Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/F6LaKKKdFt9OI_iY-BBB0LaUIOA.roa
File: F6LaKKKdFt9OI_iY-BBB0LaUIOA.roa (raw, json)
Hash identifier: Ez/J5rbu296szVyvsPrPhtq/N+Sb0dDFBtnbVFUK9Do=
Subject key identifier: 17:A2:DA:28:A2:9D:16:DF:4E:23:F8:98:F8:10:41:D0:B6:94:20:E0
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01966944ADCB8CBD1D93D51894DC0A43F2A5
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/F6LaKKKdFt9OI_iY-BBB0LaUIOA.roa
Signing time: Thu 24 Apr 2025 19:27:10 +0000
ROA not before: Thu 24 Apr 2025 19:27:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213005
IP address blocks: 45.81.155.0/24 maxlen: 24
81.21.228.0/22 maxlen: 24
85.115.192.0/22 maxlen: 24
88.135.64.0/22 maxlen: 24
92.60.34.0/24 maxlen: 24
93.92.228.0/22 maxlen: 24
95.214.144.0/22 maxlen: 24
185.106.124.0/22 maxlen: 24
185.179.228.0/22 maxlen: 22
185.189.64.0/22 maxlen: 24
185.211.180.0/22 maxlen: 22
185.223.220.0/22 maxlen: 22
185.227.128.0/22 maxlen: 22
185.230.48.0/22 maxlen: 24
185.245.34.0/23 maxlen: 23
193.26.152.0/22 maxlen: 24
193.35.88.0/22 maxlen: 24
194.38.56.0/22 maxlen: 24
212.80.208.0/22 maxlen: 24
212.115.44.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 20:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:69:44:ad:cb:8c:bd:1d:93:d5:18:94:dc:0a:43:f2:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 24 19:27:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17a2da28a29d16df4e23f898f81041d0b69420e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:76:66:94:00:13:64:50:5c:62:27:41:1c:50:
4a:40:a5:75:08:20:31:9a:bb:0c:f4:e2:79:f0:81:
b9:b0:a5:43:3d:af:89:11:f1:73:db:92:37:96:8d:
bf:4a:0e:2a:35:d9:5a:0b:69:d4:d6:08:7f:af:e9:
02:58:41:ff:89:a4:3b:78:02:ed:67:51:61:58:f3:
b8:58:16:08:f3:94:e4:f0:7e:c9:48:33:d3:61:1a:
2e:37:d7:24:9c:e1:04:1f:d5:87:25:73:17:a3:c5:
4a:90:72:48:a0:c6:54:3e:08:4f:4e:07:cb:2a:99:
fc:68:05:af:ae:e6:f6:4e:58:b0:80:b2:0b:36:13:
4b:8d:c2:cd:dc:b6:df:07:6b:a5:81:93:17:5c:05:
a0:dc:fb:a7:38:dd:4b:e5:50:cc:ed:97:09:5a:8f:
a6:ff:74:ef:fe:2e:d7:8e:ee:b5:de:20:0b:f1:31:
12:d7:98:ba:79:01:e3:4d:0b:64:36:bb:b7:0f:59:
38:c2:48:00:9b:e0:75:a3:18:44:3f:ed:ce:f9:9e:
21:07:a4:db:9f:80:59:0e:94:da:2b:1b:9e:ab:29:
63:59:e8:f1:b3:fa:1e:dc:39:32:1f:48:33:07:9d:
39:f3:7f:38:b9:dc:60:c3:a9:10:8a:8f:cc:5c:52:
06:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:A2:DA:28:A2:9D:16:DF:4E:23:F8:98:F8:10:41:D0:B6:94:20:E0
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/F6LaKKKdFt9OI_iY-BBB0LaUIOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.155.0/24
81.21.228.0/22
85.115.192.0/22
88.135.64.0/22
92.60.34.0/24
93.92.228.0/22
95.214.144.0/22
185.106.124.0/22
185.179.228.0/22
185.189.64.0/22
185.211.180.0/22
185.223.220.0/22
185.227.128.0/22
185.230.48.0/22
185.245.34.0/23
193.26.152.0/22
193.35.88.0/22
194.38.56.0/22
212.80.208.0/22
212.115.44.0/22
Signature Algorithm: sha256WithRSAEncryption
74:46:92:5b:44:ef:f2:bc:d0:04:9e:42:ee:b8:80:f6:a8:56:
36:70:f0:e9:87:e5:af:d5:1f:87:3b:c7:c8:30:42:8d:ed:5d:
5e:d0:e6:65:7e:e8:a1:ee:b9:fd:4f:66:09:95:8b:8d:8b:01:
89:31:21:b0:8a:a0:e1:48:e2:0d:1e:c4:9f:63:cc:11:7f:13:
fd:dd:bc:ce:77:f5:3b:e1:8b:6a:12:1a:8e:19:7a:68:e6:ae:
ef:8e:48:a0:fe:f9:79:9d:d2:17:96:9e:98:d1:ab:31:8c:9a:
d5:4e:f0:9e:70:a7:91:3f:aa:78:6d:cb:58:be:9f:fc:a5:9c:
6d:b4:a4:2a:2f:17:d7:b0:a6:a9:0c:fe:9b:f5:ae:4f:8c:bd:
af:49:d8:11:f6:1f:b4:05:c2:b9:99:e2:48:35:e3:6a:36:53:
e8:63:01:06:09:95:2e:7b:31:a0:ac:78:64:ab:6c:b9:d4:2d:
d6:7d:6a:66:c1:74:cc:03:da:ed:0a:4a:48:8a:e8:0f:a7:6f:
fc:a6:d0:43:7f:c1:f1:ca:ef:a2:cf:3a:75:45:9a:76:9c:71:
8d:44:9f:d5:8f:f5:8c:90:9f:f4:cc:aa:73:b9:69:2a:69:21:
6e:bb:02:05:7d:e6:c7:ef:79:22:29:e6:e8:05:83:f0:93:a7:
42:85:5e:a0
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZZpRK3LjL0dk9UYlNwKQ/KlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNDI0MTkyNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2EyZGEyOGEyOWQxNmRmNGUyM2Y4OThmODEwNDFkMGI2OTQyMGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnZmlAATZFBcYidBHFBKQKV1CCAx
mrsM9OJ58IG5sKVDPa+JEfFz25I3lo2/Sg4qNdlaC2nU1gh/r+kCWEH/iaQ7eALt
Z1FhWPO4WBYI85Tk8H7JSDPTYRouN9cknOEEH9WHJXMXo8VKkHJIoMZUPghPTgfL
Kpn8aAWvrub2TliwgLILNhNLjcLN3LbfB2ulgZMXXAWg3PunON1L5VDM7ZcJWo+m
/3Tv/i7Xju613iAL8TES15i6eQHjTQtkNru3D1k4wkgAm+B1oxhEP+3O+Z4hB6Tb
n4BZDpTaKxueqyljWejxs/oe3DkyH0gzB5058384udxgw6kQio/MXFIGswIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFBei2iiinRbfTiP4mPgQQdC2lCDgMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvRjZMYUtLS2RGdDlPSV9pWS1CQkIwTGFVSU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQALVGb
AwQCURXkAwQCVXPAAwQCWIdAAwQAXDwiAwQCXVzkAwQCX9aQAwQCuWp8AwQCubPk
AwQCub1AAwQCudO0AwQCud/cAwQCueOAAwQCueYwAwQBufUiAwQCwRqYAwQCwSNY
AwQCwiY4AwQC1FDQAwQC1HMsMA0GCSqGSIb3DQEBCwUAA4IBAQB0RpJbRO/yvNAE
nkLuuID2qFY2cPDph+Wv1R+HO8fIMEKN7V1e0OZlfuih7rn9T2YJlYuNiwGJMSGw
iqDhSOINHsSfY8wRfxP93bzOd/U74YtqEhqOGXpo5q7vjkig/vl5ndIXlp6Y0asx
jJrVTvCecKeRP6p4bctYvp/8pZxttKQqLxfXsKapDP6b9a5PjL2vSdgR9h+0BcK5
meJINeNqNlPoYwEGCZUuezGgrHhkq2y51C3WfWpmwXTMA9rtCkpIiugPp2/8ptBD
f8Hxyu+izzp1RZp2nHGNRJ/Vj/WMkJ/0zKpzuWkqaSFuuwIFfebH73kiKeboBYPw
k6dChV6g
-----END CERTIFICATE-----
Generated at Sun Apr 27 04:15:34 2025 by rpki-client