Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/r0S9lUBCzvxdPzLKHfqohWINZ2c.roa
File: r0S9lUBCzvxdPzLKHfqohWINZ2c.roa (raw, json)
Hash identifier: ZqEGzoMzxDYZJnku4SCWLMdSJqeUHrxwhhK2Ayso5N4=
Subject key identifier: AF:44:BD:95:40:42:CE:FC:5D:3F:32:CA:1D:FA:A8:85:62:0D:67:67
Certificate issuer: /CN=cb0ca348ac891c336d8c7945a5bd5b3325eb5f0b
Certificate serial: 01942746E6A6EB951E7AEF08B0E52C421CE0
Authority key identifier: CB:0C:A3:48:AC:89:1C:33:6D:8C:79:45:A5:BD:5B:33:25:EB:5F:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ywyjSKyJHDNtjHlFpb1bMyXrXws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/r0S9lUBCzvxdPzLKHfqohWINZ2c.roa
Signing time: Thu 02 Jan 2025 13:49:05 +0000
ROA not before: Thu 02 Jan 2025 13:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 91.197.164.0/22 maxlen: 24
94.247.232.0/21 maxlen: 24
95.81.128.0/18 maxlen: 24
185.215.136.0/22 maxlen: 24
185.241.96.0/22 maxlen: 24
213.205.96.0/19 maxlen: 24
217.71.208.0/21 maxlen: 24
2a00:1080::/32 maxlen: 48
2a02:3e8::/32 maxlen: 48
2a02:e10::/32 maxlen: 48
2a0c:a080::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/ywyjSKyJHDNtjHlFpb1bMyXrXws.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/ywyjSKyJHDNtjHlFpb1bMyXrXws.mft
rsync://rpki.ripe.net/repository/DEFAULT/ywyjSKyJHDNtjHlFpb1bMyXrXws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:e6:a6:eb:95:1e:7a:ef:08:b0:e5:2c:42:1c:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb0ca348ac891c336d8c7945a5bd5b3325eb5f0b
Validity
Not Before: Jan 2 13:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af44bd954042cefc5d3f32ca1dfaa885620d6767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d3:92:70:7c:72:20:09:01:2a:af:1a:07:17:
0b:19:e6:0d:5c:ce:a7:42:75:76:1c:8c:4f:d7:98:
22:53:b9:89:60:94:29:3c:ab:50:8f:a3:07:74:11:
7c:6f:b8:7a:19:16:7f:c6:de:1a:54:d7:95:ef:97:
f8:cd:23:b5:77:e0:78:ce:ac:da:dd:d1:bd:71:da:
ce:75:80:6a:6b:4b:3f:c8:d2:48:b4:2b:2e:18:52:
ea:4f:a1:6e:52:de:37:a4:e6:39:fb:ed:71:60:50:
c5:86:7d:a1:41:5b:a1:f8:11:3d:11:1c:26:be:bd:
cf:e9:98:6b:5f:09:0b:6c:53:1c:dd:1e:0e:e9:85:
fd:b6:ed:ab:aa:75:80:74:d4:8e:47:dd:e2:c3:f1:
73:f2:84:63:0d:3f:bb:fb:3c:cf:a1:5b:85:0d:8b:
43:c6:db:7a:34:f4:09:ff:e4:3d:cd:b2:81:85:a9:
79:69:d4:77:91:bb:ac:34:5c:e2:c2:60:a5:3a:13:
c6:bb:41:42:96:25:48:ed:30:a2:7b:0b:7f:dc:de:
80:11:65:6f:9e:c9:c7:39:f3:a6:d8:60:dc:2c:ab:
38:ce:4a:b1:39:fd:50:ae:e3:a3:b4:9c:65:5e:43:
20:7f:a3:d6:4b:3f:3d:ee:3e:8c:2d:b2:d4:f3:57:
6a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:44:BD:95:40:42:CE:FC:5D:3F:32:CA:1D:FA:A8:85:62:0D:67:67
X509v3 Authority Key Identifier:
keyid:CB:0C:A3:48:AC:89:1C:33:6D:8C:79:45:A5:BD:5B:33:25:EB:5F:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ywyjSKyJHDNtjHlFpb1bMyXrXws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/r0S9lUBCzvxdPzLKHfqohWINZ2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/ywyjSKyJHDNtjHlFpb1bMyXrXws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.164.0/22
94.247.232.0/21
95.81.128.0/18
185.215.136.0/22
185.241.96.0/22
213.205.96.0/19
217.71.208.0/21
IPv6:
2a00:1080::/32
2a02:3e8::/32
2a02:e10::/32
2a0c:a080::/29
Signature Algorithm: sha256WithRSAEncryption
19:a3:b4:5f:d4:e7:93:54:ce:5b:d6:b6:28:aa:b5:c6:17:7e:
bb:9b:69:ee:b6:34:9a:66:ba:1c:81:d0:e5:01:1d:0a:ad:23:
4e:6b:fa:ae:69:2b:c3:12:ea:cc:6c:fc:28:60:4c:d7:28:e1:
49:d3:27:7e:66:6b:4e:ee:89:05:b7:3b:7d:72:e3:65:a6:2a:
0f:aa:03:a6:08:bd:d5:49:25:19:66:9d:cb:a6:9f:d0:01:0f:
3e:70:1c:9d:98:5a:31:95:69:a3:66:63:5e:35:11:9f:dd:3c:
50:f9:df:33:5b:d6:01:a7:e0:36:09:a0:07:16:ef:d4:8e:1b:
4d:29:6b:c3:05:93:46:b1:14:2c:5c:dc:87:9c:32:26:0a:c2:
c2:b4:bc:13:86:6f:07:29:a4:25:51:c4:46:d6:29:09:7e:05:
d0:b4:36:d2:74:4d:d2:2f:b8:af:36:38:33:9a:25:d4:4e:cf:
16:90:c2:51:42:90:be:dd:66:9d:27:23:f0:4e:6a:de:e9:ba:
d9:2e:ce:d7:50:b2:21:ab:de:25:38:b1:f9:df:e5:4b:42:d0:
31:11:57:51:9d:ed:06:cc:dc:0f:95:c0:e7:1e:33:6e:c4:e3:
a1:37:e4:79:17:ba:18:ca:82:64:c2:7f:55:87:6b:9e:33:ae:
0d:0c:99:f5
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZQnRuam65Ueeu8IsOUsQhzgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMGNhMzQ4YWM4OTFjMzM2ZDhjNzk0NWE1YmQ1YjMzMjVl
YjVmMGIwHhcNMjUwMTAyMTM0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjQ0YmQ5NTQwNDJjZWZjNWQzZjMyY2ExZGZhYTg4NTYyMGQ2NzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztOScHxyIAkBKq8aBxcLGeYNXM6n
QnV2HIxP15giU7mJYJQpPKtQj6MHdBF8b7h6GRZ/xt4aVNeV75f4zSO1d+B4zqza
3dG9cdrOdYBqa0s/yNJItCsuGFLqT6FuUt43pOY5++1xYFDFhn2hQVuh+BE9ERwm
vr3P6ZhrXwkLbFMc3R4O6YX9tu2rqnWAdNSOR93iw/Fz8oRjDT+7+zzPoVuFDYtD
xtt6NPQJ/+Q9zbKBhal5adR3kbusNFziwmClOhPGu0FCliVI7TCiewt/3N6AEWVv
nsnHOfOm2GDcLKs4zkqxOf1QruOjtJxlXkMgf6PWSz897j6MLbLU81dq+wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFK9EvZVAQs78XT8yyh36qIViDWdnMB8GA1UdIwQY
MBaAFMsMo0isiRwzbYx5RaW9WzMl618LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXd5alNLeUpIRE50akhsRnBiMWJNeVhyWHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lZjYxZDYtMDVkMS00ZmIyLWE2ZWEt
NDI1MjMyZmQ1NjQzLzEvcjBTOWxVQkN6dnhkUHpMS0hmcW9oV0lOWjJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lZjYxZDYtMDVkMS00ZmIyLWE2ZWEtNDI1MjMyZmQ1NjQz
LzEveXd5alNLeUpIRE50akhsRnBiMWJNeVhyWHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjAwBAIAATAqAwQCW8WkAwQD
XvfoAwQGX1GAAwQCudeIAwQCufFgAwQF1c1gAwQD2UfQMCIEAgACMBwDBQAqABCA
AwUAKgID6AMFACoCDhADBQMqDKCAMA0GCSqGSIb3DQEBCwUAA4IBAQAZo7Rf1OeT
VM5b1rYoqrXGF367m2nutjSaZrocgdDlAR0KrSNOa/quaSvDEurMbPwoYEzXKOFJ
0yd+ZmtO7okFtzt9cuNlpioPqgOmCL3VSSUZZp3Lpp/QAQ8+cBydmFoxlWmjZmNe
NRGf3TxQ+d8zW9YBp+A2CaAHFu/UjhtNKWvDBZNGsRQsXNyHnDImCsLCtLwThm8H
KaQlUcRG1ikJfgXQtDbSdE3SL7ivNjgzmiXUTs8WkMJRQpC+3WadJyPwTmre6brZ
Ls7XULIhq94lOLH53+VLQtAxEVdRne0GzNwPlcDnHjNuxOOhN+R5F7oYyoJkwn9V
h2ueM64NDJn1
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:00:59 2025 by rpki-client