Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/c52682-7ea1-42f7-84db-af1ac0f00417/1/pul6fCeEfRfqHUtKh0hXtHyFW6M.roa
File: pul6fCeEfRfqHUtKh0hXtHyFW6M.roa (raw, json)
Hash identifier: SMvKtJGuPxG36wkNr1bAgb49/+mZbdqtVopoxHFUHtU=
Subject key identifier: A6:E9:7A:7C:27:84:7D:17:EA:1D:4B:4A:87:48:57:B4:7C:85:5B:A3
Certificate issuer: /CN=f2de8ebddd084163a90b9ae50397b2db49cb17ad
Certificate serial: 0194266BCD28BB773D8F2AF6751A32409523
Authority key identifier: F2:DE:8E:BD:DD:08:41:63:A9:0B:9A:E5:03:97:B2:DB:49:CB:17:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8t6Ovd0IQWOpC5rlA5ey20nLF60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/c52682-7ea1-42f7-84db-af1ac0f00417/1/pul6fCeEfRfqHUtKh0hXtHyFW6M.roa
Signing time: Thu 02 Jan 2025 09:49:46 +0000
ROA not before: Thu 02 Jan 2025 09:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57626
IP address blocks: 37.9.216.0/21 maxlen: 24
37.9.216.0/22 maxlen: 24
37.9.220.0/22 maxlen: 24
45.158.240.0/22 maxlen: 23
2a07:b700::/29 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/c52682-7ea1-42f7-84db-af1ac0f00417/1/8t6Ovd0IQWOpC5rlA5ey20nLF60.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/c52682-7ea1-42f7-84db-af1ac0f00417/1/8t6Ovd0IQWOpC5rlA5ey20nLF60.mft
rsync://rpki.ripe.net/repository/DEFAULT/8t6Ovd0IQWOpC5rlA5ey20nLF60.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:cd:28:bb:77:3d:8f:2a:f6:75:1a:32:40:95:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2de8ebddd084163a90b9ae50397b2db49cb17ad
Validity
Not Before: Jan 2 09:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6e97a7c27847d17ea1d4b4a874857b47c855ba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:99:38:2d:7b:fa:57:c7:7f:14:81:f3:bc:e3:
14:2e:a1:54:c7:c4:05:41:b8:b7:84:6e:f4:a2:6c:
a0:75:f0:f3:bb:ad:1b:03:b8:11:32:17:0e:57:88:
0e:35:5b:3c:50:fc:4a:f1:a9:0e:d0:93:b0:d7:7f:
f8:04:a7:af:3b:56:53:8b:42:da:9b:cf:6a:28:90:
35:4b:eb:b1:1c:0d:91:cf:66:cb:20:66:0e:ab:fe:
43:fb:5e:c4:4a:1d:58:46:e3:d5:32:18:29:e7:91:
02:db:a3:b8:33:81:d5:55:64:5c:cf:57:41:35:52:
ab:84:33:17:1e:48:2d:fb:4a:c5:44:4c:56:5b:32:
f6:a4:96:aa:22:d9:ad:49:6a:ae:6a:7b:bf:0a:73:
1b:e5:4f:e7:c2:eb:f9:fd:6e:07:e1:97:99:62:52:
1f:fa:b1:3d:85:02:73:28:af:76:75:98:af:89:7b:
06:56:9f:10:bb:49:ee:34:95:eb:c5:7c:7b:bb:a9:
ba:dd:7f:3e:f7:8c:4d:e7:52:1d:4f:f3:f5:f6:78:
6c:6d:87:0a:ee:19:11:e9:d2:74:bc:7e:bb:60:ff:
8d:02:17:23:da:9e:95:51:e3:77:18:55:58:06:a4:
08:89:b5:e0:07:57:39:f4:cb:9a:d9:fd:b6:40:a7:
9e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E9:7A:7C:27:84:7D:17:EA:1D:4B:4A:87:48:57:B4:7C:85:5B:A3
X509v3 Authority Key Identifier:
keyid:F2:DE:8E:BD:DD:08:41:63:A9:0B:9A:E5:03:97:B2:DB:49:CB:17:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8t6Ovd0IQWOpC5rlA5ey20nLF60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/c52682-7ea1-42f7-84db-af1ac0f00417/1/pul6fCeEfRfqHUtKh0hXtHyFW6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/c52682-7ea1-42f7-84db-af1ac0f00417/1/8t6Ovd0IQWOpC5rlA5ey20nLF60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.216.0/21
45.158.240.0/22
IPv6:
2a07:b700::/29
Signature Algorithm: sha256WithRSAEncryption
01:8a:ce:10:73:ff:40:d1:31:8d:e7:2d:2d:1f:a7:f8:6d:67:
c2:93:e0:32:60:94:87:bf:5c:83:ab:a0:12:43:e6:fb:da:b9:
66:22:69:40:47:43:6e:9e:03:3d:15:27:f4:e0:53:68:8d:4b:
53:68:7d:29:22:41:14:0b:59:d5:c3:0d:e8:67:cf:7a:81:5f:
02:8a:4c:05:28:93:35:e3:8d:b7:eb:ac:33:fe:c1:ac:27:d2:
96:10:0f:32:df:4c:e8:cd:cb:1b:ad:3f:9f:1b:51:2c:5f:d4:
e5:e7:2a:08:1c:14:9e:37:74:e0:13:1a:5b:e9:13:24:69:9c:
da:0f:44:57:95:7a:b7:be:86:f0:0a:48:7e:67:b9:c4:d8:f9:
c3:44:b0:e3:f8:77:6e:fc:e9:af:b2:f2:86:fc:89:7c:6d:0c:
dc:c0:90:49:72:8f:bf:3a:15:5f:b0:a3:e3:5c:a0:99:78:84:
0f:0c:1e:6b:51:e1:40:3a:3e:f0:09:60:41:8c:02:e8:ee:d5:
f3:61:7f:20:47:ac:60:0b:ce:00:ee:50:94:ac:80:e8:df:26:
26:aa:8c:6d:fb:86:da:21:c2:9b:f5:17:a7:00:45:c6:aa:58:
f9:fc:60:d8:5f:bb:91:95:a9:bf:e8:87:ab:83:0c:96:6e:bc:
3d:5b:dd:89
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQma80ou3c9jyr2dRoyQJUjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZGU4ZWJkZGQwODQxNjNhOTBiOWFlNTAzOTdiMmRiNDlj
YjE3YWQwHhcNMjUwMTAyMDk0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmU5N2E3YzI3ODQ3ZDE3ZWExZDRiNGE4NzQ4NTdiNDdjODU1YmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpk4LXv6V8d/FIHzvOMULqFUx8QF
Qbi3hG70omygdfDzu60bA7gRMhcOV4gONVs8UPxK8akO0JOw13/4BKevO1ZTi0La
m89qKJA1S+uxHA2Rz2bLIGYOq/5D+17ESh1YRuPVMhgp55EC26O4M4HVVWRcz1dB
NVKrhDMXHkgt+0rFRExWWzL2pJaqItmtSWquanu/CnMb5U/nwuv5/W4H4ZeZYlIf
+rE9hQJzKK92dZiviXsGVp8Qu0nuNJXrxXx7u6m63X8+94xN51IdT/P19nhsbYcK
7hkR6dJ0vH67YP+NAhcj2p6VUeN3GFVYBqQIibXgB1c59Mua2f22QKeeiwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKbpenwnhH0X6h1LSodIV7R8hVujMB8GA1UdIwQY
MBaAFPLejr3dCEFjqQua5QOXsttJyxetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHQ2T3ZkMElRV09wQzVybEE1ZXkyMG5MRjYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9jNTI2ODItN2VhMS00MmY3LTg0ZGIt
YWYxYWMwZjAwNDE3LzEvcHVsNmZDZUVmUmZxSFV0S2gwaFh0SHlGVzZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9jNTI2ODItN2VhMS00MmY3LTg0ZGItYWYxYWMwZjAwNDE3
LzEvOHQ2T3ZkMElRV09wQzVybEE1ZXkyMG5MRjYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJQnYAwQC
LZ7wMA0EAgACMAcDBQMqB7cAMA0GCSqGSIb3DQEBCwUAA4IBAQABis4Qc/9A0TGN
5y0tH6f4bWfCk+AyYJSHv1yDq6ASQ+b72rlmImlAR0NungM9FSf04FNojUtTaH0p
IkEUC1nVww3oZ896gV8CikwFKJM1442366wz/sGsJ9KWEA8y30zozcsbrT+fG1Es
X9Tl5yoIHBSeN3TgExpb6RMkaZzaD0RXlXq3vobwCkh+Z7nE2PnDRLDj+Hdu/Omv
svKG/Il8bQzcwJBJco+/OhVfsKPjXKCZeIQPDB5rUeFAOj7wCWBBjALo7tXzYX8g
R6xgC84A7lCUrIDo3yYmqoxt+4baIcKb9RenAEXGqlj5/GDYX7uRlam/6IergwyW
brw9W92J
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:35:41 2025 by rpki-client