Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/dbJBjLM2R4FbaLJEfe8c2Ly6uHw.roa
File: dbJBjLM2R4FbaLJEfe8c2Ly6uHw.roa (raw, json)
Hash identifier: o/lQtGpkSVzG47k87VZdN/0Njrn+Bde7V/YioG6J7q8=
Subject key identifier: 75:B2:41:8C:B3:36:47:81:5B:68:B2:44:7D:EF:1C:D8:BC:BA:B8:7C
Certificate issuer: /CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Certificate serial: 0196387B0EF09614D3CFFA36D35B77E22319
Authority key identifier: B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/dbJBjLM2R4FbaLJEfe8c2Ly6uHw.roa
Signing time: Tue 15 Apr 2025 08:05:10 +0000
ROA not before: Tue 15 Apr 2025 08:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60175
IP address blocks: 89.63.0.0/16 maxlen: 24
89.63.0.0/20 maxlen: 20
89.63.16.0/20 maxlen: 20
89.63.20.0/24 maxlen: 24
185.35.12.0/22 maxlen: 22
195.4.128.0/19 maxlen: 19
195.4.145.0/24 maxlen: 24
195.4.160.0/20 maxlen: 20
195.4.184.0/21 maxlen: 21
195.4.192.0/20 maxlen: 20
195.4.199.0/24 maxlen: 24
195.4.208.0/21 maxlen: 21
2a00:dca0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.mft
rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:38:7b:0e:f0:96:14:d3:cf:fa:36:d3:5b:77:e2:23:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Validity
Not Before: Apr 15 08:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75b2418cb33647815b68b2447def1cd8bcbab87c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:16:64:7a:6b:fd:5a:63:ab:18:29:e7:75:88:
3b:5a:e8:df:c0:b1:23:b7:14:8e:56:e5:80:ec:ac:
16:b1:0b:ef:5a:19:ef:8f:9f:a1:d6:a7:62:56:88:
b0:4d:32:59:d6:1c:3f:b8:59:c2:af:34:83:06:58:
2b:8f:0e:48:a3:34:6f:a3:3e:64:01:41:5c:9b:42:
81:9f:d5:a3:8b:c1:e9:47:b4:a6:2c:e1:52:29:69:
13:ba:ff:c0:bf:bf:57:12:37:29:d2:df:85:9a:4b:
93:93:f8:1b:23:72:43:76:42:f5:66:37:6e:84:e4:
35:cc:7f:32:3c:4f:b6:2b:81:d3:f0:b7:44:3a:96:
ea:11:e3:16:b7:db:73:85:1d:b6:7a:15:46:67:ca:
05:51:03:f4:f3:d2:ef:7f:ea:83:69:d6:8c:5a:05:
d8:3d:54:81:7e:0b:76:b1:ee:a2:d6:a0:2d:93:b0:
bb:cc:fc:ad:62:e8:83:7c:ea:41:16:0f:9e:d3:12:
a3:e5:9a:c4:ee:cb:72:c2:f7:9a:07:05:44:6e:f4:
a1:38:76:06:8c:1a:c4:aa:da:89:63:85:5a:e6:92:
e4:9f:22:0e:3f:d9:91:23:fb:d4:19:c7:9f:c0:23:
14:01:b8:9b:cb:e3:05:37:60:03:a2:18:e8:6f:af:
60:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B2:41:8C:B3:36:47:81:5B:68:B2:44:7D:EF:1C:D8:BC:BA:B8:7C
X509v3 Authority Key Identifier:
keyid:B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/dbJBjLM2R4FbaLJEfe8c2Ly6uHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.63.0.0/16
185.35.12.0/22
195.4.128.0-195.4.175.255
195.4.184.0-195.4.215.255
IPv6:
2a00:dca0::/29
Signature Algorithm: sha256WithRSAEncryption
ca:d8:e8:65:1e:06:a3:87:81:a5:c4:01:c6:d7:95:1f:e3:1e:
4b:86:b4:e1:6f:32:c6:42:3c:f3:c3:5c:d3:60:ca:58:7b:61:
3c:72:70:11:32:70:60:88:a1:ad:cb:4c:de:c6:34:1c:2a:f9:
2e:10:4f:b3:9c:27:a0:40:44:ac:19:c0:d2:1d:98:9b:62:8b:
06:e4:e5:c3:05:4d:30:07:82:d7:d2:a2:f7:39:b8:11:50:b3:
a2:26:66:c8:80:61:c6:a5:ff:df:85:51:64:ed:d5:6a:44:2a:
04:08:60:05:dc:fc:4f:ae:4c:40:98:7b:17:05:0e:33:a8:61:
70:a6:57:1a:2f:ca:2f:9b:c5:9f:fe:d3:d1:fc:fd:b1:68:0a:
bd:68:e2:9e:b0:e4:e8:c2:6d:3f:e7:14:07:2d:ed:fa:4b:d0:
15:c9:78:96:c4:ae:ff:5b:93:37:4e:32:4a:fa:44:a9:2b:fc:
ce:a8:57:f7:c5:ea:9f:dc:4b:2f:79:05:6c:82:a4:b6:2a:fd:
72:d8:81:21:58:21:01:50:a2:7e:87:3e:36:1f:5f:cd:b3:79:
c2:4f:e2:ab:de:e3:aa:1f:01:24:a4:f2:53:4a:80:b9:72:40:
56:fc:25:8c:11:06:6f:c7:b3:0b:25:ab:61:af:a1:3a:c1:21:
5a:12:51:5a
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZY4ew7wlhTTz/o201t34iMZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmVlMmIzOTcxMjM3N2I0YmZlYzllNjZhYzdlNmU5MDhl
ZmNlZWMwHhcNMjUwNDE1MDgwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWIyNDE4Y2IzMzY0NzgxNWI2OGIyNDQ3ZGVmMWNkOGJjYmFiODdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRZkemv9WmOrGCnndYg7WujfwLEj
txSOVuWA7KwWsQvvWhnvj5+h1qdiVoiwTTJZ1hw/uFnCrzSDBlgrjw5IozRvoz5k
AUFcm0KBn9Wji8HpR7SmLOFSKWkTuv/Av79XEjcp0t+FmkuTk/gbI3JDdkL1Zjdu
hOQ1zH8yPE+2K4HT8LdEOpbqEeMWt9tzhR22ehVGZ8oFUQP089Lvf+qDadaMWgXY
PVSBfgt2se6i1qAtk7C7zPytYuiDfOpBFg+e0xKj5ZrE7stywveaBwVEbvShOHYG
jBrEqtqJY4Va5pLknyIOP9mRI/vUGcefwCMUAbiby+MFN2ADohjob69gdwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHWyQYyzNkeBW2iyRH3vHNi8urh8MB8GA1UdIwQY
MBaAFLMu4rOXEjd7S/7J5mrH5ukI787sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMt
ZjAxNmNhNWRhMjE5LzEvZGJKQmpMTTJSNEZiYUxKRWZlOGMyTHk2dUh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMtZjAxNmNhNWRhMjE5
LzEvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAtBAIAATAnAwMAWT8DBAK5
IwwwDAMEB8MEgAMEBMMEoDAMAwQDwwS4AwQDwwTQMA0EAgACMAcDBQMqANygMA0G
CSqGSIb3DQEBCwUAA4IBAQDK2OhlHgajh4GlxAHG15Uf4x5LhrThbzLGQjzzw1zT
YMpYe2E8cnARMnBgiKGty0zexjQcKvkuEE+znCegQESsGcDSHZibYosG5OXDBU0w
B4LX0qL3ObgRULOiJmbIgGHGpf/fhVFk7dVqRCoECGAF3PxPrkxAmHsXBQ4zqGFw
plcaL8ovm8Wf/tPR/P2xaAq9aOKesOTowm0/5xQHLe36S9AVyXiWxK7/W5M3TjJK
+kSpK/zOqFf3xeqf3EsveQVsgqS2Kv1y2IEhWCEBUKJ+hz42H1/Ns3nCT+Kr3uOq
HwEkpPJTSoC5ckBW/CWMEQZvx7MLJathr6E6wSFaElFa
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:16:51 2025 by rpki-client