Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/TRBQVmMokpp5WIUu-pQ0K07JW_Q.roa
File: TRBQVmMokpp5WIUu-pQ0K07JW_Q.roa (raw, json)
Hash identifier: xwruf72RJWsw/csbKOoYp0tCE7jhLOGyB7VhjHcP5lE=
Subject key identifier: 4D:10:50:56:63:28:92:9A:79:58:85:2E:FA:94:34:2B:4E:C9:5B:F4
Certificate issuer: /CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Certificate serial: 0196672A57CDCCC7EEF7908D265D8FBBCBF2
Authority key identifier: 89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/TRBQVmMokpp5WIUu-pQ0K07JW_Q.roa
Signing time: Thu 24 Apr 2025 09:39:10 +0000
ROA not before: Thu 24 Apr 2025 09:39:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203214
IP address blocks: 109.224.0.0/18 maxlen: 18
109.224.0.0/21 maxlen: 21
109.224.0.0/22 maxlen: 22
109.224.1.0/24 maxlen: 24
109.224.2.0/23 maxlen: 23
109.224.2.0/24 maxlen: 24
109.224.3.0/24 maxlen: 24
109.224.4.0/22 maxlen: 22
109.224.5.0/24 maxlen: 24
109.224.8.0/21 maxlen: 21
109.224.8.0/22 maxlen: 22
109.224.12.0/23 maxlen: 23
109.224.12.0/24 maxlen: 24
109.224.13.0/24 maxlen: 24
109.224.14.0/23 maxlen: 23
109.224.14.0/24 maxlen: 24
109.224.15.0/24 maxlen: 24
109.224.16.0/22 maxlen: 22
109.224.20.0/22 maxlen: 22
109.224.24.0/22 maxlen: 22
109.224.28.0/24 maxlen: 24
109.224.29.0/24 maxlen: 24
109.224.30.0/23 maxlen: 23
109.224.32.0/22 maxlen: 22
109.224.32.0/24 maxlen: 24
109.224.36.0/22 maxlen: 22
109.224.40.0/21 maxlen: 21
109.224.40.0/24 maxlen: 24
109.224.41.0/24 maxlen: 24
109.224.42.0/23 maxlen: 23
109.224.42.0/24 maxlen: 24
109.224.43.0/24 maxlen: 24
109.224.44.0/22 maxlen: 22
109.224.44.0/24 maxlen: 24
109.224.45.0/24 maxlen: 24
109.224.46.0/24 maxlen: 24
109.224.47.0/24 maxlen: 24
109.224.48.0/21 maxlen: 21
109.224.48.0/22 maxlen: 22
109.224.52.0/22 maxlen: 22
109.224.56.0/21 maxlen: 21
109.224.56.0/22 maxlen: 22
109.224.60.0/22 maxlen: 22
109.224.63.0/24 maxlen: 24
185.118.96.0/22 maxlen: 22
185.118.96.0/24 maxlen: 24
185.141.8.0/24 maxlen: 24
185.141.9.0/24 maxlen: 24
185.141.10.0/24 maxlen: 24
185.141.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.mft
rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 15:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:67:2a:57:cd:cc:c7:ee:f7:90:8d:26:5d:8f:bb:cb:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Validity
Not Before: Apr 24 09:39:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d1050566328929a7958852efa94342b4ec95bf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c3:20:b1:9a:13:64:4a:9d:a2:b5:e9:27:51:
58:bf:97:d2:da:4e:95:5e:9c:3e:0f:20:f1:53:23:
54:ab:9a:7d:82:9e:a4:66:f6:a0:9f:16:9f:82:27:
a7:c4:9b:05:72:1c:c7:f7:40:57:cf:c5:72:a1:d1:
d2:4b:2f:8f:64:9d:4e:f3:ed:78:6d:27:0e:b7:48:
1a:db:30:f9:c2:62:b7:e1:21:11:70:c5:72:18:73:
b6:9c:37:85:db:a3:f9:83:32:3b:74:dc:ce:79:e9:
49:15:b7:5a:ef:92:35:13:e7:39:3f:16:5c:4e:99:
28:e4:78:e7:c2:33:60:42:37:5a:3c:27:3a:18:5a:
f0:65:54:48:5a:fc:16:6c:e1:c9:b3:00:da:67:9c:
4b:bc:97:9f:08:4e:7a:26:dd:b4:d5:82:fe:c4:55:
4a:61:d3:27:af:c1:8a:36:77:1d:1a:f3:86:3b:68:
90:12:0a:0c:45:bd:db:87:e7:4e:3f:56:8e:95:35:
29:d9:27:59:53:bd:0f:ca:62:d1:e2:de:23:2e:9f:
a5:e7:a8:62:6c:38:ce:b2:8e:d4:55:39:e5:fe:0d:
cb:c7:e4:e2:00:d8:c1:df:c5:82:71:fe:5e:d7:ec:
41:64:bf:71:2e:79:4a:d8:99:a4:00:c0:0c:d9:ab:
5f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:10:50:56:63:28:92:9A:79:58:85:2E:FA:94:34:2B:4E:C9:5B:F4
X509v3 Authority Key Identifier:
keyid:89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/TRBQVmMokpp5WIUu-pQ0K07JW_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.0.0/18
185.118.96.0/22
185.141.8.0/22
Signature Algorithm: sha256WithRSAEncryption
25:c4:c2:04:64:a4:be:db:4f:34:24:52:f6:55:da:fd:c6:c4:
6d:bc:7b:32:57:fa:f3:1d:88:17:6d:b8:dd:38:12:19:16:8b:
52:7a:44:28:5a:ca:f5:74:7c:61:fb:d0:c7:0c:54:f6:17:a5:
7c:d8:77:e6:13:fb:3c:8f:39:7a:af:61:ea:7d:90:ca:3e:d1:
b5:a8:47:31:db:d8:47:27:8e:57:2a:03:63:17:b1:91:ea:72:
2d:b6:bf:e1:eb:b3:20:9c:08:4b:c4:5e:24:0e:17:f7:b2:05:
73:31:c2:42:5f:ad:f5:66:aa:54:d6:7a:35:78:6c:2e:38:7a:
87:53:b1:b5:14:1c:29:f1:8f:7d:e6:10:f7:6a:ef:9b:a7:16:
21:54:bb:f2:22:b1:b6:8f:12:a3:4d:9b:21:08:12:db:80:cd:
3f:f6:3b:31:23:45:85:d3:a7:e7:78:61:0a:91:99:53:3e:64:
16:16:9d:cd:25:6d:21:75:c5:ab:8d:9c:1f:10:ec:51:6f:7a:
b9:58:87:5e:fb:57:f4:7c:16:b5:52:b3:d0:68:e9:7a:95:aa:
b8:db:52:c0:cf:29:7c:d2:b2:2d:01:cd:33:8e:b1:9d:77:0c:
f0:7b:4b:0b:98:c0:04:b8:c0:4c:6a:c1:af:79:b1:16:ec:f1:
4e:8d:f9:c4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZZnKlfNzMfu95CNJl2Pu8vyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmVkNmU0YjVjN2MxOWRiOThjNTc0MzJhZjRkY2Y2MzBi
ZjYwYWUwHhcNMjUwNDI0MDkzOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDEwNTA1NjYzMjg5MjlhNzk1ODg1MmVmYTk0MzQyYjRlYzk1YmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMMgsZoTZEqdorXpJ1FYv5fS2k6V
Xpw+DyDxUyNUq5p9gp6kZvagnxafgienxJsFchzH90BXz8VyodHSSy+PZJ1O8+14
bScOt0ga2zD5wmK34SERcMVyGHO2nDeF26P5gzI7dNzOeelJFbda75I1E+c5PxZc
Tpko5HjnwjNgQjdaPCc6GFrwZVRIWvwWbOHJswDaZ5xLvJefCE56Jt201YL+xFVK
YdMnr8GKNncdGvOGO2iQEgoMRb3bh+dOP1aOlTUp2SdZU70PymLR4t4jLp+l56hi
bDjOso7UVTnl/g3Lx+TiANjB38WCcf5e1+xBZL9xLnlK2JmkAMAM2atf7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE0QUFZjKJKaeViFLvqUNCtOyVv0MB8GA1UdIwQY
MBaAFIlu1uS1x8GduYxXQyr03PYwv2CuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYt
ZGMxZmY2NzQ2ZDJlLzEvVFJCUVZtTW9rcHA1V0lVdS1wUTBLMDdKV19RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYtZGMxZmY2NzQ2ZDJl
LzEvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQGbeAAAwQC
uXZgAwQCuY0IMA0GCSqGSIb3DQEBCwUAA4IBAQAlxMIEZKS+2080JFL2Vdr9xsRt
vHsyV/rzHYgXbbjdOBIZFotSekQoWsr1dHxh+9DHDFT2F6V82HfmE/s8jzl6r2Hq
fZDKPtG1qEcx29hHJ45XKgNjF7GR6nIttr/h67MgnAhLxF4kDhf3sgVzMcJCX631
ZqpU1no1eGwuOHqHU7G1FBwp8Y995hD3au+bpxYhVLvyIrG2jxKjTZshCBLbgM0/
9jsxI0WF06fneGEKkZlTPmQWFp3NJW0hdcWrjZwfEOxRb3q5WIde+1f0fBa1UrPQ
aOl6laq421LAzyl80rItAc0zjrGddwzwe0sLmMAEuMBMasGvebEW7PFOjfnE
-----END CERTIFICATE-----
Generated at Sun May 11 19:20:20 2025 by rpki-client