Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/60eIn0VN45RIj-vR-y3bpL4yCdM.roa
File: 60eIn0VN45RIj-vR-y3bpL4yCdM.roa (raw, json)
Hash identifier: 72pNS84vVLj1UnJZFUVixKjT4YU2nH077D/faDBa9bU=
Subject key identifier: EB:47:88:9F:45:4D:E3:94:48:8F:EB:D1:FB:2D:DB:A4:BE:32:09:D3
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019427B57341BA771661BA48066039D42F12
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/60eIn0VN45RIj-vR-y3bpL4yCdM.roa
Signing time: Thu 02 Jan 2025 15:49:50 +0000
ROA not before: Thu 02 Jan 2025 15:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215540
IP address blocks: 89.23.103.0/24 maxlen: 24
89.23.107.0/24 maxlen: 24
89.23.108.0/24 maxlen: 24
185.39.204.0/24 maxlen: 24
185.39.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:73:41:ba:77:16:61:ba:48:06:60:39:d4:2f:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 2 15:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb47889f454de394488febd1fb2ddba4be3209d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b0:ed:06:e0:25:33:ac:2a:bf:21:e1:6f:e5:
40:7c:fd:f1:4f:69:d3:b5:0c:40:c5:5f:c8:58:f6:
e3:08:6d:e9:f8:75:fb:cd:69:7c:6b:f3:27:b2:c5:
a4:15:e5:20:36:5f:52:cd:73:b2:83:dd:dc:c5:29:
27:65:9c:97:eb:3c:f0:42:2e:4b:9d:68:26:fe:0a:
69:80:55:27:70:d9:69:39:04:21:02:1d:39:88:d1:
74:5d:4d:55:f5:ff:0e:bd:d2:0c:b4:5c:82:2a:2f:
c1:5f:42:3b:b3:f3:15:96:f9:a5:d5:fb:97:44:8f:
02:c8:41:4a:83:34:83:6a:07:e3:a3:9e:bf:7e:2e:
03:a1:68:fd:0d:1a:c8:3d:f5:b9:a3:5c:e7:d8:97:
eb:3b:63:36:3b:56:99:28:71:9e:28:18:b4:57:64:
f3:16:fc:c5:61:b3:63:9b:41:7b:f5:04:2a:1e:c7:
22:95:d5:82:4e:c8:e3:fe:44:7e:a3:34:fd:29:d6:
96:ce:31:d4:23:21:ea:d7:a3:a4:82:72:9c:0b:8f:
a8:11:ae:fa:c6:0c:05:ad:dd:e1:7a:20:92:e0:63:
7d:60:b5:7f:11:18:e8:0c:d0:a8:9b:c8:10:27:f3:
c1:17:9a:20:df:8a:92:db:93:a9:2d:e5:64:6d:96:
fd:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:47:88:9F:45:4D:E3:94:48:8F:EB:D1:FB:2D:DB:A4:BE:32:09:D3
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/60eIn0VN45RIj-vR-y3bpL4yCdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.103.0/24
89.23.107.0-89.23.108.255
185.39.204.0/24
185.39.207.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:35:85:84:b7:04:12:20:fb:a5:e4:a5:47:25:05:10:a1:05:
4a:91:7f:57:30:9c:3a:c4:06:bb:55:5d:97:e6:71:05:98:8c:
36:5f:f6:b3:55:7f:1e:79:f8:50:7e:0d:8d:f2:68:58:a1:54:
f8:66:9b:d7:a8:4f:b8:29:2c:38:09:9c:4d:1a:f3:27:ba:f8:
2f:a2:d1:1d:cb:52:4e:b2:14:c1:2b:b9:48:c6:7c:88:1c:b4:
08:e8:67:df:7d:a1:dc:29:be:6c:61:ae:94:a7:b9:50:ab:36:
6a:fd:41:53:0d:f1:15:f1:27:de:aa:ff:16:d0:c5:bf:45:de:
c2:97:f1:d8:dc:b6:4f:92:75:cb:ef:10:f3:51:80:a5:47:8a:
bb:00:92:41:9c:b4:f7:1f:8c:49:b1:1e:cc:ce:20:fb:b3:5b:
dc:5f:ac:c9:f1:d7:c9:34:6a:91:76:9b:6a:1e:57:97:8f:d0:
d7:31:45:87:13:e7:54:a0:6b:44:3d:90:e6:17:bc:8c:7b:aa:
54:0c:aa:fd:e0:f1:a3:5c:a8:02:3d:0a:c5:8a:0a:40:ac:a5:
b7:10:c3:88:20:43:b9:31:ae:76:96:c3:9d:5d:3f:8e:bd:0e:
f3:9f:c9:d5:14:d0:d1:21:ab:55:b6:53:91:7b:5e:13:08:fa:
b8:f3:19:eb
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQntXNBuncWYbpIBmA51C8SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMTAyMTU0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjQ3ODg5ZjQ1NGRlMzk0NDg4ZmViZDFmYjJkZGJhNGJlMzIwOWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7DtBuAlM6wqvyHhb+VAfP3xT2nT
tQxAxV/IWPbjCG3p+HX7zWl8a/MnssWkFeUgNl9SzXOyg93cxSknZZyX6zzwQi5L
nWgm/gppgFUncNlpOQQhAh05iNF0XU1V9f8OvdIMtFyCKi/BX0I7s/MVlvml1fuX
RI8CyEFKgzSDagfjo56/fi4DoWj9DRrIPfW5o1zn2JfrO2M2O1aZKHGeKBi0V2Tz
FvzFYbNjm0F79QQqHscildWCTsjj/kR+ozT9KdaWzjHUIyHq16OkgnKcC4+oEa76
xgwFrd3heiCS4GN9YLV/ERjoDNCom8gQJ/PBF5og34qS25OpLeVkbZb9UQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOtHiJ9FTeOUSI/r0fst26S+MgnTMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvNjBlSW4wVk40NVJJai12Ui15M2JwTDR5Q2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAWRdnMAwD
BABZF2sDBABZF2wDBAC5J8wDBAC5J88wDQYJKoZIhvcNAQELBQADggEBANc1hYS3
BBIg+6XkpUclBRChBUqRf1cwnDrEBrtVXZfmcQWYjDZf9rNVfx55+FB+DY3yaFih
VPhmm9eoT7gpLDgJnE0a8ye6+C+i0R3LUk6yFMEruUjGfIgctAjoZ999odwpvmxh
rpSnuVCrNmr9QVMN8RXxJ96q/xbQxb9F3sKX8djctk+SdcvvEPNRgKVHirsAkkGc
tPcfjEmxHszOIPuzW9xfrMnx18k0apF2m2oeV5eP0NcxRYcT51Sga0Q9kOYXvIx7
qlQMqv3g8aNcqAI9CsWKCkCspbcQw4ggQ7kxrnaWw51dP469DvOfydUU0NEhq1W2
U5F7XhMI+rjzGes=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:40 2025 by rpki-client