Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/ayI-UL4oibibFX4cW3YWUk6xSTs.roa
File: ayI-UL4oibibFX4cW3YWUk6xSTs.roa (raw, json)
Hash identifier: N1Uh/40VgHWlkmnSe6ILZ6Uts2Fhgd/GOVLIcEzqLXQ=
Subject key identifier: 6B:22:3E:50:BE:28:89:B8:9B:15:7E:1C:5B:76:16:52:4E:B1:49:3B
Certificate issuer: /CN=afb4e04a0ed344112c1853cab09f52e1cd9abaf2
Certificate serial: 019576EFC5CDE1469541825E030C0216ED35
Authority key identifier: AF:B4:E0:4A:0E:D3:44:11:2C:18:53:CA:B0:9F:52:E1:CD:9A:BA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r7TgSg7TRBEsGFPKsJ9S4c2auvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/ayI-UL4oibibFX4cW3YWUk6xSTs.roa
Signing time: Sat 08 Mar 2025 18:06:19 +0000
ROA not before: Sat 08 Mar 2025 18:06:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213205
IP address blocks: 81.163.208.0/24 maxlen: 24
81.163.209.0/24 maxlen: 24
81.163.213.0/24 maxlen: 24
81.163.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/r7TgSg7TRBEsGFPKsJ9S4c2auvI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/r7TgSg7TRBEsGFPKsJ9S4c2auvI.mft
rsync://rpki.ripe.net/repository/DEFAULT/r7TgSg7TRBEsGFPKsJ9S4c2auvI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 14:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:76:ef:c5:cd:e1:46:95:41:82:5e:03:0c:02:16:ed:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afb4e04a0ed344112c1853cab09f52e1cd9abaf2
Validity
Not Before: Mar 8 18:06:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b223e50be2889b89b157e1c5b7616524eb1493b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e3:74:3f:93:8c:91:38:2f:90:9f:4d:cc:a8:
77:21:a6:50:28:df:eb:07:a8:9c:3c:7c:36:d2:92:
df:12:b2:bb:97:3e:93:73:9a:a4:b2:53:58:97:ab:
e5:ed:cb:0f:95:f4:ed:4d:af:ee:80:bc:c9:2f:14:
cf:56:5a:84:69:09:87:dd:76:03:24:cc:e3:84:ac:
2c:49:df:77:51:71:4e:f8:c9:70:a5:8f:87:f4:5a:
1d:60:19:c5:f6:f1:e6:84:10:0d:b2:5e:32:22:83:
0b:44:01:92:29:1e:05:0b:5f:72:da:81:83:8f:62:
08:ae:36:65:40:e3:6d:44:60:63:bd:3f:36:7f:f1:
04:59:03:12:0b:44:99:27:31:06:4b:e4:f2:55:cb:
f4:66:a5:e4:0f:c2:59:90:4e:f5:29:1e:fb:ad:28:
79:f6:77:fd:36:66:8a:91:14:2f:c4:f3:00:97:d7:
96:ce:cd:3c:4b:17:c5:25:94:d3:63:49:5f:4c:b5:
bc:6c:c6:65:b8:42:1d:01:2a:22:08:fa:90:26:09:
4a:a2:20:5e:28:9d:67:e3:13:e3:8e:f8:af:68:e7:
b6:a9:b8:05:a2:3f:da:41:5c:c3:b8:4c:e8:5c:ac:
25:f0:20:92:b3:6d:27:dd:58:34:a3:ae:b8:fb:a4:
a1:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:22:3E:50:BE:28:89:B8:9B:15:7E:1C:5B:76:16:52:4E:B1:49:3B
X509v3 Authority Key Identifier:
keyid:AF:B4:E0:4A:0E:D3:44:11:2C:18:53:CA:B0:9F:52:E1:CD:9A:BA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r7TgSg7TRBEsGFPKsJ9S4c2auvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/ayI-UL4oibibFX4cW3YWUk6xSTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/r7TgSg7TRBEsGFPKsJ9S4c2auvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.163.208.0/23
81.163.213.0/24
81.163.215.0/24
Signature Algorithm: sha256WithRSAEncryption
98:28:67:44:33:75:b7:2a:b8:2b:10:c8:20:02:cd:d4:b8:32:
dd:9c:9b:28:fb:31:12:b7:e7:6a:58:5a:9b:78:36:17:34:10:
53:ba:75:d0:ba:9a:3b:25:e3:79:7c:8a:b8:dc:51:8a:b0:29:
0e:0c:2a:13:a6:cf:2f:f1:17:d4:c3:37:b0:50:a0:57:d0:58:
b2:f1:b3:e5:13:24:25:90:18:ed:d0:92:df:de:09:4a:c8:91:
c5:b2:75:ca:4b:a8:24:c9:ee:34:10:aa:45:ad:3d:ca:6a:1f:
44:6b:5a:94:b9:d1:49:fa:f5:7a:9c:f4:dc:65:fc:5c:05:3a:
fc:39:7a:a2:21:d9:5e:5e:71:16:b4:d4:db:c0:fa:84:f3:6d:
64:3d:f8:14:5a:87:12:e1:76:e4:37:d3:be:a1:67:52:5f:18:
d0:2f:d1:22:fb:f8:2c:cc:09:08:a1:44:18:34:e6:02:9a:82:
59:e0:a4:20:6f:72:dc:6c:df:e0:27:c6:9c:9f:ef:1b:ac:4a:
50:7f:8d:c3:58:f2:9f:f2:22:3a:1a:2c:c4:35:e9:5e:39:57:
f4:d4:0a:2c:36:90:39:da:eb:1c:b9:7d:ed:51:0b:7c:05:be:
7c:92:28:99:17:76:3e:6d:e1:14:97:ff:2d:02:28:1e:bc:93:
4c:57:df:f9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZV278XN4UaVQYJeAwwCFu01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYjRlMDRhMGVkMzQ0MTEyYzE4NTNjYWIwOWY1MmUxY2Q5
YWJhZjIwHhcNMjUwMzA4MTgwNjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjIyM2U1MGJlMjg4OWI4OWIxNTdlMWM1Yjc2MTY1MjRlYjE0OTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuN0P5OMkTgvkJ9NzKh3IaZQKN/r
B6icPHw20pLfErK7lz6Tc5qkslNYl6vl7csPlfTtTa/ugLzJLxTPVlqEaQmH3XYD
JMzjhKwsSd93UXFO+MlwpY+H9FodYBnF9vHmhBANsl4yIoMLRAGSKR4FC19y2oGD
j2IIrjZlQONtRGBjvT82f/EEWQMSC0SZJzEGS+TyVcv0ZqXkD8JZkE71KR77rSh5
9nf9NmaKkRQvxPMAl9eWzs08SxfFJZTTY0lfTLW8bMZluEIdASoiCPqQJglKoiBe
KJ1n4xPjjvivaOe2qbgFoj/aQVzDuEzoXKwl8CCSs20n3Vg0o664+6ShywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGsiPlC+KIm4mxV+HFt2FlJOsUk7MB8GA1UdIwQY
MBaAFK+04EoO00QRLBhTyrCfUuHNmrryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjdUZ1NnN1RSQkVzR0ZQS3NKOVM0YzJhdXZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8xOWYyZTYtMWJmMy00ZjdhLTg4MTct
ODA5NWYzMjk3MTc5LzEvYXlJLVVMNG9pYmliRlg0Y1czWVdVazZ4U1RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8xOWYyZTYtMWJmMy00ZjdhLTg4MTctODA5NWYzMjk3MTc5
LzEvcjdUZ1NnN1RSQkVzR0ZQS3NKOVM0YzJhdXZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUaPQAwQA
UaPVAwQAUaPXMA0GCSqGSIb3DQEBCwUAA4IBAQCYKGdEM3W3KrgrEMggAs3UuDLd
nJso+zESt+dqWFqbeDYXNBBTunXQupo7JeN5fIq43FGKsCkODCoTps8v8RfUwzew
UKBX0Fiy8bPlEyQlkBjt0JLf3glKyJHFsnXKS6gkye40EKpFrT3Kah9Ea1qUudFJ
+vV6nPTcZfxcBTr8OXqiIdleXnEWtNTbwPqE821kPfgUWocS4XbkN9O+oWdSXxjQ
L9Ei+/gszAkIoUQYNOYCmoJZ4KQgb3LcbN/gJ8acn+8brEpQf43DWPKf8iI6GizE
NeleOVf01AosNpA52uscuX3tUQt8Bb58kiiZF3Y+beEUl/8tAigevJNMV9/5
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:34:33 2025 by rpki-client