Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Iz1cAsiOcE8UQ7RzBpd91jP9zfM.roa
File: Iz1cAsiOcE8UQ7RzBpd91jP9zfM.roa (raw, json)
Hash identifier: 7ncc7VVGK3EeSgfea7I75g/pz+C+ycZ/Uc4TtbaWC0s=
Subject key identifier: 23:3D:5C:02:C8:8E:70:4F:14:43:B4:73:06:97:7D:D6:33:FD:CD:F3
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 01967D0BC8F22594912977E4F82C6A0DC5E5
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Iz1cAsiOcE8UQ7RzBpd91jP9zfM.roa
Signing time: Mon 28 Apr 2025 15:37:26 +0000
ROA not before: Mon 28 Apr 2025 15:37:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.249.192.0/21 maxlen: 24
89.249.206.0/23 maxlen: 24
212.42.192.0/20 maxlen: 24
212.42.208.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.mft
rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7d:0b:c8:f2:25:94:91:29:77:e4:f8:2c:6a:0d:c5:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Apr 28 15:37:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=233d5c02c88e704f1443b47306977dd633fdcdf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:10:27:87:4c:38:78:04:98:3f:00:3a:43:07:
5d:0e:27:c3:60:ea:20:4b:7c:01:d7:6b:84:33:d5:
fc:27:1e:6b:92:85:68:5e:7c:db:f3:dc:f7:72:f4:
16:f9:b6:37:a9:e9:da:ce:78:ea:40:20:e0:01:f0:
77:cf:bb:7c:1e:3b:0f:f8:e4:41:0a:36:08:bc:2c:
54:8b:da:15:77:21:fe:85:cd:19:e2:68:4b:6a:31:
65:7d:b8:e1:9f:1c:f3:c3:09:98:6c:75:fe:95:2a:
48:93:48:de:67:66:b1:38:2c:12:02:86:da:a9:1b:
1d:bb:0e:e9:3c:f3:52:4d:7f:3a:de:c4:7c:a3:a5:
29:6d:35:9d:62:f5:27:1c:9b:4c:a5:5f:c5:86:52:
42:4d:bf:8c:c8:cf:3d:7a:dc:f4:10:7c:be:cb:ce:
73:a1:3c:5c:d7:a7:5e:ba:21:3e:c9:bd:8e:61:7c:
33:06:64:91:93:d7:27:88:0c:30:32:49:ee:c9:21:
3c:25:0d:8f:a0:37:b4:47:6f:0d:90:ad:f7:03:28:
82:af:e5:5f:8f:8e:b4:cf:f1:64:d2:03:1b:9b:47:
ad:ae:27:f5:b0:84:8c:0c:4e:c6:80:0d:63:25:5e:
7b:59:5d:eb:f5:3a:0f:b6:ed:c0:93:45:3b:f2:50:
8b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:3D:5C:02:C8:8E:70:4F:14:43:B4:73:06:97:7D:D6:33:FD:CD:F3
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Iz1cAsiOcE8UQ7RzBpd91jP9zfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0/21
89.249.206.0/23
212.42.192.0/19
Signature Algorithm: sha256WithRSAEncryption
76:8b:97:af:e4:cb:ba:33:6d:ed:95:de:75:ee:ee:fd:ec:39:
23:b7:4a:5d:4b:2e:73:42:4e:28:5d:54:36:4f:7e:76:45:9f:
fc:28:20:09:1b:8f:b7:7f:a8:69:92:8c:d8:24:6f:15:15:57:
3f:b8:72:7f:be:67:40:fc:4a:27:f6:dc:a8:06:e5:18:cd:a1:
f3:a7:df:da:58:db:5d:97:65:56:4f:35:7f:b0:37:6c:f0:b2:
6b:e8:43:ef:74:67:c3:93:51:a2:ea:e9:1a:4c:ad:ab:a6:fe:
27:2e:cf:e3:40:d9:2a:25:bd:27:0a:bd:92:43:6d:8c:a8:3d:
7b:d8:3c:b5:20:6a:2c:3b:a8:82:23:a5:47:e6:84:31:eb:98:
2f:a9:8e:af:73:62:f4:3f:21:2b:5d:1e:2a:c7:59:ca:e0:05:
ac:6b:aa:48:14:63:21:0c:89:b9:b1:ff:4a:81:9a:dd:10:d2:
00:01:55:aa:ef:bd:b7:ed:f3:56:47:2c:95:b2:00:db:a9:e4:
26:61:3d:e4:94:fa:81:72:a5:85:58:70:c7:38:8f:19:16:4b:
76:d7:79:a1:79:8e:0b:ec:e2:f6:46:0e:6f:46:1e:68:9d:10:
66:7f:c7:22:5a:e6:16:2e:9b:54:da:70:be:f8:a0:86:cb:2c:
28:c0:25:bb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZZ9C8jyJZSRKXfk+CxqDcXlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjUwNDI4MTUzNzI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzNkNWMwMmM4OGU3MDRmMTQ0M2I0NzMwNjk3N2RkNjMzZmRjZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhAnh0w4eASYPwA6QwddDifDYOog
S3wB12uEM9X8Jx5rkoVoXnzb89z3cvQW+bY3qenaznjqQCDgAfB3z7t8HjsP+ORB
CjYIvCxUi9oVdyH+hc0Z4mhLajFlfbjhnxzzwwmYbHX+lSpIk0jeZ2axOCwSAoba
qRsduw7pPPNSTX863sR8o6UpbTWdYvUnHJtMpV/FhlJCTb+MyM89etz0EHy+y85z
oTxc16deuiE+yb2OYXwzBmSRk9cniAwwMknuySE8JQ2PoDe0R28NkK33AyiCr+Vf
j460z/Fk0gMbm0etrif1sISMDE7GgA1jJV57WV3r9ToPtu3Ak0U78lCL0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCM9XALIjnBPFEO0cwaXfdYz/c3zMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvSXoxY0FzaU9jRThVUTdSekJwZDkxalA5emZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDWfnAAwQB
WfnOAwQF1CrAMA0GCSqGSIb3DQEBCwUAA4IBAQB2i5ev5Mu6M23tld517u797Dkj
t0pdSy5zQk4oXVQ2T352RZ/8KCAJG4+3f6hpkozYJG8VFVc/uHJ/vmdA/Eon9tyo
BuUYzaHzp9/aWNtdl2VWTzV/sDds8LJr6EPvdGfDk1Gi6ukaTK2rpv4nLs/jQNkq
Jb0nCr2SQ22MqD172Dy1IGosO6iCI6VH5oQx65gvqY6vc2L0PyErXR4qx1nK4AWs
a6pIFGMhDIm5sf9KgZrdENIAAVWq77237fNWRyyVsgDbqeQmYT3klPqBcqWFWHDH
OI8ZFkt213mheY4L7OL2Rg5vRh5onRBmf8ciWuYWLptU2nC++KCGyywowCW7
-----END CERTIFICATE-----
Generated at Sun May 11 13:25:49 2025 by rpki-client