Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/cf9cd6-e717-4dda-82ef-6dfe0f7d53bd/1/YKOzyMuOAG1LkeGOcT0-ojWIUXc.roa
File: YKOzyMuOAG1LkeGOcT0-ojWIUXc.roa (raw, json)
Hash identifier: ISZN8vNEVAu/M5iQ7o0aFS/LcAEtbFN5OpqBSYMDPHU=
Subject key identifier: 60:A3:B3:C8:CB:8E:00:6D:4B:91:E1:8E:71:3D:3E:A2:35:88:51:77
Certificate issuer: /CN=11125404c6dd472f1001ed9ffdf726762ac7701d
Certificate serial: 0196073758B6BF49C5DC2FB6A8E665A0B5AF
Authority key identifier: 11:12:54:04:C6:DD:47:2F:10:01:ED:9F:FD:F7:26:76:2A:C7:70:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ERJUBMbdRy8QAe2f_fcmdirHcB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/cf9cd6-e717-4dda-82ef-6dfe0f7d53bd/1/YKOzyMuOAG1LkeGOcT0-ojWIUXc.roa
Signing time: Sat 05 Apr 2025 18:29:49 +0000
ROA not before: Sat 05 Apr 2025 18:29:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215590
IP address blocks: 92.242.165.0/24 maxlen: 24
164.138.8.0/24 maxlen: 24
164.138.9.0/24 maxlen: 24
164.138.10.0/24 maxlen: 24
164.138.11.0/24 maxlen: 24
164.138.12.0/24 maxlen: 24
164.138.13.0/24 maxlen: 24
164.138.14.0/24 maxlen: 24
164.138.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/cf9cd6-e717-4dda-82ef-6dfe0f7d53bd/1/ERJUBMbdRy8QAe2f_fcmdirHcB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/cf9cd6-e717-4dda-82ef-6dfe0f7d53bd/1/ERJUBMbdRy8QAe2f_fcmdirHcB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ERJUBMbdRy8QAe2f_fcmdirHcB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:07:37:58:b6:bf:49:c5:dc:2f:b6:a8:e6:65:a0:b5:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11125404c6dd472f1001ed9ffdf726762ac7701d
Validity
Not Before: Apr 5 18:29:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60a3b3c8cb8e006d4b91e18e713d3ea235885177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1f:70:34:28:3d:0c:13:ce:f4:fd:ed:40:e8:
7a:2f:48:63:0d:c2:1f:ce:65:bb:d3:1d:b5:8e:19:
65:d8:fe:db:6c:47:8b:84:94:05:aa:30:3b:8b:f5:
12:0f:2a:d9:2e:93:62:f5:65:75:89:45:4e:78:e5:
a8:87:ac:30:d6:4c:b4:f1:9a:b0:71:0f:5f:66:1b:
7c:5b:f9:ba:6c:8a:b1:14:61:94:d5:a1:04:30:e2:
a3:1d:24:9f:fb:e4:ba:9f:07:92:6d:27:82:14:71:
8e:d2:89:c4:64:71:62:e7:ad:62:64:86:07:fb:0a:
22:3d:e1:d4:bd:52:84:f2:85:04:49:f5:8c:9e:08:
0d:f7:b9:07:a7:e9:0d:04:fb:fb:79:ce:40:4d:3d:
64:fb:db:9f:23:a9:9c:f8:40:fa:87:b8:3d:26:8d:
61:5f:c2:5c:ce:d9:1c:4d:de:a4:f6:18:9c:fa:a3:
c4:1a:30:ee:c1:5e:be:e5:db:29:a8:e8:80:3e:2e:
ce:24:4e:ab:cd:20:48:7f:cb:e3:fe:3a:db:24:ea:
24:3d:70:fa:40:dd:14:a6:7e:96:b7:59:18:a2:1c:
7d:0f:e3:1a:a4:b9:d7:c4:b9:6d:d9:a2:f9:64:79:
a6:df:c5:6b:53:fe:68:02:24:56:7d:67:eb:b5:4b:
d1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A3:B3:C8:CB:8E:00:6D:4B:91:E1:8E:71:3D:3E:A2:35:88:51:77
X509v3 Authority Key Identifier:
keyid:11:12:54:04:C6:DD:47:2F:10:01:ED:9F:FD:F7:26:76:2A:C7:70:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ERJUBMbdRy8QAe2f_fcmdirHcB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/cf9cd6-e717-4dda-82ef-6dfe0f7d53bd/1/YKOzyMuOAG1LkeGOcT0-ojWIUXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/cf9cd6-e717-4dda-82ef-6dfe0f7d53bd/1/ERJUBMbdRy8QAe2f_fcmdirHcB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.242.165.0/24
164.138.8.0/21
Signature Algorithm: sha256WithRSAEncryption
51:b3:d1:00:84:14:06:82:07:f2:05:f4:6f:bd:7e:ea:f1:da:
9e:8a:78:d8:ff:96:8f:d0:e2:06:35:cc:94:e5:77:1b:4b:e5:
10:e0:31:a4:1e:78:98:15:98:fa:1b:3f:fb:6c:30:56:83:7e:
ee:5c:26:ac:22:77:34:c4:91:51:7e:40:e3:1d:a3:00:73:3c:
59:41:79:bb:8d:5c:df:01:ef:01:97:20:0c:33:e1:29:c0:b0:
10:3e:b7:65:ec:7d:75:a2:a2:5c:0e:e4:03:b0:75:45:51:c0:
99:6a:60:1c:59:9e:09:81:9c:5e:20:72:53:6a:9c:4f:00:ee:
8e:e5:78:a2:f2:8b:00:2c:fc:c3:08:2a:e7:05:d1:c7:6b:66:
2d:e8:9e:e0:f3:b9:60:99:f0:a7:33:0f:e2:2f:15:47:cf:8e:
1e:04:9d:31:8e:d5:b6:eb:6b:dc:e9:94:24:08:38:1d:aa:62:
37:db:4e:e9:8e:35:b0:5f:8c:36:dc:40:80:69:a8:aa:06:f2:
96:30:3a:dc:b7:a0:d5:49:b5:84:dd:8b:c9:4a:e9:ab:8a:e4:
68:8f:6c:d4:18:53:f9:d4:c5:8c:64:73:6e:2f:20:a3:83:ab:
d5:71:81:95:95:3f:9c:27:3b:d8:c6:af:cc:ae:9e:03:25:c7:
4b:e5:5e:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYHN1i2v0nF3C+2qOZloLWvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMTI1NDA0YzZkZDQ3MmYxMDAxZWQ5ZmZkZjcyNjc2MmFj
NzcwMWQwHhcNMjUwNDA1MTgyOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGEzYjNjOGNiOGUwMDZkNGI5MWUxOGU3MTNkM2VhMjM1ODg1MTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAux9wNCg9DBPO9P3tQOh6L0hjDcIf
zmW70x21jhll2P7bbEeLhJQFqjA7i/USDyrZLpNi9WV1iUVOeOWoh6ww1ky08Zqw
cQ9fZht8W/m6bIqxFGGU1aEEMOKjHSSf++S6nweSbSeCFHGO0onEZHFi561iZIYH
+woiPeHUvVKE8oUESfWMnggN97kHp+kNBPv7ec5ATT1k+9ufI6mc+ED6h7g9Jo1h
X8JcztkcTd6k9hic+qPEGjDuwV6+5dspqOiAPi7OJE6rzSBIf8vj/jrbJOokPXD6
QN0Upn6Wt1kYohx9D+MapLnXxLlt2aL5ZHmm38VrU/5oAiRWfWfrtUvRFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGCjs8jLjgBtS5HhjnE9PqI1iFF3MB8GA1UdIwQY
MBaAFBESVATG3UcvEAHtn/33JnYqx3AdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVJKVUJNYmRSeThRQWUyZl9mY21kaXJIY0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jZjljZDYtZTcxNy00ZGRhLTgyZWYt
NmRmZTBmN2Q1M2JkLzEvWUtPenlNdU9BRzFMa2VHT2NUMC1valdJVVhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jZjljZDYtZTcxNy00ZGRhLTgyZWYtNmRmZTBmN2Q1M2Jk
LzEvRVJKVUJNYmRSeThRQWUyZl9mY21kaXJIY0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXPKlAwQD
pIoIMA0GCSqGSIb3DQEBCwUAA4IBAQBRs9EAhBQGggfyBfRvvX7q8dqeinjY/5aP
0OIGNcyU5XcbS+UQ4DGkHniYFZj6Gz/7bDBWg37uXCasInc0xJFRfkDjHaMAczxZ
QXm7jVzfAe8BlyAMM+EpwLAQPrdl7H11oqJcDuQDsHVFUcCZamAcWZ4JgZxeIHJT
apxPAO6O5Xii8osALPzDCCrnBdHHa2Yt6J7g87lgmfCnMw/iLxVHz44eBJ0xjtW2
62vc6ZQkCDgdqmI3207pjjWwX4w23ECAaaiqBvKWMDrct6DVSbWE3YvJSumriuRo
j2zUGFP51MWMZHNuLyCjg6vVcYGVlT+cJzvYxq/Mrp4DJcdL5V5C
-----END CERTIFICATE-----
Generated at Tue Apr 15 07:15:57 2025 by rpki-client