Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/k6TUAjq7IKBlApZOlbsqYXrEIx8.roa
File: k6TUAjq7IKBlApZOlbsqYXrEIx8.roa (raw, json)
Hash identifier: bC2yv2JOs11J0JF7qUwzq/8PnVIsXN9xT7P0dfHswKQ=
Subject key identifier: 93:A4:D4:02:3A:BB:20:A0:65:02:96:4E:95:BB:2A:61:7A:C4:23:1F
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 019425222899543CB30372BFF5CA156538E1
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/k6TUAjq7IKBlApZOlbsqYXrEIx8.roa
Signing time: Thu 02 Jan 2025 03:49:43 +0000
ROA not before: Thu 02 Jan 2025 03:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 88.223.154.0/23 maxlen: 24
88.223.168.0/21 maxlen: 21
88.223.176.0/20 maxlen: 24
88.223.224.0/19 maxlen: 24
95.173.40.0/21 maxlen: 21
95.173.48.0/20 maxlen: 20
213.164.96.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 17:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:28:99:54:3c:b3:03:72:bf:f5:ca:15:65:38:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Jan 2 03:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93a4d4023abb20a06502964e95bb2a617ac4231f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:fd:ad:05:a7:4e:5f:8f:e1:d5:dd:7f:6c:bc:
0d:ce:cf:9c:69:5c:08:db:59:30:84:d1:eb:dc:1e:
47:8b:fb:75:00:bc:fb:04:ce:5b:1e:5a:e3:b9:ad:
00:67:ca:f4:ea:82:0c:f6:9f:3e:9d:86:c6:b0:84:
ff:81:29:37:3e:bd:b6:0f:f3:73:f3:17:c5:80:27:
6c:8c:3f:ea:09:77:12:5f:de:a8:24:8b:35:72:1a:
f2:99:90:ac:ad:1d:1a:ab:89:59:96:25:d0:e5:5f:
d2:d4:8a:7d:b5:91:78:21:98:98:56:86:89:ab:a4:
0e:38:81:48:8e:4d:0e:1d:0a:35:f5:bb:58:e1:5d:
f1:97:60:de:09:9a:66:d9:5c:0f:db:5d:bb:c8:21:
89:bd:7a:76:4d:dc:d4:6f:72:1f:5b:9e:13:39:bc:
80:96:86:5b:0b:87:26:54:97:d1:66:c3:ac:07:70:
e4:71:b4:67:e3:82:e8:51:b1:b8:67:3c:5f:63:05:
94:f9:7c:50:26:38:7b:a7:db:ad:78:c8:e9:cc:46:
1a:79:2c:aa:13:80:7b:db:28:f5:81:b9:53:4d:f1:
9d:e1:ce:ac:df:df:cc:70:77:d7:92:d1:91:64:18:
92:81:a2:fc:4b:db:38:8d:fb:81:27:81:f4:62:a1:
96:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:A4:D4:02:3A:BB:20:A0:65:02:96:4E:95:BB:2A:61:7A:C4:23:1F
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/k6TUAjq7IKBlApZOlbsqYXrEIx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.223.154.0/23
88.223.168.0-88.223.191.255
88.223.224.0/19
95.173.40.0-95.173.63.255
213.164.96.0/20
Signature Algorithm: sha256WithRSAEncryption
84:94:28:8a:57:1e:09:64:92:d2:35:10:74:90:f4:d2:c5:eb:
85:dc:58:52:9b:14:da:bf:22:5a:63:85:f1:a2:01:dc:7f:70:
1c:98:f7:7e:dc:7c:c7:5d:86:3b:8a:7d:8a:cb:5f:f5:6e:77:
ff:10:86:00:32:84:f1:11:24:00:c0:7e:af:c6:01:1f:c0:ea:
56:fc:a2:11:98:88:0b:04:26:67:ab:0b:08:bc:c9:d4:ec:0c:
30:b4:61:79:e4:0c:bb:40:28:43:f4:3a:71:3a:cf:4b:be:95:
6a:74:c4:49:91:b8:a6:0e:e8:ee:36:ae:4c:98:25:86:61:86:
0a:ec:cb:57:87:cf:3c:b8:76:51:1c:f4:c7:2f:05:03:e0:ce:
7d:a8:9a:c3:06:0a:84:ad:a4:2f:cb:fd:89:a3:ba:fd:c6:35:
5a:51:6b:87:aa:7f:da:78:2b:dc:dd:1f:b5:c0:4f:93:bc:a8:
0e:3a:b6:02:6b:d1:18:a7:d0:93:16:0d:38:c8:fd:6d:4e:56:
bc:b2:5d:82:4b:1a:9d:bc:58:22:e2:48:f4:51:8e:aa:16:97:
4d:01:06:b2:90:bf:77:c4:29:a7:09:e1:7f:8c:97:e1:01:b5:
a8:c4:9a:a7:32:0c:0a:28:9d:50:29:35:da:9b:6b:bf:ad:94:
21:a0:bc:ec
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQlIiiZVDyzA3K/9coVZTjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjUwMTAyMDM0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2E0ZDQwMjNhYmIyMGEwNjUwMjk2NGU5NWJiMmE2MTdhYzQyMzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/2tBadOX4/h1d1/bLwNzs+caVwI
21kwhNHr3B5Hi/t1ALz7BM5bHlrjua0AZ8r06oIM9p8+nYbGsIT/gSk3Pr22D/Nz
8xfFgCdsjD/qCXcSX96oJIs1chrymZCsrR0aq4lZliXQ5V/S1Ip9tZF4IZiYVoaJ
q6QOOIFIjk0OHQo19btY4V3xl2DeCZpm2VwP2127yCGJvXp2TdzUb3IfW54TObyA
loZbC4cmVJfRZsOsB3DkcbRn44LoUbG4ZzxfYwWU+XxQJjh7p9uteMjpzEYaeSyq
E4B72yj1gblTTfGd4c6s39/McHfXktGRZBiSgaL8S9s4jfuBJ4H0YqGW2QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFJOk1AI6uyCgZQKWTpW7KmF6xCMfMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvazZUVUFqcTdJS0JsQXBaT2xic3FZWHJFSXg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQBWN+aMAwD
BANY36gDBAZY34ADBAVY3+AwDAMEA1+tKAMEBl+tAAMEBNWkYDANBgkqhkiG9w0B
AQsFAAOCAQEAhJQoilceCWSS0jUQdJD00sXrhdxYUpsU2r8iWmOF8aIB3H9wHJj3
ftx8x12GO4p9istf9W53/xCGADKE8REkAMB+r8YBH8DqVvyiEZiICwQmZ6sLCLzJ
1OwMMLRheeQMu0AoQ/Q6cTrPS76VanTESZG4pg7o7jauTJglhmGGCuzLV4fPPLh2
URz0xy8FA+DOfaiawwYKhK2kL8v9iaO6/cY1WlFrh6p/2ngr3N0ftcBPk7yoDjq2
AmvRGKfQkxYNOMj9bU5WvLJdgksanbxYIuJI9FGOqhaXTQEGspC/d8Qppwnhf4yX
4QG1qMSapzIMCiidUCk12ptrv62UIaC87A==
-----END CERTIFICATE-----
Generated at Thu Apr 10 23:51:34 2025 by rpki-client