Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/wZZIVhI5EfN-k3jGubu94P9ytuo.roa
File: wZZIVhI5EfN-k3jGubu94P9ytuo.roa (raw, json)
Hash identifier: fmC0r46A5+YZYWIPTFs/O2YKObhY3jYAxJEcyLgw5E8=
Subject key identifier: C1:96:48:56:12:39:11:F3:7E:93:78:C6:B9:BB:BD:E0:FF:72:B6:EA
Certificate issuer: /CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Certificate serial: 01957E9E528AAC4B68E12E705C9D53E9FFAD
Authority key identifier: B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/wZZIVhI5EfN-k3jGubu94P9ytuo.roa
Signing time: Mon 10 Mar 2025 05:54:19 +0000
ROA not before: Mon 10 Mar 2025 05:54:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57675
IP address blocks: 37.32.64.0/24 maxlen: 24
37.32.65.0/24 maxlen: 24
37.32.66.0/24 maxlen: 24
37.32.67.0/24 maxlen: 24
37.32.68.0/24 maxlen: 24
37.32.69.0/24 maxlen: 24
37.32.70.0/24 maxlen: 24
37.32.71.0/24 maxlen: 24
37.32.76.0/24 maxlen: 24
2a0f:1300::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.mft
rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7e:9e:52:8a:ac:4b:68:e1:2e:70:5c:9d:53:e9:ff:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Validity
Not Before: Mar 10 05:54:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1964856123911f37e9378c6b9bbbde0ff72b6ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3c:a8:90:06:51:d9:ad:8d:61:12:41:43:b1:
dc:12:09:e5:64:0a:69:3a:ca:b8:6b:5b:ef:80:52:
b6:8b:ce:32:80:3d:f2:5d:45:b0:69:35:cd:fa:c1:
9a:35:d0:57:ea:88:ed:4c:6c:26:00:0c:25:73:9c:
4b:31:a8:11:fa:50:6d:6d:d7:10:f2:2c:98:dd:7c:
65:df:38:a5:77:68:20:42:6d:4d:a4:af:fe:ce:1b:
d6:de:c7:73:d1:8a:ee:4d:9a:21:27:ab:8b:c3:64:
b7:ef:ad:8f:98:84:ae:13:6a:c1:ca:8e:14:fc:45:
e7:cf:95:62:92:d0:b6:d0:f0:08:4b:d7:c2:ad:04:
20:66:02:0a:df:8e:1a:67:0c:ca:4b:f6:82:fc:2d:
fb:9c:54:9f:93:1d:bb:5b:ba:53:d8:41:5d:07:5d:
69:b8:50:27:b9:21:55:a8:69:74:1e:41:ef:1f:68:
2a:2c:cd:6b:de:ca:ec:8f:0e:c2:9b:bb:58:02:22:
8d:63:c6:ea:ef:e2:88:7a:b6:2d:d9:cb:cf:e3:4a:
f8:c8:24:15:e1:10:f8:10:d6:e7:6c:31:8e:0a:57:
34:cb:f9:43:02:f8:1c:35:f6:ac:31:14:da:a8:fd:
87:bc:35:ba:96:0b:3d:a8:50:be:cc:85:2c:f2:2a:
dd:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:96:48:56:12:39:11:F3:7E:93:78:C6:B9:BB:BD:E0:FF:72:B6:EA
X509v3 Authority Key Identifier:
keyid:B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/wZZIVhI5EfN-k3jGubu94P9ytuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.64.0/21
37.32.76.0/24
IPv6:
2a0f:1300::/29
Signature Algorithm: sha256WithRSAEncryption
39:ca:db:1d:01:7a:64:6f:70:89:4e:33:c8:89:9a:f2:bc:d9:
5d:1a:43:e0:88:44:a0:5d:19:ba:5a:c2:d4:49:2d:0c:7a:20:
91:65:95:0a:94:ab:78:a9:53:27:09:d7:8a:c6:13:50:cf:77:
6e:11:39:53:b0:19:1c:3f:b5:1b:40:30:6f:0e:17:85:0f:a7:
78:33:9c:b6:85:e3:d1:c1:69:20:4b:ef:e7:5c:a7:88:87:17:
d0:d3:c2:48:18:cc:cb:e3:1c:79:be:0c:db:75:c1:d0:15:94:
2b:24:15:1c:d9:80:b5:6d:25:da:35:74:2b:46:87:ab:a5:55:
ba:ca:b5:1d:ed:7c:45:0e:56:44:83:bc:b0:68:2c:45:de:56:
ab:af:a1:44:3e:53:ce:5c:be:d3:38:fe:72:54:81:64:92:78:
1c:f9:29:99:f8:99:cf:a4:59:60:02:7b:b5:1e:1b:64:e7:2b:
17:4f:c4:14:58:1e:b6:8b:1c:6f:ec:ce:e1:b0:47:b5:a3:11:
78:a5:20:a3:93:c4:c2:20:00:b1:96:b5:b4:41:bc:f2:4f:27:
05:9d:98:e0:7c:be:bc:c6:9c:52:66:20:47:c0:6a:ea:b0:38:
9f:e1:bc:81:32:ba:4f:fc:4c:48:ef:9a:ab:8e:46:55:7a:48:
8e:63:74:7b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZV+nlKKrEto4S5wXJ1T6f+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZTgyYmExNzE1ZDZhZWFlNWIwMTAyNzI1ZmZlMGM4MzQ3
MzVkN2QwHhcNMjUwMzEwMDU1NDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTk2NDg1NjEyMzkxMWYzN2U5Mzc4YzZiOWJiYmRlMGZmNzJiNmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTyokAZR2a2NYRJBQ7HcEgnlZApp
Osq4a1vvgFK2i84ygD3yXUWwaTXN+sGaNdBX6ojtTGwmAAwlc5xLMagR+lBtbdcQ
8iyY3Xxl3zild2ggQm1NpK/+zhvW3sdz0YruTZohJ6uLw2S3762PmISuE2rByo4U
/EXnz5ViktC20PAIS9fCrQQgZgIK344aZwzKS/aC/C37nFSfkx27W7pT2EFdB11p
uFAnuSFVqGl0HkHvH2gqLM1r3srsjw7Cm7tYAiKNY8bq7+KIerYt2cvP40r4yCQV
4RD4ENbnbDGOClc0y/lDAvgcNfasMRTaqP2HvDW6lgs9qFC+zIUs8irdlwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMGWSFYSORHzfpN4xrm7veD/crbqMB8GA1UdIwQY
MBaAFLToK6FxXWrq5bAQJyX/4Mg0c119MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMt
YzdkMTk5MzBkNjZkLzEvd1paSVZoSTVFZk4tazNqR3VidTk0UDl5dHVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMtYzdkMTk5MzBkNjZk
LzEvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJSBAAwQA
JSBMMA0EAgACMAcDBQMqDxMAMA0GCSqGSIb3DQEBCwUAA4IBAQA5ytsdAXpkb3CJ
TjPIiZryvNldGkPgiESgXRm6WsLUSS0MeiCRZZUKlKt4qVMnCdeKxhNQz3duETlT
sBkcP7UbQDBvDheFD6d4M5y2hePRwWkgS+/nXKeIhxfQ08JIGMzL4xx5vgzbdcHQ
FZQrJBUc2YC1bSXaNXQrRoerpVW6yrUd7XxFDlZEg7ywaCxF3larr6FEPlPOXL7T
OP5yVIFkkngc+SmZ+JnPpFlgAnu1Hhtk5ysXT8QUWB62ixxv7M7hsEe1oxF4pSCj
k8TCIACxlrW0QbzyTycFnZjgfL68xpxSZiBHwGrqsDif4byBMrpP/ExI75qrjkZV
ekiOY3R7
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:41:13 2025 by rpki-client