Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/ty37WXzEM_QABRJJkI6c7K_G8EQ.roa
File: ty37WXzEM_QABRJJkI6c7K_G8EQ.roa (raw, json)
Hash identifier: KUqDTpdF99zPoKmTMTv8GshjWBlrKcQSI4Ly51l4brg=
Subject key identifier: B7:2D:FB:59:7C:C4:33:F4:00:05:12:49:90:8E:9C:EC:AF:C6:F0:44
Certificate issuer: /CN=c10285df5b039e0f04e2dfece28a5a8fbec6e938
Certificate serial: 019427483460FDD661B628F7960BC6DACA65
Authority key identifier: C1:02:85:DF:5B:03:9E:0F:04:E2:DF:EC:E2:8A:5A:8F:BE:C6:E9:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQKF31sDng8E4t_s4opaj77G6Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/ty37WXzEM_QABRJJkI6c7K_G8EQ.roa
Signing time: Thu 02 Jan 2025 13:50:30 +0000
ROA not before: Thu 02 Jan 2025 13:50:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202987
IP address blocks: 185.127.124.0/24 maxlen: 24
185.127.125.0/24 maxlen: 24
185.127.126.0/24 maxlen: 24
185.127.127.0/24 maxlen: 24
193.27.232.0/24 maxlen: 24
193.27.233.0/24 maxlen: 24
193.27.234.0/24 maxlen: 24
193.27.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/wQKF31sDng8E4t_s4opaj77G6Tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/wQKF31sDng8E4t_s4opaj77G6Tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/wQKF31sDng8E4t_s4opaj77G6Tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:34:60:fd:d6:61:b6:28:f7:96:0b:c6:da:ca:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c10285df5b039e0f04e2dfece28a5a8fbec6e938
Validity
Not Before: Jan 2 13:50:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b72dfb597cc433f400051249908e9cecafc6f044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4d:7e:73:90:6a:76:75:5f:a1:00:02:00:a1:
db:27:33:86:b2:7e:bf:68:88:1a:4e:49:9e:29:af:
ec:62:7e:f6:7f:3b:ac:1f:e1:1d:a8:dd:12:f4:10:
5c:f7:b0:9e:5a:a3:4d:0e:c5:83:b7:24:83:b1:c3:
29:c6:0b:fb:17:70:a9:0a:d6:bf:33:51:52:65:42:
c5:a1:b1:2a:ad:7e:2b:14:bf:38:19:38:1c:71:36:
17:18:6a:6e:b8:3f:32:46:90:27:ef:79:fe:e5:72:
24:ee:c0:a9:bb:02:f4:33:94:77:ad:99:ff:20:18:
a3:9a:44:e4:25:5b:91:d3:f9:64:85:db:14:1a:c4:
2f:1c:8b:df:e9:c5:e2:40:bb:d7:ae:ee:4c:a7:02:
b9:80:58:8a:a3:a0:b0:2a:99:46:9c:d0:e6:e1:7f:
39:4d:3d:15:e4:be:27:5b:e5:c4:63:8b:56:1f:68:
57:22:f8:8d:5a:0c:13:72:3d:b0:ad:3f:bc:0c:ef:
56:9c:09:fd:e8:4f:ee:cb:fb:56:82:e1:9b:05:00:
bb:aa:50:51:f8:f8:2d:16:5e:f4:9f:a5:b8:33:ed:
d7:ff:77:db:70:4e:83:59:19:0c:48:ae:22:61:92:
49:03:fe:97:64:ef:ec:d8:77:f1:04:7d:95:47:d2:
a7:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:2D:FB:59:7C:C4:33:F4:00:05:12:49:90:8E:9C:EC:AF:C6:F0:44
X509v3 Authority Key Identifier:
keyid:C1:02:85:DF:5B:03:9E:0F:04:E2:DF:EC:E2:8A:5A:8F:BE:C6:E9:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQKF31sDng8E4t_s4opaj77G6Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/ty37WXzEM_QABRJJkI6c7K_G8EQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/wQKF31sDng8E4t_s4opaj77G6Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.124.0/22
193.27.232.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:53:6b:af:21:37:e7:86:5c:6f:43:4c:09:fc:5d:40:8d:7e:
2a:86:59:d5:68:ca:3c:16:a0:f1:1a:04:c3:09:e4:f3:e0:d8:
6d:96:6a:5c:13:7a:96:bd:7f:04:a2:0d:2c:a5:f1:81:69:3d:
6b:7c:35:18:eb:b2:07:b0:aa:3e:d7:1e:6a:a7:67:0d:c8:22:
78:68:ff:d4:32:1f:b5:af:c5:31:e6:f7:39:a5:59:7e:a0:22:
1d:94:7a:5c:61:8d:bd:b5:15:25:c6:01:66:9a:56:85:5e:4e:
95:ed:7a:94:8f:74:ec:a6:41:1b:60:20:39:0f:60:a8:7a:eb:
b8:c1:a5:b0:c5:f9:81:d8:2e:8b:67:7c:68:c6:4d:08:a5:de:
7d:ac:62:d4:47:12:8d:23:91:b2:75:9c:20:cf:7e:b8:64:4a:
07:c5:e3:40:a5:2b:a4:13:6c:5c:a7:b7:fa:3b:0e:3f:7a:21:
cf:a2:b6:26:98:5b:ae:db:93:71:f1:d2:6f:85:4f:2e:a8:d1:
6d:03:5e:ee:ba:61:5d:3d:01:77:21:32:52:97:ce:9b:90:14:
97:a3:aa:a4:52:02:49:39:fb:0c:72:86:cf:8e:2a:9b:49:f9:
46:1f:c8:18:b4:6e:f8:95:0a:a2:13:5b:7c:8b:f8:32:a4:5f:
ab:3a:ba:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnSDRg/dZhtij3lgvG2splMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDI4NWRmNWIwMzllMGYwNGUyZGZlY2UyOGE1YThmYmVj
NmU5MzgwHhcNMjUwMTAyMTM1MDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzJkZmI1OTdjYzQzM2Y0MDAwNTEyNDk5MDhlOWNlY2FmYzZmMDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkU1+c5BqdnVfoQACAKHbJzOGsn6/
aIgaTkmeKa/sYn72fzusH+EdqN0S9BBc97CeWqNNDsWDtySDscMpxgv7F3CpCta/
M1FSZULFobEqrX4rFL84GTgccTYXGGpuuD8yRpAn73n+5XIk7sCpuwL0M5R3rZn/
IBijmkTkJVuR0/lkhdsUGsQvHIvf6cXiQLvXru5MpwK5gFiKo6CwKplGnNDm4X85
TT0V5L4nW+XEY4tWH2hXIviNWgwTcj2wrT+8DO9WnAn96E/uy/tWguGbBQC7qlBR
+PgtFl70n6W4M+3X/3fbcE6DWRkMSK4iYZJJA/6XZO/s2HfxBH2VR9KnMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLct+1l8xDP0AAUSSZCOnOyvxvBEMB8GA1UdIwQY
MBaAFMEChd9bA54PBOLf7OKKWo++xuk4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FLRjMxc0RuZzhFNHRfczRvcGFqNzdHNlRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9hZWJkNDItMDdhMy00Y2I1LTg1MmUt
NTJhZmM3N2NhMThmLzEvdHkzN1dYekVNX1FBQlJKSmtJNmM3S19HOEVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9hZWJkNDItMDdhMy00Y2I1LTg1MmUtNTJhZmM3N2NhMThm
LzEvd1FLRjMxc0RuZzhFNHRfczRvcGFqNzdHNlRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuX98AwQC
wRvoMA0GCSqGSIb3DQEBCwUAA4IBAQAbU2uvITfnhlxvQ0wJ/F1AjX4qhlnVaMo8
FqDxGgTDCeTz4NhtlmpcE3qWvX8Eog0spfGBaT1rfDUY67IHsKo+1x5qp2cNyCJ4
aP/UMh+1r8Ux5vc5pVl+oCIdlHpcYY29tRUlxgFmmlaFXk6V7XqUj3TspkEbYCA5
D2Coeuu4waWwxfmB2C6LZ3xoxk0Ipd59rGLURxKNI5GydZwgz364ZEoHxeNApSuk
E2xcp7f6Ow4/eiHPorYmmFuu25Nx8dJvhU8uqNFtA17uumFdPQF3ITJSl86bkBSX
o6qkUgJJOfsMcobPjiqbSflGH8gYtG74lQqiE1t8i/gypF+rOrp4
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:46:11 2025 by rpki-client