Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/910rW0Bw8fipl50NZSEFWo6FYeg.roa
File: 910rW0Bw8fipl50NZSEFWo6FYeg.roa (raw, json)
Hash identifier: riJFAAodnqYEZmBJLMybJvSsB9aijZJB7CYPgesovPs=
Subject key identifier: F7:5D:2B:5B:40:70:F1:F8:A9:97:9D:0D:65:21:05:5A:8E:85:61:E8
Certificate issuer: /CN=541fc54762cfe92d76c2f4c6af8999cbccf6bb67
Certificate serial: 01949668ED7C094B6E7332E645871D62E522
Authority key identifier: 54:1F:C5:47:62:CF:E9:2D:76:C2:F4:C6:AF:89:99:CB:CC:F6:BB:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_FR2LP6S12wvTGr4mZy8z2u2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/910rW0Bw8fipl50NZSEFWo6FYeg.roa
Signing time: Fri 24 Jan 2025 03:44:06 +0000
ROA not before: Fri 24 Jan 2025 03:44:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205809
IP address blocks: 66.203.126.0/23 maxlen: 24
94.24.36.0/23 maxlen: 24
162.208.16.0/24 maxlen: 24
185.206.24.0/22 maxlen: 24
2a0b:e40::/29 maxlen: 48
2a0b:e44::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/VB_FR2LP6S12wvTGr4mZy8z2u2c.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/VB_FR2LP6S12wvTGr4mZy8z2u2c.mft
rsync://rpki.ripe.net/repository/DEFAULT/VB_FR2LP6S12wvTGr4mZy8z2u2c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:96:68:ed:7c:09:4b:6e:73:32:e6:45:87:1d:62:e5:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fc54762cfe92d76c2f4c6af8999cbccf6bb67
Validity
Not Before: Jan 24 03:44:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f75d2b5b4070f1f8a9979d0d6521055a8e8561e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:85:7d:4e:5b:5f:1a:56:8c:61:37:36:97:dd:
57:54:fd:cb:dc:7d:0a:b5:fd:2d:e2:e6:87:1b:e7:
5e:ff:d8:c3:f0:62:72:6b:ab:70:94:62:8c:14:14:
f7:e4:6b:9f:1e:7e:dc:d3:91:90:df:97:7f:69:eb:
9e:d2:b2:43:fb:62:76:98:12:5a:4e:1f:22:2b:ee:
fe:82:ac:08:03:68:8c:db:ba:b6:84:f8:59:56:42:
78:30:83:fc:de:da:5d:b5:6d:e1:4b:13:2d:50:bf:
90:be:ff:a3:3b:d6:72:89:f1:d8:2e:97:de:53:9f:
8f:c2:29:c4:95:79:b3:ff:cb:22:ca:80:bf:8b:dd:
48:a1:21:3d:f5:95:38:27:41:6d:e2:03:c6:ee:f0:
0f:f7:52:a4:9b:7f:cf:44:34:63:ca:63:f5:88:09:
6b:10:98:81:6a:d0:78:df:96:fd:2e:ba:21:a3:a3:
26:5c:c3:18:7e:dd:f2:89:7c:76:91:49:6d:51:8c:
cc:68:bf:b7:d8:7a:0e:23:87:89:3f:e5:c3:2f:8a:
c8:31:99:16:c5:93:6a:e5:c0:67:ae:dc:a7:7b:56:
c0:c4:01:a7:6d:9e:a7:b2:c5:69:90:20:c7:30:44:
59:86:b5:a1:72:e8:28:49:6d:81:e6:de:50:1e:0f:
ad:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:5D:2B:5B:40:70:F1:F8:A9:97:9D:0D:65:21:05:5A:8E:85:61:E8
X509v3 Authority Key Identifier:
keyid:54:1F:C5:47:62:CF:E9:2D:76:C2:F4:C6:AF:89:99:CB:CC:F6:BB:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_FR2LP6S12wvTGr4mZy8z2u2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/910rW0Bw8fipl50NZSEFWo6FYeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/VB_FR2LP6S12wvTGr4mZy8z2u2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.203.126.0/23
94.24.36.0/23
162.208.16.0/24
185.206.24.0/22
IPv6:
2a0b:e40::/29
Signature Algorithm: sha256WithRSAEncryption
73:c8:60:a0:a1:cd:9f:a2:a9:22:ba:13:74:19:bb:f7:f0:f2:
47:18:27:8b:f6:1f:e2:fb:f4:aa:9f:f9:a8:52:f3:60:23:48:
22:13:de:20:f5:53:76:ef:b8:e2:b8:26:81:29:c4:c6:7f:2b:
a1:c5:7f:8b:14:15:cb:d3:36:ec:1c:97:b2:cc:fc:e2:60:c5:
dc:2f:59:f5:e7:58:c6:c2:2e:b6:33:b4:ac:13:2d:f8:51:a4:
df:b6:90:a7:6f:43:d9:93:6c:5f:59:88:1f:9b:49:5e:fc:2a:
11:2f:2b:1c:76:e7:57:8a:10:6f:ee:93:26:f5:2c:87:e1:16:
84:65:c2:6c:16:ef:9f:51:20:29:88:8e:2a:fc:d2:2b:dc:db:
10:2c:75:a5:54:c8:92:06:3f:10:21:49:44:69:be:52:b6:9b:
29:42:d0:6c:e4:f2:a0:b2:b0:31:cd:27:30:ce:01:f6:52:6b:
7d:80:de:32:30:6d:ed:3e:02:f3:3f:8f:3d:d4:92:a4:bf:df:
9d:d4:79:93:4a:f9:d8:61:b9:3c:3f:93:76:aa:86:01:6e:5b:
78:92:20:2f:27:5e:12:5a:21:26:8f:4b:af:a6:c8:8d:26:cd:
00:ad:cb:f3:95:cf:b3:38:43:e5:3a:18:aa:5e:25:1e:06:c7:
59:9e:d0:11
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZSWaO18CUtuczLmRYcdYuUiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZjNTQ3NjJjZmU5MmQ3NmMyZjRjNmFmODk5OWNiY2Nm
NmJiNjcwHhcNMjUwMTI0MDM0NDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzVkMmI1YjQwNzBmMWY4YTk5NzlkMGQ2NTIxMDU1YThlODU2MWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoV9TltfGlaMYTc2l91XVP3L3H0K
tf0t4uaHG+de/9jD8GJya6twlGKMFBT35GufHn7c05GQ35d/aeue0rJD+2J2mBJa
Th8iK+7+gqwIA2iM27q2hPhZVkJ4MIP83tpdtW3hSxMtUL+Qvv+jO9ZyifHYLpfe
U5+PwinElXmz/8siyoC/i91IoSE99ZU4J0Ft4gPG7vAP91Kkm3/PRDRjymP1iAlr
EJiBatB435b9Lroho6MmXMMYft3yiXx2kUltUYzMaL+32HoOI4eJP+XDL4rIMZkW
xZNq5cBnrtyne1bAxAGnbZ6nssVpkCDHMERZhrWhcugoSW2B5t5QHg+t2QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPddK1tAcPH4qZedDWUhBVqOhWHoMB8GA1UdIwQY
MBaAFFQfxUdiz+ktdsL0xq+JmcvM9rtnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfRlIyTFA2UzEyd3ZUR3I0bVp5OHoydTJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9kZGRhNWUtZmVlZi00NzYzLTg4ZGEt
OGJjODI1YzNhMzI0LzEvOTEwclcwQnc4ZmlwbDUwTlpTRUZXbzZGWWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9kZGRhNWUtZmVlZi00NzYzLTg4ZGEtOGJjODI1YzNhMzI0
LzEvVkJfRlIyTFA2UzEyd3ZUR3I0bVp5OHoydTJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBQst+AwQB
XhgkAwQAotAQAwQCuc4YMA0EAgACMAcDBQMqCw5AMA0GCSqGSIb3DQEBCwUAA4IB
AQBzyGCgoc2foqkiuhN0Gbv38PJHGCeL9h/i+/Sqn/moUvNgI0giE94g9VN277ji
uCaBKcTGfyuhxX+LFBXL0zbsHJeyzPziYMXcL1n151jGwi62M7SsEy34UaTftpCn
b0PZk2xfWYgfm0le/CoRLyscdudXihBv7pMm9SyH4RaEZcJsFu+fUSApiI4q/NIr
3NsQLHWlVMiSBj8QIUlEab5StpspQtBs5PKgsrAxzScwzgH2Umt9gN4yMG3tPgLz
P4891JKkv9+d1HmTSvnYYbk8P5N2qoYBblt4kiAvJ14SWiEmj0uvpsiNJs0Arcvz
lc+zOEPlOhiqXiUeBsdZntAR
-----END CERTIFICATE-----
Generated at Wed Apr 16 09:11:25 2025 by rpki-client