Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/JFeh_aiDk1Wok6qKY5rdZc79lcM.roa
File: JFeh_aiDk1Wok6qKY5rdZc79lcM.roa (raw, json)
Hash identifier: IiPvuOe1hAgTKQ/1gSaTyCWI6qu/9T3lc3CvXjp3aSc=
Subject key identifier: 24:57:A1:FD:A8:83:93:55:A8:93:AA:8A:63:9A:DD:65:CE:FD:95:C3
Certificate issuer: /CN=50d18196b29f60e85d8712de4039a531cfc1ab31
Certificate serial: 0195388B37EB60001BA809FDAFC8CFF56732
Authority key identifier: 50:D1:81:96:B2:9F:60:E8:5D:87:12:DE:40:39:A5:31:CF:C1:AB:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UNGBlrKfYOhdhxLeQDmlMc_BqzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/JFeh_aiDk1Wok6qKY5rdZc79lcM.roa
Signing time: Mon 24 Feb 2025 15:20:02 +0000
ROA not before: Mon 24 Feb 2025 15:20:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204035
IP address blocks: 37.228.132.0/24 maxlen: 24
37.228.134.0/24 maxlen: 24
146.19.118.0/24 maxlen: 24
185.101.92.0/22 maxlen: 22
185.101.92.0/24 maxlen: 24
185.101.93.0/24 maxlen: 24
185.101.94.0/24 maxlen: 24
185.101.95.0/24 maxlen: 24
185.107.192.0/22 maxlen: 22
185.107.192.0/23 maxlen: 23
185.107.192.0/24 maxlen: 24
185.107.193.0/24 maxlen: 24
185.107.194.0/24 maxlen: 24
185.116.156.0/22 maxlen: 22
185.116.156.0/24 maxlen: 24
185.116.157.0/24 maxlen: 24
185.116.158.0/24 maxlen: 24
185.116.159.0/24 maxlen: 24
185.245.168.0/22 maxlen: 22
193.46.24.0/22 maxlen: 22
193.56.126.0/24 maxlen: 24
193.56.129.0/24 maxlen: 24
193.56.156.0/24 maxlen: 24
193.56.173.0/24 maxlen: 24
194.125.248.0/22 maxlen: 22
194.125.248.0/24 maxlen: 24
194.125.249.0/24 maxlen: 24
194.125.250.0/24 maxlen: 24
194.125.251.0/24 maxlen: 24
2a06:1c40::/32 maxlen: 32
2a06:1c41::/32 maxlen: 32
2a06:7f80::/29 maxlen: 29
2a06:7f80:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/UNGBlrKfYOhdhxLeQDmlMc_BqzE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/UNGBlrKfYOhdhxLeQDmlMc_BqzE.mft
rsync://rpki.ripe.net/repository/DEFAULT/UNGBlrKfYOhdhxLeQDmlMc_BqzE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:38:8b:37:eb:60:00:1b:a8:09:fd:af:c8:cf:f5:67:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50d18196b29f60e85d8712de4039a531cfc1ab31
Validity
Not Before: Feb 24 15:20:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2457a1fda8839355a893aa8a639add65cefd95c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:3a:04:40:a1:7f:a0:a7:ca:37:03:88:c3:57:
59:d2:ca:2e:05:93:4f:cc:89:b2:fa:5b:b8:cb:ab:
28:52:2b:44:3e:5c:5c:3e:56:23:5b:83:21:17:cf:
e3:07:9a:cf:f5:5e:ba:8d:19:4b:7a:48:c1:70:48:
3d:81:df:81:ab:ca:04:85:4f:71:e1:a3:29:ea:81:
e4:af:46:77:57:df:4c:5d:49:4c:4e:38:af:03:66:
d1:1f:65:f5:be:64:05:2e:ce:06:a4:fe:39:f9:ca:
3c:d3:c3:92:55:b8:e4:18:7e:27:e7:0f:ac:06:03:
99:f4:10:eb:51:ba:90:53:f0:40:bf:99:d4:09:14:
bb:20:10:e2:d9:0d:4e:47:ba:29:72:09:52:71:36:
83:ab:56:d4:13:5c:6a:76:19:38:02:a2:41:dd:03:
6b:40:39:5e:7f:34:52:79:19:a7:f7:a6:06:45:d3:
15:bf:45:de:92:e8:9e:51:70:dd:20:38:40:54:52:
16:e6:66:b8:cc:6a:a2:0a:0a:fb:9c:69:2b:b1:b4:
22:af:5a:00:a5:24:91:c8:ea:cf:7c:4a:81:af:d0:
9d:d6:a1:8c:45:28:f5:01:24:6e:0c:5c:28:f0:cc:
11:0b:95:b0:d0:d4:8b:28:71:c0:22:5c:b1:c7:4a:
a2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:57:A1:FD:A8:83:93:55:A8:93:AA:8A:63:9A:DD:65:CE:FD:95:C3
X509v3 Authority Key Identifier:
keyid:50:D1:81:96:B2:9F:60:E8:5D:87:12:DE:40:39:A5:31:CF:C1:AB:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNGBlrKfYOhdhxLeQDmlMc_BqzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/JFeh_aiDk1Wok6qKY5rdZc79lcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/UNGBlrKfYOhdhxLeQDmlMc_BqzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.132.0/24
37.228.134.0/24
146.19.118.0/24
185.101.92.0/22
185.107.192.0/22
185.116.156.0/22
185.245.168.0/22
193.46.24.0/22
193.56.126.0/24
193.56.129.0/24
193.56.156.0/24
193.56.173.0/24
194.125.248.0/22
IPv6:
2a06:1c40::/31
2a06:7f80::/29
Signature Algorithm: sha256WithRSAEncryption
96:86:49:e4:38:88:74:ff:70:ef:94:1e:0e:4f:45:04:f1:6f:
6c:2b:bb:66:47:1d:34:b0:36:4e:0e:d7:7e:e2:cd:69:54:bd:
2b:86:c7:64:e5:c6:d9:1e:25:0b:8b:f4:67:66:04:88:2a:07:
3f:6f:56:71:63:40:7a:e0:ac:06:ce:cc:a0:9d:7f:ae:f2:44:
d6:89:b1:ca:b5:6b:63:13:17:d1:d9:07:ac:b4:3e:b5:3d:47:
95:ac:2e:8b:d6:13:aa:c0:3e:d4:71:f5:72:33:e0:40:b5:67:
8a:18:0a:a9:b9:2b:11:96:ac:cd:58:bf:f5:35:4d:b1:b7:df:
13:22:fb:05:89:0b:80:0c:f1:30:3d:11:ed:62:01:76:1a:0c:
e5:3e:fd:a4:9d:d1:69:8e:58:4a:04:67:7c:08:6b:0f:b1:13:
85:99:cd:b2:da:4e:1f:c6:f2:0f:09:ad:c9:08:1d:6b:52:7b:
aa:76:6b:16:49:f1:44:31:f4:49:2b:ca:e7:45:7e:80:55:6c:
9b:83:e6:a9:d2:91:52:bf:74:8f:80:2d:63:7e:fe:d3:9b:52:
6f:f8:87:27:5d:a2:e0:e7:e2:08:3e:e6:9c:d6:8a:fc:f8:e9:
dc:2f:32:2e:d2:ec:50:22:d6:7e:8e:26:32:17:82:f1:18:de:
41:06:30:c5
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZU4izfrYAAbqAn9r8jP9WcyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZDE4MTk2YjI5ZjYwZTg1ZDg3MTJkZTQwMzlhNTMxY2Zj
MWFiMzEwHhcNMjUwMjI0MTUyMDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDU3YTFmZGE4ODM5MzU1YTg5M2FhOGE2MzlhZGQ2NWNlZmQ5NWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3joEQKF/oKfKNwOIw1dZ0souBZNP
zImy+lu4y6soUitEPlxcPlYjW4MhF8/jB5rP9V66jRlLekjBcEg9gd+Bq8oEhU9x
4aMp6oHkr0Z3V99MXUlMTjivA2bRH2X1vmQFLs4GpP45+co808OSVbjkGH4n5w+s
BgOZ9BDrUbqQU/BAv5nUCRS7IBDi2Q1OR7opcglScTaDq1bUE1xqdhk4AqJB3QNr
QDlefzRSeRmn96YGRdMVv0XekuieUXDdIDhAVFIW5ma4zGqiCgr7nGkrsbQir1oA
pSSRyOrPfEqBr9Cd1qGMRSj1ASRuDFwo8MwRC5Ww0NSLKHHAIlyxx0qiNQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFCRXof2og5NVqJOqimOa3WXO/ZXDMB8GA1UdIwQY
MBaAFFDRgZayn2DoXYcS3kA5pTHPwasxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU5HQmxyS2ZZT2hkaHhMZVFEbWxNY19CcXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9jYmVjZjQtYmNlZC00ZDgzLWJmY2Et
YjRhMTgxY2Q0MGY2LzEvSkZlaF9haURrMVdvazZxS1k1cmRaYzc5bGNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9jYmVjZjQtYmNlZC00ZDgzLWJmY2EtYjRhMTgxY2Q0MGY2
LzEvVU5HQmxyS2ZZT2hkaHhMZVFEbWxNY19CcXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQAJeSEAwQA
JeSGAwQAkhN2AwQCuWVcAwQCuWvAAwQCuXScAwQCufWoAwQCwS4YAwQAwTh+AwQA
wTiBAwQAwTicAwQAwTitAwQCwn34MBQEAgACMA4DBQEqBhxAAwUDKgZ/gDANBgkq
hkiG9w0BAQsFAAOCAQEAloZJ5DiIdP9w75QeDk9FBPFvbCu7ZkcdNLA2Tg7XfuLN
aVS9K4bHZOXG2R4lC4v0Z2YEiCoHP29WcWNAeuCsBs7MoJ1/rvJE1omxyrVrYxMX
0dkHrLQ+tT1Hlawui9YTqsA+1HH1cjPgQLVnihgKqbkrEZaszVi/9TVNsbffEyL7
BYkLgAzxMD0R7WIBdhoM5T79pJ3RaY5YSgRnfAhrD7EThZnNstpOH8byDwmtyQgd
a1J7qnZrFknxRDH0SSvK50V+gFVsm4PmqdKRUr90j4AtY37+05tSb/iHJ12i4Ofi
CD7mnNaK/Pjp3C8yLtLsUCLWfo4mMheC8RjeQQYwxQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:05:55 2025 by rpki-client