Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/fX9eMLnK7xVb4_2F9g2DOCYqfvU.roa
File: fX9eMLnK7xVb4_2F9g2DOCYqfvU.roa (raw, json)
Hash identifier: 1sy/TAEfLZZfPClLeEAAWlanxJu879FILQU8C/alm0M=
Subject key identifier: 7D:7F:5E:30:B9:CA:EF:15:5B:E3:FD:85:F6:0D:83:38:26:2A:7E:F5
Certificate issuer: /CN=cbd4719d72d288a73218d8c1a498823333297e25
Certificate serial: 0194221FDC72542B4A15869BD4930719C44F
Authority key identifier: CB:D4:71:9D:72:D2:88:A7:32:18:D8:C1:A4:98:82:33:33:29:7E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9RxnXLSiKcyGNjBpJiCMzMpfiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/fX9eMLnK7xVb4_2F9g2DOCYqfvU.roa
Signing time: Wed 01 Jan 2025 13:48:20 +0000
ROA not before: Wed 01 Jan 2025 13:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206611
IP address blocks: 167.160.5.0/24 maxlen: 24
185.98.157.0/24 maxlen: 24
185.181.52.0/22 maxlen: 24
185.181.52.0/24 maxlen: 24
185.181.53.0/24 maxlen: 24
185.181.54.0/24 maxlen: 24
185.181.55.0/24 maxlen: 24
192.161.6.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/y9RxnXLSiKcyGNjBpJiCMzMpfiU.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/y9RxnXLSiKcyGNjBpJiCMzMpfiU.mft
rsync://rpki.ripe.net/repository/DEFAULT/y9RxnXLSiKcyGNjBpJiCMzMpfiU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 04:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:dc:72:54:2b:4a:15:86:9b:d4:93:07:19:c4:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd4719d72d288a73218d8c1a498823333297e25
Validity
Not Before: Jan 1 13:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d7f5e30b9caef155be3fd85f60d8338262a7ef5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:da:19:a5:9d:f6:a1:21:6a:72:95:db:43:51:
57:6e:a5:a0:1c:8d:02:80:5f:63:2c:a3:a0:93:e2:
a8:a8:25:44:41:96:57:67:8a:e4:c7:04:f2:5d:42:
30:00:0a:89:16:39:96:30:6f:c5:fe:19:e4:3d:a7:
53:34:65:1f:83:14:28:85:54:79:55:2e:c0:22:ee:
c5:08:ee:21:b5:35:5a:1c:23:e2:2f:f4:9a:f4:30:
8b:54:c2:8d:e8:e2:b8:58:06:46:3b:84:9c:4a:5d:
4c:15:c3:b9:d5:e9:e1:f4:f8:e8:e8:9d:c4:d1:97:
50:46:ba:67:ce:f8:38:95:d9:f7:ce:3b:80:9e:2c:
f5:e8:35:38:33:48:a9:f8:ae:5a:1d:42:de:49:ea:
47:b5:38:35:48:d4:8e:0a:a1:84:d3:90:3f:b9:00:
0c:9e:94:9f:8b:6b:81:b9:8d:bd:32:85:83:13:95:
80:3b:06:43:f0:28:4d:ca:7b:88:6a:3e:6d:ed:ac:
ae:b9:e3:e1:9f:d3:45:54:1c:9b:bf:b9:aa:d9:6f:
9b:52:74:8d:62:0b:7b:3f:93:aa:39:7a:28:5e:23:
ee:cc:ba:da:b1:90:d3:e4:50:be:ef:5e:10:6e:7e:
3b:97:35:2f:11:20:ff:2e:bf:b6:26:0c:e5:d7:c8:
30:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:7F:5E:30:B9:CA:EF:15:5B:E3:FD:85:F6:0D:83:38:26:2A:7E:F5
X509v3 Authority Key Identifier:
keyid:CB:D4:71:9D:72:D2:88:A7:32:18:D8:C1:A4:98:82:33:33:29:7E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9RxnXLSiKcyGNjBpJiCMzMpfiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/fX9eMLnK7xVb4_2F9g2DOCYqfvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/y9RxnXLSiKcyGNjBpJiCMzMpfiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.160.5.0/24
185.98.157.0/24
185.181.52.0/22
192.161.6.0/23
Signature Algorithm: sha256WithRSAEncryption
74:f7:1e:6d:87:96:42:44:43:08:dc:18:9d:09:9f:8c:ea:24:
d0:1a:c4:c7:8b:85:e4:49:ce:3d:80:1a:e5:c8:63:a8:d8:a2:
e8:7a:e6:66:a2:61:01:3b:4d:3b:4f:33:f1:f1:6d:1e:72:b4:
fe:98:c3:40:e3:1d:7d:73:25:39:b5:a1:be:37:91:ad:d7:27:
d9:fe:82:19:3b:90:c9:01:4a:38:0b:64:f5:7a:f9:ed:c5:c8:
db:f4:f3:86:e1:83:bf:53:71:6a:6a:d2:8f:4b:6b:92:6f:c4:
d2:da:cb:89:93:15:fb:e3:a4:d6:87:bf:16:37:80:36:a9:ec:
6b:3b:8b:ca:0e:0d:a3:d5:3c:f7:af:da:f2:32:91:1b:da:0c:
59:79:9e:85:4c:86:fb:3d:a5:53:3b:82:30:2f:e3:cb:d1:29:
ba:2c:44:45:84:cf:d3:b6:5a:4c:ad:6a:ec:84:9c:17:b7:d6:
ec:af:38:9e:c7:28:0c:f4:6b:ba:39:04:a6:45:43:6f:4b:b3:
92:ff:8f:4a:13:d8:c0:e9:a1:7e:2e:06:65:f1:e2:38:5d:58:
56:e0:97:fd:32:24:52:70:1f:13:95:d2:42:7e:b0:60:e7:f7:
3f:51:3d:bc:77:da:50:aa:92:2f:8d:d4:26:9b:44:8c:13:cb:
39:2d:61:f8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQiH9xyVCtKFYab1JMHGcRPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDQ3MTlkNzJkMjg4YTczMjE4ZDhjMWE0OTg4MjMzMzMy
OTdlMjUwHhcNMjUwMTAxMTM0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDdmNWUzMGI5Y2FlZjE1NWJlM2ZkODVmNjBkODMzODI2MmE3ZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0toZpZ32oSFqcpXbQ1FXbqWgHI0C
gF9jLKOgk+KoqCVEQZZXZ4rkxwTyXUIwAAqJFjmWMG/F/hnkPadTNGUfgxQohVR5
VS7AIu7FCO4htTVaHCPiL/Sa9DCLVMKN6OK4WAZGO4ScSl1MFcO51enh9Pjo6J3E
0ZdQRrpnzvg4ldn3zjuAniz16DU4M0ip+K5aHULeSepHtTg1SNSOCqGE05A/uQAM
npSfi2uBuY29MoWDE5WAOwZD8ChNynuIaj5t7ayuuePhn9NFVBybv7mq2W+bUnSN
Ygt7P5OqOXooXiPuzLrasZDT5FC+714Qbn47lzUvESD/Lr+2Jgzl18gwGwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH1/XjC5yu8VW+P9hfYNgzgmKn71MB8GA1UdIwQY
MBaAFMvUcZ1y0oinMhjYwaSYgjMzKX4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlSeG5YTFNpS2N5R05qQnBKaUNNek1wZmlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kYzhjMGQtZjhjMy00MDZjLWI3OWUt
YjQ5MmQ2ZmY0ODNmLzEvZlg5ZU1Mbks3eFZiNF8yRjlnMkRPQ1lxZnZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kYzhjMGQtZjhjMy00MDZjLWI3OWUtYjQ5MmQ2ZmY0ODNm
LzEveTlSeG5YTFNpS2N5R05qQnBKaUNNek1wZmlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAp6AFAwQA
uWKdAwQCubU0AwQBwKEGMA0GCSqGSIb3DQEBCwUAA4IBAQB09x5th5ZCREMI3Bid
CZ+M6iTQGsTHi4XkSc49gBrlyGOo2KLoeuZmomEBO007TzPx8W0ecrT+mMNA4x19
cyU5taG+N5Gt1yfZ/oIZO5DJAUo4C2T1evntxcjb9POG4YO/U3FqatKPS2uSb8TS
2suJkxX746TWh78WN4A2qexrO4vKDg2j1Tz3r9ryMpEb2gxZeZ6FTIb7PaVTO4Iw
L+PL0Sm6LERFhM/TtlpMrWrshJwXt9bsrziexygM9Gu6OQSmRUNvS7OS/49KE9jA
6aF+LgZl8eI4XVhW4Jf9MiRScB8TldJCfrBg5/c/UT28d9pQqpIvjdQmm0SME8s5
LWH4
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:30:02 2025 by rpki-client