Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/98W2p6rqVlQsbZ0blHTEkf-sWSY.roa
File: 98W2p6rqVlQsbZ0blHTEkf-sWSY.roa (raw, json)
Hash identifier: 6a0M06Lv1SRNn4VgtI5MyppdIV/qAeomn6q+aHDsUgU=
Subject key identifier: F7:C5:B6:A7:AA:EA:56:54:2C:6D:9D:1B:94:74:C4:91:FF:AC:59:26
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0194266B94FF8088C5CA4B6D14F2FE6C7357
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/98W2p6rqVlQsbZ0blHTEkf-sWSY.roa
Signing time: Thu 02 Jan 2025 09:49:32 +0000
ROA not before: Thu 02 Jan 2025 09:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199482
IP address blocks: 37.72.12.0/24 maxlen: 24
84.236.157.0/24 maxlen: 24
178.156.122.0/24 maxlen: 24
178.156.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 15:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:94:ff:80:88:c5:ca:4b:6d:14:f2:fe:6c:73:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 09:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7c5b6a7aaea56542c6d9d1b9474c491ffac5926
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0a:3a:77:e4:1b:7d:e5:11:b5:d3:6b:f0:75:
e4:5e:a5:4c:ac:56:fe:a1:3a:c9:25:b9:85:f0:09:
23:82:9a:34:01:32:a6:88:19:18:81:29:91:9d:5f:
bb:be:e8:32:69:51:03:5b:83:00:b5:0a:bf:ec:9e:
10:30:3f:62:fc:70:2a:02:b8:02:f4:79:b6:6e:57:
1d:d5:56:aa:ca:25:eb:52:10:7b:37:13:78:6c:25:
08:06:89:b5:a2:eb:99:7d:ca:64:00:2f:00:13:aa:
89:be:aa:47:36:cf:eb:7e:a2:cb:60:e8:be:56:76:
6c:f7:b1:36:a5:c2:8c:6e:85:ea:61:b2:a6:b1:b9:
bd:37:c8:34:cb:1d:b5:88:cc:54:23:ed:b9:f2:31:
55:87:77:8d:d0:31:0c:6c:3b:d4:96:34:46:50:4d:
f7:22:c7:bc:c7:ce:8c:56:c3:48:77:01:70:55:db:
6e:6e:a7:59:43:5c:d0:58:db:d4:ec:cd:e5:ac:1d:
42:db:eb:60:85:72:ab:26:d7:e0:6c:c0:53:77:a0:
66:59:a3:ac:0f:00:1c:e4:ca:a5:fd:1a:33:7b:24:
59:13:75:f1:ea:cc:f8:e7:61:da:31:0d:17:ed:7a:
3a:4f:d8:aa:dd:66:45:28:c8:6f:ed:f5:72:9e:e7:
c6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:C5:B6:A7:AA:EA:56:54:2C:6D:9D:1B:94:74:C4:91:FF:AC:59:26
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/98W2p6rqVlQsbZ0blHTEkf-sWSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.12.0/24
84.236.157.0/24
178.156.122.0/24
178.156.126.0/24
Signature Algorithm: sha256WithRSAEncryption
55:0f:65:5d:a1:ad:18:e4:a0:cf:f9:5f:b4:f4:25:3c:6c:6d:
1e:0c:03:96:3f:24:6e:c6:89:85:2b:07:a7:8b:72:a9:cf:7d:
73:06:04:96:34:86:ff:7c:f1:ee:5a:42:a4:20:75:a6:c5:7b:
2e:02:ea:d1:8f:b6:6f:67:40:0d:23:bc:6d:4c:8e:65:f5:10:
85:0a:88:17:a1:34:1d:e8:06:e9:8a:a6:ed:ab:7a:f9:fb:4b:
b4:98:b3:ba:c4:93:1b:0c:c4:1c:6c:6a:bb:97:37:9a:0c:fc:
b7:03:e1:ed:35:de:82:ee:53:6d:b5:c4:77:c4:36:f9:16:08:
9a:79:70:7d:0b:fa:5d:32:39:40:0b:79:15:b9:7c:44:71:1a:
5f:c7:d8:7e:27:eb:0f:c3:2a:48:dd:35:87:58:6c:18:7c:6c:
ce:3a:86:eb:17:15:90:d5:11:a3:07:9e:e0:a1:4b:a4:7a:ae:
24:d6:86:06:30:73:82:71:df:55:0b:ea:65:38:14:74:a4:52:
7d:be:fc:85:a0:7a:11:f4:d6:7f:a3:2c:86:5d:2d:aa:9e:b4:
ec:27:05:a6:45:01:66:15:f7:af:59:4d:c4:92:49:77:81:7b:
44:1e:16:46:cc:77:38:54:be:62:24:38:ef:7e:0c:13:21:5c:
c1:31:33:8e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQma5T/gIjFykttFPL+bHNXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUwMTAyMDk0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2M1YjZhN2FhZWE1NjU0MmM2ZDlkMWI5NDc0YzQ5MWZmYWM1OTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgo6d+QbfeURtdNr8HXkXqVMrFb+
oTrJJbmF8Akjgpo0ATKmiBkYgSmRnV+7vugyaVEDW4MAtQq/7J4QMD9i/HAqArgC
9Hm2blcd1VaqyiXrUhB7NxN4bCUIBom1ouuZfcpkAC8AE6qJvqpHNs/rfqLLYOi+
VnZs97E2pcKMboXqYbKmsbm9N8g0yx21iMxUI+258jFVh3eN0DEMbDvUljRGUE33
Ise8x86MVsNIdwFwVdtubqdZQ1zQWNvU7M3lrB1C2+tghXKrJtfgbMBTd6BmWaOs
DwAc5Mql/RozeyRZE3Xx6sz452HaMQ0X7Xo6T9iq3WZFKMhv7fVynufG4wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPfFtqeq6lZULG2dG5R0xJH/rFkmMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvOThXMnA2cnFWbFFzYlowYmxIVEVrZi1zV1NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJUgMAwQA
VOydAwQAspx6AwQAspx+MA0GCSqGSIb3DQEBCwUAA4IBAQBVD2Vdoa0Y5KDP+V+0
9CU8bG0eDAOWPyRuxomFKweni3Kpz31zBgSWNIb/fPHuWkKkIHWmxXsuAurRj7Zv
Z0ANI7xtTI5l9RCFCogXoTQd6Abpiqbtq3r5+0u0mLO6xJMbDMQcbGq7lzeaDPy3
A+HtNd6C7lNttcR3xDb5FgiaeXB9C/pdMjlAC3kVuXxEcRpfx9h+J+sPwypI3TWH
WGwYfGzOOobrFxWQ1RGjB57goUukeq4k1oYGMHOCcd9VC+plOBR0pFJ9vvyFoHoR
9NZ/oyyGXS2qnrTsJwWmRQFmFfevWU3Ekkl3gXtEHhZGzHc4VL5iJDjvfgwTIVzB
MTOO
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:51:28 2025 by rpki-client