Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/zYlFk9VvNBf8_HHwjaZ3Qr2TNO0.roa
File: zYlFk9VvNBf8_HHwjaZ3Qr2TNO0.roa (raw, json)
Hash identifier: B3h0wgv0JWLorEMuwDdeP+ureN2j4QO5MpxjdxlkMK4=
Subject key identifier: CD:89:45:93:D5:6F:34:17:FC:FC:71:F0:8D:A6:77:42:BD:93:34:ED
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0196AA387C960A7E02D5F9669865022AE657
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/zYlFk9VvNBf8_HHwjaZ3Qr2TNO0.roa
Signing time: Wed 07 May 2025 10:09:10 +0000
ROA not before: Wed 07 May 2025 10:09:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 91.109.45.0/24 maxlen: 24
147.185.196.0/24 maxlen: 24
193.168.203.0/24 maxlen: 24
207.244.208.0/24 maxlen: 24
207.244.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 19:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:aa:38:7c:96:0a:7e:02:d5:f9:66:98:65:02:2a:e6:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: May 7 10:09:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd894593d56f3417fcfc71f08da67742bd9334ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:61:07:53:aa:25:9d:4c:8e:9d:71:dc:82:74:
a4:57:a0:14:bc:95:eb:eb:e1:04:6d:b6:80:84:09:
ac:ce:b8:d9:99:f6:b1:a5:8d:4f:f3:a3:15:c3:94:
d8:71:a9:9b:65:e3:ae:3f:8b:2b:32:23:b8:fd:a9:
f6:67:ba:41:93:92:78:ce:a1:a0:42:3c:e5:4f:47:
d2:78:e8:4d:af:8d:29:f8:2c:dd:f4:3a:06:fc:f3:
4a:3a:ad:3f:18:4b:f0:e4:10:95:1c:61:e2:b2:d7:
57:c2:e7:9f:8c:3e:73:1e:9b:eb:d4:22:b1:3b:1f:
8f:c1:8b:23:d6:e4:83:71:1b:98:8e:0f:39:c3:d6:
dd:48:5b:6d:da:d4:c4:72:2c:0d:d1:ea:9d:f8:d6:
77:e5:af:a7:ff:aa:9e:ac:77:a3:ee:e6:e4:33:44:
f8:0f:83:07:91:d3:9e:c2:dc:05:51:d0:3a:71:46:
ad:9c:42:22:80:f7:03:e9:a2:f8:95:99:5a:03:ff:
8f:d8:b1:39:2a:3c:1c:c6:8e:be:47:1f:dd:a6:f4:
32:a2:c8:c1:73:3c:c3:41:d9:42:60:94:b0:63:d4:
b5:64:84:cc:6a:71:bd:93:23:e9:a8:aa:a4:d9:34:
a2:bf:30:91:95:88:bc:e2:26:7b:41:51:40:9f:05:
7e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:89:45:93:D5:6F:34:17:FC:FC:71:F0:8D:A6:77:42:BD:93:34:ED
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/zYlFk9VvNBf8_HHwjaZ3Qr2TNO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.45.0/24
147.185.196.0/24
193.168.203.0/24
207.244.208.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:6d:d2:dd:db:fe:0c:71:34:f7:b2:a4:c0:33:ec:68:9a:68:
07:de:3c:fa:78:de:16:35:c1:31:6d:ac:67:8e:37:34:2b:2b:
07:0d:47:58:d3:7c:8d:85:a5:49:45:d4:cf:2d:41:6c:97:de:
bd:1b:a2:3d:1f:5b:30:6c:67:eb:18:37:99:98:5c:88:b5:cb:
05:b1:fd:3a:7a:37:f8:b8:99:e0:f5:ae:3c:b5:a2:2a:26:21:
6a:0c:0b:9a:74:4d:52:3c:eb:52:d4:6e:ab:4f:b0:5a:2c:f1:
28:6e:16:a8:9d:13:a6:71:4d:cf:75:75:0e:ee:8b:35:af:9f:
6a:da:be:f0:f9:4c:3c:56:e7:f6:ee:7c:76:0d:d3:3d:7b:8a:
9e:37:61:cc:9d:6c:9b:f2:bb:fa:ea:89:6c:7a:d7:ee:b3:96:
59:dc:4e:6b:a6:46:19:11:ba:51:09:64:67:bf:69:0a:5c:dc:
d1:66:f8:7f:46:1b:7b:dc:9a:17:87:ae:69:af:d2:5f:67:2f:
55:73:25:b1:ac:bc:ed:3a:15:a8:06:fe:b3:09:bf:d5:d2:8e:
50:86:e2:6d:b8:12:14:17:80:1c:06:38:9d:53:68:e3:5b:5d:
28:02:07:ee:49:b9:c5:ba:e1:e6:31:18:84:93:29:59:83:91:
cc:df:f8:82
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZaqOHyWCn4C1flmmGUCKuZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwNTA3MTAwOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDg5NDU5M2Q1NmYzNDE3ZmNmYzcxZjA4ZGE2Nzc0MmJkOTMzNGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mEHU6olnUyOnXHcgnSkV6AUvJXr
6+EEbbaAhAmszrjZmfaxpY1P86MVw5TYcambZeOuP4srMiO4/an2Z7pBk5J4zqGg
QjzlT0fSeOhNr40p+Czd9DoG/PNKOq0/GEvw5BCVHGHistdXwuefjD5zHpvr1CKx
Ox+PwYsj1uSDcRuYjg85w9bdSFtt2tTEciwN0eqd+NZ35a+n/6qerHej7ubkM0T4
D4MHkdOewtwFUdA6cUatnEIigPcD6aL4lZlaA/+P2LE5Kjwcxo6+Rx/dpvQyosjB
czzDQdlCYJSwY9S1ZITManG9kyPpqKqk2TSivzCRlYi84iZ7QVFAnwV+nQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM2JRZPVbzQX/Pxx8I2md0K9kzTtMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvellsRms5VnZOQmY4X0hId2phWjNRcjJUTk8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW20tAwQA
k7nEAwQAwajLAwQBz/TQMA0GCSqGSIb3DQEBCwUAA4IBAQBubdLd2/4McTT3sqTA
M+xommgH3jz6eN4WNcExbaxnjjc0KysHDUdY03yNhaVJRdTPLUFsl969G6I9H1sw
bGfrGDeZmFyItcsFsf06ejf4uJng9a48taIqJiFqDAuadE1SPOtS1G6rT7BaLPEo
bhaonROmcU3PdXUO7os1r59q2r7w+Uw8Vuf27nx2DdM9e4qeN2HMnWyb8rv66ols
etfus5ZZ3E5rpkYZEbpRCWRnv2kKXNzRZvh/Rht73JoXh65pr9JfZy9VcyWxrLzt
OhWoBv6zCb/V0o5QhuJtuBIUF4AcBjidU2jjW10oAgfuSbnFuuHmMRiEkylZg5HM
3/iC
-----END CERTIFICATE-----
Generated at Sun May 11 04:09:37 2025 by rpki-client