Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c6d4ec-a072-4f3e-acda-0cf6384a5610/1/m9KlvtpTq4Ql79O_O_rULA1w-zY.roa
File: m9KlvtpTq4Ql79O_O_rULA1w-zY.roa (raw, json)
Hash identifier: +h4/STkGCXYgH/sIOVE5dquJUDdEfzAIpbql2yKK20U=
Subject key identifier: 9B:D2:A5:BE:DA:53:AB:84:25:EF:D3:BF:3B:FA:D4:2C:0D:70:FB:36
Certificate issuer: /CN=3357ad406df9934b5048b5fa21de31450b936fa9
Certificate serial: 01941F8C27D10D04A168B83B6A772454B2A9
Authority key identifier: 33:57:AD:40:6D:F9:93:4B:50:48:B5:FA:21:DE:31:45:0B:93:6F:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M1etQG35k0tQSLX6Id4xRQuTb6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c6d4ec-a072-4f3e-acda-0cf6384a5610/1/m9KlvtpTq4Ql79O_O_rULA1w-zY.roa
Signing time: Wed 01 Jan 2025 01:47:46 +0000
ROA not before: Wed 01 Jan 2025 01:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199283
IP address blocks: 31.169.112.0/21 maxlen: 21
31.169.112.0/23 maxlen: 23
31.169.114.0/24 maxlen: 24
31.169.115.0/24 maxlen: 24
31.169.116.0/24 maxlen: 24
31.169.117.0/24 maxlen: 24
31.169.118.0/24 maxlen: 24
31.169.119.0/24 maxlen: 24
95.87.104.0/21 maxlen: 21
95.87.104.0/24 maxlen: 24
95.87.105.0/24 maxlen: 24
95.87.106.0/24 maxlen: 24
95.87.107.0/24 maxlen: 24
95.87.108.0/24 maxlen: 24
95.87.109.0/24 maxlen: 24
95.87.110.0/24 maxlen: 24
95.87.111.0/24 maxlen: 24
185.87.208.0/22 maxlen: 22
185.87.208.0/24 maxlen: 24
185.87.209.0/24 maxlen: 24
185.87.210.0/24 maxlen: 24
185.87.211.0/24 maxlen: 24
2a04:2140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/c6d4ec-a072-4f3e-acda-0cf6384a5610/1/M1etQG35k0tQSLX6Id4xRQuTb6k.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/c6d4ec-a072-4f3e-acda-0cf6384a5610/1/M1etQG35k0tQSLX6Id4xRQuTb6k.mft
rsync://rpki.ripe.net/repository/DEFAULT/M1etQG35k0tQSLX6Id4xRQuTb6k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:27:d1:0d:04:a1:68:b8:3b:6a:77:24:54:b2:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3357ad406df9934b5048b5fa21de31450b936fa9
Validity
Not Before: Jan 1 01:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9bd2a5beda53ab8425efd3bf3bfad42c0d70fb36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:05:73:f9:90:2b:a8:32:b9:d0:ca:8a:98:2b:
d5:33:d8:1d:df:98:35:21:2f:ad:85:52:fc:3d:d2:
6f:6e:51:d0:0c:21:6d:0b:72:6d:60:95:b6:4d:a0:
03:0f:59:31:53:d3:8e:e4:d1:f8:7e:ae:be:ab:68:
7a:58:d0:67:e3:7b:67:6c:4c:8f:ec:17:c3:45:87:
81:24:8a:e3:4a:65:ba:31:81:cd:8f:05:f1:9d:00:
66:13:c5:4a:59:5b:ec:d3:a9:e5:f2:26:1f:ba:65:
b3:7a:0a:4a:c7:de:b5:60:27:23:b4:3e:e4:09:90:
21:ce:81:c7:a7:82:d1:60:07:e2:61:1c:6a:66:d9:
90:86:52:b0:49:0b:c2:77:f4:31:84:52:f3:72:8d:
90:d2:3a:51:91:c6:a1:52:4b:77:d5:e7:e4:35:f3:
2f:5c:9e:86:da:19:8b:06:14:8d:f0:df:d2:0a:aa:
b6:09:d7:89:b2:c1:24:25:b7:7d:ad:17:20:ca:03:
d5:d8:e3:dd:d3:db:b9:7d:91:b2:d9:59:f0:8b:74:
e9:55:88:c7:cc:82:51:93:6b:d7:52:a4:bb:08:e3:
36:4b:9b:8f:f3:5e:56:fd:1f:f9:ed:0b:63:d4:f9:
ed:37:da:a7:35:44:48:e1:c4:7e:e4:6b:32:6b:74:
5d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:D2:A5:BE:DA:53:AB:84:25:EF:D3:BF:3B:FA:D4:2C:0D:70:FB:36
X509v3 Authority Key Identifier:
keyid:33:57:AD:40:6D:F9:93:4B:50:48:B5:FA:21:DE:31:45:0B:93:6F:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1etQG35k0tQSLX6Id4xRQuTb6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c6d4ec-a072-4f3e-acda-0cf6384a5610/1/m9KlvtpTq4Ql79O_O_rULA1w-zY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c6d4ec-a072-4f3e-acda-0cf6384a5610/1/M1etQG35k0tQSLX6Id4xRQuTb6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.112.0/21
95.87.104.0/21
185.87.208.0/22
IPv6:
2a04:2140::/29
Signature Algorithm: sha256WithRSAEncryption
75:25:68:32:5b:ed:08:68:84:f3:93:f5:53:f0:99:d4:ee:52:
f3:ef:78:b7:6a:67:4e:8a:e2:cd:ad:cd:9b:2f:22:60:df:a1:
97:74:b5:62:b2:b8:35:88:3f:46:c3:7a:ad:de:e0:17:9f:5a:
96:1f:11:87:5a:1d:f1:a7:15:ac:84:34:65:92:a2:f6:b6:b1:
d0:10:ce:2b:8a:02:76:38:ff:19:00:90:a2:b9:ec:d2:b3:7c:
49:98:1e:ac:81:e9:3f:9a:3d:b0:7e:1f:9f:39:9a:bc:e7:11:
78:3c:b4:04:0b:89:66:d2:bb:f3:da:92:cf:84:f0:c8:13:61:
2e:2f:97:35:9e:d4:35:b2:0b:21:fd:1e:41:53:95:68:6d:f7:
56:73:81:40:e3:83:ea:e1:e2:90:7e:5f:7c:0b:fb:b1:26:6f:
6b:ee:f6:6e:9e:73:ba:56:00:04:1f:db:b7:d6:b2:ea:70:08:
ad:a5:85:02:2c:3e:a3:f9:16:d4:dd:e0:3f:7f:09:45:90:f4:
cc:ff:7e:b2:7e:d9:d4:d2:09:fa:d3:bc:43:2e:7d:88:ae:c5:
cd:4b:d0:8e:0f:83:96:d4:75:d5:4a:5e:21:cb:bb:a5:ef:30:
09:e4:7c:c2:4c:73:d5:8f:1b:1b:20:57:c5:19:7a:84:d5:06:
12:84:86:b8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQfjCfRDQShaLg7anckVLKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNTdhZDQwNmRmOTkzNGI1MDQ4YjVmYTIxZGUzMTQ1MGI5
MzZmYTkwHhcNMjUwMTAxMDE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmQyYTViZWRhNTNhYjg0MjVlZmQzYmYzYmZhZDQyYzBkNzBmYjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAVz+ZArqDK50MqKmCvVM9gd35g1
IS+thVL8PdJvblHQDCFtC3JtYJW2TaADD1kxU9OO5NH4fq6+q2h6WNBn43tnbEyP
7BfDRYeBJIrjSmW6MYHNjwXxnQBmE8VKWVvs06nl8iYfumWzegpKx961YCcjtD7k
CZAhzoHHp4LRYAfiYRxqZtmQhlKwSQvCd/QxhFLzco2Q0jpRkcahUkt31efkNfMv
XJ6G2hmLBhSN8N/SCqq2CdeJssEkJbd9rRcgygPV2OPd09u5fZGy2Vnwi3TpVYjH
zIJRk2vXUqS7COM2S5uP815W/R/57Qtj1PntN9qnNURI4cR+5Gsya3RdNwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJvSpb7aU6uEJe/Tvzv61CwNcPs2MB8GA1UdIwQY
MBaAFDNXrUBt+ZNLUEi1+iHeMUULk2+pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTFldFFHMzVrMHRRU0xYNklkNHhSUXVUYjZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jNmQ0ZWMtYTA3Mi00ZjNlLWFjZGEt
MGNmNjM4NGE1NjEwLzEvbTlLbHZ0cFRxNFFsNzlPX09fclVMQTF3LXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jNmQ0ZWMtYTA3Mi00ZjNlLWFjZGEtMGNmNjM4NGE1NjEw
LzEvTTFldFFHMzVrMHRRU0xYNklkNHhSUXVUYjZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDH6lwAwQD
X1doAwQCuVfQMA0EAgACMAcDBQMqBCFAMA0GCSqGSIb3DQEBCwUAA4IBAQB1JWgy
W+0IaITzk/VT8JnU7lLz73i3amdOiuLNrc2bLyJg36GXdLVisrg1iD9Gw3qt3uAX
n1qWHxGHWh3xpxWshDRlkqL2trHQEM4rigJ2OP8ZAJCiuezSs3xJmB6sgek/mj2w
fh+fOZq85xF4PLQEC4lm0rvz2pLPhPDIE2EuL5c1ntQ1sgsh/R5BU5VobfdWc4FA
44Pq4eKQfl98C/uxJm9r7vZunnO6VgAEH9u31rLqcAitpYUCLD6j+RbU3eA/fwlF
kPTM/36yftnU0gn607xDLn2IrsXNS9COD4OW1HXVSl4hy7ul7zAJ5HzCTHPVjxsb
IFfFGXqE1QYShIa4
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:06 2025 by rpki-client