Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/AIuxDan3cmgh1sSTa1msoGsI4OU.roa
File: AIuxDan3cmgh1sSTa1msoGsI4OU.roa (raw, json)
Hash identifier: wfljXRT2O4eVL/YpdauQcVAws8xYzb3xMFQl+DLnKBY=
Subject key identifier: 00:8B:B1:0D:A9:F7:72:68:21:D6:C4:93:6B:59:AC:A0:6B:08:E0:E5
Certificate issuer: /CN=2b0be226230d4099ceea0a4a6cf4ed8b90201350
Certificate serial: 019420D5BA105D733787275ADF33E827FB63
Authority key identifier: 2B:0B:E2:26:23:0D:40:99:CE:EA:0A:4A:6C:F4:ED:8B:90:20:13:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KwviJiMNQJnO6gpKbPTti5AgE1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/AIuxDan3cmgh1sSTa1msoGsI4OU.roa
Signing time: Wed 01 Jan 2025 07:47:45 +0000
ROA not before: Wed 01 Jan 2025 07:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28787
IP address blocks: 37.61.0.0/17 maxlen: 17
37.61.56.0/21 maxlen: 21
37.61.77.0/24 maxlen: 24
37.61.78.0/24 maxlen: 24
37.61.79.0/24 maxlen: 24
37.61.112.0/22 maxlen: 22
37.61.116.0/22 maxlen: 22
37.61.120.0/22 maxlen: 22
37.61.124.0/22 maxlen: 22
81.17.80.0/20 maxlen: 20
81.17.82.0/24 maxlen: 24
185.30.88.0/23 maxlen: 23
185.30.90.0/23 maxlen: 23
188.253.128.0/19 maxlen: 19
188.253.208.0/22 maxlen: 22
188.253.212.0/22 maxlen: 22
188.253.216.0/22 maxlen: 22
188.253.220.0/22 maxlen: 22
188.253.224.0/21 maxlen: 21
188.253.232.0/21 maxlen: 21
188.253.254.0/24 maxlen: 24
188.253.255.0/24 maxlen: 24
194.135.166.0/23 maxlen: 23
194.135.168.0/23 maxlen: 23
194.135.170.0/24 maxlen: 24
194.135.171.0/24 maxlen: 24
194.135.172.0/24 maxlen: 24
194.135.173.0/24 maxlen: 24
194.135.174.0/24 maxlen: 24
194.135.176.0/24 maxlen: 24
194.135.177.0/24 maxlen: 24
194.135.178.0/24 maxlen: 24
194.135.179.0/24 maxlen: 24
213.154.0.0/19 maxlen: 19
217.64.16.0/20 maxlen: 20
217.64.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/KwviJiMNQJnO6gpKbPTti5AgE1A.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/KwviJiMNQJnO6gpKbPTti5AgE1A.mft
rsync://rpki.ripe.net/repository/DEFAULT/KwviJiMNQJnO6gpKbPTti5AgE1A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 19:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:ba:10:5d:73:37:87:27:5a:df:33:e8:27:fb:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b0be226230d4099ceea0a4a6cf4ed8b90201350
Validity
Not Before: Jan 1 07:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=008bb10da9f7726821d6c4936b59aca06b08e0e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:86:0c:47:7c:4c:b1:64:de:0e:12:a5:ac:fa:
84:1c:61:3c:c6:d2:0d:05:3b:eb:54:c1:c2:b7:78:
0e:98:42:a4:25:e1:90:f3:fa:ef:7e:da:22:6b:2c:
50:61:8d:1c:31:1d:ac:dd:51:80:4e:36:0d:be:22:
1b:d4:57:c3:c1:96:3a:46:59:f8:ba:53:2e:04:8b:
8a:be:46:eb:52:ec:ca:92:36:e9:45:7f:fa:fe:a7:
ce:9e:8d:b8:1b:eb:78:64:5a:f4:d3:84:4b:82:44:
ca:e4:12:a4:c5:dd:7f:f4:cc:dd:4b:98:30:2e:b6:
0e:ef:74:06:92:d0:7a:99:d2:d4:26:9b:8c:7b:ec:
4e:1e:49:88:1d:96:03:3b:36:01:9e:56:4d:fe:85:
db:ef:8f:9b:b3:99:40:94:7a:92:81:06:09:c0:88:
a4:9d:7d:46:89:4b:2b:81:31:50:c8:ff:9c:fd:c7:
78:62:58:b1:06:1c:57:90:07:de:66:77:e9:2f:ce:
8a:d0:ab:f5:9f:76:8f:99:f6:50:0c:cc:3a:75:b9:
c5:d9:45:3d:73:ad:76:96:07:b7:90:c6:46:2f:07:
61:eb:52:f5:c1:f8:0f:dd:59:70:a0:5d:f3:90:31:
e2:1a:f6:aa:be:51:b5:ba:86:21:4c:0c:f1:fe:2e:
94:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:8B:B1:0D:A9:F7:72:68:21:D6:C4:93:6B:59:AC:A0:6B:08:E0:E5
X509v3 Authority Key Identifier:
keyid:2B:0B:E2:26:23:0D:40:99:CE:EA:0A:4A:6C:F4:ED:8B:90:20:13:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwviJiMNQJnO6gpKbPTti5AgE1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/AIuxDan3cmgh1sSTa1msoGsI4OU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/KwviJiMNQJnO6gpKbPTti5AgE1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.0.0/17
81.17.80.0/20
185.30.88.0/22
188.253.128.0/19
188.253.208.0-188.253.239.255
188.253.254.0/23
194.135.166.0-194.135.174.255
194.135.176.0/22
213.154.0.0/19
217.64.16.0/20
Signature Algorithm: sha256WithRSAEncryption
5d:77:d9:b0:a5:c1:60:ef:30:bc:f8:f1:c7:a4:a2:c7:e0:79:
66:f8:68:ef:ff:93:31:99:69:12:1d:1c:40:7d:f0:a8:40:f3:
21:de:99:67:ff:5d:1b:11:de:1a:24:75:f7:38:42:34:12:bf:
49:71:8a:be:88:34:1d:83:fe:13:a5:8a:b4:ab:8d:4a:84:dd:
85:df:9a:7e:a7:2b:49:5e:ff:db:e9:bd:87:27:5d:64:86:53:
8d:98:ba:61:83:0d:53:57:d7:6c:20:b7:cc:d5:1d:b5:93:a1:
f6:84:5c:18:24:64:9e:1a:ec:03:6c:52:59:1a:5b:78:24:b4:
9e:7a:a9:be:d3:69:ed:ed:21:03:14:89:16:90:a3:e1:d3:42:
8c:c9:31:9d:e7:4b:cf:a0:7b:39:3a:ff:e6:30:71:4e:f4:f0:
e6:09:4a:dd:73:2d:56:c4:a5:8b:dc:25:99:c0:24:e4:13:32:
15:fa:86:83:8c:82:0c:f3:36:2a:ca:9f:1a:b2:a8:a5:5f:8d:
2e:b9:6c:c9:d2:87:8e:b7:59:79:a5:18:1b:45:b5:4b:83:14:
86:f9:8f:df:4b:fc:98:04:84:41:36:ec:cb:18:8d:8a:25:ec:
68:17:09:e1:af:3b:4b:22:73:27:e7:1e:a8:4c:03:e2:0b:97:
63:9a:8a:0b
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZQg1boQXXM3hyda3zPoJ/tjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMGJlMjI2MjMwZDQwOTljZWVhMGE0YTZjZjRlZDhiOTAy
MDEzNTAwHhcNMjUwMTAxMDc0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDhiYjEwZGE5Zjc3MjY4MjFkNmM0OTM2YjU5YWNhMDZiMDhlMGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7IYMR3xMsWTeDhKlrPqEHGE8xtIN
BTvrVMHCt3gOmEKkJeGQ8/rvftoiayxQYY0cMR2s3VGATjYNviIb1FfDwZY6Rln4
ulMuBIuKvkbrUuzKkjbpRX/6/qfOno24G+t4ZFr004RLgkTK5BKkxd1/9MzdS5gw
LrYO73QGktB6mdLUJpuMe+xOHkmIHZYDOzYBnlZN/oXb74+bs5lAlHqSgQYJwIik
nX1GiUsrgTFQyP+c/cd4YlixBhxXkAfeZnfpL86K0Kv1n3aPmfZQDMw6dbnF2UU9
c612lge3kMZGLwdh61L1wfgP3VlwoF3zkDHiGvaqvlG1uoYhTAzx/i6UzwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFACLsQ2p93JoIdbEk2tZrKBrCODlMB8GA1UdIwQY
MBaAFCsL4iYjDUCZzuoKSmz07YuQIBNQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3d2aUppTU5RSm5PNmdwS2JQVHRpNUFnRTFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9mY2U2NzUtYmY1My00Nzg3LTkzZTct
ODFmNTY2MTg1YjA2LzEvQUl1eERhbjNjbWdoMXNTVGExbXNvR3NJNE9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9mY2U2NzUtYmY1My00Nzg3LTkzZTctODFmNTY2MTg1YjA2
LzEvS3d2aUppTU5RSm5PNmdwS2JQVHRpNUFnRTFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQHJT0AAwQE
URFQAwQCuR5YAwQFvP2AMAwDBAS8/dADBAS8/eADBAG8/f4wDAMEAcKHpgMEAMKH
rgMEAsKHsAMEBdWaAAMEBNlAEDANBgkqhkiG9w0BAQsFAAOCAQEAXXfZsKXBYO8w
vPjxx6Six+B5Zvho7/+TMZlpEh0cQH3wqEDzId6ZZ/9dGxHeGiR19zhCNBK/SXGK
vog0HYP+E6WKtKuNSoTdhd+afqcrSV7/2+m9hyddZIZTjZi6YYMNU1fXbCC3zNUd
tZOh9oRcGCRknhrsA2xSWRpbeCS0nnqpvtNp7e0hAxSJFpCj4dNCjMkxnedLz6B7
OTr/5jBxTvTw5glK3XMtVsSli9wlmcAk5BMyFfqGg4yCDPM2KsqfGrKopV+NLrls
ydKHjrdZeaUYG0W1S4MUhvmP30v8mASEQTbsyxiNiiXsaBcJ4a87SyJzJ+ceqEwD
4guXY5qKCw==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:13:39 2025 by rpki-client