Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/EXUbdc3Neyq2TP6ARj8W1PQ1gyA.roa
File: EXUbdc3Neyq2TP6ARj8W1PQ1gyA.roa (raw, json)
Hash identifier: JXs/AykUh8Awll0/NvdlYzACYYcAdNJt5/aRgPDyyKs=
Subject key identifier: 11:75:1B:75:CD:CD:7B:2A:B6:4C:FE:80:46:3F:16:D4:F4:35:83:20
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 019474989E641A537EB371A66EBDDD540990
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/EXUbdc3Neyq2TP6ARj8W1PQ1gyA.roa
Signing time: Fri 17 Jan 2025 14:09:06 +0000
ROA not before: Fri 17 Jan 2025 14:09:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12716
IP address blocks: 37.63.0.0/20 maxlen: 20
37.63.16.0/22 maxlen: 22
37.63.20.0/22 maxlen: 24
37.63.24.0/22 maxlen: 22
37.63.28.0/22 maxlen: 24
37.63.32.0/22 maxlen: 24
37.63.96.0/22 maxlen: 22
62.204.154.0/23 maxlen: 23
78.90.44.0/23 maxlen: 23
83.97.30.0/24 maxlen: 24
84.252.40.0/23 maxlen: 23
85.118.64.0/22 maxlen: 22
85.118.68.0/23 maxlen: 24
85.118.70.0/24 maxlen: 24
85.118.71.0/24 maxlen: 24
85.118.72.0/23 maxlen: 23
85.118.74.0/24 maxlen: 24
85.118.76.0/22 maxlen: 22
85.118.80.0/22 maxlen: 22
85.118.84.0/24 maxlen: 24
85.118.92.0/24 maxlen: 24
85.118.93.0/24 maxlen: 24
89.215.62.0/23 maxlen: 23
151.251.44.0/22 maxlen: 22
151.251.68.0/22 maxlen: 22
151.251.121.0/24 maxlen: 24
151.251.126.0/23 maxlen: 23
151.251.192.0/22 maxlen: 22
151.251.196.0/24 maxlen: 24
151.251.200.0/22 maxlen: 22
151.251.204.0/22 maxlen: 22
151.251.238.0/24 maxlen: 24
151.251.239.0/24 maxlen: 24
151.251.240.0/20 maxlen: 20
176.222.0.0/20 maxlen: 24
185.151.156.0/22 maxlen: 22
185.224.160.0/23 maxlen: 23
212.104.116.0/22 maxlen: 24
213.226.17.0/24 maxlen: 24
213.226.19.0/24 maxlen: 24
213.226.36.0/24 maxlen: 24
213.226.40.0/24 maxlen: 24
213.226.51.0/24 maxlen: 24
213.226.56.0/24 maxlen: 24
213.226.57.0/24 maxlen: 24
213.226.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 10:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:74:98:9e:64:1a:53:7e:b3:71:a6:6e:bd:dd:54:09:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 17 14:09:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11751b75cdcd7b2ab64cfe80463f16d4f4358320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:38:17:92:85:88:ea:9e:63:85:8d:a6:87:b2:
b8:f5:fb:51:73:a7:1a:82:2c:61:22:dc:74:47:e7:
e7:15:a4:01:14:6f:c6:9a:1f:a7:26:9d:01:54:24:
3c:5c:78:93:0e:a3:4d:17:e5:7c:17:1f:af:ca:af:
e7:f2:0c:05:62:84:93:e7:20:67:3c:99:09:d1:3e:
81:4b:b8:e1:a8:c4:68:e2:45:fe:c7:71:8e:18:cf:
4e:3f:da:9d:33:2b:29:5b:1f:a0:ad:53:84:0a:c7:
bf:e9:1c:cd:8d:c6:0f:92:89:f9:60:2e:8a:03:0c:
c3:e2:17:97:0f:05:f0:dd:d7:5c:15:26:f9:18:ee:
fb:6a:67:eb:73:5c:1a:38:31:23:3f:66:58:c5:62:
63:31:a3:10:de:47:f3:e0:42:25:95:d7:05:5b:92:
12:c6:83:d9:1f:37:df:fa:93:87:0d:73:45:71:d9:
bb:68:53:94:f6:6d:eb:44:a7:70:ea:e0:50:70:cc:
a2:42:45:68:48:e2:b9:10:76:f1:b7:83:2c:be:eb:
7a:c8:06:3c:67:bf:2f:96:71:5a:f6:00:a3:9f:d7:
b4:e8:b2:1c:65:8e:85:7b:d0:f4:a9:a0:ec:87:fc:
ed:b9:17:b3:8a:61:d9:88:7b:ce:11:28:36:81:0b:
64:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:75:1B:75:CD:CD:7B:2A:B6:4C:FE:80:46:3F:16:D4:F4:35:83:20
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/EXUbdc3Neyq2TP6ARj8W1PQ1gyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.63.0.0-37.63.35.255
37.63.96.0/22
62.204.154.0/23
78.90.44.0/23
83.97.30.0/24
84.252.40.0/23
85.118.64.0-85.118.74.255
85.118.76.0-85.118.84.255
85.118.92.0/23
89.215.62.0/23
151.251.44.0/22
151.251.68.0/22
151.251.121.0/24
151.251.126.0/23
151.251.192.0-151.251.196.255
151.251.200.0/21
151.251.238.0-151.251.255.255
176.222.0.0/20
185.151.156.0/22
185.224.160.0/23
212.104.116.0/22
213.226.17.0/24
213.226.19.0/24
213.226.36.0/24
213.226.40.0/24
213.226.51.0/24
213.226.56.0/23
213.226.59.0/24
Signature Algorithm: sha256WithRSAEncryption
03:09:27:d1:be:e6:f2:7a:6b:f3:27:7c:1c:07:18:7b:4a:60:
a4:57:5c:c9:b4:c6:ba:c6:81:ca:45:5b:62:ac:b5:eb:6a:7f:
ae:07:83:09:92:82:cb:ad:55:f5:35:ea:c0:bb:15:0c:ca:a5:
06:52:38:1e:a9:75:52:ed:9b:61:d5:d2:00:b9:af:aa:e5:e7:
e5:eb:de:97:a6:de:3f:26:a6:08:b9:4b:b8:3c:0d:c1:67:ad:
ba:05:3d:4f:f3:43:42:55:42:12:4d:79:de:78:ff:5f:e9:2d:
bd:9c:b4:19:2d:fd:7c:3c:ba:44:9e:57:9e:55:99:f8:60:e7:
7b:0c:af:b1:3f:d5:31:26:5d:f2:e0:a3:89:21:6e:82:ee:72:
c2:b2:d0:0d:8a:64:1b:66:81:e4:42:3d:ac:1f:8b:68:31:36:
86:66:0b:9d:2e:df:51:66:36:d7:11:fb:06:cc:6f:5d:4c:30:
25:90:9e:2b:fd:f6:08:a1:63:6a:f3:94:ba:c9:31:8d:84:68:
9c:ea:0a:58:4a:7b:6a:a2:45:1c:96:42:b2:14:21:b1:51:a7:
7d:a7:2a:8c:13:b5:bc:54:70:83:37:9c:24:04:ad:33:21:c4:
76:50:4a:71:0f:91:3e:47:47:79:8c:41:1c:d6:7b:94:73:4f:
5b:1f:5a:bc
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAZR0mJ5kGlN+s3Gmbr3dVAmQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjUwMTE3MTQwOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTc1MWI3NWNkY2Q3YjJhYjY0Y2ZlODA0NjNmMTZkNGY0MzU4MzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzgXkoWI6p5jhY2mh7K49ftRc6ca
gixhItx0R+fnFaQBFG/Gmh+nJp0BVCQ8XHiTDqNNF+V8Fx+vyq/n8gwFYoST5yBn
PJkJ0T6BS7jhqMRo4kX+x3GOGM9OP9qdMyspWx+grVOECse/6RzNjcYPkon5YC6K
AwzD4heXDwXw3ddcFSb5GO77amfrc1waODEjP2ZYxWJjMaMQ3kfz4EIlldcFW5IS
xoPZHzff+pOHDXNFcdm7aFOU9m3rRKdw6uBQcMyiQkVoSOK5EHbxt4Msvut6yAY8
Z78vlnFa9gCjn9e06LIcZY6Fe9D0qaDsh/ztuRezimHZiHvOESg2gQtkkwIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFBF1G3XNzXsqtkz+gEY/FtT0NYMgMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvRVhVYmRjM05leXEyVFA2QVJqOFcxUFExZ3lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCB1QQCAAEwgc4wCwMD
ACU/AwQCJT8gAwQCJT9gAwQBPsyaAwQBTlosAwQAU2EeAwQBVPwoMAwDBAZVdkAD
BABVdkowDAMEAlV2TAMEAFV2VAMEAVV2XAMEAVnXPgMEApf7LAMEApf7RAMEAJf7
eQMEAZf7fjAMAwQGl/vAAwQAl/vEAwQDl/vIMAsDBAGX++4DAwKX+AMEBLDeAAME
ArmXnAMEAbngoAMEAtRodAMEANXiEQMEANXiEwMEANXiJAMEANXiKAMEANXiMwME
AdXiOAMEANXiOzANBgkqhkiG9w0BAQsFAAOCAQEAAwkn0b7m8npr8yd8HAcYe0pg
pFdcybTGusaBykVbYqy162p/rgeDCZKCy61V9TXqwLsVDMqlBlI4Hql1Uu2bYdXS
ALmvquXn5evel6bePyamCLlLuDwNwWetugU9T/NDQlVCEk153nj/X+ktvZy0GS39
fDy6RJ5XnlWZ+GDnewyvsT/VMSZd8uCjiSFugu5ywrLQDYpkG2aB5EI9rB+LaDE2
hmYLnS7fUWY21xH7BsxvXUwwJZCeK/32CKFjavOUuskxjYRonOoKWEp7aqJFHJZC
shQhsVGnfacqjBO1vFRwgzecJAStMyHEdlBKcQ+RPkdHeYxBHNZ7lHNPWx9avA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:58:37 2025 by rpki-client