Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/lJA6yomITaf8wUh3Uq65gLqCvU4.roa
File: lJA6yomITaf8wUh3Uq65gLqCvU4.roa (raw, json)
Hash identifier: 3uGM8CcXIJfvqbJA7catsbvaS3T0ce5UavP7oPRys/c=
Subject key identifier: 94:90:3A:CA:89:88:4D:A7:FC:C1:48:77:52:AE:B9:80:BA:82:BD:4E
Certificate issuer: /CN=0d3558546a2c54bbd812a19228aa98e078d3aa68
Certificate serial: 0196AEF67819388F192F93079BE5CE1A132F
Authority key identifier: 0D:35:58:54:6A:2C:54:BB:D8:12:A1:92:28:AA:98:E0:78:D3:AA:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DTVYVGosVLvYEqGSKKqY4HjTqmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/lJA6yomITaf8wUh3Uq65gLqCvU4.roa
Signing time: Thu 08 May 2025 08:15:10 +0000
ROA not before: Thu 08 May 2025 08:15:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209267
IP address blocks: 89.34.174.0/24 maxlen: 24
89.40.69.0/24 maxlen: 24
93.117.175.0/24 maxlen: 24
176.223.163.0/24 maxlen: 24
2a11:1400:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/DTVYVGosVLvYEqGSKKqY4HjTqmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/DTVYVGosVLvYEqGSKKqY4HjTqmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/DTVYVGosVLvYEqGSKKqY4HjTqmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ae:f6:78:19:38:8f:19:2f:93:07:9b:e5:ce:1a:13:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d3558546a2c54bbd812a19228aa98e078d3aa68
Validity
Not Before: May 8 08:15:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94903aca89884da7fcc1487752aeb980ba82bd4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:20:f3:08:5a:dc:ab:55:2c:4a:08:10:71:77:
0f:4b:1f:6c:3c:30:40:29:5a:5e:57:1a:04:f1:b1:
6d:79:43:48:a5:76:9b:91:df:7f:5b:9a:46:b1:45:
79:cd:22:4c:39:f1:b5:58:1f:66:bc:39:16:04:20:
a6:34:6a:c5:71:44:e8:2f:2c:68:b2:eb:13:ed:4c:
f9:3d:99:3c:35:f4:16:ff:2e:d2:5d:df:25:d4:36:
70:8e:92:d0:6c:64:10:0a:1e:df:e2:67:fc:e4:10:
01:89:f7:a6:58:13:b0:d2:d4:1c:d1:aa:e6:cb:d7:
12:0b:65:60:5f:90:a4:23:b5:30:9d:6b:b7:b0:3a:
62:d1:06:ee:03:36:0c:5c:f5:2c:bb:5b:81:6d:e0:
37:a2:eb:71:a6:75:18:14:cb:71:bf:a9:ef:d6:b7:
6a:9a:10:06:14:b9:d1:c0:e9:d0:1c:a3:8f:3c:e4:
e2:01:62:eb:c7:7a:2c:45:b6:03:fe:4a:84:2b:8a:
fa:83:de:79:17:aa:6b:a1:0e:15:43:9f:b3:04:33:
71:8f:ca:8b:0e:5e:4a:f1:9e:a1:12:35:1f:90:38:
46:cc:92:5e:38:da:b4:21:2c:f7:22:4e:af:6a:c5:
3a:33:bf:33:7e:c8:f0:c7:b0:4c:4d:e1:22:dd:1e:
ac:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:90:3A:CA:89:88:4D:A7:FC:C1:48:77:52:AE:B9:80:BA:82:BD:4E
X509v3 Authority Key Identifier:
keyid:0D:35:58:54:6A:2C:54:BB:D8:12:A1:92:28:AA:98:E0:78:D3:AA:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTVYVGosVLvYEqGSKKqY4HjTqmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/lJA6yomITaf8wUh3Uq65gLqCvU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/DTVYVGosVLvYEqGSKKqY4HjTqmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.174.0/24
89.40.69.0/24
93.117.175.0/24
176.223.163.0/24
IPv6:
2a11:1400:4000::/40
Signature Algorithm: sha256WithRSAEncryption
68:3b:f9:f9:0b:81:70:a1:20:7e:5a:8c:d5:f0:0c:8d:0e:ba:
b4:b8:f9:23:b7:08:5c:21:d4:d7:8c:da:6e:9f:d2:73:e3:f4:
a6:56:2e:cf:cb:50:6a:cf:ff:4b:62:c1:c3:1d:e0:49:60:35:
dc:19:77:4d:00:09:2f:7a:3b:dc:0b:a2:c7:ed:48:26:46:d8:
bc:48:0f:de:6f:57:3b:9d:0b:a4:64:96:91:13:88:5b:90:2e:
7b:ca:4a:d8:e0:9f:36:df:4c:bf:76:a6:7f:1a:03:0c:85:ef:
1c:2f:48:88:ca:e7:f4:2a:42:48:f8:4a:b1:4b:70:d6:9b:c7:
56:fd:ec:8b:c0:96:f1:92:75:a2:0f:99:dc:32:32:57:7d:94:
ce:bd:05:c0:26:cd:b0:18:1c:e8:b3:4f:d6:8c:cb:25:c5:02:
7e:cb:3e:2e:87:7f:b1:02:29:39:1b:c1:1f:06:d2:66:29:a7:
f5:df:f2:4e:8e:dd:9b:48:ca:f1:11:0a:13:c7:0d:83:21:61:
40:b9:f6:c0:31:d6:a0:96:b8:86:01:2c:0e:31:e0:95:68:13:
37:df:0d:2c:ff:94:38:14:e6:74:7a:2d:f0:01:be:93:82:c8:
bf:3b:81:48:f6:0b:60:80:69:21:69:24:d0:18:11:66:c9:51:
b1:5a:7e:8f
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZau9ngZOI8ZL5MHm+XOGhMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMzU1ODU0NmEyYzU0YmJkODEyYTE5MjI4YWE5OGUwNzhk
M2FhNjgwHhcNMjUwNTA4MDgxNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDkwM2FjYTg5ODg0ZGE3ZmNjMTQ4Nzc1MmFlYjk4MGJhODJiZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSDzCFrcq1UsSggQcXcPSx9sPDBA
KVpeVxoE8bFteUNIpXabkd9/W5pGsUV5zSJMOfG1WB9mvDkWBCCmNGrFcUToLyxo
susT7Uz5PZk8NfQW/y7SXd8l1DZwjpLQbGQQCh7f4mf85BABifemWBOw0tQc0arm
y9cSC2VgX5CkI7UwnWu3sDpi0QbuAzYMXPUsu1uBbeA3outxpnUYFMtxv6nv1rdq
mhAGFLnRwOnQHKOPPOTiAWLrx3osRbYD/kqEK4r6g955F6proQ4VQ5+zBDNxj8qL
Dl5K8Z6hEjUfkDhGzJJeONq0ISz3Ik6vasU6M78zfsjwx7BMTeEi3R6szQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJSQOsqJiE2n/MFId1KuuYC6gr1OMB8GA1UdIwQY
MBaAFA01WFRqLFS72BKhkiiqmOB406poMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRWWVZHb3NWTHZZRXFHU0tLcVk0SGpUcW1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80NzRmMjctYjI4Ni00NmYwLWFlNDUt
MTMyZmZjOGJkZTQ2LzEvbEpBNnlvbUlUYWY4d1VoM1VxNjVnTHFDdlU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80NzRmMjctYjI4Ni00NmYwLWFlNDUtMTMyZmZjOGJkZTQ2
LzEvRFRWWVZHb3NWTHZZRXFHU0tLcVk0SGpUcW1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQAWSKuAwQA
WShFAwQAXXWvAwQAsN+jMA4EAgACMAgDBgAqERQAQDANBgkqhkiG9w0BAQsFAAOC
AQEAaDv5+QuBcKEgflqM1fAMjQ66tLj5I7cIXCHU14zabp/Sc+P0plYuz8tQas//
S2LBwx3gSWA13Bl3TQAJL3o73Auix+1IJkbYvEgP3m9XO50LpGSWkROIW5Aue8pK
2OCfNt9Mv3amfxoDDIXvHC9IiMrn9CpCSPhKsUtw1pvHVv3si8CW8ZJ1og+Z3DIy
V32Uzr0FwCbNsBgc6LNP1ozLJcUCfss+Lod/sQIpORvBHwbSZimn9d/yTo7dm0jK
8REKE8cNgyFhQLn2wDHWoJa4hgEsDjHglWgTN98NLP+UOBTmdHot8AG+k4LIvzuB
SPYLYIBpIWkk0BgRZslRsVp+jw==
-----END CERTIFICATE-----
Generated at Sun May 11 22:11:15 2025 by rpki-client