Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/rIgcdTeWZFGqJKg9n3iWHMAsC7Y.roa
File: rIgcdTeWZFGqJKg9n3iWHMAsC7Y.roa (raw, json)
Hash identifier: a0sp1XHVAFftpd98cWn25wYJYIERTkIsIUmu6LiYvzk=
Subject key identifier: AC:88:1C:75:37:96:64:51:AA:24:A8:3D:9F:78:96:1C:C0:2C:0B:B6
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 0194266B6381922F139D6FDD1946042355A4
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/rIgcdTeWZFGqJKg9n3iWHMAsC7Y.roa
Signing time: Thu 02 Jan 2025 09:49:19 +0000
ROA not before: Thu 02 Jan 2025 09:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205352
IP address blocks: 87.246.50.0/24 maxlen: 24
87.246.51.0/24 maxlen: 24
87.246.52.0/23 maxlen: 23
87.246.56.0/22 maxlen: 22
109.160.92.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 06:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:63:81:92:2f:13:9d:6f:dd:19:46:04:23:55:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 2 09:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac881c7537966451aa24a83d9f78961cc02c0bb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:94:db:77:7a:ab:41:8a:76:0b:87:17:56:83:
f3:6e:f6:4f:37:51:7c:08:84:7f:94:8e:66:5a:ae:
b0:c6:95:08:90:3e:28:7d:0d:77:d4:96:ae:19:77:
8c:d6:ef:06:99:c4:b6:3c:0a:7d:9c:0b:c1:49:d5:
13:9d:6e:00:94:a4:05:c4:53:a8:30:73:6a:c3:a8:
26:59:a4:a9:d8:33:72:e1:5c:e7:54:9b:68:09:bf:
6d:30:b0:97:fd:08:f7:3b:23:06:53:a9:68:2b:20:
3e:b0:32:be:1d:94:44:90:ef:64:50:8c:a6:e5:95:
7c:59:bb:8e:9c:3e:ba:54:8e:74:3f:fd:e9:ea:4a:
b8:2a:1b:1b:d9:e8:ee:94:c9:07:05:f8:4a:9b:e8:
6f:9f:51:c2:1a:77:b0:78:0e:cf:bd:13:47:16:8a:
c2:cb:5a:1f:f3:2b:90:69:d3:00:50:e6:a8:43:c1:
41:39:ba:53:b0:ec:1b:85:df:78:fb:f3:2b:2f:5d:
6d:2d:ea:6b:79:99:d1:3d:fd:50:a2:2a:75:19:21:
91:5a:27:24:04:83:b5:14:5e:52:8a:29:51:b3:4d:
e7:4b:ed:57:6e:b4:98:45:c8:3c:d5:31:ae:c2:8f:
09:b6:b5:7c:46:9e:8a:d0:77:2a:2b:e5:19:e2:07:
eb:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:88:1C:75:37:96:64:51:AA:24:A8:3D:9F:78:96:1C:C0:2C:0B:B6
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/rIgcdTeWZFGqJKg9n3iWHMAsC7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.246.50.0-87.246.53.255
87.246.56.0/22
109.160.92.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:b5:66:ab:07:05:7a:59:bf:2e:17:e1:17:52:af:7a:79:b7:
70:ed:0c:c5:66:df:d4:05:f6:f1:3f:a9:47:89:a3:65:eb:f6:
9d:38:db:c4:82:09:34:8a:5e:a0:93:92:33:4c:2b:07:c6:7b:
9d:ed:10:fe:14:ab:8a:c3:50:5c:74:78:69:65:e5:17:9e:41:
1e:13:77:01:5d:dd:75:e6:ca:94:49:65:c2:74:7d:c5:1e:55:
61:7b:c3:86:a6:62:87:6d:b7:6d:a5:e1:5f:08:64:e6:d6:3a:
ce:b7:d3:9f:e1:39:b4:c2:fa:75:08:3d:29:77:bf:e4:28:86:
84:aa:05:aa:f7:a1:91:e7:39:3a:19:f0:22:0b:7a:a3:27:8c:
fe:bd:96:de:f4:f0:8d:0c:4b:0a:bc:58:1a:03:96:65:0b:4f:
e1:a2:87:0d:79:a2:9b:fa:be:05:81:17:03:de:a2:ff:9d:d0:
77:f1:10:b5:17:06:64:e0:c1:2f:df:be:4f:b5:4a:89:ee:c8:
fd:4b:73:62:96:6a:f8:6a:8d:c8:47:6e:d4:f9:c4:4b:54:81:
b9:9c:0c:61:93:10:19:24:d5:ea:57:8c:fb:31:a9:cc:5a:10:
88:76:24:c7:2f:4d:34:5f:97:23:25:13:0d:d6:9f:f3:42:33:
2d:59:87:9d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQma2OBki8TnW/dGUYEI1WkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjUwMTAyMDk0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzg4MWM3NTM3OTY2NDUxYWEyNGE4M2Q5Zjc4OTYxY2MwMmMwYmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJTbd3qrQYp2C4cXVoPzbvZPN1F8
CIR/lI5mWq6wxpUIkD4ofQ131JauGXeM1u8GmcS2PAp9nAvBSdUTnW4AlKQFxFOo
MHNqw6gmWaSp2DNy4VznVJtoCb9tMLCX/Qj3OyMGU6loKyA+sDK+HZREkO9kUIym
5ZV8WbuOnD66VI50P/3p6kq4Khsb2ejulMkHBfhKm+hvn1HCGneweA7PvRNHForC
y1of8yuQadMAUOaoQ8FBObpTsOwbhd94+/MrL11tLepreZnRPf1Qoip1GSGRWick
BIO1FF5SiilRs03nS+1XbrSYRcg81TGuwo8JtrV8Rp6K0HcqK+UZ4gfrPQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKyIHHU3lmRRqiSoPZ94lhzALAu2MB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvcklnY2RUZVdaRkdxSktnOW4zaVdITUFzQzdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAFX9jID
BAFX9jQDBAJX9jgDBAJtoFwwDQYJKoZIhvcNAQELBQADggEBAGy1ZqsHBXpZvy4X
4RdSr3p5t3DtDMVm39QF9vE/qUeJo2Xr9p0428SCCTSKXqCTkjNMKwfGe53tEP4U
q4rDUFx0eGll5ReeQR4TdwFd3XXmypRJZcJ0fcUeVWF7w4amYodtt22l4V8IZObW
Os6305/hObTC+nUIPSl3v+QohoSqBar3oZHnOToZ8CILeqMnjP69lt708I0MSwq8
WBoDlmULT+Gihw15opv6vgWBFwPeov+d0HfxELUXBmTgwS/fvk+1SonuyP1Lc2KW
avhqjchHbtT5xEtUgbmcDGGTEBkk1epXjPsxqcxaEIh2JMcvTTRflyMlEw3Wn/NC
My1Zh50=
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:07:27 2025 by rpki-client