Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/4e902a-299f-4da7-9a6d-669bd113a178/1/_rOeYqbasUbg4wEPxQv2jbf1rDs.roa
File: _rOeYqbasUbg4wEPxQv2jbf1rDs.roa (raw, json)
Hash identifier: QqZ9iY31p0jdqPdmJMdj1h5d+9EiWy2N5/wKWyWJKZc=
Subject key identifier: FE:B3:9E:62:A6:DA:B1:46:E0:E3:01:0F:C5:0B:F6:8D:B7:F5:AC:3B
Certificate issuer: /CN=e8f239a70043734172d26378bf2106ae72552187
Certificate serial: 01951908F962726E544F374AB991E1CBE2EB
Authority key identifier: E8:F2:39:A7:00:43:73:41:72:D2:63:78:BF:21:06:AE:72:55:21:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6PI5pwBDc0Fy0mN4vyEGrnJVIYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/4e902a-299f-4da7-9a6d-669bd113a178/1/_rOeYqbasUbg4wEPxQv2jbf1rDs.roa
Signing time: Tue 18 Feb 2025 12:29:33 +0000
ROA not before: Tue 18 Feb 2025 12:29:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43846
IP address blocks: 37.0.64.0/21 maxlen: 24
79.140.144.0/20 maxlen: 24
79.140.151.0/24 maxlen: 24
185.12.40.0/22 maxlen: 24
185.12.43.0/24 maxlen: 24
185.80.96.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/4e902a-299f-4da7-9a6d-669bd113a178/1/6PI5pwBDc0Fy0mN4vyEGrnJVIYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/4e902a-299f-4da7-9a6d-669bd113a178/1/6PI5pwBDc0Fy0mN4vyEGrnJVIYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/6PI5pwBDc0Fy0mN4vyEGrnJVIYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 06:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:19:08:f9:62:72:6e:54:4f:37:4a:b9:91:e1:cb:e2:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8f239a70043734172d26378bf2106ae72552187
Validity
Not Before: Feb 18 12:29:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=feb39e62a6dab146e0e3010fc50bf68db7f5ac3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c3:7d:56:16:ce:00:49:fd:bb:e4:b5:46:b7:
fa:87:fb:f0:54:44:45:2a:d1:36:54:a5:30:9d:86:
a6:99:a2:e9:c0:d8:e4:be:91:1f:6c:98:55:e7:8a:
9c:a5:d5:da:60:34:1c:44:ba:48:9f:8c:b6:e9:17:
a0:47:0f:0e:1f:5b:8b:10:35:57:a5:93:15:c5:b8:
3e:f8:c8:28:13:fc:09:34:39:66:79:11:6e:32:92:
a8:08:db:c2:6c:b3:a8:c8:9d:3f:ec:71:13:69:b9:
30:34:e0:c0:bd:c7:a9:c8:d2:dd:7e:a6:4d:af:55:
37:31:bb:89:cf:0a:89:11:ee:ba:49:7e:cd:65:9c:
61:31:51:b0:a6:65:01:f8:9c:e7:64:77:c9:67:7a:
3a:d1:7a:02:c6:33:f4:14:83:da:41:44:ea:91:c3:
97:1f:d6:c9:92:1f:61:c3:e7:01:45:ba:33:16:cb:
f5:31:6b:18:7c:81:d0:bc:26:c8:95:7b:2e:67:f3:
96:2e:b3:a8:bd:72:72:a8:9c:e5:4c:27:2c:38:b6:
6b:ed:b5:5d:6b:95:8a:d1:c5:c6:f7:08:f9:ef:5c:
32:ea:4e:94:b7:19:de:fb:49:7e:6d:a0:e9:a6:de:
8b:35:da:92:b6:5b:51:c3:02:9d:0d:d6:ba:f0:57:
4a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:B3:9E:62:A6:DA:B1:46:E0:E3:01:0F:C5:0B:F6:8D:B7:F5:AC:3B
X509v3 Authority Key Identifier:
keyid:E8:F2:39:A7:00:43:73:41:72:D2:63:78:BF:21:06:AE:72:55:21:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6PI5pwBDc0Fy0mN4vyEGrnJVIYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/4e902a-299f-4da7-9a6d-669bd113a178/1/_rOeYqbasUbg4wEPxQv2jbf1rDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/4e902a-299f-4da7-9a6d-669bd113a178/1/6PI5pwBDc0Fy0mN4vyEGrnJVIYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.64.0/21
79.140.144.0/20
185.12.40.0/22
185.80.96.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:c8:e9:a7:37:42:b5:eb:f1:6f:42:8e:b4:b9:30:cc:bd:b0:
c6:e9:d4:6d:90:06:02:02:00:20:1b:97:78:36:b3:a5:bf:4b:
52:c6:64:d8:7d:5f:0d:61:cf:be:86:72:4a:40:f9:3e:b9:38:
40:24:3f:3e:ee:d4:68:a7:88:7c:10:b7:83:27:80:26:54:ec:
02:8e:85:5a:b1:26:a5:ad:f8:c1:fe:98:7e:ce:49:28:50:3c:
c6:55:1a:8e:62:57:6a:6d:d9:40:20:47:de:1a:e4:4a:10:51:
86:5f:6b:de:ab:5a:66:d5:8f:f0:03:0e:28:33:ed:1c:25:46:
26:59:3f:ef:9d:f3:2b:95:95:36:44:81:95:23:cc:ba:ce:f9:
cf:6a:dc:b1:43:df:88:f3:23:ab:a9:d4:f8:a6:4d:3d:b4:ff:
83:09:aa:fa:67:1d:f6:ef:f4:57:b8:b0:e7:a6:8e:0b:fd:6b:
93:87:bd:4f:99:aa:ee:e6:b4:59:17:7f:d9:c8:19:61:62:42:
d1:67:46:b2:b9:fe:c6:8d:3d:b0:b5:f7:2c:02:d1:78:9b:53:
df:75:29:8f:80:91:cf:27:90:2d:d0:28:4e:38:9f:65:70:45:
21:a9:c2:5f:21:cf:56:b8:fb:69:2b:d4:62:d2:af:eb:ee:c0:
7d:97:87:9e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZUZCPlicm5UTzdKuZHhy+LrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4ZjIzOWE3MDA0MzczNDE3MmQyNjM3OGJmMjEwNmFlNzI1
NTIxODcwHhcNMjUwMjE4MTIyOTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWIzOWU2MmE2ZGFiMTQ2ZTBlMzAxMGZjNTBiZjY4ZGI3ZjVhYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsN9VhbOAEn9u+S1Rrf6h/vwVERF
KtE2VKUwnYammaLpwNjkvpEfbJhV54qcpdXaYDQcRLpIn4y26RegRw8OH1uLEDVX
pZMVxbg++MgoE/wJNDlmeRFuMpKoCNvCbLOoyJ0/7HETabkwNODAvcepyNLdfqZN
r1U3MbuJzwqJEe66SX7NZZxhMVGwpmUB+JznZHfJZ3o60XoCxjP0FIPaQUTqkcOX
H9bJkh9hw+cBRbozFsv1MWsYfIHQvCbIlXsuZ/OWLrOovXJyqJzlTCcsOLZr7bVd
a5WK0cXG9wj571wy6k6Utxne+0l+baDppt6LNdqStltRwwKdDda68FdK1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP6znmKm2rFG4OMBD8UL9o239aw7MB8GA1UdIwQY
MBaAFOjyOacAQ3NBctJjeL8hBq5yVSGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlBJNXB3QkRjMEZ5MG1ONHZ5RUdybkpWSVljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy80ZTkwMmEtMjk5Zi00ZGE3LTlhNmQt
NjY5YmQxMTNhMTc4LzEvX3JPZVlxYmFzVWJnNHdFUHhRdjJqYmYxckRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy80ZTkwMmEtMjk5Zi00ZGE3LTlhNmQtNjY5YmQxMTNhMTc4
LzEvNlBJNXB3QkRjMEZ5MG1ONHZ5RUdybkpWSVljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDJQBAAwQE
T4yQAwQCuQwoAwQCuVBgMA0GCSqGSIb3DQEBCwUAA4IBAQC8yOmnN0K16/FvQo60
uTDMvbDG6dRtkAYCAgAgG5d4NrOlv0tSxmTYfV8NYc++hnJKQPk+uThAJD8+7tRo
p4h8ELeDJ4AmVOwCjoVasSalrfjB/ph+zkkoUDzGVRqOYldqbdlAIEfeGuRKEFGG
X2veq1pm1Y/wAw4oM+0cJUYmWT/vnfMrlZU2RIGVI8y6zvnPatyxQ9+I8yOrqdT4
pk09tP+DCar6Zx327/RXuLDnpo4L/WuTh71Pmaru5rRZF3/ZyBlhYkLRZ0ayuf7G
jT2wtfcsAtF4m1PfdSmPgJHPJ5At0ChOOJ9lcEUhqcJfIc9WuPtpK9Ri0q/r7sB9
l4ee
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:58:48 2025 by rpki-client