Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ub7eAvnfR4ZiQITF3sMjpi7lfGE.roa
File: ub7eAvnfR4ZiQITF3sMjpi7lfGE.roa (raw, json)
Hash identifier: ajIgv3DeLJWeIu/ip8kkCgpS0+03JhEo2dJdFFgn7RQ=
Subject key identifier: B9:BE:DE:02:F9:DF:47:86:62:40:84:C5:DE:C3:23:A6:2E:E5:7C:61
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0196A21ECFBF5B75F5A906F16176CB8DFE9C
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ub7eAvnfR4ZiQITF3sMjpi7lfGE.roa
Signing time: Mon 05 May 2025 20:24:10 +0000
ROA not before: Mon 05 May 2025 20:24:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396356
IP address blocks: 91.237.93.0/24 maxlen: 24
91.237.194.0/24 maxlen: 24
178.213.182.0/24 maxlen: 24
178.213.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a2:1e:cf:bf:5b:75:f5:a9:06:f1:61:76:cb:8d:fe:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: May 5 20:24:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b9bede02f9df4786624084c5dec323a62ee57c61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:35:2a:58:37:5a:08:9b:0d:11:20:13:5c:d8:
41:34:6c:03:5f:55:fb:c1:10:cf:38:75:31:3f:17:
46:51:33:c3:20:17:0b:d6:f3:12:5e:97:75:21:7a:
43:d3:91:44:0c:c0:cb:45:9e:d5:ca:1f:37:b5:95:
0a:ab:6a:95:c0:5d:c9:e1:a4:2d:0d:a7:ce:62:77:
b9:34:bc:55:8f:f2:3c:33:ae:64:74:95:94:29:50:
d1:37:c9:b0:fc:4a:4e:b4:d7:c2:cb:22:a7:d6:45:
86:fa:6e:6a:af:15:04:e1:f6:69:ba:df:0b:10:fb:
6f:2f:d4:f3:1c:4c:85:63:39:82:eb:9a:fd:cd:db:
9f:03:18:aa:49:56:12:26:d9:01:1e:05:7a:a7:1a:
58:d4:29:24:2c:9d:41:c6:b1:e9:9b:0b:cf:fb:ef:
f1:73:20:ec:ec:3f:50:2c:4c:ed:c5:92:b8:94:cb:
df:62:64:6b:10:ad:8e:9f:28:12:bb:d7:05:13:36:
a5:f5:a5:af:0b:4f:8d:ed:5c:64:2c:b2:8f:45:9a:
63:aa:48:43:c0:94:f0:0d:ae:47:8c:73:52:8e:fe:
80:fc:3e:26:8d:65:0c:dd:44:75:0d:4a:d0:30:70:
9d:e4:83:57:14:a1:5a:08:98:1c:4a:8f:35:2c:87:
bb:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:BE:DE:02:F9:DF:47:86:62:40:84:C5:DE:C3:23:A6:2E:E5:7C:61
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ub7eAvnfR4ZiQITF3sMjpi7lfGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.93.0/24
91.237.194.0/24
178.213.182.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:bb:2e:8f:f6:73:18:4d:62:16:77:c3:e0:71:b0:ad:01:36:
c9:35:1d:e5:fe:69:d7:5c:5d:0f:69:67:25:e0:54:4e:35:40:
73:6c:f3:ca:3b:3d:70:75:4a:73:71:09:49:d4:49:21:8d:1e:
dd:de:bd:5e:fc:3c:9d:91:a3:50:7e:62:34:34:7b:20:c6:64:
6f:19:e6:73:7f:0b:ad:e6:17:05:9b:52:23:9e:b6:44:1f:72:
1b:c8:1d:e9:fb:e2:e0:de:f2:38:88:40:dd:76:6d:8f:74:f5:
b6:ce:cc:d2:4c:bf:d2:08:50:ce:68:56:70:57:cc:54:9f:9b:
97:50:21:b4:ad:4b:36:23:25:33:3e:6f:26:ec:36:8e:64:e0:
56:c1:90:f4:8d:8f:e2:ed:5f:ec:90:ec:94:86:70:dc:2f:c9:
6a:f6:ad:0c:e3:04:83:28:0e:e5:6a:39:a0:04:e6:83:bd:c6:
0b:7f:93:a0:3f:23:8c:d4:ae:e4:2b:fb:4a:8e:f2:78:00:b8:
5f:48:46:9f:8b:4b:f9:cc:6c:e9:ea:6d:01:26:a5:c3:31:70:
2c:b0:9c:16:11:bc:e5:02:1c:3f:24:e4:c4:ab:f5:61:f8:ca:
4b:bb:5a:07:32:a7:3b:75:c9:8b:ba:f9:e3:b8:b6:a9:8a:e7:
b7:76:4d:89
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZaiHs+/W3X1qQbxYXbLjf6cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwNTA1MjAyNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWJlZGUwMmY5ZGY0Nzg2NjI0MDg0YzVkZWMzMjNhNjJlZTU3YzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljUqWDdaCJsNESATXNhBNGwDX1X7
wRDPOHUxPxdGUTPDIBcL1vMSXpd1IXpD05FEDMDLRZ7Vyh83tZUKq2qVwF3J4aQt
DafOYne5NLxVj/I8M65kdJWUKVDRN8mw/EpOtNfCyyKn1kWG+m5qrxUE4fZput8L
EPtvL9TzHEyFYzmC65r9zdufAxiqSVYSJtkBHgV6pxpY1CkkLJ1BxrHpmwvP++/x
cyDs7D9QLEztxZK4lMvfYmRrEK2OnygSu9cFEzal9aWvC0+N7VxkLLKPRZpjqkhD
wJTwDa5HjHNSjv6A/D4mjWUM3UR1DUrQMHCd5INXFKFaCJgcSo81LIe7RQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLm+3gL530eGYkCExd7DI6Yu5XxhMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvdWI3ZUF2bmZSNFppUUlURjNzTWpwaTdsZkdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+1dAwQA
W+3CAwQBstW2MA0GCSqGSIb3DQEBCwUAA4IBAQBcuy6P9nMYTWIWd8PgcbCtATbJ
NR3l/mnXXF0PaWcl4FRONUBzbPPKOz1wdUpzcQlJ1EkhjR7d3r1e/DydkaNQfmI0
NHsgxmRvGeZzfwut5hcFm1IjnrZEH3IbyB3p++Lg3vI4iEDddm2PdPW2zszSTL/S
CFDOaFZwV8xUn5uXUCG0rUs2IyUzPm8m7DaOZOBWwZD0jY/i7V/skOyUhnDcL8lq
9q0M4wSDKA7lajmgBOaDvcYLf5OgPyOM1K7kK/tKjvJ4ALhfSEafi0v5zGzp6m0B
JqXDMXAssJwWEbzlAhw/JOTEq/Vh+MpLu1oHMqc7dcmLuvnjuLapiue3dk2J
-----END CERTIFICATE-----
Generated at Sat May 10 19:10:37 2025 by rpki-client