Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YdruC7-WgjSl_RRhwSMWqIIiBB4.roa
File: YdruC7-WgjSl_RRhwSMWqIIiBB4.roa (raw, json)
Hash identifier: RiWyj/qir48TJIbuPJxouTutTSkxGWqoc2c8RdDWVrA=
Subject key identifier: 61:DA:EE:0B:BF:96:82:34:A5:FD:14:61:C1:23:16:A8:82:22:04:1E
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01964544FA2958FB5F677C7179F6113D54A3
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YdruC7-WgjSl_RRhwSMWqIIiBB4.roa
Signing time: Thu 17 Apr 2025 19:41:10 +0000
ROA not before: Thu 17 Apr 2025 19:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 89.36.23.0/24 maxlen: 24
93.114.192.0/24 maxlen: 24
185.150.0.0/24 maxlen: 24
185.192.68.0/24 maxlen: 24
220.158.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 14:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:45:44:fa:29:58:fb:5f:67:7c:71:79:f6:11:3d:54:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 17 19:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61daee0bbf968234a5fd1461c12316a88222041e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:5c:e4:43:13:f7:e0:fe:16:6d:3a:d5:e1:57:
82:02:f8:22:72:6b:65:f4:94:8b:04:d9:2b:34:66:
92:c6:39:94:76:c5:69:ab:e2:88:34:7c:cd:22:5c:
e1:55:f1:f3:05:4c:11:c2:9a:89:0a:55:fc:9c:dc:
ae:f0:ee:49:83:cb:a2:ca:9b:6b:df:4f:c5:2f:db:
1e:20:b1:db:e9:11:23:8f:e4:64:ef:4d:db:3c:62:
c9:28:a8:73:3b:4a:d1:ac:bf:08:b1:51:13:44:c1:
1c:51:b0:7d:af:14:ca:4a:e8:6d:bf:7f:53:48:b4:
ea:33:02:02:10:38:07:03:65:80:05:2d:97:a5:3e:
23:88:de:d4:44:82:ab:1b:6a:21:43:86:aa:fe:05:
7c:9f:0a:e7:6d:8d:17:95:64:d1:e7:1c:9a:f5:ae:
18:bc:6f:c2:56:f2:91:8a:b7:6b:c0:4e:ad:b0:dd:
49:f0:78:39:3a:a2:17:da:14:3e:03:1f:21:22:52:
b6:a0:37:d3:6d:5c:3a:48:83:73:14:f9:54:9f:c8:
9b:d2:ea:fe:60:2e:cb:6e:d1:5f:7c:4b:d2:ab:5c:
8a:54:89:fc:d0:3d:58:10:42:6c:b1:fb:41:e2:a8:
43:dd:76:09:9e:98:3a:f6:5f:10:08:fa:39:21:8e:
ed:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:DA:EE:0B:BF:96:82:34:A5:FD:14:61:C1:23:16:A8:82:22:04:1E
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YdruC7-WgjSl_RRhwSMWqIIiBB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.23.0/24
93.114.192.0/24
185.150.0.0/24
185.192.68.0/24
220.158.198.0/24
Signature Algorithm: sha256WithRSAEncryption
50:47:eb:d3:48:06:cf:bc:98:66:89:0e:6e:32:a9:31:7a:a4:
00:8e:a3:92:85:1e:f5:01:8c:45:eb:a7:44:4a:09:ef:64:d2:
6b:88:4f:f8:30:1e:52:84:52:9d:f1:2d:a4:b3:7c:04:63:ac:
4d:75:1a:01:49:a8:44:7e:41:dc:04:8a:86:48:dd:3a:1c:6b:
5d:a9:0c:10:3b:18:c1:3a:4f:6f:07:8c:ef:20:9f:f2:5e:ee:
be:34:a2:27:59:56:c4:58:86:23:e9:ba:2e:ef:32:32:2e:7c:
8f:36:68:aa:27:c3:7a:08:85:b1:37:ad:87:f2:73:d9:77:ff:
96:ee:38:05:ec:c1:b7:1d:49:8f:78:39:9c:78:6b:ee:f2:27:
59:01:ff:81:d5:b0:87:39:e0:39:cd:56:9d:74:bb:49:c3:35:
8e:73:9b:b7:2b:e8:d5:ea:45:85:77:0f:22:90:7f:f3:e1:cc:
c5:e0:e0:16:fd:b6:d2:e3:24:cb:75:e7:cd:3b:ac:1e:59:18:
e9:6c:51:8a:ef:ad:5b:5d:d1:08:59:f6:b6:41:37:4a:36:53:
7d:1d:59:06:28:5c:15:bc:24:32:75:15:b8:50:ce:a1:1c:95:
32:99:6c:42:64:2b:57:9f:8d:67:68:be:79:71:d3:3b:06:8d:
27:25:a0:65
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZZFRPopWPtfZ3xxefYRPVSjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwNDE3MTk0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWRhZWUwYmJmOTY4MjM0YTVmZDE0NjFjMTIzMTZhODgyMjIwNDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9lzkQxP34P4WbTrV4VeCAvgicmtl
9JSLBNkrNGaSxjmUdsVpq+KINHzNIlzhVfHzBUwRwpqJClX8nNyu8O5Jg8uiyptr
30/FL9seILHb6REjj+Rk703bPGLJKKhzO0rRrL8IsVETRMEcUbB9rxTKSuhtv39T
SLTqMwICEDgHA2WABS2XpT4jiN7URIKrG2ohQ4aq/gV8nwrnbY0XlWTR5xya9a4Y
vG/CVvKRirdrwE6tsN1J8Hg5OqIX2hQ+Ax8hIlK2oDfTbVw6SINzFPlUn8ib0ur+
YC7LbtFffEvSq1yKVIn80D1YEEJssftB4qhD3XYJnpg69l8QCPo5IY7thQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGHa7gu/loI0pf0UYcEjFqiCIgQeMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWWRydUM3LVdnalNsX1JSaHdTTVdxSUlpQkI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWSQXAwQA
XXLAAwQAuZYAAwQAucBEAwQA3J7GMA0GCSqGSIb3DQEBCwUAA4IBAQBQR+vTSAbP
vJhmiQ5uMqkxeqQAjqOShR71AYxF66dESgnvZNJriE/4MB5ShFKd8S2ks3wEY6xN
dRoBSahEfkHcBIqGSN06HGtdqQwQOxjBOk9vB4zvIJ/yXu6+NKInWVbEWIYj6bou
7zIyLnyPNmiqJ8N6CIWxN62H8nPZd/+W7jgF7MG3HUmPeDmceGvu8idZAf+B1bCH
OeA5zVaddLtJwzWOc5u3K+jV6kWFdw8ikH/z4czF4OAW/bbS4yTLdefNO6weWRjp
bFGK761bXdEIWfa2QTdKNlN9HVkGKFwVvCQydRW4UM6hHJUymWxCZCtXn41naL55
cdM7Bo0nJaBl
-----END CERTIFICATE-----
Generated at Sat Apr 26 21:44:03 2025 by rpki-client