Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/tQddqDtQw7NBgLftZFCqhwc_WuA.roa
File: tQddqDtQw7NBgLftZFCqhwc_WuA.roa (raw, json)
Hash identifier: HvmNQRN7FhEkknx+nTyVHNveazbku60W7ld+fe7MosQ=
Subject key identifier: B5:07:5D:A8:3B:50:C3:B3:41:80:B7:ED:64:50:AA:87:07:3F:5A:E0
Certificate issuer: /CN=37fb004e397ddf04e7d05f3643a036f21836ff10
Certificate serial: 0197CF6C7BB4227E36A53C6814422BB69491
Authority key identifier: 37:FB:00:4E:39:7D:DF:04:E7:D0:5F:36:43:A0:36:F2:18:36:FF:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/tQddqDtQw7NBgLftZFCqhwc_WuA.roa
Signing time: Thu 03 Jul 2025 08:34:42 +0000
ROA not before: Thu 03 Jul 2025 08:34:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29134
IP address blocks: 37.46.80.0/21 maxlen: 21
62.109.128.0/19 maxlen: 19
130.193.8.0/21 maxlen: 24
171.33.136.0/21 maxlen: 21
185.100.92.0/22 maxlen: 22
185.102.20.0/22 maxlen: 24
185.102.76.0/22 maxlen: 22
213.109.164.0/22 maxlen: 24
217.31.48.0/20 maxlen: 20
2001:1ab0::/32 maxlen: 32
2a00:ca80::/32 maxlen: 32
2a03:b780::/32 maxlen: 32
2a09:ec00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/N_sATjl93wTn0F82Q6A28hg2_xA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/N_sATjl93wTn0F82Q6A28hg2_xA.mft
rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cf:6c:7b:b4:22:7e:36:a5:3c:68:14:42:2b:b6:94:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37fb004e397ddf04e7d05f3643a036f21836ff10
Validity
Not Before: Jul 3 08:34:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5075da83b50c3b34180b7ed6450aa87073f5ae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:be:f6:43:2c:c4:2a:cd:34:18:f9:8f:14:d0:
a6:2f:f4:f7:bf:36:e1:f0:f2:8a:6e:e1:b9:25:9f:
d4:7f:60:a0:ec:28:4c:73:b3:5f:be:c3:9a:ae:a8:
3f:c8:a6:b1:42:c3:4c:be:2f:a6:f2:96:9d:bc:49:
c7:31:45:23:a2:cc:69:81:88:9c:c3:11:04:0e:18:
d1:dd:08:5a:15:05:11:5c:49:ba:2c:f3:31:b4:3b:
10:0b:71:0b:48:c8:b0:f6:da:be:a3:49:87:f4:7e:
f1:b5:62:d6:02:d5:af:2b:38:f1:53:87:d0:a6:8f:
6b:41:f2:1a:16:78:a2:3f:64:a9:a6:72:ce:a6:04:
73:ea:40:8c:19:0d:60:ab:09:2a:13:61:0f:4b:d3:
24:44:5e:b3:ba:db:fb:5a:4b:80:71:17:6c:24:b6:
37:00:c8:06:d3:1d:90:4f:1a:3b:37:e1:cf:c1:eb:
97:0e:b8:3e:2d:cd:92:a3:f2:ce:5d:79:d0:24:c8:
ca:9b:5f:11:22:79:9a:6e:d7:34:19:40:45:52:97:
78:c4:cc:a9:49:fb:82:b3:e8:fa:e4:5a:c2:ae:3c:
9d:65:00:20:41:1d:f9:39:95:8e:42:6d:f5:61:92:
96:0e:a5:40:f6:43:be:0d:7d:a9:c1:e1:73:4b:48:
1b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:07:5D:A8:3B:50:C3:B3:41:80:B7:ED:64:50:AA:87:07:3F:5A:E0
X509v3 Authority Key Identifier:
keyid:37:FB:00:4E:39:7D:DF:04:E7:D0:5F:36:43:A0:36:F2:18:36:FF:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/tQddqDtQw7NBgLftZFCqhwc_WuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/N_sATjl93wTn0F82Q6A28hg2_xA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.80.0/21
62.109.128.0/19
130.193.8.0/21
171.33.136.0/21
185.100.92.0/22
185.102.20.0/22
185.102.76.0/22
213.109.164.0/22
217.31.48.0/20
IPv6:
2001:1ab0::/32
2a00:ca80::/32
2a03:b780::/32
2a09:ec00::/29
Signature Algorithm: sha256WithRSAEncryption
a2:a2:3e:ea:b5:6c:07:79:94:b9:91:e5:e2:25:6e:16:8c:f8:
f8:77:f0:fe:e7:ce:59:fb:6b:a0:33:c6:2c:ed:e8:89:be:dd:
9f:e6:1d:11:16:8e:5b:db:66:67:96:ed:6e:00:b9:8f:ba:a5:
34:59:48:b9:a5:d0:d0:ec:3a:fd:be:c3:4b:35:1c:b0:2d:2c:
4f:5a:3d:a6:1e:45:0f:05:2d:ad:2f:5d:ec:fb:c9:2e:34:9d:
6b:99:c2:6d:fa:56:8f:5a:f3:61:f2:59:aa:c8:2c:99:75:21:
db:a0:b4:f8:98:cc:be:56:d6:b3:69:4b:02:04:79:32:35:24:
5c:69:48:0b:c0:fc:e7:da:e1:3c:06:1e:66:07:f3:e3:e1:8b:
e7:78:84:6a:81:8c:83:83:e1:05:fe:0c:31:79:66:e7:06:a2:
2a:1c:85:ea:88:ae:68:6b:c3:6d:61:4f:c3:75:a2:1e:3f:2b:
9d:64:ba:23:53:c3:5f:5f:a7:9d:e3:c9:a2:ba:ba:bc:17:da:
19:1e:dd:ca:51:7b:07:3e:c0:cd:cc:cc:52:d9:56:55:3f:f6:
c3:71:6d:b8:f2:aa:a7:7d:5f:4f:5f:01:ed:35:13:9d:d5:ec:
29:ef:be:9d:a4:04:c9:18:32:83:b6:41:71:7d:9d:7b:33:1e:
f2:91:cb:d2
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZfPbHu0In42pTxoFEIrtpSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZmIwMDRlMzk3ZGRmMDRlN2QwNWYzNjQzYTAzNmYyMTgz
NmZmMTAwHhcNMjUwNzAzMDgzNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTA3NWRhODNiNTBjM2IzNDE4MGI3ZWQ2NDUwYWE4NzA3M2Y1YWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt772QyzEKs00GPmPFNCmL/T3vzbh
8PKKbuG5JZ/Uf2Cg7ChMc7NfvsOarqg/yKaxQsNMvi+m8padvEnHMUUjosxpgYic
wxEEDhjR3QhaFQURXEm6LPMxtDsQC3ELSMiw9tq+o0mH9H7xtWLWAtWvKzjxU4fQ
po9rQfIaFniiP2SppnLOpgRz6kCMGQ1gqwkqE2EPS9MkRF6zutv7WkuAcRdsJLY3
AMgG0x2QTxo7N+HPweuXDrg+Lc2So/LOXXnQJMjKm18RInmabtc0GUBFUpd4xMyp
SfuCs+j65FrCrjydZQAgQR35OZWOQm31YZKWDqVA9kO+DX2pweFzS0gbPQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFLUHXag7UMOzQYC37WRQqocHP1rgMB8GA1UdIwQY
MBaAFDf7AE45fd8E59BfNkOgNvIYNv8QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTl9zQVRqbDkzd1RuMEY4MlE2QTI4aGcyX3hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS83NDIyOTktZjM0My00MzIxLWIzNTEt
YjUzYjY0Y2YwZDk1LzEvdFFkZHFEdFF3N05CZ0xmdFpGQ3Fod2NfV3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS83NDIyOTktZjM0My00MzIxLWIzNTEtYjUzYjY0Y2YwZDk1
LzEvTl9zQVRqbDkzd1RuMEY4MlE2QTI4aGcyX3hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjA8BAIAATA2AwQDJS5QAwQF
Pm2AAwQDgsEIAwQDqyGIAwQCuWRcAwQCuWYUAwQCuWZMAwQC1W2kAwQE2R8wMCIE
AgACMBwDBQAgARqwAwUAKgDKgAMFACoDt4ADBQMqCewAMA0GCSqGSIb3DQEBCwUA
A4IBAQCioj7qtWwHeZS5keXiJW4WjPj4d/D+585Z+2ugM8Ys7eiJvt2f5h0RFo5b
22Znlu1uALmPuqU0WUi5pdDQ7Dr9vsNLNRywLSxPWj2mHkUPBS2tL13s+8kuNJ1r
mcJt+laPWvNh8lmqyCyZdSHboLT4mMy+VtazaUsCBHkyNSRcaUgLwPzn2uE8Bh5m
B/Pj4YvneIRqgYyDg+EF/gwxeWbnBqIqHIXqiK5oa8NtYU/DdaIePyudZLojU8Nf
X6ed48miurq8F9oZHt3KUXsHPsDNzMxS2VZVP/bDcW248qqnfV9PXwHtNROd1ewp
776dpATJGDKDtkFxfZ17Mx7ykcvS
-----END CERTIFICATE-----
Generated at Sun Jul 27 06:02:09 2025 by rpki-client