Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/y219uopaZvXSdvuyVN0z8hSAj3g.roa
File: y219uopaZvXSdvuyVN0z8hSAj3g.roa (raw, json)
Hash identifier: yOxEDrbHVzQ3D4oMaRFodYyQEbnpgrKDN1hHuSZgDh0=
Subject key identifier: CB:6D:7D:BA:8A:5A:66:F5:D2:76:FB:B2:54:DD:33:F2:14:80:8F:78
Certificate issuer: /CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Certificate serial: 019420D6314B61DFB5669D955787AA840951
Authority key identifier: FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/y219uopaZvXSdvuyVN0z8hSAj3g.roa
Signing time: Wed 01 Jan 2025 07:48:15 +0000
ROA not before: Wed 01 Jan 2025 07:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205906
IP address blocks: 78.109.225.0/24 maxlen: 24
78.109.226.0/24 maxlen: 24
78.109.227.0/24 maxlen: 24
78.109.228.0/24 maxlen: 24
78.109.229.0/24 maxlen: 24
78.109.230.0/24 maxlen: 24
78.109.231.0/24 maxlen: 24
78.109.232.0/24 maxlen: 24
78.109.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 22:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:31:4b:61:df:b5:66:9d:95:57:87:aa:84:09:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Validity
Not Before: Jan 1 07:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb6d7dba8a5a66f5d276fbb254dd33f214808f78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c9:92:c6:ab:77:ee:c9:83:bb:36:1f:47:52:
f6:20:62:e8:98:1e:2a:b6:ad:ad:b2:86:7f:51:d0:
5d:88:71:c5:81:91:76:1d:d2:34:fd:9e:31:09:c5:
ac:c6:0c:01:e1:70:c9:f8:9d:cc:26:38:2f:eb:b3:
ac:95:b4:ce:54:98:3b:ae:bf:5d:12:cc:09:54:34:
ec:68:c8:2f:69:4b:3f:e5:f9:cf:81:3e:f7:0e:72:
60:d8:4a:e1:f1:3a:56:25:19:10:20:38:b2:70:eb:
53:80:aa:8f:aa:c5:13:bb:56:82:63:6b:20:16:e6:
ba:10:00:a0:20:1b:45:7d:a6:27:7b:7a:f1:a1:b1:
ad:ec:27:c0:5d:0c:31:ca:f1:7d:e3:17:44:cc:ea:
1a:2b:38:69:bd:b1:b4:59:ba:d4:d4:e9:51:82:b2:
79:5c:fa:be:9c:bc:90:e6:a3:40:9f:c0:d4:df:80:
4c:e9:db:00:83:49:e3:bd:11:58:56:5f:50:85:47:
f5:04:f3:39:5d:40:eb:d5:69:83:65:bd:b9:0e:c9:
9a:fa:39:76:94:3e:e3:6b:ff:33:93:5e:77:80:97:
a0:68:c9:21:0a:9b:cf:0c:05:7b:e9:c4:a4:5c:e5:
21:31:73:63:07:e2:bb:d8:08:fc:e6:42:c1:b8:38:
a5:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:6D:7D:BA:8A:5A:66:F5:D2:76:FB:B2:54:DD:33:F2:14:80:8F:78
X509v3 Authority Key Identifier:
keyid:FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/y219uopaZvXSdvuyVN0z8hSAj3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.225.0-78.109.232.255
78.109.239.0/24
Signature Algorithm: sha256WithRSAEncryption
19:9b:b8:c8:b4:5c:fd:2e:92:ab:c8:2d:5c:71:60:77:d2:2a:
02:cb:2f:f0:90:b1:fc:37:92:41:78:3e:af:3b:2a:c8:6d:1f:
b5:5b:64:63:26:ac:c8:17:33:e0:d0:66:02:43:a0:c9:78:24:
b8:0b:b3:8e:05:59:7c:33:0e:1a:e0:9f:ef:68:32:cc:6d:47:
f0:9b:6b:1e:7e:f6:b7:38:0c:0e:7a:d3:d6:8e:0a:e5:98:d0:
1a:88:2d:fb:b7:50:d6:df:a9:3a:72:a3:38:a6:cf:b0:cb:26:
28:68:d2:3a:d4:6f:44:ec:a9:77:c4:ba:6e:eb:29:b4:78:c2:
f0:e1:e3:eb:24:b2:fb:87:dd:fb:85:04:fd:14:51:e5:41:8d:
ba:04:54:f8:58:d9:66:ba:7b:44:f5:46:b8:90:1a:16:4e:8c:
f1:f4:24:a8:17:07:ea:43:89:7a:36:58:23:09:e5:94:75:d9:
ed:fe:92:03:b3:38:ce:64:89:72:47:f7:9a:d0:84:2e:ca:b1:
34:66:f8:b9:c9:5a:c7:a1:f1:53:2d:a5:b7:56:a8:18:b8:17:
d4:05:dc:b9:b1:c5:b9:ca:e8:6f:70:22:03:76:89:1a:4a:cb:
f7:9c:8e:2d:83:56:ab:7d:7d:fc:1d:36:a6:09:93:b4:96:86:
fe:a3:85:1e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQg1jFLYd+1Zp2VV4eqhAlRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMDYxYTM5ZjBhMDM3OTIzMTEzZDZiOGJiOWI1YmRhYjVi
MmY0NjYwHhcNMjUwMTAxMDc0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjZkN2RiYThhNWE2NmY1ZDI3NmZiYjI1NGRkMzNmMjE0ODA4Zjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusmSxqt37smDuzYfR1L2IGLomB4q
tq2tsoZ/UdBdiHHFgZF2HdI0/Z4xCcWsxgwB4XDJ+J3MJjgv67OslbTOVJg7rr9d
EswJVDTsaMgvaUs/5fnPgT73DnJg2Erh8TpWJRkQIDiycOtTgKqPqsUTu1aCY2sg
Fua6EACgIBtFfaYne3rxobGt7CfAXQwxyvF94xdEzOoaKzhpvbG0WbrU1OlRgrJ5
XPq+nLyQ5qNAn8DU34BM6dsAg0njvRFYVl9QhUf1BPM5XUDr1WmDZb25Dsma+jl2
lD7ja/8zk153gJegaMkhCpvPDAV76cSkXOUhMXNjB+K72Aj85kLBuDillQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFMttfbqKWmb10nb7slTdM/IUgI94MB8GA1UdIwQY
MBaAFPsGGjnwoDeSMRPWuLubW9q1svRmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS13WWFPZkNnTjVJeEU5YTR1NXRiMnJXeTlHWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1
LWZkMTY3YWQ5MmE5ZC8xL3kyMTl1b3BhWnZYU2R2dXlWTjB6OGhTQWozZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1LWZkMTY3YWQ5MmE5
ZC8xLzEtd1lhT2ZDZ041SXhFOWE0dTV0YjJyV3k5R1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQwDAMEAE5t
4QMEAE5t6AMEAE5t7zANBgkqhkiG9w0BAQsFAAOCAQEAGZu4yLRc/S6Sq8gtXHFg
d9IqAssv8JCx/DeSQXg+rzsqyG0ftVtkYyasyBcz4NBmAkOgyXgkuAuzjgVZfDMO
GuCf72gyzG1H8JtrHn72tzgMDnrT1o4K5ZjQGogt+7dQ1t+pOnKjOKbPsMsmKGjS
OtRvROypd8S6busptHjC8OHj6ySy+4fd+4UE/RRR5UGNugRU+FjZZrp7RPVGuJAa
Fk6M8fQkqBcH6kOJejZYIwnllHXZ7f6SA7M4zmSJckf3mtCELsqxNGb4uclax6Hx
Uy2lt1aoGLgX1AXcubHFucrob3AiA3aJGkrL95yOLYNWq319/B02pgmTtJaG/qOF
Hg==
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:34:30 2025 by rpki-client