Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/9ZGSbvVWGJA03vrSyQUEVarRr-4.roa
File: 9ZGSbvVWGJA03vrSyQUEVarRr-4.roa (raw, json)
Hash identifier: cPvp9kLsR1g5wI6QgkJQ/4iEUD2cM7N5TL8rSHXBr1c=
Subject key identifier: F5:91:92:6E:F5:56:18:90:34:DE:FA:D2:C9:05:04:55:AA:D1:AF:EE
Certificate issuer: /CN=3def11bb8a8d480a0313e1f218a66bdf4e95f627
Certificate serial: 019421B23F058FCCD9A806400C755BAAE275
Authority key identifier: 3D:EF:11:BB:8A:8D:48:0A:03:13:E1:F2:18:A6:6B:DF:4E:95:F6:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pe8Ru4qNSAoDE-HyGKZr306V9ic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/9ZGSbvVWGJA03vrSyQUEVarRr-4.roa
Signing time: Wed 01 Jan 2025 11:48:37 +0000
ROA not before: Wed 01 Jan 2025 11:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9121
IP address blocks: 62.248.0.0/17 maxlen: 24
78.160.0.0/11 maxlen: 24
81.212.0.0/14 maxlen: 24
85.96.0.0/12 maxlen: 24
88.224.0.0/11 maxlen: 24
95.0.0.0/12 maxlen: 24
176.52.176.0/22 maxlen: 24
194.54.32.0/19 maxlen: 24
195.174.0.0/15 maxlen: 24
212.156.0.0/16 maxlen: 24
212.174.0.0/15 maxlen: 24
2a01:358::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/Pe8Ru4qNSAoDE-HyGKZr306V9ic.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/Pe8Ru4qNSAoDE-HyGKZr306V9ic.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pe8Ru4qNSAoDE-HyGKZr306V9ic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:3f:05:8f:cc:d9:a8:06:40:0c:75:5b:aa:e2:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3def11bb8a8d480a0313e1f218a66bdf4e95f627
Validity
Not Before: Jan 1 11:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f591926ef556189034defad2c9050455aad1afee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:87:89:c3:0a:31:88:39:94:30:2c:4f:ac:70:
22:ae:bf:4c:99:5a:0b:84:8d:22:fb:4e:a0:20:19:
0b:e4:c0:99:6a:da:f9:3c:6f:d8:ad:d0:3e:af:17:
8e:c0:ad:9a:a9:9a:ac:f4:4a:7a:e8:54:ad:7c:9d:
c5:b1:cf:dc:1c:77:0a:c9:07:7a:d2:85:6a:89:b6:
f6:4d:97:56:cb:8b:e4:19:3b:52:94:85:91:26:cb:
14:69:f7:3e:e0:ce:2b:e2:c8:02:38:3b:c0:96:f8:
3f:f5:90:fe:09:82:f8:d2:99:dd:33:f7:8f:4a:57:
6e:cc:f0:8a:df:ac:0b:12:5e:a8:dc:f5:ea:99:df:
ed:15:3e:02:4c:c6:38:2b:e5:ee:59:92:c5:04:08:
50:ec:ba:56:9f:29:f5:33:9b:4d:24:5a:a8:90:b2:
5d:f5:5f:56:1e:05:a0:e1:03:7e:de:74:eb:42:8e:
7d:e9:0c:d7:63:f1:65:0d:0e:dc:79:56:d3:4c:ab:
43:c2:3d:1e:1a:46:f2:c6:82:64:85:6c:9d:7e:a6:
e1:4f:99:a9:b6:c9:10:6a:e4:d9:1d:4a:99:0e:48:
38:6d:8c:56:ee:d3:ef:fb:9e:07:1a:c1:a6:8d:9a:
6a:14:7c:82:5e:f5:0f:d1:00:af:fb:59:81:b0:0f:
0d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:91:92:6E:F5:56:18:90:34:DE:FA:D2:C9:05:04:55:AA:D1:AF:EE
X509v3 Authority Key Identifier:
keyid:3D:EF:11:BB:8A:8D:48:0A:03:13:E1:F2:18:A6:6B:DF:4E:95:F6:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pe8Ru4qNSAoDE-HyGKZr306V9ic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/9ZGSbvVWGJA03vrSyQUEVarRr-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/Pe8Ru4qNSAoDE-HyGKZr306V9ic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.248.0.0/17
78.160.0.0/11
81.212.0.0/14
85.96.0.0/12
88.224.0.0/11
95.0.0.0/12
176.52.176.0/22
194.54.32.0/19
195.174.0.0/15
212.156.0.0/16
212.174.0.0/15
IPv6:
2a01:358::/29
Signature Algorithm: sha256WithRSAEncryption
99:b4:5b:99:57:a0:d0:ba:3b:00:c5:16:77:32:7e:8b:ba:c8:
d5:82:26:68:41:6a:5c:ee:5d:aa:ba:0a:01:47:69:56:98:18:
dd:15:8b:f2:f5:dc:82:18:9c:6d:5e:9a:8d:c3:bc:b8:9c:8a:
40:b8:ea:d3:d8:b1:51:cb:e1:dd:53:2c:be:96:ef:66:58:95:
a3:b9:4b:14:98:02:bb:85:4f:9c:f1:d3:6d:46:a9:a3:5e:1b:
28:d8:10:e2:18:79:df:21:7b:f6:48:24:1f:5f:bd:e7:50:46:
00:85:15:b0:8b:d4:f0:c0:0a:23:07:90:4e:ef:d8:00:f3:d8:
37:5d:d5:01:a5:25:14:20:13:72:8a:99:f6:4e:b8:29:f2:a3:
7b:09:a0:6b:60:31:db:bb:ca:8f:93:f4:27:af:7b:2d:74:10:
11:ca:a4:c6:9f:17:c3:0c:23:39:38:de:50:29:78:c3:31:d0:
ff:9f:f2:56:e4:01:53:6b:8c:eb:18:a9:92:0c:10:f3:71:bf:
a1:8c:59:cd:d0:ef:9f:be:07:6a:50:7e:a5:32:bd:bd:31:a3:
dc:34:60:ba:49:34:52:04:18:c7:6b:b8:d7:00:be:fb:15:c6:
74:e7:d5:65:01:a6:f6:ce:4e:cb:ea:da:98:43:bf:94:bd:d0:
fa:76:74:fe
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZQhsj8Fj8zZqAZADHVbquJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZWYxMWJiOGE4ZDQ4MGEwMzEzZTFmMjE4YTY2YmRmNGU5
NWY2MjcwHhcNMjUwMTAxMTE0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTkxOTI2ZWY1NTYxODkwMzRkZWZhZDJjOTA1MDQ1NWFhZDFhZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYeJwwoxiDmUMCxPrHAirr9MmVoL
hI0i+06gIBkL5MCZatr5PG/YrdA+rxeOwK2aqZqs9Ep66FStfJ3Fsc/cHHcKyQd6
0oVqibb2TZdWy4vkGTtSlIWRJssUafc+4M4r4sgCODvAlvg/9ZD+CYL40pndM/eP
SlduzPCK36wLEl6o3PXqmd/tFT4CTMY4K+XuWZLFBAhQ7LpWnyn1M5tNJFqokLJd
9V9WHgWg4QN+3nTrQo596QzXY/FlDQ7ceVbTTKtDwj0eGkbyxoJkhWydfqbhT5mp
tskQauTZHUqZDkg4bYxW7tPv+54HGsGmjZpqFHyCXvUP0QCv+1mBsA8NOQIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFPWRkm71VhiQNN760skFBFWq0a/uMB8GA1UdIwQY
MBaAFD3vEbuKjUgKAxPh8hima99OlfYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGU4UnU0cU5TQW9ERS1IeUdLWnIzMDZWOWljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9kMWYxNzItMmRlZi00Nzk3LTgwNWYt
YjQ5NDY2NDcyNGFkLzEvOVpHU2J2VldHSkEwM3ZyU3lRVUVWYXJSci00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9kMWYxNzItMmRlZi00Nzk3LTgwNWYtYjQ5NDY2NDcyNGFk
LzEvUGU4UnU0cU5TQW9ERS1IeUdLWnIzMDZWOWljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTBABAIAATA6AwQHPvgAAwMF
TqADAwJR1AMDBFVgAwMFWOADAwRfAAMEArA0sAMEBcI2IAMDAcOuAwMA1JwDAwHU
rjANBAIAAjAHAwUDKgEDWDANBgkqhkiG9w0BAQsFAAOCAQEAmbRbmVeg0Lo7AMUW
dzJ+i7rI1YImaEFqXO5dqroKAUdpVpgY3RWL8vXcghicbV6ajcO8uJyKQLjq09ix
Ucvh3VMsvpbvZliVo7lLFJgCu4VPnPHTbUapo14bKNgQ4hh53yF79kgkH1+951BG
AIUVsIvU8MAKIweQTu/YAPPYN13VAaUlFCATcoqZ9k64KfKjewmga2Ax27vKj5P0
J697LXQQEcqkxp8XwwwjOTjeUCl4wzHQ/5/yVuQBU2uM6xipkgwQ83G/oYxZzdDv
n74HalB+pTK9vTGj3DRgukk0UgQYx2u41wC++xXGdOfVZQGm9s5Oy+ramEO/lL3Q
+nZ0/g==
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:51:13 2025 by rpki-client