Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/1-V7nSIEtwZacmx3O8jjsbs2FG9w.roa
File: 1-V7nSIEtwZacmx3O8jjsbs2FG9w.roa (raw, json)
Hash identifier: t9K5j+LYk94wZJxNHETLVLM4vmuOedOVZgo6948wOQE=
Subject key identifier: F9:5E:E7:48:81:2D:C1:96:9C:9B:1D:CE:F2:38:EC:6E:CD:85:1B:DC
Certificate issuer: /CN=24504c74c7127090a4cff85001f443149e128e60
Certificate serial: 01941F8CA2ABDFFAD6D5196D50960F2EC634
Authority key identifier: 24:50:4C:74:C7:12:70:90:A4:CF:F8:50:01:F4:43:14:9E:12:8E:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFBMdMcScJCkz_hQAfRDFJ4SjmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/1-V7nSIEtwZacmx3O8jjsbs2FG9w.roa
Signing time: Wed 01 Jan 2025 01:48:17 +0000
ROA not before: Wed 01 Jan 2025 01:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203929
IP address blocks: 89.37.56.0/24 maxlen: 24
91.199.220.0/24 maxlen: 24
146.19.147.0/24 maxlen: 24
185.124.33.0/24 maxlen: 24
185.124.34.0/24 maxlen: 24
185.124.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/JFBMdMcScJCkz_hQAfRDFJ4SjmA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/JFBMdMcScJCkz_hQAfRDFJ4SjmA.mft
rsync://rpki.ripe.net/repository/DEFAULT/JFBMdMcScJCkz_hQAfRDFJ4SjmA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 21:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:a2:ab:df:fa:d6:d5:19:6d:50:96:0f:2e:c6:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24504c74c7127090a4cff85001f443149e128e60
Validity
Not Before: Jan 1 01:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f95ee748812dc1969c9b1dcef238ec6ecd851bdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6d:b5:77:56:0a:4e:5f:c8:bf:c3:fe:42:43:
f4:d8:ae:92:d0:3c:67:44:48:1e:a6:1c:65:75:ea:
c0:23:93:ab:65:85:b1:21:36:c8:f4:80:46:c9:ce:
95:46:78:59:ab:91:c2:5f:c4:18:a1:d5:b5:35:5c:
85:60:73:87:71:89:0a:00:00:1b:e7:5d:f9:32:f6:
c3:32:2a:38:e7:fe:ca:2e:c7:cb:4d:fc:ab:73:14:
7a:d7:05:4e:85:81:02:d6:5e:bf:25:31:ab:7b:95:
d4:27:a4:dd:15:7a:79:7a:c5:ee:40:a9:3e:52:85:
24:8a:28:c2:b6:ae:a5:45:59:20:88:3c:f5:b9:14:
85:fa:3d:01:ff:e2:e6:79:5d:97:0b:98:03:c5:8d:
92:99:19:69:35:0a:2b:74:0f:d9:a6:4c:00:da:47:
58:1c:c3:f6:86:cb:4b:b3:51:5c:11:31:13:07:11:
70:04:a9:b0:23:36:c6:42:ca:b0:43:a4:97:84:ef:
f3:62:dc:88:bd:e3:fa:f9:0e:85:d3:ab:3a:e0:d5:
84:43:ca:95:da:ae:64:54:6a:2b:df:87:c1:c6:2d:
f4:32:73:9f:9a:41:34:9b:66:99:5e:ea:9e:a8:3c:
f9:dd:b9:ab:82:39:93:be:5d:75:db:99:17:89:35:
60:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:5E:E7:48:81:2D:C1:96:9C:9B:1D:CE:F2:38:EC:6E:CD:85:1B:DC
X509v3 Authority Key Identifier:
keyid:24:50:4C:74:C7:12:70:90:A4:CF:F8:50:01:F4:43:14:9E:12:8E:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFBMdMcScJCkz_hQAfRDFJ4SjmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/1-V7nSIEtwZacmx3O8jjsbs2FG9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/JFBMdMcScJCkz_hQAfRDFJ4SjmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.56.0/24
91.199.220.0/24
146.19.147.0/24
185.124.33.0-185.124.35.255
Signature Algorithm: sha256WithRSAEncryption
05:df:b1:6a:a7:9d:4c:bd:37:55:9e:38:3b:19:05:fc:2c:5d:
9b:10:32:83:90:86:62:f8:5f:4a:77:31:90:cd:8f:43:e6:87:
18:71:d3:d4:dc:b6:ee:5b:ea:40:50:23:38:84:61:ca:54:15:
10:22:2e:bb:d6:7c:b1:b4:74:8e:a6:74:cd:5e:8d:35:09:42:
ed:62:49:10:10:76:1d:09:94:ba:fa:7c:32:69:66:48:f9:50:
b8:5f:4d:93:fc:a6:4a:2d:7b:aa:10:2b:ba:8c:e3:4d:01:c9:
17:8c:0c:54:c4:76:e5:43:22:31:78:50:62:60:07:91:93:cc:
cd:64:31:24:6c:51:8a:7b:93:c8:02:4d:c2:f7:2a:dd:32:1b:
f7:fd:8f:c5:b0:f2:75:b7:4d:b9:23:6e:ab:ea:3d:c2:f6:c3:
fc:28:a2:df:bf:43:8a:0a:58:8d:77:46:64:1c:47:db:1f:8e:
29:1f:42:56:10:8c:5b:ee:52:9d:ee:f3:50:50:76:30:18:a9:
4d:23:a4:db:65:3f:34:c0:b2:b0:6d:e4:47:cc:58:f4:64:bb:
db:73:0b:ae:d9:c1:d5:cf:3d:45:1a:b8:28:cf:3b:e9:49:e9:
67:25:80:2b:9c:67:dc:30:3e:d0:5e:4c:9e:44:f9:f2:84:69:
2c:cc:2b:b3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQfjKKr3/rW1RltUJYPLsY0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTA0Yzc0YzcxMjcwOTBhNGNmZjg1MDAxZjQ0MzE0OWUx
MjhlNjAwHhcNMjUwMTAxMDE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTVlZTc0ODgxMmRjMTk2OWM5YjFkY2VmMjM4ZWM2ZWNkODUxYmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAom21d1YKTl/Iv8P+QkP02K6S0Dxn
REgephxlderAI5OrZYWxITbI9IBGyc6VRnhZq5HCX8QYodW1NVyFYHOHcYkKAAAb
5135MvbDMio45/7KLsfLTfyrcxR61wVOhYEC1l6/JTGre5XUJ6TdFXp5esXuQKk+
UoUkiijCtq6lRVkgiDz1uRSF+j0B/+LmeV2XC5gDxY2SmRlpNQordA/ZpkwA2kdY
HMP2hstLs1FcETETBxFwBKmwIzbGQsqwQ6SXhO/zYtyIveP6+Q6F06s64NWEQ8qV
2q5kVGor34fBxi30MnOfmkE0m2aZXuqeqDz53bmrgjmTvl1125kXiTVgKwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPle50iBLcGWnJsdzvI47G7NhRvcMB8GA1UdIwQY
MBaAFCRQTHTHEnCQpM/4UAH0QxSeEo5gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZCTWRNY1NjSkNrel9oUUFmUkRGSjRTam1BLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zOTZlOGItNzFkMy00NmJmLWEyNDQt
ZDA2MjJjNGNkNDhkLzEvMS1WN25TSUV0d1phY214M084ampzYnMyRkc5dy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDIvMzk2ZThiLTcxZDMtNDZiZi1hMjQ0LWQwNjIyYzRjZDQ4
ZC8xL0pGQk1kTWNTY0pDa3pfaFFBZlJERko0U2ptQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAFklOAME
AFvH3AMEAJITkzAMAwQAuXwhAwQCuXwgMA0GCSqGSIb3DQEBCwUAA4IBAQAF37Fq
p51MvTdVnjg7GQX8LF2bEDKDkIZi+F9KdzGQzY9D5ocYcdPU3LbuW+pAUCM4hGHK
VBUQIi671nyxtHSOpnTNXo01CULtYkkQEHYdCZS6+nwyaWZI+VC4X02T/KZKLXuq
ECu6jONNAckXjAxUxHblQyIxeFBiYAeRk8zNZDEkbFGKe5PIAk3C9yrdMhv3/Y/F
sPJ1t025I26r6j3C9sP8KKLfv0OKCliNd0ZkHEfbH44pH0JWEIxb7lKd7vNQUHYw
GKlNI6TbZT80wLKwbeRHzFj0ZLvbcwuu2cHVzz1FGrgozzvpSelnJYArnGfcMD7Q
XkyeRPnyhGkszCuz
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:37:35 2025 by rpki-client