Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/TYUJ8o0RTwDWY6xfwYljslC9e2s.roa
File: TYUJ8o0RTwDWY6xfwYljslC9e2s.roa (raw, json)
Hash identifier: ichTsikkWU9e3sRGAvCreyL47Lo8B0mCti7gcl7WtCU=
Subject key identifier: 4D:85:09:F2:8D:11:4F:00:D6:63:AC:5F:C1:89:63:B2:50:BD:7B:6B
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01968234A614434A25412B0BE0AEDBF41BA6
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/TYUJ8o0RTwDWY6xfwYljslC9e2s.roa
Signing time: Tue 29 Apr 2025 15:40:10 +0000
ROA not before: Tue 29 Apr 2025 15:40:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42083
IP address blocks: 188.132.150.0/24 maxlen: 24
188.132.163.0/24 maxlen: 24
188.132.229.0/24 maxlen: 24
188.132.249.0/24 maxlen: 24
212.68.38.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 01:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:82:34:a6:14:43:4a:25:41:2b:0b:e0:ae:db:f4:1b:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Apr 29 15:40:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d8509f28d114f00d663ac5fc18963b250bd7b6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c8:c5:b4:eb:36:8c:d3:1f:e2:10:e6:04:34:
91:12:db:f9:96:c3:d2:86:55:fd:75:38:2b:ad:90:
96:99:f3:de:e5:b2:f0:9b:5d:df:45:4c:96:c4:bc:
cf:a9:5b:99:1e:f9:8d:98:80:6f:57:d0:75:0e:d5:
17:79:d7:8f:48:e1:7a:37:a0:c2:5a:a0:91:58:d9:
46:7e:9a:62:1e:f6:42:b6:99:32:a6:fd:56:80:93:
6e:62:35:c6:c6:38:43:48:c9:47:b0:d1:c2:05:1f:
bd:97:61:7a:b7:fd:8d:ed:ac:cc:e6:7e:ba:ff:e6:
f6:0b:86:4e:f3:30:69:a0:a0:78:1c:18:d4:92:43:
06:8c:2b:83:6e:64:6a:3a:b9:5a:7a:47:ec:d9:cb:
b2:29:70:ad:47:72:45:7b:fe:f8:82:c5:fc:67:90:
66:c0:dd:0b:f4:3b:35:06:f3:30:af:44:a2:a5:c0:
c3:e4:25:a2:73:39:9e:60:ca:bf:21:c2:65:22:76:
80:37:bc:aa:bf:79:af:4d:50:94:a2:50:22:67:2e:
8a:68:79:f2:4d:e4:a5:56:01:7e:7a:3f:31:1e:48:
a3:d1:51:a2:ba:97:fd:78:ef:3c:9c:9b:87:63:9f:
bd:24:04:eb:0c:02:fb:73:f1:09:91:7a:ab:c9:00:
c0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:85:09:F2:8D:11:4F:00:D6:63:AC:5F:C1:89:63:B2:50:BD:7B:6B
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/TYUJ8o0RTwDWY6xfwYljslC9e2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.150.0/24
188.132.163.0/24
188.132.229.0/24
188.132.249.0/24
212.68.38.0/24
212.68.59.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:51:ea:ac:79:4f:14:60:3c:0c:07:68:ee:ed:81:f8:4c:4e:
e8:3e:06:b2:71:28:8c:b1:ab:1e:36:45:ab:cd:bd:3b:a9:85:
a5:89:7a:4a:86:21:d0:e6:5d:fc:bb:a1:d0:5a:23:b9:b3:fb:
9b:39:f4:8f:b1:0c:95:fa:20:ea:bb:c2:ba:21:12:03:34:01:
01:53:02:16:4a:63:f8:06:40:53:85:b3:df:7d:14:b6:a1:aa:
39:9f:ac:09:af:19:23:0a:48:d3:d2:05:54:14:eb:f1:10:12:
75:7b:03:c8:48:65:03:3d:9a:fa:ef:ab:aa:b2:bc:b5:9b:8a:
04:66:c0:be:1b:c5:43:a7:bb:aa:b8:e5:bf:b0:e5:59:28:96:
04:1c:3b:3c:2b:20:18:17:70:44:9e:54:fd:f1:14:31:e7:17:
72:38:2a:b6:5e:f7:4a:59:98:c6:0f:eb:fc:d1:91:a6:21:fd:
98:7b:1b:4b:d6:01:c9:b7:38:6e:6b:83:b6:fe:4a:ff:3c:44:
84:6b:99:45:df:a6:6b:52:2e:12:6f:9e:38:3d:59:f4:76:44:
7a:03:69:93:ac:6e:bb:9f:09:61:ee:db:5a:b8:49:35:3e:df:
e5:fa:9a:a6:1d:b4:91:ad:ff:6a:54:e5:93:44:cc:3d:bc:63:
e6:99:cd:1c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZaCNKYUQ0olQSsL4K7b9BumMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwNDI5MTU0MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDg1MDlmMjhkMTE0ZjAwZDY2M2FjNWZjMTg5NjNiMjUwYmQ3YjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMjFtOs2jNMf4hDmBDSREtv5lsPS
hlX9dTgrrZCWmfPe5bLwm13fRUyWxLzPqVuZHvmNmIBvV9B1DtUXedePSOF6N6DC
WqCRWNlGfppiHvZCtpkypv1WgJNuYjXGxjhDSMlHsNHCBR+9l2F6t/2N7azM5n66
/+b2C4ZO8zBpoKB4HBjUkkMGjCuDbmRqOrlaekfs2cuyKXCtR3JFe/74gsX8Z5Bm
wN0L9Ds1BvMwr0SipcDD5CWiczmeYMq/IcJlInaAN7yqv3mvTVCUolAiZy6KaHny
TeSlVgF+ej8xHkij0VGiupf9eO88nJuHY5+9JATrDAL7c/EJkXqryQDAAwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFE2FCfKNEU8A1mOsX8GJY7JQvXtrMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvVFlVSjhvMFJUd0RXWTZ4ZndZbGpzbEM5ZTJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAvISWAwQA
vISjAwQAvITlAwQAvIT5AwQA1EQmAwQA1EQ7MA0GCSqGSIb3DQEBCwUAA4IBAQCs
UeqseU8UYDwMB2ju7YH4TE7oPgaycSiMsaseNkWrzb07qYWliXpKhiHQ5l38u6HQ
WiO5s/ubOfSPsQyV+iDqu8K6IRIDNAEBUwIWSmP4BkBThbPffRS2oao5n6wJrxkj
CkjT0gVUFOvxEBJ1ewPISGUDPZr676uqsry1m4oEZsC+G8VDp7uquOW/sOVZKJYE
HDs8KyAYF3BEnlT98RQx5xdyOCq2XvdKWZjGD+v80ZGmIf2YextL1gHJtzhua4O2
/kr/PESEa5lF36ZrUi4Sb544PVn0dkR6A2mTrG67nwlh7ttauEk1Pt/l+pqmHbSR
rf9qVOWTRMw9vGPmmc0c
-----END CERTIFICATE-----
Generated at Wed May 7 10:16:25 2025 by rpki-client