Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/c483fv6CCn7GnQMtAIF35ot4fxg.roa
File: c483fv6CCn7GnQMtAIF35ot4fxg.roa (raw, json)
Hash identifier: FWbPpQL/jtT7J1p5u5ozd8W0n2+YVhQ7GpqajXnuKcE=
Subject key identifier: 73:8F:37:7E:FE:82:0A:7E:C6:9D:03:2D:00:81:77:E6:8B:78:7F:18
Certificate issuer: /CN=9b8151ae164a5b782b103de7f7c8a8948932aebf
Certificate serial: 019478E16B303BBA79B828CCE67D9CBFD3F2
Authority key identifier: 9B:81:51:AE:16:4A:5B:78:2B:10:3D:E7:F7:C8:A8:94:89:32:AE:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m4FRrhZKW3grED3n98iolIkyrr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/c483fv6CCn7GnQMtAIF35ot4fxg.roa
Signing time: Sat 18 Jan 2025 10:07:06 +0000
ROA not before: Sat 18 Jan 2025 10:07:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48926
IP address blocks: 37.44.16.0/20 maxlen: 20
37.143.112.0/21 maxlen: 21
94.142.232.0/21 maxlen: 21
178.248.248.0/21 maxlen: 21
185.75.116.0/22 maxlen: 22
2a01:6b40::/32 maxlen: 32
2a03:a900::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/m4FRrhZKW3grED3n98iolIkyrr8.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/m4FRrhZKW3grED3n98iolIkyrr8.mft
rsync://rpki.ripe.net/repository/DEFAULT/m4FRrhZKW3grED3n98iolIkyrr8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:78:e1:6b:30:3b:ba:79:b8:28:cc:e6:7d:9c:bf:d3:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b8151ae164a5b782b103de7f7c8a8948932aebf
Validity
Not Before: Jan 18 10:07:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=738f377efe820a7ec69d032d008177e68b787f18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:66:07:32:3c:3b:60:8f:70:9e:62:b1:c0:28:
f3:14:b4:f3:4b:20:3e:1f:de:df:a6:9c:c3:7c:0f:
fb:60:94:de:48:9b:0c:a3:3d:93:1f:00:f2:5d:62:
ce:17:d3:5f:bf:90:ba:a1:3c:58:7e:45:05:1a:06:
0a:98:d3:34:5d:9f:ae:a9:37:de:d6:58:e4:88:b4:
34:d1:a5:2d:fa:6e:ea:ec:5d:bb:fe:ee:b6:21:9d:
89:13:fe:3e:8a:ee:08:40:7f:5a:8e:70:a7:6f:ec:
66:e9:b9:94:60:c6:c0:d1:62:d1:ff:cb:ce:89:80:
0e:90:46:76:e6:14:e8:e5:10:f4:e5:34:a4:8c:c1:
99:2e:2d:9a:16:ff:c9:48:5c:db:88:02:bb:be:92:
c0:b9:b3:c5:ab:65:8d:06:7f:5a:95:ab:1c:7d:2d:
6f:9a:ed:56:5c:e7:cd:e5:c5:29:b0:b5:98:e6:72:
34:2c:7e:27:cd:cc:d6:9a:a4:e4:fb:86:be:8a:94:
95:4f:3b:d6:45:69:77:6c:87:8c:b0:76:7f:cb:26:
11:ef:04:03:76:ba:64:c4:51:bc:44:6d:78:60:e3:
08:4a:b8:8f:5b:42:bf:f5:bc:a1:bc:14:2d:55:a6:
a1:44:3e:ba:9d:18:7c:ff:8b:f4:0e:cb:66:56:1f:
c8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:8F:37:7E:FE:82:0A:7E:C6:9D:03:2D:00:81:77:E6:8B:78:7F:18
X509v3 Authority Key Identifier:
keyid:9B:81:51:AE:16:4A:5B:78:2B:10:3D:E7:F7:C8:A8:94:89:32:AE:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m4FRrhZKW3grED3n98iolIkyrr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/c483fv6CCn7GnQMtAIF35ot4fxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/m4FRrhZKW3grED3n98iolIkyrr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.16.0/20
37.143.112.0/21
94.142.232.0/21
178.248.248.0/21
185.75.116.0/22
IPv6:
2a01:6b40::/32
2a03:a900::/32
Signature Algorithm: sha256WithRSAEncryption
39:78:2c:9c:51:fc:5a:e2:9c:d7:60:d2:e4:f0:ae:b8:1d:84:
42:18:2f:f6:33:1f:38:59:ec:0d:9f:43:86:02:9a:d5:13:7b:
62:16:43:cd:75:54:64:65:4e:17:e1:9d:95:8f:68:e8:ba:2b:
cf:53:d7:b1:1b:d6:ba:c7:65:7e:80:53:3e:ed:cb:07:0d:45:
ac:c7:76:fa:fd:da:67:b7:2d:ad:c1:c6:6e:c5:12:be:ed:fc:
80:6d:08:e1:15:40:b4:8e:ca:b3:1a:a1:ee:c5:2a:08:ff:dd:
31:5f:f7:70:8c:4a:85:cf:cf:b2:bb:d2:e6:1c:74:0d:c5:3d:
fe:59:e8:16:10:64:19:b5:a6:05:eb:39:6c:29:f0:6a:01:72:
6a:aa:71:1d:85:ae:77:b0:bf:28:3d:7c:0c:7c:1d:e2:2b:ba:
5f:52:46:8c:35:7f:22:7f:c4:fc:bc:25:f1:15:25:ac:59:9d:
7f:ed:9d:d3:f2:1c:26:66:e1:86:af:16:94:f4:aa:7c:e7:54:
58:76:fa:5c:97:b3:cd:b8:33:d5:1f:4a:7e:68:af:a5:b0:78:
18:9c:a9:2b:b2:13:ff:a7:fd:5e:4c:a2:44:ba:19:54:52:77:
c3:42:58:68:80:05:0c:55:b5:62:87:de:6a:bb:83:05:f3:5b:
63:fb:4d:48
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZR44WswO7p5uCjM5n2cv9PyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliODE1MWFlMTY0YTViNzgyYjEwM2RlN2Y3YzhhODk0ODkz
MmFlYmYwHhcNMjUwMTE4MTAwNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzhmMzc3ZWZlODIwYTdlYzY5ZDAzMmQwMDgxNzdlNjhiNzg3ZjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2YHMjw7YI9wnmKxwCjzFLTzSyA+
H97fppzDfA/7YJTeSJsMoz2THwDyXWLOF9Nfv5C6oTxYfkUFGgYKmNM0XZ+uqTfe
1ljkiLQ00aUt+m7q7F27/u62IZ2JE/4+iu4IQH9ajnCnb+xm6bmUYMbA0WLR/8vO
iYAOkEZ25hTo5RD05TSkjMGZLi2aFv/JSFzbiAK7vpLAubPFq2WNBn9alascfS1v
mu1WXOfN5cUpsLWY5nI0LH4nzczWmqTk+4a+ipSVTzvWRWl3bIeMsHZ/yyYR7wQD
drpkxFG8RG14YOMISriPW0K/9byhvBQtVaahRD66nRh8/4v0DstmVh/IvQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFHOPN37+ggp+xp0DLQCBd+aLeH8YMB8GA1UdIwQY
MBaAFJuBUa4WSlt4KxA95/fIqJSJMq6/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTRGUnJoWktXM2dyRUQzbjk4aW9sSWt5cnI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC82YjZkMWYtNTQyMS00OGI5LWI3ZWIt
ZGExZmU5ZWJlZThlLzEvYzQ4M2Z2NkNDbjdHblFNdEFJRjM1b3Q0ZnhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC82YjZkMWYtNTQyMS00OGI5LWI3ZWItZGExZmU5ZWJlZThl
LzEvbTRGUnJoWktXM2dyRUQzbjk4aW9sSWt5cnI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQEJSwQAwQD
JY9wAwQDXo7oAwQDsvj4AwQCuUt0MBQEAgACMA4DBQAqAWtAAwUAKgOpADANBgkq
hkiG9w0BAQsFAAOCAQEAOXgsnFH8WuKc12DS5PCuuB2EQhgv9jMfOFnsDZ9DhgKa
1RN7YhZDzXVUZGVOF+GdlY9o6Lorz1PXsRvWusdlfoBTPu3LBw1FrMd2+v3aZ7ct
rcHGbsUSvu38gG0I4RVAtI7Ksxqh7sUqCP/dMV/3cIxKhc/PsrvS5hx0DcU9/lno
FhBkGbWmBes5bCnwagFyaqpxHYWud7C/KD18DHwd4iu6X1JGjDV/In/E/Lwl8RUl
rFmdf+2d0/IcJmbhhq8WlPSqfOdUWHb6XJezzbgz1R9KfmivpbB4GJypK7IT/6f9
XkyiRLoZVFJ3w0JYaIAFDFW1YofearuDBfNbY/tNSA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:59:50 2025 by rpki-client