Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/IvvEQkJx_YQuA7WDKcWTwA6sjeM.roa
File: IvvEQkJx_YQuA7WDKcWTwA6sjeM.roa (raw, json)
Hash identifier: TYlXh7A49R6hcyPJlA/asJPKwJrsxKdwQselHHTfu5Q=
Subject key identifier: 22:FB:C4:42:42:71:FD:84:2E:03:B5:83:29:C5:93:C0:0E:AC:8D:E3
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 01952874431817D612DDF2AF206321FE8E2B
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/IvvEQkJx_YQuA7WDKcWTwA6sjeM.roa
Signing time: Fri 21 Feb 2025 12:21:02 +0000
ROA not before: Fri 21 Feb 2025 12:21:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 91.147.116.0/24 maxlen: 24
91.147.117.0/24 maxlen: 24
91.147.118.0/24 maxlen: 24
91.147.119.0/24 maxlen: 24
91.147.122.0/24 maxlen: 24
91.147.123.0/24 maxlen: 24
91.147.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 07:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:28:74:43:18:17:d6:12:dd:f2:af:20:63:21:fe:8e:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Feb 21 12:21:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22fbc4424271fd842e03b58329c593c00eac8de3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:9d:ee:4e:8a:90:26:90:17:da:db:f5:3c:dd:
b8:09:39:84:c0:49:75:11:ad:c6:a3:c4:b5:15:99:
34:59:c6:16:85:c8:8b:b9:20:4d:6f:c5:80:66:f5:
02:45:88:1c:e2:e2:cd:06:37:5d:90:3d:53:62:9b:
6f:93:8c:ef:ca:b2:b3:0b:b1:bd:b2:63:98:80:58:
8d:a1:24:22:30:d3:7f:20:ba:86:25:03:85:34:0a:
74:b3:c5:28:a1:63:46:38:75:2b:0a:b9:02:61:e2:
fe:ec:54:1d:03:31:47:33:4f:f6:24:a8:69:d7:4e:
e1:11:be:b7:cb:be:ec:7d:07:84:ba:e8:37:bd:27:
77:25:a6:92:d4:35:48:1f:89:c6:92:b6:6a:ad:03:
f2:9e:5e:43:be:16:d8:fc:97:2e:f0:78:24:35:cf:
66:2f:09:99:cb:c3:9b:50:26:1f:7e:bd:b4:f0:8a:
17:a4:c7:4b:0e:49:9c:75:07:64:74:2b:49:17:9b:
10:76:ee:56:21:f5:54:bb:80:af:48:c0:5b:cb:1b:
5a:e9:3d:3c:b7:c6:36:bc:7f:a4:bd:5d:73:a0:e8:
21:7d:0f:81:f0:ce:d7:9a:a4:11:78:6a:af:ea:48:
4f:5b:4a:15:28:cf:ba:37:bf:af:ed:f5:be:b9:83:
09:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:FB:C4:42:42:71:FD:84:2E:03:B5:83:29:C5:93:C0:0E:AC:8D:E3
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/IvvEQkJx_YQuA7WDKcWTwA6sjeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.116.0/22
91.147.122.0/23
91.147.126.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:4d:1a:2b:bb:25:98:84:85:b9:43:f7:27:9a:20:86:ca:15:
d6:8b:37:6a:56:77:15:f1:fd:b2:38:8b:0d:b6:66:cd:7e:a3:
9c:ab:9e:00:61:5d:ba:89:25:b7:ab:f3:9b:b4:66:f3:5f:ed:
e0:27:b5:69:9d:48:dc:76:e5:1f:6a:1c:5c:16:0a:19:7f:29:
09:23:07:62:09:08:b1:4c:37:bb:ef:19:0b:58:e7:d8:c2:02:
87:a1:6a:76:3b:e7:6b:b6:80:64:11:8e:5d:7c:b0:f3:5c:d4:
be:f2:1b:2c:ed:6f:64:fb:34:56:9a:09:43:05:55:d8:1c:db:
c3:f3:62:a2:a3:9b:3b:57:99:d8:dc:5f:12:ca:0b:2c:8c:d7:
12:5b:c4:bc:68:eb:fa:83:02:ff:17:1c:49:54:9e:78:d6:be:
06:be:11:b0:7b:ed:5e:0c:0c:7f:b6:9d:73:bf:60:ae:3d:60:
de:03:1b:06:a3:53:12:d4:50:2a:eb:39:04:53:d8:f4:f7:98:
08:3f:22:f8:bb:72:1e:5d:30:cd:a8:ee:9e:2d:30:57:c1:06:
76:e7:c2:64:d3:49:f9:c7:9d:42:58:4e:d4:f1:85:76:7e:ce:
80:24:4a:85:2b:cc:0d:de:12:a6:58:c2:55:a2:d6:40:eb:0b:
66:11:bf:8a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZUodEMYF9YS3fKvIGMh/o4rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjUwMjIxMTIyMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmZiYzQ0MjQyNzFmZDg0MmUwM2I1ODMyOWM1OTNjMDBlYWM4ZGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA053uToqQJpAX2tv1PN24CTmEwEl1
Ea3Go8S1FZk0WcYWhciLuSBNb8WAZvUCRYgc4uLNBjddkD1TYptvk4zvyrKzC7G9
smOYgFiNoSQiMNN/ILqGJQOFNAp0s8UooWNGOHUrCrkCYeL+7FQdAzFHM0/2JKhp
107hEb63y77sfQeEuug3vSd3JaaS1DVIH4nGkrZqrQPynl5DvhbY/Jcu8HgkNc9m
LwmZy8ObUCYffr208IoXpMdLDkmcdQdkdCtJF5sQdu5WIfVUu4CvSMBbyxta6T08
t8Y2vH+kvV1zoOghfQ+B8M7XmqQReGqv6khPW0oVKM+6N7+v7fW+uYMJtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCL7xEJCcf2ELgO1gynFk8AOrI3jMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvSXZ2RVFrSnhfWVF1QTdXREtjV1R3QTZzamVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW5N0AwQB
W5N6AwQBW5N+MA0GCSqGSIb3DQEBCwUAA4IBAQAqTRoruyWYhIW5Q/cnmiCGyhXW
izdqVncV8f2yOIsNtmbNfqOcq54AYV26iSW3q/ObtGbzX+3gJ7VpnUjcduUfahxc
FgoZfykJIwdiCQixTDe77xkLWOfYwgKHoWp2O+drtoBkEY5dfLDzXNS+8hss7W9k
+zRWmglDBVXYHNvD82Kio5s7V5nY3F8SygssjNcSW8S8aOv6gwL/FxxJVJ541r4G
vhGwe+1eDAx/tp1zv2CuPWDeAxsGo1MS1FAq6zkEU9j095gIPyL4u3IeXTDNqO6e
LTBXwQZ258Jk00n5x51CWE7U8YV2fs6AJEqFK8wN3hKmWMJVotZA6wtmEb+K
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:50:10 2025 by rpki-client