Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/t9qHq5xTtnN-jj4rqq-G8Agb4fE.roa
File: t9qHq5xTtnN-jj4rqq-G8Agb4fE.roa (raw, json)
Hash identifier: t+hLra7ztXXuOYQYYQngzFN6esJ5Nassa730bMic3dU=
Subject key identifier: B7:DA:87:AB:9C:53:B6:73:7E:8E:3E:2B:AA:AF:86:F0:08:1B:E1:F1
Certificate issuer: /CN=a13042d137fbb03beba6421f33a8525b52a88f7a
Certificate serial: 0195B57F8C10A3F5A4595C5BCF7A6950C634
Authority key identifier: A1:30:42:D1:37:FB:B0:3B:EB:A6:42:1F:33:A8:52:5B:52:A8:8F:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/t9qHq5xTtnN-jj4rqq-G8Agb4fE.roa
Signing time: Thu 20 Mar 2025 21:39:49 +0000
ROA not before: Thu 20 Mar 2025 21:39:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206087
IP address blocks: 185.221.40.0/24 maxlen: 24
185.221.42.0/24 maxlen: 24
185.221.43.0/24 maxlen: 24
195.234.43.0/24 maxlen: 24
195.234.43.171/32 maxlen: 32
2001:67c:690::/48 maxlen: 48
2001:67c:690::351/128 maxlen: 128
2a09:f00:a::/48 maxlen: 48
2a09:f00:b::/48 maxlen: 48
2a09:f00:ff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.mft
rsync://rpki.ripe.net/repository/DEFAULT/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 21:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b5:7f:8c:10:a3:f5:a4:59:5c:5b:cf:7a:69:50:c6:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a13042d137fbb03beba6421f33a8525b52a88f7a
Validity
Not Before: Mar 20 21:39:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7da87ab9c53b6737e8e3e2baaaf86f0081be1f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b1:51:fa:b7:c3:18:bb:73:38:75:ee:ff:2c:
58:25:98:ad:86:7f:9b:20:ff:88:06:d7:40:b6:7c:
14:94:e1:13:88:cc:d8:67:78:58:e5:fa:48:74:69:
ea:fb:7e:34:ff:dd:46:05:e1:84:f2:84:15:75:03:
68:72:18:47:82:41:a3:85:65:41:af:2d:d0:99:09:
01:00:44:2f:a7:8d:6e:84:d3:fc:49:9c:79:2d:50:
74:97:c0:6c:71:04:59:fb:e9:a4:1b:94:28:3a:68:
18:8a:65:9f:c0:89:03:14:ab:1e:10:b2:bf:ec:97:
7e:cf:8e:17:a0:9f:56:d4:04:b2:53:96:60:ca:43:
8e:65:0b:30:58:9c:39:0a:f2:0c:22:03:fd:83:83:
66:4b:f9:82:a1:9d:ec:54:2d:f4:34:11:45:3d:37:
80:6c:8b:d4:42:d1:57:51:95:7b:cd:91:3b:da:e2:
e2:03:74:d0:b0:ab:a3:59:dd:e9:ee:3b:91:ae:2e:
60:30:b2:38:6d:83:63:2c:ab:44:ae:43:1f:05:b1:
dc:07:de:a6:eb:9b:3b:b2:8e:2d:9f:57:13:57:4a:
8f:f0:b4:ef:43:6a:6a:a0:e9:e7:1b:19:d3:14:84:
2d:db:43:40:74:6d:98:07:6d:30:31:66:7a:36:6e:
d6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:DA:87:AB:9C:53:B6:73:7E:8E:3E:2B:AA:AF:86:F0:08:1B:E1:F1
X509v3 Authority Key Identifier:
keyid:A1:30:42:D1:37:FB:B0:3B:EB:A6:42:1F:33:A8:52:5B:52:A8:8F:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/t9qHq5xTtnN-jj4rqq-G8Agb4fE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.40.0/24
185.221.42.0/23
195.234.43.0/24
IPv6:
2001:67c:690::/48
2a09:f00:a::/47
2a09:f00:ff::/48
Signature Algorithm: sha256WithRSAEncryption
7d:e8:80:85:23:cc:2e:57:83:ac:cf:58:be:32:0a:9d:56:c3:
5d:4c:32:3e:a1:05:47:6c:e4:24:57:56:34:6c:6f:a8:0d:1b:
53:09:c4:a7:68:55:61:33:41:50:7b:17:2d:8b:4b:6f:b1:95:
35:68:25:4b:cb:37:6f:79:2d:ce:e5:a8:12:54:c6:44:b6:c2:
4e:34:13:67:8a:3f:ad:e3:ad:7f:7b:ec:c2:35:83:ac:d4:c3:
7a:0b:bb:b2:4d:45:54:ea:c3:d3:7c:10:5d:65:b8:ff:65:fd:
b2:99:dd:19:35:7d:b6:43:74:0a:5b:bc:5b:c6:70:e9:ab:8c:
bc:f8:8d:44:ff:06:d1:b5:6d:d9:c0:52:ad:e6:13:9f:c4:04:
3d:03:28:a4:1a:27:b6:00:d5:05:3b:0e:b0:02:d5:44:ee:89:
02:8d:02:10:95:a7:39:82:0e:78:71:0a:2c:40:a6:7a:71:85:
2b:ac:fe:14:0a:06:2b:e9:9c:4d:cb:f8:2c:a0:84:f6:0a:57:
43:ba:33:e7:cd:d3:28:f1:4d:47:91:ed:b6:7f:b1:f0:8d:af:
4c:3a:2a:9e:60:13:79:8f:5b:f2:24:2d:dc:d5:f6:21:f0:b7:
7d:d1:a3:58:4b:94:3f:4c:bf:eb:11:c9:78:eb:78:ad:61:8f:
ab:11:0b:c7
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZW1f4wQo/WkWVxbz3ppUMY0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMzA0MmQxMzdmYmIwM2JlYmE2NDIxZjMzYTg1MjViNTJh
ODhmN2EwHhcNMjUwMzIwMjEzOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2RhODdhYjljNTNiNjczN2U4ZTNlMmJhYWFmODZmMDA4MWJlMWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLFR+rfDGLtzOHXu/yxYJZithn+b
IP+IBtdAtnwUlOETiMzYZ3hY5fpIdGnq+340/91GBeGE8oQVdQNochhHgkGjhWVB
ry3QmQkBAEQvp41uhNP8SZx5LVB0l8BscQRZ++mkG5QoOmgYimWfwIkDFKseELK/
7Jd+z44XoJ9W1ASyU5ZgykOOZQswWJw5CvIMIgP9g4NmS/mCoZ3sVC30NBFFPTeA
bIvUQtFXUZV7zZE72uLiA3TQsKujWd3p7juRri5gMLI4bYNjLKtErkMfBbHcB96m
65s7so4tn1cTV0qP8LTvQ2pqoOnnGxnTFIQt20NAdG2YB20wMWZ6Nm7WGwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFLfah6ucU7Zzfo4+K6qvhvAIG+HxMB8GA1UdIwQY
MBaAFKEwQtE3+7A766ZCHzOoUltSqI96MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1RCQzBUZjdzRHZycGtJZk02aFNXMUtvajNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9hZjQ0MDctZjk4ZS00OTk0LTlmOWUt
ZjZiNmMwNDkxNmExLzEvdDlxSHE1eFR0bk4tamo0cnFxLUc4QWdiNGZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9hZjQ0MDctZjk4ZS00OTk0LTlmOWUtZjZiNmMwNDkxNmEx
LzEvb1RCQzBUZjdzRHZycGtJZk02aFNXMUtvajNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQAud0oAwQB
ud0qAwQAw+orMCEEAgACMBsDBwAgAQZ8BpADBwEqCQ8AAAoDBwAqCQ8AAP8wDQYJ
KoZIhvcNAQELBQADggEBAH3ogIUjzC5Xg6zPWL4yCp1Ww11MMj6hBUds5CRXVjRs
b6gNG1MJxKdoVWEzQVB7Fy2LS2+xlTVoJUvLN295Lc7lqBJUxkS2wk40E2eKP63j
rX977MI1g6zUw3oLu7JNRVTqw9N8EF1luP9l/bKZ3Rk1fbZDdApbvFvGcOmrjLz4
jUT/BtG1bdnAUq3mE5/EBD0DKKQaJ7YA1QU7DrAC1UTuiQKNAhCVpzmCDnhxCixA
pnpxhSus/hQKBivpnE3L+CyghPYKV0O6M+fN0yjxTUeR7bZ/sfCNr0w6Kp5gE3mP
W/IkLdzV9iHwt33Ro1hLlD9Mv+sRyXjreK1hj6sRC8c=
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:41:34 2025 by rpki-client