Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/b7fea2-a32d-4a5e-9982-54b4ca50d248/1/sp5HWDtPMPeAvare88h0cl4f6NY.roa
File: sp5HWDtPMPeAvare88h0cl4f6NY.roa (raw, json)
Hash identifier: cp6kC/ZTZY60gv6a/PRr0WyiM/AiMEE4rKCbnq7jXXs=
Subject key identifier: B2:9E:47:58:3B:4F:30:F7:80:BD:AA:DE:F3:C8:74:72:5E:1F:E8:D6
Certificate issuer: /CN=380dd9e7355c72c751fff4f175dace7daa7b9cbf
Certificate serial: 01963E6CA7BAFB7DEBAEDFB6528192DEDDAB
Authority key identifier: 38:0D:D9:E7:35:5C:72:C7:51:FF:F4:F1:75:DA:CE:7D:AA:7B:9C:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OA3Z5zVccsdR__TxddrOfap7nL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/b7fea2-a32d-4a5e-9982-54b4ca50d248/1/sp5HWDtPMPeAvare88h0cl4f6NY.roa
Signing time: Wed 16 Apr 2025 11:47:10 +0000
ROA not before: Wed 16 Apr 2025 11:47:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40966
IP address blocks: 185.67.164.0/22 maxlen: 22
185.67.164.0/24 maxlen: 24
185.67.165.0/24 maxlen: 24
185.67.166.0/24 maxlen: 24
185.67.167.0/24 maxlen: 24
217.112.32.0/20 maxlen: 20
217.112.36.0/23 maxlen: 23
217.112.36.0/24 maxlen: 24
217.112.42.0/23 maxlen: 23
217.112.44.0/24 maxlen: 24
217.112.45.0/24 maxlen: 24
217.112.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/b7fea2-a32d-4a5e-9982-54b4ca50d248/1/OA3Z5zVccsdR__TxddrOfap7nL8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/b7fea2-a32d-4a5e-9982-54b4ca50d248/1/OA3Z5zVccsdR__TxddrOfap7nL8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OA3Z5zVccsdR__TxddrOfap7nL8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:6c:a7:ba:fb:7d:eb:ae:df:b6:52:81:92:de:dd:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=380dd9e7355c72c751fff4f175dace7daa7b9cbf
Validity
Not Before: Apr 16 11:47:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b29e47583b4f30f780bdaadef3c874725e1fe8d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fe:36:87:44:0e:b0:5e:d8:ec:75:6c:18:1b:
c6:6f:11:4a:93:7f:5e:aa:6a:09:b0:ac:bc:65:9c:
31:85:e7:c5:ae:0b:15:77:82:aa:1e:28:d8:3b:c0:
0f:d5:64:42:49:e8:7f:ce:ba:1c:2d:f4:69:ac:66:
2d:e0:cf:2f:e7:b5:48:6c:20:f6:dd:21:16:a8:79:
c4:67:b9:de:7d:9a:f9:20:8b:cd:a0:8c:47:2d:08:
26:a8:cf:05:4b:d4:aa:3f:1e:38:49:2d:0a:09:b6:
ce:f3:2a:0a:a9:42:14:46:6b:36:bc:06:4a:60:94:
c9:00:b3:68:c1:ac:52:88:a6:4d:f7:34:cb:d2:af:
16:b0:3f:63:71:28:2f:6c:5a:eb:ef:82:e0:be:8e:
8f:c5:9e:6d:53:6b:36:a7:90:09:c1:d3:5f:f3:f5:
8d:5f:47:e7:09:94:19:fc:9d:c9:e6:a6:51:0b:b1:
8e:ac:5b:21:96:43:02:7f:e0:e2:e5:64:4d:d3:50:
eb:f0:78:3c:70:f1:5b:f0:18:fc:5a:ba:67:ac:72:
b5:ee:64:c5:c5:a2:91:0b:5e:d8:4a:9d:1e:ef:34:
6a:1a:a7:ac:65:d0:9d:8c:71:bf:d4:79:04:0f:c9:
cc:45:ba:42:d0:3a:6f:9f:32:1a:fd:83:53:c3:cf:
e3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:9E:47:58:3B:4F:30:F7:80:BD:AA:DE:F3:C8:74:72:5E:1F:E8:D6
X509v3 Authority Key Identifier:
keyid:38:0D:D9:E7:35:5C:72:C7:51:FF:F4:F1:75:DA:CE:7D:AA:7B:9C:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OA3Z5zVccsdR__TxddrOfap7nL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/b7fea2-a32d-4a5e-9982-54b4ca50d248/1/sp5HWDtPMPeAvare88h0cl4f6NY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/b7fea2-a32d-4a5e-9982-54b4ca50d248/1/OA3Z5zVccsdR__TxddrOfap7nL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.164.0/22
217.112.32.0/20
Signature Algorithm: sha256WithRSAEncryption
16:91:c4:b8:6c:ec:c1:29:b8:e7:12:60:1d:8b:f1:d7:d1:f6:
6f:dd:ab:d4:74:ce:58:c9:e7:62:41:7b:ae:58:31:ac:71:d1:
a3:72:93:1c:74:35:5c:06:df:cf:fb:4b:49:d7:b7:a3:71:2d:
4a:2b:fe:c3:d0:5c:52:b1:8b:01:8a:88:da:86:79:8b:a9:4f:
23:c8:4e:15:73:bb:b3:18:7c:0d:4d:1f:24:77:a9:f7:fc:1a:
f8:77:ab:51:dd:e5:62:a8:8e:c7:c3:de:02:dc:5b:d6:12:70:
75:b6:ab:ab:d8:9b:cd:e4:ed:9b:e1:b1:92:e2:07:f5:63:2c:
ea:d4:a6:72:d7:81:c1:0f:fb:a8:24:93:f7:a3:31:fc:83:c4:
8a:f3:82:24:7d:d7:26:a7:45:57:c9:10:2f:50:88:ea:01:8e:
ed:03:55:d0:83:bd:71:c3:48:e0:3a:93:7f:96:b6:4e:65:44:
c2:6a:44:68:33:4b:88:9d:15:f9:31:4e:d5:47:16:44:fc:1c:
51:2d:af:7b:7f:58:56:a1:47:df:cf:44:d2:9e:99:ba:2d:81:
5e:7c:35:e1:8b:6e:a8:a4:b8:2b:a6:14:67:76:11:a2:64:cf:
e4:f5:00:9b:ed:c5:4e:47:1c:c7:88:14:69:58:62:0f:31:61:
5c:ae:ba:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZY+bKe6+33rrt+2UoGS3t2rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MGRkOWU3MzU1YzcyYzc1MWZmZjRmMTc1ZGFjZTdkYWE3
YjljYmYwHhcNMjUwNDE2MTE0NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjllNDc1ODNiNGYzMGY3ODBiZGFhZGVmM2M4NzQ3MjVlMWZlOGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArP42h0QOsF7Y7HVsGBvGbxFKk39e
qmoJsKy8ZZwxhefFrgsVd4KqHijYO8AP1WRCSeh/zrocLfRprGYt4M8v57VIbCD2
3SEWqHnEZ7nefZr5IIvNoIxHLQgmqM8FS9SqPx44SS0KCbbO8yoKqUIURms2vAZK
YJTJALNowaxSiKZN9zTL0q8WsD9jcSgvbFrr74Lgvo6PxZ5tU2s2p5AJwdNf8/WN
X0fnCZQZ/J3J5qZRC7GOrFshlkMCf+Di5WRN01Dr8Hg8cPFb8Bj8WrpnrHK17mTF
xaKRC17YSp0e7zRqGqesZdCdjHG/1HkED8nMRbpC0DpvnzIa/YNTw8/j2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLKeR1g7TzD3gL2q3vPIdHJeH+jWMB8GA1UdIwQY
MBaAFDgN2ec1XHLHUf/08XXazn2qe5y/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0EzWjV6VmNjc2RSX19UeGRkck9mYXA3bkw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9iN2ZlYTItYTMyZC00YTVlLTk5ODIt
NTRiNGNhNTBkMjQ4LzEvc3A1SFdEdFBNUGVBdmFyZTg4aDBjbDRmNk5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9iN2ZlYTItYTMyZC00YTVlLTk5ODItNTRiNGNhNTBkMjQ4
LzEvT0EzWjV6VmNjc2RSX19UeGRkck9mYXA3bkw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUOkAwQE
2XAgMA0GCSqGSIb3DQEBCwUAA4IBAQAWkcS4bOzBKbjnEmAdi/HX0fZv3avUdM5Y
yediQXuuWDGscdGjcpMcdDVcBt/P+0tJ17ejcS1KK/7D0FxSsYsBiojahnmLqU8j
yE4Vc7uzGHwNTR8kd6n3/Br4d6tR3eViqI7Hw94C3FvWEnB1tqur2JvN5O2b4bGS
4gf1Yyzq1KZy14HBD/uoJJP3ozH8g8SK84Ikfdcmp0VXyRAvUIjqAY7tA1XQg71x
w0jgOpN/lrZOZUTCakRoM0uInRX5MU7VRxZE/BxRLa97f1hWoUffz0TSnpm6LYFe
fDXhi26opLgrphRndhGiZM/k9QCb7cVORxzHiBRpWGIPMWFcrrqs
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:40:45 2025 by rpki-client