Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/1-DR1I-0Q86yRegJRW48TcU9jkak.roa
File: 1-DR1I-0Q86yRegJRW48TcU9jkak.roa (raw, json)
Hash identifier: BbaoF4QpKICKvF2DFJvuoi1HekvHPPg57x8hdzzKsN8=
Subject key identifier: F8:34:75:23:ED:10:F3:AC:91:7A:02:51:5B:8F:13:71:4F:63:91:A9
Certificate issuer: /CN=845c58752f3336422ff0ee1726474591e7a41e5f
Certificate serial: 019424454C6451ADB0DF97358760E3E71FB9
Authority key identifier: 84:5C:58:75:2F:33:36:42:2F:F0:EE:17:26:47:45:91:E7:A4:1E:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFxYdS8zNkIv8O4XJkdFkeekHl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/1-DR1I-0Q86yRegJRW48TcU9jkak.roa
Signing time: Wed 01 Jan 2025 23:48:28 +0000
ROA not before: Wed 01 Jan 2025 23:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34624
IP address blocks: 31.170.192.0/19 maxlen: 24
46.253.16.0/20 maxlen: 24
86.105.240.0/24 maxlen: 24
86.107.191.0/24 maxlen: 24
89.33.16.0/24 maxlen: 24
89.35.2.0/23 maxlen: 24
89.35.2.0/24 maxlen: 24
89.35.174.0/23 maxlen: 24
89.40.134.0/23 maxlen: 24
89.191.64.0/19 maxlen: 24
93.115.33.0/24 maxlen: 24
193.238.60.0/22 maxlen: 24
2a00:1930::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/hFxYdS8zNkIv8O4XJkdFkeekHl8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/hFxYdS8zNkIv8O4XJkdFkeekHl8.mft
rsync://rpki.ripe.net/repository/DEFAULT/hFxYdS8zNkIv8O4XJkdFkeekHl8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:4c:64:51:ad:b0:df:97:35:87:60:e3:e7:1f:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=845c58752f3336422ff0ee1726474591e7a41e5f
Validity
Not Before: Jan 1 23:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8347523ed10f3ac917a02515b8f13714f6391a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:21:64:66:3c:92:00:27:d6:aa:67:93:f7:be:
c4:da:5e:a5:5e:7b:76:5f:b5:96:9d:49:88:27:ba:
bf:d2:d9:7c:76:06:06:9c:fb:6c:78:e0:5b:4e:26:
23:12:27:91:e2:ee:bd:e9:6d:fb:d3:92:6e:8a:f6:
6c:ee:25:90:40:8e:d1:20:1d:31:e1:ca:68:95:d6:
0e:d0:39:5c:e6:33:a4:5c:45:9f:c6:57:94:de:a7:
f7:48:e7:12:66:45:aa:fb:d5:28:61:61:43:5d:af:
2b:3a:c6:2b:36:0e:ad:df:8a:f5:da:01:9c:0a:c4:
e7:aa:c8:07:80:14:04:c6:93:b3:98:f8:30:34:2f:
50:9a:d6:a0:c1:a1:7a:d2:63:2b:4a:8e:d7:3e:f6:
82:38:cc:7b:07:65:e0:39:97:cd:16:30:15:19:cc:
27:ec:ce:bf:26:17:c7:98:af:eb:11:a9:49:c9:16:
a9:4a:c8:93:bc:85:92:4d:bf:5b:2b:09:52:fc:68:
3d:7e:52:5c:d8:11:5f:65:28:96:86:7a:80:1e:f6:
c2:58:6e:85:c4:01:8f:51:91:29:c7:d4:e9:63:53:
f0:94:01:ae:ad:3a:75:54:87:05:4f:e0:72:22:b4:
7d:9f:dc:52:52:07:fd:06:80:5b:e8:f1:64:d0:e2:
5a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:34:75:23:ED:10:F3:AC:91:7A:02:51:5B:8F:13:71:4F:63:91:A9
X509v3 Authority Key Identifier:
keyid:84:5C:58:75:2F:33:36:42:2F:F0:EE:17:26:47:45:91:E7:A4:1E:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFxYdS8zNkIv8O4XJkdFkeekHl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/1-DR1I-0Q86yRegJRW48TcU9jkak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/hFxYdS8zNkIv8O4XJkdFkeekHl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.192.0/19
46.253.16.0/20
86.105.240.0/24
86.107.191.0/24
89.33.16.0/24
89.35.2.0/23
89.35.174.0/23
89.40.134.0/23
89.191.64.0/19
93.115.33.0/24
193.238.60.0/22
IPv6:
2a00:1930::/32
Signature Algorithm: sha256WithRSAEncryption
16:af:23:dc:b2:94:32:ee:34:6e:3c:dd:7a:f5:78:cc:17:dc:
bc:75:0e:1d:ae:44:b9:08:e0:e9:ed:9c:b0:eb:a9:28:44:d7:
19:09:ff:2f:5d:63:83:63:22:ed:30:4f:04:c4:f5:43:8b:4a:
d0:d3:b1:5a:cf:59:76:10:ec:1b:7a:09:d4:e0:62:98:79:43:
98:ab:8b:7c:67:79:1b:27:3b:c7:c1:cc:87:48:f0:a4:98:a6:
d5:6d:da:e1:cc:29:c0:66:66:5b:81:b8:64:a9:91:bc:b5:cf:
9c:32:77:2d:e8:ac:95:2a:c2:02:7e:cc:69:85:e9:c7:a2:32:
06:56:b5:58:db:40:81:0a:76:78:87:89:fa:22:14:fe:51:3e:
ea:ce:f8:fe:9f:f9:dd:2f:19:63:a8:a8:d9:55:f5:8f:70:ca:
5a:32:2d:2b:ba:e7:2b:94:c9:2a:9c:26:01:a5:b3:fa:af:3a:
de:9c:80:4f:ce:b7:89:fd:51:ce:35:75:d9:61:92:48:15:4b:
46:8e:49:49:f8:70:4a:fa:64:3f:05:14:dd:1e:9f:ac:3c:4e:
da:7d:7c:e1:19:83:16:7d:df:40:6c:ee:54:e6:83:cc:84:76:
7d:ce:a8:6e:bc:32:d3:78:c0:d6:ff:2b:a3:fd:a8:39:be:b1:
68:1c:a6:1c
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZQkRUxkUa2w35c1h2Dj5x+5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NWM1ODc1MmYzMzM2NDIyZmYwZWUxNzI2NDc0NTkxZTdh
NDFlNWYwHhcNMjUwMTAxMjM0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODM0NzUyM2VkMTBmM2FjOTE3YTAyNTE1YjhmMTM3MTRmNjM5MWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyFkZjySACfWqmeT977E2l6lXnt2
X7WWnUmIJ7q/0tl8dgYGnPtseOBbTiYjEieR4u696W3705JuivZs7iWQQI7RIB0x
4cpoldYO0Dlc5jOkXEWfxleU3qf3SOcSZkWq+9UoYWFDXa8rOsYrNg6t34r12gGc
CsTnqsgHgBQExpOzmPgwNC9QmtagwaF60mMrSo7XPvaCOMx7B2XgOZfNFjAVGcwn
7M6/JhfHmK/rEalJyRapSsiTvIWSTb9bKwlS/Gg9flJc2BFfZSiWhnqAHvbCWG6F
xAGPUZEpx9TpY1PwlAGurTp1VIcFT+ByIrR9n9xSUgf9BoBb6PFk0OJavwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFPg0dSPtEPOskXoCUVuPE3FPY5GpMB8GA1UdIwQY
MBaAFIRcWHUvMzZCL/DuFyZHRZHnpB5fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZ4WWRTOHpOa0l2OE80WEprZEZrZWVrSGw4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS82NGUzYWItMjI4Yy00YTIzLTkyMTYt
ZjEzNGU1MWNjMDViLzEvMS1EUjFJLTBRODZ5UmVnSlJXNDhUY1U5amthay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTkvNjRlM2FiLTIyOGMtNGEyMy05MjE2LWYxMzRlNTFjYzA1
Yi8xL2hGeFlkUzh6TmtJdjhPNFhKa2RGa2Vla0hsOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBqBggrBgEFBQcBBwEB/wRbMFkwSAQCAAEwQgMEBR+qwAME
BC79EAMEAFZp8AMEAFZrvwMEAFkhEAMEAVkjAgMEAVkjrgMEAVkohgMEBVm/QAME
AF1zIQMEAsHuPDANBAIAAjAHAwUAKgAZMDANBgkqhkiG9w0BAQsFAAOCAQEAFq8j
3LKUMu40bjzdevV4zBfcvHUOHa5EuQjg6e2csOupKETXGQn/L11jg2Mi7TBPBMT1
Q4tK0NOxWs9ZdhDsG3oJ1OBimHlDmKuLfGd5Gyc7x8HMh0jwpJim1W3a4cwpwGZm
W4G4ZKmRvLXPnDJ3LeislSrCAn7MaYXpx6IyBla1WNtAgQp2eIeJ+iIU/lE+6s74
/p/53S8ZY6io2VX1j3DKWjItK7rnK5TJKpwmAaWz+q863pyAT863if1RzjV12WGS
SBVLRo5JSfhwSvpkPwUU3R6frDxO2n184RmDFn3fQGzuVOaDzIR2fc6obrwy03jA
1v8ro/2oOb6xaBymHA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:28:16 2025 by rpki-client