Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/61CGxBWFgu_6xuYgR1277EhVuzs.roa
File: 61CGxBWFgu_6xuYgR1277EhVuzs.roa (raw, json)
Hash identifier: t6Nd1VjYIV20csBMiqnpmXOcSB9kKbylaX7adVu2vls=
Subject key identifier: EB:50:86:C4:15:85:82:EF:FA:C6:E6:20:47:5D:BB:EC:48:55:BB:3B
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 019427B67FFDCA8251408750546C609A7EFE
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/61CGxBWFgu_6xuYgR1277EhVuzs.roa
Signing time: Thu 02 Jan 2025 15:50:59 +0000
ROA not before: Thu 02 Jan 2025 15:50:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200420
IP address blocks: 91.232.117.0/24 maxlen: 24
185.76.82.0/24 maxlen: 24
192.109.248.0/24 maxlen: 24
195.49.205.0/24 maxlen: 24
212.110.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:7f:fd:ca:82:51:40:87:50:54:6c:60:9a:7e:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 2 15:50:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb5086c4158582effac6e620475dbbec4855bb3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5e:d2:8a:91:5f:73:ad:23:e7:98:49:2d:a2:
a4:1d:08:53:0b:85:36:75:4e:4a:d9:9b:34:22:27:
14:7e:cc:19:57:5f:71:43:23:7b:cd:0c:08:7f:b4:
d4:21:91:d1:a5:74:0b:5f:07:bf:b8:80:dd:a8:1e:
e0:07:e2:0c:2e:d8:1a:e3:f7:15:2a:15:a8:c9:9a:
f4:d0:9c:5e:70:7e:0a:d0:c7:5d:33:59:ab:ab:5b:
95:6d:bc:52:0f:d8:45:e7:3a:1d:95:f4:48:d5:e1:
f7:57:0b:1b:6d:c6:27:f0:38:63:61:b3:46:c7:db:
2e:f3:96:f7:ea:b2:54:0d:eb:25:78:69:e1:4e:a1:
92:9c:33:98:ef:4d:11:06:4b:11:77:bd:0e:1d:17:
0f:d1:27:c4:23:55:6e:74:61:4f:04:df:80:b5:f3:
d0:52:03:bd:a6:bd:9a:09:bc:0b:41:69:19:e1:54:
c5:e3:c8:aa:23:3e:25:f0:cf:05:41:d2:b2:03:81:
3f:e6:bf:02:c6:37:5d:13:08:f8:9b:e6:6e:c6:ff:
1a:94:88:04:72:e9:36:14:49:fb:bf:62:34:14:05:
26:2e:90:6c:5a:25:25:94:b0:d9:ad:96:bc:4e:d9:
82:ba:39:a6:02:6d:56:e3:f8:58:33:e0:68:dd:8a:
25:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:50:86:C4:15:85:82:EF:FA:C6:E6:20:47:5D:BB:EC:48:55:BB:3B
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/61CGxBWFgu_6xuYgR1277EhVuzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.117.0/24
185.76.82.0/24
192.109.248.0/24
195.49.205.0/24
212.110.157.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:b7:3a:6d:3e:4b:bd:71:f5:59:c6:33:64:84:a3:64:99:49:
7e:1f:74:e1:4d:cc:f1:a9:81:9e:e8:cc:9f:b7:fa:1d:44:b4:
14:01:bb:c4:37:96:e2:e2:7f:b7:fc:4f:37:43:a0:cf:db:1e:
1f:95:34:70:52:7f:ed:89:45:fa:bb:93:8c:76:05:3a:d1:16:
e5:c1:25:a7:18:5c:c8:7e:9c:49:d5:2b:15:d7:9a:82:94:eb:
5b:e0:40:e0:f7:64:f1:5a:67:cd:c9:fe:d5:de:d0:2e:5d:ef:
7b:83:c3:f9:17:64:8c:3a:71:08:4a:2e:df:8f:54:70:74:b1:
4a:e0:07:8a:fe:0e:cb:8f:91:87:58:fa:46:04:ca:8b:d0:dc:
64:12:39:fe:c3:48:87:8b:cd:fa:68:14:08:2e:c2:38:71:67:
b0:2e:a6:57:b3:e8:10:37:a2:f2:2e:46:0b:d6:05:5b:9e:50:
b1:4f:1d:a4:a9:8b:2b:6e:26:e4:1b:f6:10:6f:7a:b2:fa:ed:
8e:7d:82:8c:30:b8:dd:0c:8d:58:50:5e:f1:98:b5:c5:ad:4c:
f4:ac:88:02:79:04:2a:a8:ce:50:7b:8c:ad:01:1e:d9:30:57:
c2:6d:fc:88:e9:fc:9f:9c:7c:af:f8:55:92:9a:0d:e7:7e:18:
41:c9:de:b7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQntn/9yoJRQIdQVGxgmn7+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjUwMTAyMTU1MDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjUwODZjNDE1ODU4MmVmZmFjNmU2MjA0NzVkYmJlYzQ4NTViYjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw17SipFfc60j55hJLaKkHQhTC4U2
dU5K2Zs0IicUfswZV19xQyN7zQwIf7TUIZHRpXQLXwe/uIDdqB7gB+IMLtga4/cV
KhWoyZr00JxecH4K0MddM1mrq1uVbbxSD9hF5zodlfRI1eH3VwsbbcYn8DhjYbNG
x9su85b36rJUDesleGnhTqGSnDOY700RBksRd70OHRcP0SfEI1VudGFPBN+AtfPQ
UgO9pr2aCbwLQWkZ4VTF48iqIz4l8M8FQdKyA4E/5r8CxjddEwj4m+Zuxv8alIgE
cuk2FEn7v2I0FAUmLpBsWiUllLDZrZa8TtmCujmmAm1W4/hYM+Bo3YolPwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOtQhsQVhYLv+sbmIEddu+xIVbs7MB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvNjFDR3hCV0ZndV82eHVZZ1IxMjc3RWhWdXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW+h1AwQA
uUxSAwQAwG34AwQAwzHNAwQA1G6dMA0GCSqGSIb3DQEBCwUAA4IBAQALtzptPku9
cfVZxjNkhKNkmUl+H3ThTczxqYGe6Myft/odRLQUAbvEN5bi4n+3/E83Q6DP2x4f
lTRwUn/tiUX6u5OMdgU60RblwSWnGFzIfpxJ1SsV15qClOtb4EDg92TxWmfNyf7V
3tAuXe97g8P5F2SMOnEISi7fj1RwdLFK4AeK/g7Lj5GHWPpGBMqL0NxkEjn+w0iH
i836aBQILsI4cWewLqZXs+gQN6LyLkYL1gVbnlCxTx2kqYsrbibkG/YQb3qy+u2O
fYKMMLjdDI1YUF7xmLXFrUz0rIgCeQQqqM5Qe4ytAR7ZMFfCbfyI6fyfnHyv+FWS
mg3nfhhByd63
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:15 2025 by rpki-client