Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/c63b6c-6aad-4a74-807c-10e13d43f0dd/1/ur2jQXpGWWYECBsXTeT3ihs6vVk.roa
File: ur2jQXpGWWYECBsXTeT3ihs6vVk.roa (raw, json)
Hash identifier: BxlFUb0zmMnW7XaJszRYUfw8FuEEod2RQjrGiW/bsc0=
Subject key identifier: BA:BD:A3:41:7A:46:59:66:04:08:1B:17:4D:E4:F7:8A:1B:3A:BD:59
Certificate issuer: /CN=d098e907c63457e6ca6281dfe297d972bffda805
Certificate serial: 0194266BBC26ED4100B9D5F278285DBD6B49
Authority key identifier: D0:98:E9:07:C6:34:57:E6:CA:62:81:DF:E2:97:D9:72:BF:FD:A8:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0JjpB8Y0V-bKYoHf4pfZcr_9qAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/c63b6c-6aad-4a74-807c-10e13d43f0dd/1/ur2jQXpGWWYECBsXTeT3ihs6vVk.roa
Signing time: Thu 02 Jan 2025 09:49:42 +0000
ROA not before: Thu 02 Jan 2025 09:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39114
IP address blocks: 185.91.12.0/22 maxlen: 22
185.91.12.0/24 maxlen: 24
185.91.13.0/24 maxlen: 24
185.91.14.0/24 maxlen: 24
185.91.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/c63b6c-6aad-4a74-807c-10e13d43f0dd/1/0JjpB8Y0V-bKYoHf4pfZcr_9qAU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/c63b6c-6aad-4a74-807c-10e13d43f0dd/1/0JjpB8Y0V-bKYoHf4pfZcr_9qAU.mft
rsync://rpki.ripe.net/repository/DEFAULT/0JjpB8Y0V-bKYoHf4pfZcr_9qAU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 15:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:bc:26:ed:41:00:b9:d5:f2:78:28:5d:bd:6b:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d098e907c63457e6ca6281dfe297d972bffda805
Validity
Not Before: Jan 2 09:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=babda3417a46596604081b174de4f78a1b3abd59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:52:c7:e7:b4:2e:08:6a:85:a8:07:f1:23:e3:
a6:3b:6c:35:7f:c3:60:22:5f:21:1a:25:9e:bb:37:
38:f9:62:ac:f3:b1:04:f3:fa:a6:37:05:7d:ce:ca:
ed:dd:b5:cb:53:77:09:51:20:25:4d:b6:61:ef:0f:
09:2d:3d:59:37:e4:d9:42:59:13:65:f3:ef:b4:9f:
74:a2:3e:96:a9:79:2c:69:00:82:5d:97:2c:a5:20:
85:d3:5e:2d:5c:b0:cb:b0:fe:ca:1f:55:0a:9b:12:
38:d9:67:99:25:9f:8f:7f:fb:6e:7f:5b:a7:1d:b3:
7d:3d:f6:d1:0e:d7:82:44:b4:c4:fa:d2:90:55:92:
df:60:0b:28:43:e2:5a:39:17:89:50:1d:26:4c:f7:
d7:78:d1:5c:08:df:fe:71:68:56:be:24:11:08:22:
f3:8f:95:3d:49:15:a3:bd:53:ea:66:71:ef:48:95:
8a:bf:c4:7d:11:e6:f1:44:00:a8:0a:dd:a6:4e:f4:
72:4e:6f:73:6a:72:f1:e5:3b:6d:2b:af:c5:4f:c2:
a2:1b:a1:f9:75:83:27:c3:cd:2e:b8:90:12:21:44:
eb:c0:d7:e6:d7:a9:a1:17:fe:55:0f:0a:24:2c:cc:
97:67:46:6f:c8:20:17:2e:17:43:84:aa:d0:ec:5a:
f7:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:BD:A3:41:7A:46:59:66:04:08:1B:17:4D:E4:F7:8A:1B:3A:BD:59
X509v3 Authority Key Identifier:
keyid:D0:98:E9:07:C6:34:57:E6:CA:62:81:DF:E2:97:D9:72:BF:FD:A8:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0JjpB8Y0V-bKYoHf4pfZcr_9qAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/c63b6c-6aad-4a74-807c-10e13d43f0dd/1/ur2jQXpGWWYECBsXTeT3ihs6vVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/c63b6c-6aad-4a74-807c-10e13d43f0dd/1/0JjpB8Y0V-bKYoHf4pfZcr_9qAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.12.0/22
Signature Algorithm: sha256WithRSAEncryption
96:c0:dc:55:c4:90:4b:bc:3d:f2:9e:27:67:7d:d4:fe:a6:d3:
ba:4c:79:12:60:01:a9:02:81:74:fb:42:d8:20:4c:db:af:e0:
9e:93:64:3c:ef:96:d4:b2:0c:a4:9b:04:4b:bf:1a:fb:de:a6:
4f:ff:38:d8:04:92:95:56:4e:c5:63:1c:1d:2d:cb:ea:0d:7c:
ce:22:22:78:18:36:50:4d:d2:83:84:f7:75:30:c0:50:b0:1e:
14:87:13:44:da:9e:ea:ca:e9:46:1c:fa:a3:2f:e4:26:d7:97:
1b:74:4f:04:8e:e5:12:1a:b9:9d:51:6b:bb:fe:15:69:ac:3e:
f7:03:90:e3:90:ab:79:05:9e:45:2c:ba:cc:2e:c9:32:5b:3f:
84:aa:13:d2:64:62:a1:db:7f:e8:5b:f9:ed:3c:2d:c9:56:7e:
3c:db:30:c3:9e:56:41:ac:e5:ad:52:99:eb:a6:23:0f:68:c7:
5e:9f:10:2a:17:0f:6b:99:99:a9:bc:85:09:5c:61:dd:5d:53:
54:af:ff:b2:a9:bf:47:34:61:86:63:e3:92:ba:13:6c:8a:3c:
51:e1:61:a7:cc:1d:1b:ae:9c:1a:0a:83:98:29:24:ca:0b:5b:
a4:9c:f8:7e:4e:ba:b9:3b:fa:8c:12:e4:77:18:c5:2f:f0:43:
65:e3:b6:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma7wm7UEAudXyeChdvWtJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOThlOTA3YzYzNDU3ZTZjYTYyODFkZmUyOTdkOTcyYmZm
ZGE4MDUwHhcNMjUwMTAyMDk0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWJkYTM0MTdhNDY1OTY2MDQwODFiMTc0ZGU0Zjc4YTFiM2FiZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFLH57QuCGqFqAfxI+OmO2w1f8Ng
Il8hGiWeuzc4+WKs87EE8/qmNwV9zsrt3bXLU3cJUSAlTbZh7w8JLT1ZN+TZQlkT
ZfPvtJ90oj6WqXksaQCCXZcspSCF014tXLDLsP7KH1UKmxI42WeZJZ+Pf/tuf1un
HbN9PfbRDteCRLTE+tKQVZLfYAsoQ+JaOReJUB0mTPfXeNFcCN/+cWhWviQRCCLz
j5U9SRWjvVPqZnHvSJWKv8R9EebxRACoCt2mTvRyTm9zanLx5TttK6/FT8KiG6H5
dYMnw80uuJASIUTrwNfm16mhF/5VDwokLMyXZ0ZvyCAXLhdDhKrQ7Fr3lwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLq9o0F6RllmBAgbF03k94obOr1ZMB8GA1UdIwQY
MBaAFNCY6QfGNFfmymKB3+KX2XK//agFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEpqcEI4WTBWLWJLWW9IZjRwZlpjcl85cUFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9jNjNiNmMtNmFhZC00YTc0LTgwN2Mt
MTBlMTNkNDNmMGRkLzEvdXIyalFYcEdXV1lFQ0JzWFRlVDNpaHM2dlZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9jNjNiNmMtNmFhZC00YTc0LTgwN2MtMTBlMTNkNDNmMGRk
LzEvMEpqcEI4WTBWLWJLWW9IZjRwZlpjcl85cUFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVsMMA0G
CSqGSIb3DQEBCwUAA4IBAQCWwNxVxJBLvD3ynidnfdT+ptO6THkSYAGpAoF0+0LY
IEzbr+Cek2Q875bUsgykmwRLvxr73qZP/zjYBJKVVk7FYxwdLcvqDXzOIiJ4GDZQ
TdKDhPd1MMBQsB4UhxNE2p7qyulGHPqjL+Qm15cbdE8EjuUSGrmdUWu7/hVprD73
A5DjkKt5BZ5FLLrMLskyWz+EqhPSZGKh23/oW/ntPC3JVn482zDDnlZBrOWtUpnr
piMPaMdenxAqFw9rmZmpvIUJXGHdXVNUr/+yqb9HNGGGY+OSuhNsijxR4WGnzB0b
rpwaCoOYKSTKC1uknPh+Trq5O/qMEuR3GMUv8ENl47ag
-----END CERTIFICATE-----
Generated at Fri May 9 00:59:02 2025 by rpki-client