Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f96430-62d4-4310-8493-ae1aa1654cde/1/dFWtNsDJ-mUPtxThTA2MYEV4hMw.roa
File: dFWtNsDJ-mUPtxThTA2MYEV4hMw.roa (raw, json)
Hash identifier: ixgpNKTZ9Dv34+AbK1Jrz2N3i33IFdJsOuKPNGIdi1E=
Subject key identifier: 74:55:AD:36:C0:C9:FA:65:0F:B7:14:E1:4C:0D:8C:60:45:78:84:CC
Certificate issuer: /CN=122a2ba3cc18c998501309ecde042706af5b845a
Certificate serial: 019425FCCEEBA9B664B19E16A36ED4505C2E
Authority key identifier: 12:2A:2B:A3:CC:18:C9:98:50:13:09:EC:DE:04:27:06:AF:5B:84:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eioro8wYyZhQEwns3gQnBq9bhFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f96430-62d4-4310-8493-ae1aa1654cde/1/dFWtNsDJ-mUPtxThTA2MYEV4hMw.roa
Signing time: Thu 02 Jan 2025 07:48:32 +0000
ROA not before: Thu 02 Jan 2025 07:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56690
IP address blocks: 91.226.172.0/22 maxlen: 22
185.250.60.0/22 maxlen: 22
193.39.116.0/24 maxlen: 24
2a09:8880::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/f96430-62d4-4310-8493-ae1aa1654cde/1/Eioro8wYyZhQEwns3gQnBq9bhFo.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/f96430-62d4-4310-8493-ae1aa1654cde/1/Eioro8wYyZhQEwns3gQnBq9bhFo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Eioro8wYyZhQEwns3gQnBq9bhFo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:ce:eb:a9:b6:64:b1:9e:16:a3:6e:d4:50:5c:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=122a2ba3cc18c998501309ecde042706af5b845a
Validity
Not Before: Jan 2 07:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7455ad36c0c9fa650fb714e14c0d8c60457884cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:d0:fa:57:4f:1c:18:7c:4e:67:9a:dd:f2:3d:
9f:d5:1e:07:d3:d4:96:92:09:8e:32:11:93:3d:72:
1a:d3:45:e4:84:58:01:94:de:ba:64:31:ac:42:d0:
de:b1:96:e6:5d:24:d0:61:ca:d1:66:72:68:eb:02:
62:23:6a:9e:76:69:ae:79:52:9b:5d:be:a7:3b:df:
90:25:e0:44:75:f8:d3:98:90:ae:db:d3:e2:16:6f:
4a:b6:6e:d1:51:89:e2:a9:bb:6e:91:4c:8b:4c:8d:
7a:ae:d5:76:f3:c5:c2:80:f5:ce:0e:80:19:46:3a:
3a:32:cc:11:bb:7f:83:8c:dd:4f:97:1e:c1:18:ba:
1e:9c:64:8d:49:53:15:88:fe:8f:cd:8d:12:47:07:
ab:59:bb:1a:9c:5b:c3:2b:95:c1:6b:2e:8f:07:3e:
37:42:98:e4:d4:1e:57:24:eb:fe:25:77:cc:f1:3f:
a3:23:7b:ea:ce:d7:6a:f0:94:45:5e:59:8d:4d:4a:
e3:d5:86:d9:16:58:7a:4f:d6:ae:37:78:6d:13:f9:
fe:3b:c1:ca:4f:3b:73:a7:83:be:4f:38:e4:b3:a6:
a1:5a:37:3e:09:86:c4:8f:f6:e6:91:97:3e:05:64:
5a:b2:2d:64:9c:54:da:80:1d:5d:5e:61:ca:c3:f6:
5c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:55:AD:36:C0:C9:FA:65:0F:B7:14:E1:4C:0D:8C:60:45:78:84:CC
X509v3 Authority Key Identifier:
keyid:12:2A:2B:A3:CC:18:C9:98:50:13:09:EC:DE:04:27:06:AF:5B:84:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eioro8wYyZhQEwns3gQnBq9bhFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f96430-62d4-4310-8493-ae1aa1654cde/1/dFWtNsDJ-mUPtxThTA2MYEV4hMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f96430-62d4-4310-8493-ae1aa1654cde/1/Eioro8wYyZhQEwns3gQnBq9bhFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.172.0/22
185.250.60.0/22
193.39.116.0/24
IPv6:
2a09:8880::/36
Signature Algorithm: sha256WithRSAEncryption
06:dd:e6:15:83:7f:f3:ad:41:1d:24:a2:66:32:e2:5c:c8:13:
99:3d:c4:ab:70:d7:10:52:dd:f0:c0:de:c1:a1:80:87:c8:d9:
c5:d1:66:37:35:b0:7b:ca:a1:74:5e:4d:37:4c:18:46:3e:ba:
4d:bf:5e:08:3a:dd:24:59:c9:c8:70:18:5e:14:d8:ec:74:0b:
07:65:9d:29:ad:45:15:d0:a9:5d:1b:bc:5a:13:51:f9:c6:68:
70:f1:37:74:e1:34:6c:ff:2f:27:12:c7:60:12:79:66:6a:21:
ad:5d:d1:e0:a2:f3:69:26:12:88:82:26:c6:61:69:af:82:da:
a8:d9:e7:9f:c1:ef:b6:54:49:82:3c:54:7c:a8:f6:f8:c1:5d:
5a:1b:9c:c2:54:51:af:6a:f4:34:04:da:17:46:6b:0a:15:12:
48:6c:fe:1d:ab:16:13:ac:06:38:fe:82:7d:62:cd:d5:e3:82:
8e:42:6a:89:ce:3f:22:1d:19:0b:a8:0b:89:ce:ca:8c:82:a0:
70:fd:e8:d2:34:d4:ba:85:20:06:88:9f:11:df:f1:fa:4f:22:
f5:7d:56:f6:1d:97:10:21:6d:fc:46:82:d3:eb:7a:da:0b:0d:
55:31:05:69:c4:00:ec:67:53:ac:d3:12:19:a2:9a:e0:52:3e:
2a:45:e9:14
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQl/M7rqbZksZ4Wo27UUFwuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMmEyYmEzY2MxOGM5OTg1MDEzMDllY2RlMDQyNzA2YWY1
Yjg0NWEwHhcNMjUwMTAyMDc0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDU1YWQzNmMwYzlmYTY1MGZiNzE0ZTE0YzBkOGM2MDQ1Nzg4NGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6tD6V08cGHxOZ5rd8j2f1R4H09SW
kgmOMhGTPXIa00XkhFgBlN66ZDGsQtDesZbmXSTQYcrRZnJo6wJiI2qedmmueVKb
Xb6nO9+QJeBEdfjTmJCu29PiFm9Ktm7RUYniqbtukUyLTI16rtV288XCgPXODoAZ
Rjo6MswRu3+DjN1Plx7BGLoenGSNSVMViP6PzY0SRwerWbsanFvDK5XBay6PBz43
Qpjk1B5XJOv+JXfM8T+jI3vqztdq8JRFXlmNTUrj1YbZFlh6T9auN3htE/n+O8HK
Tztzp4O+Tzjks6ahWjc+CYbEj/bmkZc+BWRasi1knFTagB1dXmHKw/ZclwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHRVrTbAyfplD7cU4UwNjGBFeITMMB8GA1UdIwQY
MBaAFBIqK6PMGMmYUBMJ7N4EJwavW4RaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlvcm84d1l5WmhRRXduczNnUW5CcTliaEZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mOTY0MzAtNjJkNC00MzEwLTg0OTMt
YWUxYWExNjU0Y2RlLzEvZEZXdE5zREotbVVQdHhUaFRBMk1ZRVY0aE13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mOTY0MzAtNjJkNC00MzEwLTg0OTMtYWUxYWExNjU0Y2Rl
LzEvRWlvcm84d1l5WmhRRXduczNnUW5CcTliaEZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQCW+KsAwQC
ufo8AwQAwSd0MA4EAgACMAgDBgQqCYiAADANBgkqhkiG9w0BAQsFAAOCAQEABt3m
FYN/861BHSSiZjLiXMgTmT3Eq3DXEFLd8MDewaGAh8jZxdFmNzWwe8qhdF5NN0wY
Rj66Tb9eCDrdJFnJyHAYXhTY7HQLB2WdKa1FFdCpXRu8WhNR+cZocPE3dOE0bP8v
JxLHYBJ5ZmohrV3R4KLzaSYSiIImxmFpr4LaqNnnn8HvtlRJgjxUfKj2+MFdWhuc
wlRRr2r0NATaF0ZrChUSSGz+HasWE6wGOP6CfWLN1eOCjkJqic4/Ih0ZC6gLic7K
jIKgcP3o0jTUuoUgBoifEd/x+k8i9X1W9h2XECFt/EaC0+t62gsNVTEFacQA7GdT
rNMSGaKa4FI+KkXpFA==
-----END CERTIFICATE-----
Generated at Sat Apr 12 13:22:19 2025 by rpki-client