Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/g9o9II5omWYlpBag0Z7wH-AL26U.roa
File: g9o9II5omWYlpBag0Z7wH-AL26U.roa (raw, json)
Hash identifier: CxP+kNuasBq243EUXshgNUgA8iEqFrOuzK5H63rx8G4=
Subject key identifier: 83:DA:3D:20:8E:68:99:66:25:A4:16:A0:D1:9E:F0:1F:E0:0B:DB:A5
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01969A47113791D37CCE69015E463F54290F
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/g9o9II5omWYlpBag0Z7wH-AL26U.roa
Signing time: Sun 04 May 2025 07:51:10 +0000
ROA not before: Sun 04 May 2025 07:51:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18811
IP address blocks: 217.60.0.0/21 maxlen: 24
217.60.12.0/22 maxlen: 24
217.60.24.0/22 maxlen: 24
217.60.36.0/22 maxlen: 24
217.60.60.0/22 maxlen: 24
217.60.188.0/22 maxlen: 24
217.60.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 20:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9a:47:11:37:91:d3:7c:ce:69:01:5e:46:3f:54:29:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 4 07:51:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83da3d208e68996625a416a0d19ef01fe00bdba5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:47:c0:bd:05:93:41:de:86:a9:ef:5c:cb:4c:
94:38:63:f8:7a:e9:a9:fc:e5:48:3f:61:10:f3:4d:
e1:78:26:51:d0:0c:04:be:e4:dc:48:af:19:21:30:
eb:d7:6c:e2:30:fc:77:52:12:50:28:69:44:ca:26:
cf:6a:00:80:59:3c:ac:92:a7:1b:54:b7:7b:be:5d:
c7:a8:d8:5a:f2:9f:49:66:91:2f:e3:07:98:fe:02:
06:4e:dc:d3:90:15:11:5c:53:f5:53:7d:17:40:81:
7e:be:0b:7e:72:b7:37:08:00:a1:65:9a:2b:73:3b:
17:36:91:7c:56:7a:aa:01:72:fe:04:60:1c:cb:7d:
41:57:1e:9c:1e:e8:36:1c:34:7a:ab:dd:a7:1a:08:
81:a2:27:c8:3e:20:f9:83:a1:09:8a:0c:51:a2:e9:
0a:b1:c2:b9:ce:e6:7d:75:07:e0:a2:05:c1:c5:05:
97:74:36:26:6d:1f:53:59:87:e1:ea:3c:85:1a:10:
95:c5:43:f9:11:d8:4d:94:6e:ff:36:c3:f6:1d:27:
f7:2f:ca:f4:c9:7d:f7:5d:75:56:fe:2a:26:99:ec:
c3:c6:0b:cd:a2:0f:2c:0e:84:6a:c2:61:e0:a1:81:
d6:84:35:f8:51:05:95:55:19:f8:10:18:97:61:42:
09:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:DA:3D:20:8E:68:99:66:25:A4:16:A0:D1:9E:F0:1F:E0:0B:DB:A5
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/g9o9II5omWYlpBag0Z7wH-AL26U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.0.0/21
217.60.12.0/22
217.60.24.0/22
217.60.36.0/22
217.60.60.0/22
217.60.188.0-217.60.195.255
Signature Algorithm: sha256WithRSAEncryption
c1:bf:b6:7e:b0:65:05:21:d9:67:8c:9f:dc:c8:9e:f8:05:b3:
b3:cc:48:b7:da:f4:48:c7:89:6e:77:13:94:3e:bf:d1:e5:14:
89:ea:da:a5:ea:61:34:99:d5:8e:5c:71:59:54:35:54:6f:83:
6c:c1:fd:69:7e:2a:93:dd:95:5f:49:a8:1c:ad:47:42:e8:d1:
d4:66:9a:f4:14:a1:7f:53:b6:65:11:ce:19:29:8d:01:18:50:
de:da:c8:cd:50:19:b8:cb:d2:26:65:66:a1:6a:e0:cd:1d:d3:
63:fd:c4:bb:4a:7c:23:9d:a6:16:d2:6a:a3:97:54:a9:3b:92:
9d:24:bd:61:3b:df:64:d7:20:c0:36:80:ef:96:0b:20:23:b1:
d5:3b:03:35:bf:c6:57:11:8b:83:55:e2:5d:b2:7c:67:1f:b7:
5d:63:96:23:17:b7:56:64:35:a3:63:a8:5e:6f:1e:58:e4:64:
d5:8b:0f:b2:31:4c:bf:fb:8a:55:3e:a5:f2:fb:ed:0d:6a:3b:
c2:9d:69:22:e5:88:f5:61:6b:02:0c:32:18:29:a9:a2:6d:eb:
d0:e1:d5:16:e0:f7:a3:43:f3:6a:14:dc:cc:61:2f:8a:20:57:
a7:4c:3d:43:38:f4:41:0f:71:81:73:73:67:a8:09:54:cc:78:
66:13:38:ac
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZaaRxE3kdN8zmkBXkY/VCkPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNTA0MDc1MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2RhM2QyMDhlNjg5OTY2MjVhNDE2YTBkMTllZjAxZmUwMGJkYmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5kfAvQWTQd6Gqe9cy0yUOGP4eump
/OVIP2EQ803heCZR0AwEvuTcSK8ZITDr12ziMPx3UhJQKGlEyibPagCAWTyskqcb
VLd7vl3HqNha8p9JZpEv4weY/gIGTtzTkBURXFP1U30XQIF+vgt+crc3CAChZZor
czsXNpF8VnqqAXL+BGAcy31BVx6cHug2HDR6q92nGgiBoifIPiD5g6EJigxRoukK
scK5zuZ9dQfgogXBxQWXdDYmbR9TWYfh6jyFGhCVxUP5EdhNlG7/NsP2HSf3L8r0
yX33XXVW/iommezDxgvNog8sDoRqwmHgoYHWhDX4UQWVVRn4EBiXYUIJWwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFIPaPSCOaJlmJaQWoNGe8B/gC9ulMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZzlvOUlJNW9tV1lscEJhZzBaN3dILUFMMjZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQD2TwAAwQC
2TwMAwQC2TwYAwQC2TwkAwQC2Tw8MAwDBALZPLwDBALZPMAwDQYJKoZIhvcNAQEL
BQADggEBAMG/tn6wZQUh2WeMn9zInvgFs7PMSLfa9EjHiW53E5Q+v9HlFInq2qXq
YTSZ1Y5ccVlUNVRvg2zB/Wl+KpPdlV9JqBytR0Lo0dRmmvQUoX9TtmURzhkpjQEY
UN7ayM1QGbjL0iZlZqFq4M0d02P9xLtKfCOdphbSaqOXVKk7kp0kvWE732TXIMA2
gO+WCyAjsdU7AzW/xlcRi4NV4l2yfGcft11jliMXt1ZkNaNjqF5vHljkZNWLD7Ix
TL/7ilU+pfL77Q1qO8KdaSLliPVhawIMMhgpqaJt69Dh1Rbg96ND82oU3MxhL4og
V6dMPUM49EEPcYFzc2eoCVTMeGYTOKw=
-----END CERTIFICATE-----
Generated at Sun May 11 02:05:38 2025 by rpki-client