Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/yD-f7eB1dLOlfB3XPEqKpj98uCs.roa
File: yD-f7eB1dLOlfB3XPEqKpj98uCs.roa (raw, json)
Hash identifier: DRQJzu4HOqcnsIOmtzgmjk/hQ2C15/cPalIQczCWniU=
Subject key identifier: C8:3F:9F:ED:E0:75:74:B3:A5:7C:1D:D7:3C:4A:8A:A6:3F:7C:B8:2B
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 0196A0D0A5DE2EF366519B626B0D0A9C9269
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/yD-f7eB1dLOlfB3XPEqKpj98uCs.roa
Signing time: Mon 05 May 2025 14:19:10 +0000
ROA not before: Mon 05 May 2025 14:19:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 89.187.6.0/24 maxlen: 24
89.187.7.0/24 maxlen: 24
89.187.8.0/24 maxlen: 24
89.187.10.0/24 maxlen: 24
89.187.12.0/24 maxlen: 24
89.187.14.0/24 maxlen: 24
89.187.15.0/24 maxlen: 24
89.187.17.0/24 maxlen: 24
89.187.18.0/24 maxlen: 24
89.187.19.0/24 maxlen: 24
89.187.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 11:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a0:d0:a5:de:2e:f3:66:51:9b:62:6b:0d:0a:9c:92:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: May 5 14:19:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c83f9fede07574b3a57c1dd73c4a8aa63f7cb82b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:04:7d:7b:66:79:05:91:61:d3:42:f0:c4:89:
6f:e9:d6:6e:79:6b:f7:94:4a:a0:93:eb:71:92:23:
94:43:ba:67:59:14:35:f1:e3:f6:21:e0:42:64:22:
8e:9a:de:05:ec:f7:8f:f1:f9:d0:e3:61:ce:c8:ad:
45:d7:e3:11:b3:fa:2b:5b:86:c3:6e:f7:86:64:ac:
6c:b0:7d:86:f8:34:57:93:2c:29:98:cb:ca:fa:f4:
c0:de:3e:8f:79:83:bc:aa:eb:c8:3c:37:6b:89:78:
2c:b7:d3:62:93:1e:ba:0c:d6:5d:a4:2a:fb:40:25:
ad:b2:51:66:0f:3b:db:ee:04:37:66:ae:ce:c5:2e:
1b:ec:7f:cb:f8:80:a6:97:2b:98:11:20:fd:e3:d4:
ac:44:3d:70:a4:ac:94:a7:48:0f:06:7e:b1:28:8a:
63:79:d0:65:9e:45:ad:ab:7a:3a:a3:2d:12:f1:66:
3a:38:a0:45:80:d8:2f:65:b4:76:6c:e9:d0:f8:dc:
6c:d6:c7:5d:b0:c5:8d:87:8b:70:44:c0:0f:ac:99:
1e:d3:bc:98:bc:38:38:86:f7:bd:9e:57:ff:34:ca:
3d:f4:58:e6:6f:43:24:dc:c5:ea:bc:63:82:ce:25:
60:9a:87:87:f2:92:99:03:ea:93:d7:f4:73:8f:a3:
6d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:3F:9F:ED:E0:75:74:B3:A5:7C:1D:D7:3C:4A:8A:A6:3F:7C:B8:2B
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/yD-f7eB1dLOlfB3XPEqKpj98uCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.6.0-89.187.8.255
89.187.10.0/24
89.187.12.0/24
89.187.14.0/23
89.187.17.0-89.187.19.255
89.187.22.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:98:de:3a:c0:46:f0:e0:8e:89:d9:3c:22:48:ba:fe:5e:df:
73:1a:58:4d:96:69:8c:b2:82:58:f2:51:44:19:74:34:6f:e5:
65:9f:94:d1:17:c0:67:2a:e2:0f:8a:87:3c:d8:33:be:51:3e:
ac:7e:77:76:66:a9:08:fc:8d:bb:70:0c:d0:24:66:e2:80:d8:
1f:19:58:df:8f:80:1a:1b:08:44:4b:00:b3:51:ef:79:6f:0f:
3d:ab:fe:c6:45:d2:f3:27:60:d1:6b:04:6a:de:91:64:79:40:
a6:ae:ed:87:ae:3f:8a:a0:9f:9d:1e:c9:1c:3e:1a:a1:fe:16:
60:89:07:18:b3:01:e4:a0:03:9e:6c:71:f2:da:1b:96:9b:a9:
28:fc:60:36:cf:5e:82:48:26:1e:c0:9e:c3:11:cb:91:86:1a:
7f:4b:d4:13:2d:fb:75:b4:ca:60:cf:87:9e:80:53:e4:1a:f3:
ef:69:32:01:c1:aa:c9:73:da:04:8b:0e:bc:8f:af:60:6b:63:
15:d2:62:c2:0e:bc:00:5a:b6:bb:55:22:77:1b:6b:89:79:1f:
ac:df:26:76:c4:35:e1:5d:a4:f0:71:ff:b7:40:98:28:74:3e:
91:ca:c4:c6:35:0c:df:b2:67:07:8e:68:d1:a3:20:5d:07:f6:
84:97:52:44
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZag0KXeLvNmUZtiaw0KnJJpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjUwNTA1MTQxOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODNmOWZlZGUwNzU3NGIzYTU3YzFkZDczYzRhOGFhNjNmN2NiODJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgR9e2Z5BZFh00LwxIlv6dZueWv3
lEqgk+txkiOUQ7pnWRQ18eP2IeBCZCKOmt4F7PeP8fnQ42HOyK1F1+MRs/orW4bD
bveGZKxssH2G+DRXkywpmMvK+vTA3j6PeYO8quvIPDdriXgst9Nikx66DNZdpCr7
QCWtslFmDzvb7gQ3Zq7OxS4b7H/L+ICmlyuYESD949SsRD1wpKyUp0gPBn6xKIpj
edBlnkWtq3o6oy0S8WY6OKBFgNgvZbR2bOnQ+Nxs1sddsMWNh4twRMAPrJke07yY
vDg4hve9nlf/NMo99Fjmb0Mk3MXqvGOCziVgmoeH8pKZA+qT1/Rzj6NtHQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFMg/n+3gdXSzpXwd1zxKiqY/fLgrMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEveUQtZjdlQjFkTE9sZkIzWFBFcUtwajk4dUNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBAFZuwYD
BABZuwgDBABZuwoDBABZuwwDBAFZuw4wDAMEAFm7EQMEAlm7EAMEAFm7FjANBgkq
hkiG9w0BAQsFAAOCAQEACpjeOsBG8OCOidk8Iki6/l7fcxpYTZZpjLKCWPJRRBl0
NG/lZZ+U0RfAZyriD4qHPNgzvlE+rH53dmapCPyNu3AM0CRm4oDYHxlY34+AGhsI
REsAs1HveW8PPav+xkXS8ydg0WsEat6RZHlApq7th64/iqCfnR7JHD4aof4WYIkH
GLMB5KADnmxx8toblpupKPxgNs9egkgmHsCewxHLkYYaf0vUEy37dbTKYM+HnoBT
5Brz72kyAcGqyXPaBIsOvI+vYGtjFdJiwg68AFq2u1UidxtriXkfrN8mdsQ14V2k
8HH/t0CYKHQ+kcrExjUM37JnB45o0aMgXQf2hJdSRA==
-----END CERTIFICATE-----
Generated at Tue May 13 15:52:18 2025 by rpki-client