Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-DX1H6usnCa0Apg9Nn58mWmeAgc.roa
File: 1-DX1H6usnCa0Apg9Nn58mWmeAgc.roa (raw, json)
Hash identifier: Pkd2UdvqqikPi+9DV+nimBercr/jToNtCYFlDibXANU=
Subject key identifier: F8:35:F5:1F:AB:AC:9C:26:B4:02:98:3D:36:7E:7C:99:69:9E:02:07
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01956675F01365CEA249728523F14BED1B0E
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-DX1H6usnCa0Apg9Nn58mWmeAgc.roa
Signing time: Wed 05 Mar 2025 13:19:19 +0000
ROA not before: Wed 05 Mar 2025 13:19:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213006
IP address blocks: 91.212.195.0/24 maxlen: 24
185.109.162.0/24 maxlen: 24
185.212.84.0/22 maxlen: 24
185.214.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:66:75:f0:13:65:ce:a2:49:72:85:23:f1:4b:ed:1b:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 5 13:19:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f835f51fabac9c26b402983d367e7c99699e0207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:72:b4:23:36:fb:8d:7c:3b:c4:1f:21:b6:9b:
28:97:84:42:b5:ed:af:4f:0f:4c:3d:37:4b:f8:a1:
49:69:77:8b:38:d8:cf:b7:d3:ca:20:79:8c:ac:1c:
28:62:2c:8c:4a:d7:c9:f9:94:ce:1d:66:5e:46:c1:
66:f3:d8:57:0e:1f:00:dc:e3:7c:4b:63:d0:d7:a5:
7e:d4:94:53:2e:7b:d6:15:97:ba:1e:70:c3:52:0d:
8c:77:24:1a:e6:e4:91:3d:f7:aa:1b:bd:c8:05:19:
70:33:92:1c:c9:d4:ce:d4:cc:8f:46:93:25:aa:e3:
0f:7f:3b:d8:ad:12:28:4b:6b:90:c2:7e:f1:3b:36:
a5:a6:38:0f:43:62:41:e0:85:25:ed:a2:d5:f9:33:
11:f1:dc:f0:7f:d8:18:5a:08:a3:ee:03:99:7a:c2:
6c:96:f0:4d:da:70:17:b5:59:9c:aa:fd:9f:9f:5c:
1c:32:e4:46:a1:2a:04:45:c8:20:25:12:58:4b:14:
a8:88:d7:72:aa:e8:ba:03:ed:d7:d0:03:bd:97:aa:
19:bc:26:7b:b8:43:cc:70:c5:be:1c:29:78:41:67:
20:1a:80:19:80:63:58:ff:1b:05:bb:a0:fc:fa:b9:
67:76:d9:41:3c:5d:5d:65:11:76:42:dd:7a:cd:59:
eb:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:35:F5:1F:AB:AC:9C:26:B4:02:98:3D:36:7E:7C:99:69:9E:02:07
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-DX1H6usnCa0Apg9Nn58mWmeAgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.195.0/24
185.109.162.0/24
185.212.84.0/22
185.214.84.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:1f:26:ff:75:57:8c:6d:d3:56:73:08:24:8e:23:37:3e:09:
84:5f:15:de:1d:de:84:2b:a0:c9:c0:1d:8e:29:7e:6e:2c:cd:
6a:de:8f:63:2b:e5:be:e5:d9:ae:16:dc:d6:61:bd:30:57:ad:
7b:92:7e:3a:f5:75:77:cc:ba:91:86:21:2a:9a:8e:97:31:f2:
fe:22:24:e1:7e:35:2d:0f:ec:24:c8:d5:9f:ac:35:58:21:be:
22:ea:67:d3:e5:2a:7f:78:ff:2b:9b:8c:69:f0:69:7f:83:d9:
09:df:9e:34:48:e4:56:6c:4c:2b:b5:c9:33:9e:70:b8:d6:da:
12:a8:4e:97:50:e8:7d:54:f4:96:68:5c:3b:13:21:4b:2b:f7:
7e:16:29:91:84:0b:a9:a0:b1:47:15:ee:29:3c:bf:e3:ae:8e:
01:a1:24:6c:3f:d3:23:41:9f:58:98:02:72:5f:82:ae:f3:fc:
b1:62:58:72:85:38:94:7d:33:70:48:39:57:b8:8a:9a:6c:49:
62:b9:4e:ac:cc:fd:5d:4f:fb:ca:6c:98:9b:3e:b6:ee:72:2f:
d9:72:0d:7e:e9:26:37:d5:b4:44:b1:77:d0:01:d1:f5:a3:7e:
14:62:15:2c:53:2c:73:b8:df:ef:79:8c:f8:cf:43:0c:3d:22:
65:20:76:b7
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZVmdfATZc6iSXKFI/FL7RsOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMzA1MTMxOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODM1ZjUxZmFiYWM5YzI2YjQwMjk4M2QzNjdlN2M5OTY5OWUwMjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHK0Izb7jXw7xB8htpsol4RCte2v
Tw9MPTdL+KFJaXeLONjPt9PKIHmMrBwoYiyMStfJ+ZTOHWZeRsFm89hXDh8A3ON8
S2PQ16V+1JRTLnvWFZe6HnDDUg2MdyQa5uSRPfeqG73IBRlwM5IcydTO1MyPRpMl
quMPfzvYrRIoS2uQwn7xOzalpjgPQ2JB4IUl7aLV+TMR8dzwf9gYWgij7gOZesJs
lvBN2nAXtVmcqv2fn1wcMuRGoSoERcggJRJYSxSoiNdyqui6A+3X0AO9l6oZvCZ7
uEPMcMW+HCl4QWcgGoAZgGNY/xsFu6D8+rlndtlBPF1dZRF2Qt16zVnr0QIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPg19R+rrJwmtAKYPTZ+fJlpngIHMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMS1EWDFINnVzbkNhMEFwZzlObjU4bVdtZUFnYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFi
Yy8xL1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFvUwwME
ALltogMEArnUVAMEALnWVDANBgkqhkiG9w0BAQsFAAOCAQEAfh8m/3VXjG3TVnMI
JI4jNz4JhF8V3h3ehCugycAdjil+bizNat6PYyvlvuXZrhbc1mG9MFete5J+OvV1
d8y6kYYhKpqOlzHy/iIk4X41LQ/sJMjVn6w1WCG+Iupn0+Uqf3j/K5uMafBpf4PZ
Cd+eNEjkVmxMK7XJM55wuNbaEqhOl1DofVT0lmhcOxMhSyv3fhYpkYQLqaCxRxXu
KTy/466OAaEkbD/TI0GfWJgCcl+CrvP8sWJYcoU4lH0zcEg5V7iKmmxJYrlOrMz9
XU/7ymyYmz627nIv2XINfukmN9W0RLF30AHR9aN+FGIVLFMsc7jf73mM+M9DDD0i
ZSB2tw==
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:28:19 2025 by rpki-client