:49:e4:82:ca:2f:84:91:e0:69:10:07:0d:36:4d:
02:91:16:09:f4:72:a7:d7:3c:41:3f:1f:c1:2c:7d:
0d:ba:3f:29:fe:97:10:68:e8:ee:e6:2d:5f:78:b8:
c0:05:fb:16:f7:3a:5c:77:93:68:e0:a1:09:b3:4c:
19:82:d1:a8:e8:e6:92:38:b9:0f:10:34:d6:ce:b3:
bf:26:e9:02:0e:26:b2:8c:12:88:fb:55:d4:df:4b:
24:4d:b9:6e:39:e2:30:c8:ce:95:a6:93:2c:34:56:
99:4f:5f:78:58:26:d7:42:e6:0c:5e:ab:16:1d:80:
8c:9b:16:d6:ca:bd:58:b3:38:cb:8c:ef:1b:1c:fa:
53:38:0c:5b:6f:10:61:28:97:a2:c2:43:f7:31:52:
d7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:B3:02:9D:D5:EC:15:35:C9:43:D2:50:32:4F:2A:7B:90:DB:03:72
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/Y7MCndXsFTXJQ9JQMk8qe5DbA3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.51.36.0/23
92.51.44.0/22
Signature Algorithm: sha256WithRSAEncryption
18:bb:31:a9:b8:c5:9d:0b:d5:f5:f8:a7:a5:3a:2a:e9:96:6e:
d0:2b:85:32:33:18:3f:5a:b0:f8:fd:04:1e:4a:4b:3a:a3:67:
99:b0:35:2a:49:32:a0:f2:cc:24:e4:0d:05:54:b0:9e:02:21:
7e:8b:aa:fd:63:c2:d9:04:ed:33:44:79:ef:38:ab:f3:54:eb:
c4:9c:d2:cc:e1:ad:a6:09:d8:c1:7d:17:5d:80:2f:a0:d7:0e:
a6:d3:d1:c8:6f:b6:26:5e:76:94:69:b5:90:d1:2e:83:f2:5d:
bc:c2:46:27:2f:18:f5:a6:1c:57:4f:55:26:eb:0b:73:d4:c9:
e6:98:1f:29:20:79:43:25:37:51:54:c6:49:b3:b4:3a:11:c2:
62:89:6c:2f:a8:52:98:a9:1f:55:d2:ea:40:04:b3:b4:f2:2d:
ca:37:36:ee:56:27:39:ad:b0:e2:ae:48:c5:6f:80:6f:e7:aa:
ac:38:cf:99:e8:95:c2:55:83:a8:4f:9f:ae:7f:17:39:22:bb:
97:d8:71:93:3d:c5:35:97:85:f9:a0:7d:7a:fc:43:e4:c5:b8:
0f:b5:66:3e:6b:20:7d:10:62:63:5b:e8:a1:48:ac:71:d4:9d:
0b:a8:b8:92:90:2d:f6:02:57:fd:dd:9f:6a:76:fd:8e:f1:3c:
03:7c:b3:13
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYzfM92DBG0W9FRqMSv1y0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjUwNDE0MDg0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2IzMDI5ZGQ1ZWMxNTM1Yzk0M2QyNTAzMjRmMmE3YjkwZGIwMzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwc0mH4OWDlKE53eCPrQf1SwaxCNq
Rv3mZ4MEt5l+PqExKrw4FyHS6RxygUiVS1WEydmcQzC9nrW11rgKKWKdqJ7tj52T
KgIFSE76YIx48Oy013usgJeOu+9vj5r2bwGUTPKeocbX2nyISeSCyi+EkeBpEAcN
Nk0CkRYJ9HKn1zxBPx/BLH0Nuj8p/pcQaOju5i1feLjABfsW9zpcd5No4KEJs0wZ
gtGo6OaSOLkPEDTWzrO/JukCDiayjBKI+1XU30skTbluOeIwyM6VppMsNFaZT194
WCbXQuYMXqsWHYCMmxbWyr1YszjLjO8bHPpTOAxbbxBhKJeiwkP3MVLX6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGOzAp3V7BU1yUPSUDJPKnuQ2wNyMB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvWTdNQ25kWHNGVFhKUTlKUU1rOHFlNURiQTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXDMkAwQC
XDMsMA0GCSqGSIb3DQEBCwUAA4IBAQAYuzGpuMWdC9X1+KelOirplm7QK4UyMxg/
WrD4/QQeSks6o2eZsDUqSTKg8swk5A0FVLCeAiF+i6r9Y8LZBO0zRHnvOKvzVOvE
nNLM4a2mCdjBfRddgC+g1w6m09HIb7YmXnaUabWQ0S6D8l28wkYnLxj1phxXT1Um
6wtz1MnmmB8pIHlDJTdRVMZJs7Q6EcJiiWwvqFKYqR9V0upABLO08i3KNzbuVic5
rbDirkjFb4Bv56qsOM+Z6JXCVYOoT5+ufxc5IruX2HGTPcU1l4X5oH16/EPkxbgP
tWY+ayB9EGJjW+ihSKxx1J0LqLiSkC32Alf93Z9qdv2O8TwDfLMT
-----END CERTIFICATE-----
Generated at Sat Apr 19 09:47:14 2025 by rpki-client