Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/ba7214-5568-4a42-a999-7a5a8d0967c8/1/Y9vHd81ibfUetGxJah-LnbSDV5g.roa
File: Y9vHd81ibfUetGxJah-LnbSDV5g.roa (raw, json)
Hash identifier: 4fkHfBFVcEfZDutW6y6I1HuGuOEE4ACtS7MPP484LwM=
Subject key identifier: 63:DB:C7:77:CD:62:6D:F5:1E:B4:6C:49:6A:1F:8B:9D:B4:83:57:98
Certificate issuer: /CN=c98a186e8eeb8714edca5b0d716e51d66c168ce1
Certificate serial: 01942144584EA44ACC5DBFB648B5FB969574
Authority key identifier: C9:8A:18:6E:8E:EB:87:14:ED:CA:5B:0D:71:6E:51:D6:6C:16:8C:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yYoYbo7rhxTtylsNcW5R1mwWjOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/ba7214-5568-4a42-a999-7a5a8d0967c8/1/Y9vHd81ibfUetGxJah-LnbSDV5g.roa
Signing time: Wed 01 Jan 2025 09:48:34 +0000
ROA not before: Wed 01 Jan 2025 09:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42703
IP address blocks: 185.106.224.0/22 maxlen: 22
185.106.224.0/24 maxlen: 24
185.106.225.0/24 maxlen: 24
185.106.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/ba7214-5568-4a42-a999-7a5a8d0967c8/1/yYoYbo7rhxTtylsNcW5R1mwWjOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/ba7214-5568-4a42-a999-7a5a8d0967c8/1/yYoYbo7rhxTtylsNcW5R1mwWjOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/yYoYbo7rhxTtylsNcW5R1mwWjOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:58:4e:a4:4a:cc:5d:bf:b6:48:b5:fb:96:95:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c98a186e8eeb8714edca5b0d716e51d66c168ce1
Validity
Not Before: Jan 1 09:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63dbc777cd626df51eb46c496a1f8b9db4835798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:93:7f:3f:ee:7c:ed:f9:95:ad:a0:0b:ba:03:
85:ac:9f:3d:7e:5f:12:2c:8b:42:2c:8c:f9:83:3e:
2d:c4:02:14:b5:d9:56:c6:02:8b:87:3f:8e:72:8e:
8f:dc:2f:cb:65:34:b9:4c:52:38:ee:7b:71:9e:12:
b3:d4:75:77:c2:72:70:7e:b3:d0:e8:19:d9:5f:22:
a3:50:19:d7:1b:87:e6:36:df:40:16:f7:de:39:12:
9a:d6:00:b7:40:d7:66:86:35:7a:bb:24:d1:4a:11:
b8:a3:f9:23:c7:15:9d:25:fd:fb:56:99:0f:4e:55:
cf:ff:0b:af:8f:44:2a:a7:f5:ba:ed:b2:29:83:cd:
38:77:fa:55:c2:8b:2e:58:7d:64:4b:58:9e:be:13:
af:d6:50:9d:5a:6b:fc:8e:1a:6c:62:fc:5a:c1:d1:
6c:70:8d:a2:e1:41:27:21:af:a8:11:db:fb:87:f6:
a8:39:ac:9d:41:c7:a6:1d:5c:0e:74:1c:29:9a:f6:
a2:77:bd:1e:cd:1a:2c:e5:31:1d:90:a0:c7:3c:d4:
53:6d:f0:4f:84:c7:75:73:2c:e5:f5:95:fb:a1:ec:
cf:52:ef:6b:11:8e:66:4c:2b:9a:7d:69:07:4b:f2:
95:ee:3e:b4:bb:05:79:73:a3:55:37:f8:75:98:f1:
fc:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:DB:C7:77:CD:62:6D:F5:1E:B4:6C:49:6A:1F:8B:9D:B4:83:57:98
X509v3 Authority Key Identifier:
keyid:C9:8A:18:6E:8E:EB:87:14:ED:CA:5B:0D:71:6E:51:D6:6C:16:8C:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yYoYbo7rhxTtylsNcW5R1mwWjOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/ba7214-5568-4a42-a999-7a5a8d0967c8/1/Y9vHd81ibfUetGxJah-LnbSDV5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/ba7214-5568-4a42-a999-7a5a8d0967c8/1/yYoYbo7rhxTtylsNcW5R1mwWjOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.224.0/22
Signature Algorithm: sha256WithRSAEncryption
c0:0d:15:d7:d8:47:3b:0e:c9:19:37:4a:f4:1c:04:92:2a:54:
e9:0a:2e:0e:99:70:fb:ea:51:8d:3d:b2:55:68:0c:65:b0:12:
e9:81:41:1a:8e:c3:50:dd:ea:ab:13:b1:6d:93:c3:6c:24:4a:
90:c2:0f:c2:2a:41:f4:bd:38:48:cb:66:dc:78:3b:ed:a8:0f:
ff:94:8e:ae:8b:fa:e8:29:af:9b:d2:6a:82:ee:24:96:d8:46:
9e:ea:ec:00:3e:2f:9c:8f:92:45:da:fb:06:f6:e3:84:7f:9d:
fe:dd:54:5a:f6:d2:fe:82:06:0a:80:01:6e:63:cb:68:8c:d5:
fd:46:7f:5a:04:6c:29:15:8e:b6:3f:a4:11:27:85:62:92:ff:
e9:bf:d1:16:bc:e1:92:05:da:bf:66:e2:69:53:e6:b5:31:58:
1a:0a:f7:9b:f9:d0:47:7c:49:e1:3a:e9:f8:a0:66:9a:f9:03:
da:c4:7b:15:db:4a:bb:ea:ce:3f:6e:a7:0b:a3:45:f6:d0:d4:
d8:43:48:be:30:84:68:6f:9b:f4:7a:94:d1:3e:8d:8b:b7:7b:
00:70:3f:32:01:af:42:50:9e:64:80:b6:1b:42:aa:5a:27:18:
ba:d6:a4:06:31:10:96:d3:c9:82:ab:19:2e:9f:40:12:3d:ab:
30:74:e3:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRFhOpErMXb+2SLX7lpV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5OGExODZlOGVlYjg3MTRlZGNhNWIwZDcxNmU1MWQ2NmMx
NjhjZTEwHhcNMjUwMTAxMDk0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2RiYzc3N2NkNjI2ZGY1MWViNDZjNDk2YTFmOGI5ZGI0ODM1Nzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ZN/P+587fmVraALugOFrJ89fl8S
LItCLIz5gz4txAIUtdlWxgKLhz+Oco6P3C/LZTS5TFI47ntxnhKz1HV3wnJwfrPQ
6BnZXyKjUBnXG4fmNt9AFvfeORKa1gC3QNdmhjV6uyTRShG4o/kjxxWdJf37VpkP
TlXP/wuvj0Qqp/W67bIpg804d/pVwosuWH1kS1ievhOv1lCdWmv8jhpsYvxawdFs
cI2i4UEnIa+oEdv7h/aoOaydQcemHVwOdBwpmvaid70ezRos5TEdkKDHPNRTbfBP
hMd1cyzl9ZX7oezPUu9rEY5mTCuafWkHS/KV7j60uwV5c6NVN/h1mPH8twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGPbx3fNYm31HrRsSWofi520g1eYMB8GA1UdIwQY
MBaAFMmKGG6O64cU7cpbDXFuUdZsFozhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVlvWWJvN3JoeFR0eWxzTmNXNVIxbXdXak9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9iYTcyMTQtNTU2OC00YTQyLWE5OTkt
N2E1YThkMDk2N2M4LzEvWTl2SGQ4MWliZlVldEd4SmFoLUxuYlNEVjVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9iYTcyMTQtNTU2OC00YTQyLWE5OTktN2E1YThkMDk2N2M4
LzEveVlvWWJvN3JoeFR0eWxzTmNXNVIxbXdXak9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWrgMA0G
CSqGSIb3DQEBCwUAA4IBAQDADRXX2Ec7DskZN0r0HASSKlTpCi4OmXD76lGNPbJV
aAxlsBLpgUEajsNQ3eqrE7Ftk8NsJEqQwg/CKkH0vThIy2bceDvtqA//lI6ui/ro
Ka+b0mqC7iSW2Eae6uwAPi+cj5JF2vsG9uOEf53+3VRa9tL+ggYKgAFuY8tojNX9
Rn9aBGwpFY62P6QRJ4Vikv/pv9EWvOGSBdq/ZuJpU+a1MVgaCveb+dBHfEnhOun4
oGaa+QPaxHsV20q76s4/bqcLo0X20NTYQ0i+MIRob5v0epTRPo2Lt3sAcD8yAa9C
UJ5kgLYbQqpaJxi61qQGMRCW08mCqxkun0ASPaswdOOs
-----END CERTIFICATE-----
Generated at Thu Apr 17 16:00:56 2025 by rpki-client