Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/23e16e-943e-4595-9530-a82f658a2aa1/1/Ig7bAmoCixyvzZWw9fNKzCj6v2k.roa
File: Ig7bAmoCixyvzZWw9fNKzCj6v2k.roa (raw, json)
Hash identifier: ncTt/9AwRWlKLpqD9pHECb0XuKSFb+vSUzQ6KC0mNzw=
Subject key identifier: 22:0E:DB:02:6A:02:8B:1C:AF:CD:95:B0:F5:F3:4A:CC:28:FA:BF:69
Certificate issuer: /CN=940ff880330af762ae6cc050de5f34b5f57b0b09
Certificate serial: 0194221F606230770F47328E042A29CC9922
Authority key identifier: 94:0F:F8:80:33:0A:F7:62:AE:6C:C0:50:DE:5F:34:B5:F5:7B:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lA_4gDMK92KubMBQ3l80tfV7Cwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/23e16e-943e-4595-9530-a82f658a2aa1/1/Ig7bAmoCixyvzZWw9fNKzCj6v2k.roa
Signing time: Wed 01 Jan 2025 13:47:49 +0000
ROA not before: Wed 01 Jan 2025 13:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20723
IP address blocks: 79.170.248.0/21 maxlen: 21
131.117.208.0/21 maxlen: 21
178.20.136.0/21 maxlen: 21
185.84.232.0/22 maxlen: 22
217.112.160.0/20 maxlen: 20
217.115.240.0/20 maxlen: 20
2a00:6500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/23e16e-943e-4595-9530-a82f658a2aa1/1/lA_4gDMK92KubMBQ3l80tfV7Cwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/23e16e-943e-4595-9530-a82f658a2aa1/1/lA_4gDMK92KubMBQ3l80tfV7Cwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/lA_4gDMK92KubMBQ3l80tfV7Cwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:60:62:30:77:0f:47:32:8e:04:2a:29:cc:99:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=940ff880330af762ae6cc050de5f34b5f57b0b09
Validity
Not Before: Jan 1 13:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=220edb026a028b1cafcd95b0f5f34acc28fabf69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:4f:0e:56:be:0e:2d:9b:39:77:d1:a4:23:49:
d9:b9:4a:5a:ca:2f:10:7c:b1:ea:9a:c9:f5:90:7c:
65:78:eb:1b:55:ec:3e:14:33:61:24:4a:de:22:ea:
b6:d9:c5:fc:ae:1c:d7:77:9e:36:0d:bb:89:07:39:
8d:1d:83:cf:63:0e:25:cb:fd:a4:ca:c4:f4:0f:d9:
ee:5e:11:52:34:2c:27:de:92:55:5f:a9:36:5c:97:
dd:24:40:2b:08:f4:40:f8:d0:61:2d:ad:02:65:0c:
0a:89:43:82:d7:d5:ef:ae:62:ca:57:03:9f:05:54:
f1:a2:77:6f:e3:91:15:42:60:32:b2:99:61:66:52:
6a:97:f4:51:b5:ba:40:d1:6e:4d:00:f0:31:e2:d9:
74:a3:c4:89:ea:cc:3a:ba:74:a6:94:7c:02:ee:94:
cc:2c:34:f0:4d:15:e8:78:16:61:1a:0e:23:f2:9e:
05:7e:3f:39:17:df:c5:bf:c4:de:83:d6:1e:f5:93:
c4:03:fc:90:5d:a3:38:a5:ff:84:07:79:31:24:cc:
c5:a5:7f:72:f5:ec:48:2d:b3:95:aa:73:ad:e1:11:
50:67:d0:6b:fd:dc:c8:b6:1d:84:c0:9c:3c:49:0b:
56:76:fc:06:c3:e9:32:61:3c:33:ab:5d:ae:04:5e:
ad:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:0E:DB:02:6A:02:8B:1C:AF:CD:95:B0:F5:F3:4A:CC:28:FA:BF:69
X509v3 Authority Key Identifier:
keyid:94:0F:F8:80:33:0A:F7:62:AE:6C:C0:50:DE:5F:34:B5:F5:7B:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lA_4gDMK92KubMBQ3l80tfV7Cwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/23e16e-943e-4595-9530-a82f658a2aa1/1/Ig7bAmoCixyvzZWw9fNKzCj6v2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/23e16e-943e-4595-9530-a82f658a2aa1/1/lA_4gDMK92KubMBQ3l80tfV7Cwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.248.0/21
131.117.208.0/21
178.20.136.0/21
185.84.232.0/22
217.112.160.0/20
217.115.240.0/20
IPv6:
2a00:6500::/29
Signature Algorithm: sha256WithRSAEncryption
bd:54:14:38:96:2a:fe:0b:19:54:c9:44:a0:c7:01:8e:0f:5c:
bd:93:83:dc:3a:6f:4f:81:74:64:90:9b:8d:ba:cd:a1:26:1c:
ab:c3:e0:83:cc:68:54:a5:32:02:eb:7e:6c:9c:22:19:b2:2f:
02:23:1d:48:8e:98:10:fb:69:c7:89:79:a8:81:3e:8e:02:2f:
3e:60:f0:18:70:ec:da:c2:c9:d9:11:20:c3:81:e1:a7:4e:85:
4e:4b:d4:75:da:eb:c0:6b:c4:79:1a:91:94:8d:2e:94:8b:1d:
31:f6:15:9d:57:eb:72:f8:9b:0b:20:70:0a:a9:4d:33:9e:5e:
ab:b9:c7:18:bf:01:88:9f:36:3f:35:6b:fa:ff:82:5b:61:30:
78:ff:08:e8:49:13:02:87:30:b4:c4:f9:af:20:27:8a:f9:ed:
aa:a5:03:40:ec:eb:57:14:21:fe:0f:2b:b9:42:7d:64:97:e8:
ee:a3:79:0f:e7:3a:5b:84:b4:b8:e3:b1:0d:20:bd:ea:82:5e:
0e:7b:99:31:54:94:f4:b4:3d:1a:74:c7:69:a4:b2:dd:65:78:
84:29:18:ba:64:9c:bf:3f:67:de:c6:7a:d3:d4:ea:76:d8:d1:
4a:57:39:0b:44:c7:d0:39:03:3c:59:f9:0a:f2:b8:02:f6:fc:
05:75:fd:78
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQiH2BiMHcPRzKOBCopzJkiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MGZmODgwMzMwYWY3NjJhZTZjYzA1MGRlNWYzNGI1ZjU3
YjBiMDkwHhcNMjUwMTAxMTM0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjBlZGIwMjZhMDI4YjFjYWZjZDk1YjBmNWYzNGFjYzI4ZmFiZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6E8OVr4OLZs5d9GkI0nZuUpayi8Q
fLHqmsn1kHxleOsbVew+FDNhJEreIuq22cX8rhzXd542DbuJBzmNHYPPYw4ly/2k
ysT0D9nuXhFSNCwn3pJVX6k2XJfdJEArCPRA+NBhLa0CZQwKiUOC19XvrmLKVwOf
BVTxondv45EVQmAysplhZlJql/RRtbpA0W5NAPAx4tl0o8SJ6sw6unSmlHwC7pTM
LDTwTRXoeBZhGg4j8p4Ffj85F9/Fv8Teg9Ye9ZPEA/yQXaM4pf+EB3kxJMzFpX9y
9exILbOVqnOt4RFQZ9Br/dzIth2EwJw8SQtWdvwGw+kyYTwzq12uBF6tcwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCIO2wJqAoscr82VsPXzSswo+r9pMB8GA1UdIwQY
MBaAFJQP+IAzCvdirmzAUN5fNLX1ewsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEFfNGdETUs5Mkt1Yk1CUTNsODB0ZlY3Q3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8yM2UxNmUtOTQzZS00NTk1LTk1MzAt
YTgyZjY1OGEyYWExLzEvSWc3YkFtb0NpeHl2elpXdzlmTkt6Q2o2djJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8yM2UxNmUtOTQzZS00NTk1LTk1MzAtYTgyZjY1OGEyYWEx
LzEvbEFfNGdETUs5Mkt1Yk1CUTNsODB0ZlY3Q3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDT6r4AwQD
g3XQAwQDshSIAwQCuVToAwQE2XCgAwQE2XPwMA0EAgACMAcDBQMqAGUAMA0GCSqG
SIb3DQEBCwUAA4IBAQC9VBQ4lir+CxlUyUSgxwGOD1y9k4PcOm9PgXRkkJuNus2h
Jhyrw+CDzGhUpTIC635snCIZsi8CIx1IjpgQ+2nHiXmogT6OAi8+YPAYcOzawsnZ
ESDDgeGnToVOS9R12uvAa8R5GpGUjS6Uix0x9hWdV+ty+JsLIHAKqU0znl6ruccY
vwGInzY/NWv6/4JbYTB4/wjoSRMChzC0xPmvICeK+e2qpQNA7OtXFCH+Dyu5Qn1k
l+juo3kP5zpbhLS447ENIL3qgl4Oe5kxVJT0tD0adMdppLLdZXiEKRi6ZJy/P2fe
xnrT1Op22NFKVzkLRMfQOQM8WfkK8rgC9vwFdf14
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:19:54 2025 by rpki-client