Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CY3aUOHjpMVxWsZGaD_W9o4XSXs.roa
File: CY3aUOHjpMVxWsZGaD_W9o4XSXs.roa (raw, json)
Hash identifier: JMrJcLhFFYAKkzvvCAuc+Tq84atavcyAL6imF1F5onw=
Subject key identifier: 09:8D:DA:50:E1:E3:A4:C5:71:5A:C6:46:68:3F:D6:F6:8E:17:49:7B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01965A556F4875601B0D537C0D7BC8220B31
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CY3aUOHjpMVxWsZGaD_W9o4XSXs.roa
Signing time: Mon 21 Apr 2025 21:51:10 +0000
ROA not before: Mon 21 Apr 2025 21:51:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400909
IP address blocks: 77.93.150.0/23 maxlen: 24
82.153.32.0/24 maxlen: 24
89.213.124.0/23 maxlen: 23
109.176.204.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5a:55:6f:48:75:60:1b:0d:53:7c:0d:7b:c8:22:0b:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 21 21:51:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=098dda50e1e3a4c5715ac646683fd6f68e17497b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:1f:d9:a6:e2:f7:63:66:df:71:ce:31:5e:13:
aa:89:73:79:d1:75:57:42:74:97:26:07:3e:7e:bc:
92:f1:1d:08:62:0d:3b:94:f8:d6:76:62:f5:0e:e7:
71:d4:d4:da:a8:29:c4:d0:1a:83:34:6d:4a:74:66:
00:ea:e8:f3:0b:b4:fb:a3:c9:4c:d8:02:6e:81:71:
cd:bc:8b:28:27:99:bb:19:3a:5b:86:db:4b:53:e4:
9c:c3:f4:63:a9:22:a4:ee:db:41:cf:04:da:6b:d9:
ac:c8:f9:58:e3:0f:3e:02:69:38:18:d2:f9:b3:eb:
9a:76:80:09:9e:a7:b1:79:cb:4e:e6:d3:ea:63:6e:
83:08:a7:d0:71:f6:eb:86:0c:49:81:62:b9:8b:5b:
a3:49:15:c1:4e:1c:b6:27:a0:76:8a:9e:5c:f1:53:
c1:f8:87:b5:ed:1c:9f:53:2b:67:4a:6c:7a:d6:09:
f7:d6:d3:c8:94:50:55:22:68:20:89:65:93:c5:be:
04:1a:d6:bb:f9:e0:2f:81:f9:9e:34:95:c6:94:4e:
b8:6f:b8:50:02:e5:db:ef:2d:ed:ce:73:27:85:30:
b1:20:d8:40:4d:ec:2d:7d:78:ba:40:ee:5b:2a:76:
ab:cd:f3:ee:62:e6:7a:e9:b7:2d:ba:ef:af:ce:cc:
16:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:8D:DA:50:E1:E3:A4:C5:71:5A:C6:46:68:3F:D6:F6:8E:17:49:7B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CY3aUOHjpMVxWsZGaD_W9o4XSXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.150.0/23
82.153.32.0/24
89.213.124.0/23
109.176.204.0/23
Signature Algorithm: sha256WithRSAEncryption
25:b5:88:3f:7e:48:0e:17:3c:69:fd:a9:44:9f:9a:da:db:2e:
31:a4:f4:2c:27:7f:2a:9d:98:af:75:25:ba:17:98:86:e2:8f:
b3:05:e6:2f:1b:7e:ef:80:cc:5c:0d:9c:60:08:26:71:ec:0e:
f9:6a:6d:42:cb:9d:5c:eb:cb:63:10:81:7c:36:1b:f5:32:37:
0d:1d:12:f6:73:23:1b:32:8d:0e:53:76:cd:0a:b6:f4:25:fd:
48:29:23:2f:b8:5a:db:6f:14:32:85:db:2c:ac:8e:a0:b3:51:
ec:5b:a2:c3:04:e7:42:79:f9:5a:67:ff:6e:c1:4d:2c:b7:43:
dc:f0:96:2f:9d:82:f4:14:d1:a3:1e:8a:73:55:e8:80:8d:51:
31:10:04:ca:74:6b:c3:a4:f1:0d:ab:10:9d:17:82:f1:14:71:
50:b4:0f:3c:fa:96:cc:a0:b8:af:e7:38:12:7c:45:82:a7:9c:
c4:85:26:f9:f1:c2:c2:46:47:a4:b8:71:10:97:13:b1:90:ba:
0d:5d:e3:3a:4c:3d:c4:e6:ba:25:92:ff:f9:7f:02:34:27:2d:
3c:a1:eb:09:97:2f:5f:75:43:5c:83:5a:b4:9c:3c:bc:4f:42:
74:3f:46:13:4e:df:79:12:2d:b8:42:08:b7:97:fd:f7:02:25:
25:e4:d1:f6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZZaVW9IdWAbDVN8DXvIIgsxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNDIxMjE1MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOThkZGE1MGUxZTNhNGM1NzE1YWM2NDY2ODNmZDZmNjhlMTc0OTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArR/ZpuL3Y2bfcc4xXhOqiXN50XVX
QnSXJgc+fryS8R0IYg07lPjWdmL1Dudx1NTaqCnE0BqDNG1KdGYA6ujzC7T7o8lM
2AJugXHNvIsoJ5m7GTpbhttLU+Scw/RjqSKk7ttBzwTaa9msyPlY4w8+Amk4GNL5
s+uadoAJnqexectO5tPqY26DCKfQcfbrhgxJgWK5i1ujSRXBThy2J6B2ip5c8VPB
+Ie17RyfUytnSmx61gn31tPIlFBVImggiWWTxb4EGta7+eAvgfmeNJXGlE64b7hQ
AuXb7y3tznMnhTCxINhATewtfXi6QO5bKnarzfPuYuZ66bctuu+vzswWpQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAmN2lDh46TFcVrGRmg/1vaOF0l7MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQ1kzYVVPSGpwTVZ4V3NaR2FEX1c5bzRYU1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBTV2WAwQA
UpkgAwQBWdV8AwQBbbDMMA0GCSqGSIb3DQEBCwUAA4IBAQAltYg/fkgOFzxp/alE
n5ra2y4xpPQsJ38qnZivdSW6F5iG4o+zBeYvG37vgMxcDZxgCCZx7A75am1Cy51c
68tjEIF8Nhv1MjcNHRL2cyMbMo0OU3bNCrb0Jf1IKSMvuFrbbxQyhdssrI6gs1Hs
W6LDBOdCeflaZ/9uwU0st0Pc8JYvnYL0FNGjHopzVeiAjVExEATKdGvDpPENqxCd
F4LxFHFQtA88+pbMoLiv5zgSfEWCp5zEhSb58cLCRkekuHEQlxOxkLoNXeM6TD3E
5rolkv/5fwI0Jy08oesJly9fdUNcg1q0nDy8T0J0P0YTTt95Ei24Qgi3l/33AiUl
5NH2
-----END CERTIFICATE-----
Generated at Mon Apr 28 15:16:02 2025 by rpki-client