Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/jNrtD4zRsZVN6RiJAEomlUdUZdA.roa
File: jNrtD4zRsZVN6RiJAEomlUdUZdA.roa (raw, json)
Hash identifier: KgT9cW1vNdUm5rrXt6b08EWBC589TMe3HgUs7IKuzA4=
Subject key identifier: 8C:DA:ED:0F:8C:D1:B1:95:4D:E9:18:89:00:4A:26:95:47:54:65:D0
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 0196A0475178D9F227BF73A340008C0FFA94
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/jNrtD4zRsZVN6RiJAEomlUdUZdA.roa
Signing time: Mon 05 May 2025 11:49:10 +0000
ROA not before: Mon 05 May 2025 11:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200088
IP address blocks: 78.40.216.0/24 maxlen: 24
85.193.92.0/24 maxlen: 24
85.193.93.0/24 maxlen: 24
85.193.95.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
89.191.228.0/24 maxlen: 24
90.156.228.0/24 maxlen: 24
90.156.231.0/24 maxlen: 24
94.228.122.0/24 maxlen: 24
176.57.221.0/24 maxlen: 24
185.104.112.0/24 maxlen: 24
185.104.115.0/24 maxlen: 24
185.247.16.0/24 maxlen: 24
188.225.60.0/24 maxlen: 24
194.35.116.0/24 maxlen: 24
194.35.117.0/24 maxlen: 24
194.35.118.0/24 maxlen: 24
194.35.119.0/24 maxlen: 24
217.25.91.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
217.151.229.0/24 maxlen: 24
217.151.231.0/24 maxlen: 24
2a03:6f00:8::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.mft
rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 15:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a0:47:51:78:d9:f2:27:bf:73:a3:40:00:8c:0f:fa:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: May 5 11:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8cdaed0f8cd1b1954de91889004a2695475465d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:8a:d5:1d:3a:eb:36:5a:ba:4f:79:91:04:4e:
8d:0d:af:bb:ad:61:76:59:ca:68:d7:1c:19:ee:f7:
b1:25:a7:66:ae:b7:50:1b:14:84:24:24:92:40:31:
b1:35:ef:44:64:a8:0c:99:48:f7:14:d1:ee:e4:f0:
73:ee:49:9f:20:54:5e:40:91:82:1e:d0:f5:56:72:
b7:07:53:e3:ce:cc:f0:32:3f:5d:e8:68:b9:09:68:
dd:e2:5d:c5:51:18:1e:00:ea:09:ec:e3:2c:ed:aa:
cd:c5:9c:59:6a:7e:eb:d0:63:18:e1:06:74:d7:35:
0d:2d:4e:27:1c:85:b3:6a:28:ed:2c:cf:db:37:65:
64:70:66:d0:76:af:a9:66:be:37:4a:c3:af:7d:80:
51:58:77:d8:5d:26:82:ed:c6:2e:70:f9:b7:83:0c:
da:bd:52:91:b3:e4:0d:ec:28:fa:01:3c:b1:c4:c8:
ea:bb:d4:e1:4f:9c:18:96:fb:a0:c5:77:85:75:90:
10:c3:d3:3c:3a:8a:43:3e:c1:42:b4:de:b2:bd:7c:
3b:ef:77:28:20:59:91:ca:13:19:ed:52:3b:8f:73:
6d:08:a8:06:6a:f4:08:60:a4:e9:7c:e8:bd:cb:37:
b0:a6:ec:02:c4:eb:46:a7:8a:71:f7:0a:0c:da:5b:
7d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:DA:ED:0F:8C:D1:B1:95:4D:E9:18:89:00:4A:26:95:47:54:65:D0
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/jNrtD4zRsZVN6RiJAEomlUdUZdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.216.0/24
85.193.92.0/23
85.193.95.0/24
87.249.50.0/24
89.191.228.0/24
90.156.228.0/24
90.156.231.0/24
94.228.122.0/24
176.57.221.0/24
185.104.112.0/24
185.104.115.0/24
185.247.16.0/24
188.225.60.0/24
194.35.116.0/22
217.25.91.0/24
217.25.95.0/24
217.151.229.0/24
217.151.231.0/24
IPv6:
2a03:6f00:8::/48
Signature Algorithm: sha256WithRSAEncryption
27:44:f3:77:b8:cc:89:55:a0:4c:72:c6:9b:e9:d4:d9:cf:8f:
96:e7:33:c5:db:9a:34:e8:c4:05:b8:23:fb:1e:d0:82:66:95:
f8:41:ff:84:f8:13:b7:92:45:ac:c6:70:5f:d2:7e:13:06:f3:
36:61:ee:4d:9d:83:77:34:55:37:5e:e7:eb:4d:39:c5:aa:2d:
5b:ff:0c:8c:24:df:09:2c:f4:d7:2e:a6:46:19:c9:cc:62:6c:
5c:ab:48:77:45:1d:03:f3:c4:54:45:f6:63:94:c5:0c:1a:ee:
59:b5:54:cf:0e:97:df:a0:2e:b7:a7:80:2c:41:d1:06:01:26:
36:cb:1e:50:0f:b7:7f:74:32:bc:de:f7:ac:c9:8d:67:88:e7:
2b:d2:8b:e9:34:e5:4e:69:ad:7d:87:9a:1b:4a:26:cf:ed:fe:
57:09:b7:80:3e:ba:45:79:b9:9e:eb:61:7a:40:cf:51:79:77:
3c:4f:cc:a9:0c:f2:70:12:a5:4e:26:8f:c0:bf:f8:13:c7:f8:
d8:39:95:8b:3d:31:60:ac:d7:bd:1c:26:1c:d6:cb:55:f0:c1:
2c:71:60:42:75:9a:f2:7f:e1:07:d8:e2:2f:f1:7c:7d:d8:c5:
6c:13:6f:7a:e2:d5:88:d7:c8:ef:0e:e0:d8:57:ba:45:a0:73:
bf:82:97:fc
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZagR1F42fInv3OjQACMD/qUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjUwNTA1MTE0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2RhZWQwZjhjZDFiMTk1NGRlOTE4ODkwMDRhMjY5NTQ3NTQ2NWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5IrVHTrrNlq6T3mRBE6NDa+7rWF2
Wcpo1xwZ7vexJadmrrdQGxSEJCSSQDGxNe9EZKgMmUj3FNHu5PBz7kmfIFReQJGC
HtD1VnK3B1PjzszwMj9d6Gi5CWjd4l3FURgeAOoJ7OMs7arNxZxZan7r0GMY4QZ0
1zUNLU4nHIWzaijtLM/bN2VkcGbQdq+pZr43SsOvfYBRWHfYXSaC7cYucPm3gwza
vVKRs+QN7Cj6ATyxxMjqu9ThT5wYlvugxXeFdZAQw9M8OopDPsFCtN6yvXw773co
IFmRyhMZ7VI7j3NtCKgGavQIYKTpfOi9yzewpuwCxOtGp4px9woM2lt9JwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFIza7Q+M0bGVTekYiQBKJpVHVGXQMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvak5ydEQ0elJzWlZONlJpSkFFb21sVWRVWmRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTByBAIAATBsAwQATijY
AwQBVcFcAwQAVcFfAwQAV/kyAwQAWb/kAwQAWpzkAwQAWpznAwQAXuR6AwQAsDnd
AwQAuWhwAwQAuWhzAwQAufcQAwQAvOE8AwQCwiN0AwQA2RlbAwQA2RlfAwQA2Zfl
AwQA2ZfnMA8EAgACMAkDBwAqA28AAAgwDQYJKoZIhvcNAQELBQADggEBACdE83e4
zIlVoExyxpvp1NnPj5bnM8XbmjToxAW4I/se0IJmlfhB/4T4E7eSRazGcF/SfhMG
8zZh7k2dg3c0VTde5+tNOcWqLVv/DIwk3wks9NcupkYZycxibFyrSHdFHQPzxFRF
9mOUxQwa7lm1VM8Ol9+gLrengCxB0QYBJjbLHlAPt390Mrze96zJjWeI5yvSi+k0
5U5prX2HmhtKJs/t/lcJt4A+ukV5uZ7rYXpAz1F5dzxPzKkM8nASpU4mj8C/+BPH
+Ng5lYs9MWCs170cJhzWy1XwwSxxYEJ1mvJ/4QfY4i/xfH3YxWwTb3ri1YjXyO8O
4NhXukWgc7+Cl/w=
-----END CERTIFICATE-----
Generated at Fri May 9 01:01:10 2025 by rpki-client