Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/kUsfavoW0tgLP0rVfvoUpj76oaE.roa
File: kUsfavoW0tgLP0rVfvoUpj76oaE.roa (raw, json)
Hash identifier: eUPDcAUHIv99kKNGc8tlkhcGyCjtDrSLtoS2wNO+r8E=
Subject key identifier: 91:4B:1F:6A:FA:16:D2:D8:0B:3F:4A:D5:7E:FA:14:A6:3E:FA:A1:A1
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C54B0DB5DC63CED50110686DB4C39
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/kUsfavoW0tgLP0rVfvoUpj76oaE.roa
Signing time: Thu 02 Jan 2025 09:50:21 +0000
ROA not before: Thu 02 Jan 2025 09:50:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8570
IP address blocks: 95.179.0.0/18 maxlen: 22
95.179.64.0/19 maxlen: 20
95.179.80.0/20 maxlen: 24
95.179.96.0/19 maxlen: 22
109.172.32.0/22 maxlen: 22
109.172.40.0/22 maxlen: 22
178.234.0.0/16 maxlen: 18
195.34.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 00:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:54:b0:db:5d:c6:3c:ed:50:11:06:86:db:4c:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=914b1f6afa16d2d80b3f4ad57efa14a63efaa1a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:8b:fd:52:29:59:e4:e3:df:2d:a0:ef:c8:2f:
77:a5:23:fa:b6:8c:d1:41:c9:39:13:cc:bf:87:bd:
96:25:9f:c0:89:ac:72:6c:ae:f6:93:d9:d9:13:e4:
dd:9a:bd:c2:fb:39:df:6f:aa:3e:45:fd:f9:ce:44:
ca:bf:bb:67:72:0f:47:7e:48:1d:4d:22:32:eb:76:
80:c9:39:5f:c8:3c:37:87:ec:0d:b3:db:d7:6b:69:
4f:90:75:6d:7b:f1:87:98:ed:b9:e0:4f:05:49:81:
e6:91:15:81:b5:8a:57:7b:66:79:99:67:ae:5b:a7:
33:44:c6:91:07:da:9c:ee:cc:3e:b7:4c:9a:1c:bd:
a0:73:12:8f:69:5b:9c:ec:ac:32:50:08:c0:57:07:
9b:6d:b1:44:f2:7c:a5:a3:39:18:a5:15:1f:24:51:
37:ad:8b:27:9f:58:cd:7d:1a:2e:31:e9:15:c5:89:
b5:11:b6:4c:8a:7f:55:9c:17:ce:76:bb:88:5f:48:
b9:71:3c:72:24:15:e8:c8:1a:5d:3b:4f:c1:f1:c5:
a9:36:62:cf:07:a7:68:2a:ee:29:97:97:ae:ee:b9:
47:fb:46:b4:3f:be:bf:f5:07:ab:08:4f:b5:82:26:
1e:c1:3c:ca:4d:6c:63:d7:8d:34:06:9f:b0:df:5a:
cf:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:4B:1F:6A:FA:16:D2:D8:0B:3F:4A:D5:7E:FA:14:A6:3E:FA:A1:A1
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/kUsfavoW0tgLP0rVfvoUpj76oaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.179.0.0/17
109.172.32.0/22
109.172.40.0/22
178.234.0.0/16
195.34.224.0/19
Signature Algorithm: sha256WithRSAEncryption
5f:de:62:d9:f7:96:57:6d:2c:e5:7b:df:f8:a1:9a:8a:81:4c:
9a:55:7a:06:11:ab:06:e1:fb:92:60:2a:37:58:4e:c5:04:1a:
e3:df:e2:a4:c0:05:f9:68:16:c3:f6:57:94:9d:fc:c4:93:46:
98:51:ae:66:a3:26:0e:28:6f:50:16:c3:ab:8b:5c:ab:1b:b0:
d9:d7:2c:0a:7c:0b:91:52:c9:ec:ba:50:08:7c:6b:09:f1:67:
21:2c:06:d4:66:c5:cc:ec:f2:56:5b:96:c5:f1:ea:6e:2f:8a:
76:39:68:ee:f5:e7:63:ac:f1:55:fb:07:bc:9a:54:d0:74:f7:
bc:ec:23:d8:0d:bd:08:3b:ba:ff:73:8a:ed:55:88:12:62:9e:
38:48:25:73:de:05:6c:0b:ac:ea:74:45:3a:c0:92:a4:d4:e3:
1e:cb:19:1e:f9:ac:3f:7c:52:b1:68:27:1e:f6:c9:30:a5:33:
17:d2:ed:5b:33:4c:e4:11:e1:b0:65:88:4d:dc:89:d2:d4:88:
a6:8c:a8:78:70:66:76:06:c5:11:be:db:18:e1:38:5a:b8:04:
3f:6f:ca:bb:b3:71:24:1a:1b:dd:2a:a9:70:fa:5a:a1:b1:9b:
47:db:a5:7a:08:7f:53:3a:da:84:12:b2:fa:6a:72:53:39:99:
d6:a4:ef:c3
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQmbFSw213GPO1QEQaG20w5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTRiMWY2YWZhMTZkMmQ4MGIzZjRhZDU3ZWZhMTRhNjNlZmFhMWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA44v9UilZ5OPfLaDvyC93pSP6tozR
Qck5E8y/h72WJZ/AiaxybK72k9nZE+Tdmr3C+znfb6o+Rf35zkTKv7tncg9Hfkgd
TSIy63aAyTlfyDw3h+wNs9vXa2lPkHVte/GHmO254E8FSYHmkRWBtYpXe2Z5mWeu
W6czRMaRB9qc7sw+t0yaHL2gcxKPaVuc7KwyUAjAVwebbbFE8nylozkYpRUfJFE3
rYsnn1jNfRouMekVxYm1EbZMin9VnBfOdruIX0i5cTxyJBXoyBpdO0/B8cWpNmLP
B6doKu4pl5eu7rlH+0a0P76/9QerCE+1giYewTzKTWxj1400Bp+w31rPWQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJFLH2r6FtLYCz9K1X76FKY++qGhMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEva1VzZmF2b1cwdGdMUDByVmZ2b1Vwajc2b2FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAATAdAwQHX7MAAwQC
bawgAwQCbawoAwMAsuoDBAXDIuAwDQYJKoZIhvcNAQELBQADggEBAF/eYtn3lldt
LOV73/ihmoqBTJpVegYRqwbh+5JgKjdYTsUEGuPf4qTABfloFsP2V5Sd/MSTRphR
rmajJg4ob1AWw6uLXKsbsNnXLAp8C5FSyey6UAh8awnxZyEsBtRmxczs8lZblsXx
6m4vinY5aO7152Os8VX7B7yaVNB097zsI9gNvQg7uv9ziu1ViBJinjhIJXPeBWwL
rOp0RTrAkqTU4x7LGR75rD98UrFoJx72yTClMxfS7VszTOQR4bBliE3cidLUiKaM
qHhwZnYGxRG+2xjhOFq4BD9vyruzcSQaG90qqXD6WqGxm0fbpXoIf1M62oQSsvpq
clM5mdak78M=
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:29:56 2025 by rpki-client