Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/0bM8wmEzzUjWs4OaG_Eh1byq32Y.roa
File: 0bM8wmEzzUjWs4OaG_Eh1byq32Y.roa (raw, json)
Hash identifier: AxFzxaM8hmPYvCrIt6Spf+I6m25vebXD/RSMRn2bzqw=
Subject key identifier: D1:B3:3C:C2:61:33:CD:48:D6:B3:83:9A:1B:F1:21:D5:BC:AA:DF:66
Certificate issuer: /CN=d44de659759b0274124a7b481d0976840b7ade06
Certificate serial: 0194258F598A67C6754BB710D3A0FC7D0A49
Authority key identifier: D4:4D:E6:59:75:9B:02:74:12:4A:7B:48:1D:09:76:84:0B:7A:DE:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1E3mWXWbAnQSSntIHQl2hAt63gY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/0bM8wmEzzUjWs4OaG_Eh1byq32Y.roa
Signing time: Thu 02 Jan 2025 05:48:59 +0000
ROA not before: Thu 02 Jan 2025 05:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34714
IP address blocks: 37.143.168.0/24 maxlen: 24
37.143.175.0/24 maxlen: 24
91.201.76.0/22 maxlen: 22
91.213.34.0/24 maxlen: 24
185.238.56.0/22 maxlen: 22
193.32.140.0/24 maxlen: 24
193.238.56.0/22 maxlen: 22
2a03:8f80::/32 maxlen: 32
2a03:8f81::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/1E3mWXWbAnQSSntIHQl2hAt63gY.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/1E3mWXWbAnQSSntIHQl2hAt63gY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1E3mWXWbAnQSSntIHQl2hAt63gY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:59:8a:67:c6:75:4b:b7:10:d3:a0:fc:7d:0a:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d44de659759b0274124a7b481d0976840b7ade06
Validity
Not Before: Jan 2 05:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1b33cc26133cd48d6b3839a1bf121d5bcaadf66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:39:c6:92:f0:2c:10:f0:d1:97:34:27:a9:fa:
89:0d:b9:9c:3b:4c:c1:2b:65:0d:a5:ab:40:13:6d:
b5:64:af:81:8c:89:fb:fa:fe:2d:c2:88:c0:96:f2:
55:4c:b0:10:02:3a:27:f2:fe:12:91:2a:90:33:90:
86:55:ab:9e:6c:08:dd:d9:a7:74:00:20:23:38:08:
da:21:21:96:8a:cb:69:b6:cc:33:8b:e3:a2:16:46:
7f:43:b2:4b:a2:75:6f:e7:c3:a3:67:a0:4b:67:af:
97:9d:9b:74:27:0b:86:03:4f:3a:3c:55:d6:91:a7:
e1:eb:74:3d:57:fb:f7:1e:0e:c0:f4:30:ac:dc:93:
88:38:34:37:5a:28:56:0c:07:3a:85:0e:59:be:89:
f4:7c:ea:a7:e1:b6:af:27:b5:20:cd:1b:a3:61:9e:
5d:a8:07:23:50:02:01:67:98:2c:a5:50:58:68:cc:
2e:01:76:3b:15:d8:bd:93:00:7c:ef:18:75:57:d5:
69:0a:78:59:d9:c7:29:06:05:42:f0:b3:17:c7:9e:
7c:00:ed:4c:41:a8:4f:6c:5d:c7:7a:8f:a1:ba:b5:
9b:ed:ea:4c:df:47:f7:54:c9:81:94:b1:04:bc:dc:
ca:04:3f:b3:a2:23:d6:1b:be:6d:46:3e:b6:8d:49:
69:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B3:3C:C2:61:33:CD:48:D6:B3:83:9A:1B:F1:21:D5:BC:AA:DF:66
X509v3 Authority Key Identifier:
keyid:D4:4D:E6:59:75:9B:02:74:12:4A:7B:48:1D:09:76:84:0B:7A:DE:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1E3mWXWbAnQSSntIHQl2hAt63gY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/0bM8wmEzzUjWs4OaG_Eh1byq32Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/1E3mWXWbAnQSSntIHQl2hAt63gY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.168.0/24
37.143.175.0/24
91.201.76.0/22
91.213.34.0/24
185.238.56.0/22
193.32.140.0/24
193.238.56.0/22
IPv6:
2a03:8f80::/31
Signature Algorithm: sha256WithRSAEncryption
c2:96:75:a2:3b:59:3a:a7:78:af:d0:eb:83:08:a3:70:31:9a:
e9:4b:09:6e:fe:7c:96:11:0c:4a:a5:30:49:f0:8a:83:45:aa:
3a:1b:59:0b:c1:d1:ea:50:83:ce:ca:c8:be:19:7a:8b:e3:87:
5e:f0:2b:3b:30:2d:1d:9d:0c:db:bf:7c:48:df:8d:26:5d:03:
1d:ec:3f:8f:57:06:b8:cd:3c:b6:ef:82:c0:0c:28:85:8e:9d:
ff:42:72:70:a0:73:e9:fd:7f:d5:30:e0:94:03:9a:78:dd:db:
50:6a:c1:53:43:db:52:f4:2b:73:97:ba:4b:f2:ea:f1:4d:7f:
f2:ca:27:32:ac:5d:62:a4:fc:b4:cd:de:29:42:ea:5a:e4:9f:
18:38:2c:da:7e:d5:53:3d:ea:37:b7:f9:e4:ee:e4:85:67:c6:
92:27:17:82:f1:ba:bd:e4:12:e9:c5:9a:72:fb:f0:d6:d2:d5:
c7:b7:c6:20:b6:82:43:dd:11:63:b8:25:3a:03:6d:31:11:26:
0a:b8:41:79:f3:a0:87:89:bc:17:4b:a7:31:8c:bc:c8:a6:dd:
02:fa:52:bb:af:c2:28:cf:fe:ee:f8:1c:c3:a3:66:5a:c3:62:
58:b1:b3:1f:5d:43:08:d8:0c:a0:c3:4e:8e:e1:fd:41:63:64:
2f:6e:7a:71
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQlj1mKZ8Z1S7cQ06D8fQpJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NGRlNjU5NzU5YjAyNzQxMjRhN2I0ODFkMDk3Njg0MGI3
YWRlMDYwHhcNMjUwMTAyMDU0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWIzM2NjMjYxMzNjZDQ4ZDZiMzgzOWExYmYxMjFkNWJjYWFkZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDnGkvAsEPDRlzQnqfqJDbmcO0zB
K2UNpatAE221ZK+BjIn7+v4twojAlvJVTLAQAjon8v4SkSqQM5CGVauebAjd2ad0
ACAjOAjaISGWistptswzi+OiFkZ/Q7JLonVv58OjZ6BLZ6+XnZt0JwuGA086PFXW
kafh63Q9V/v3Hg7A9DCs3JOIODQ3WihWDAc6hQ5Zvon0fOqn4bavJ7UgzRujYZ5d
qAcjUAIBZ5gspVBYaMwuAXY7Fdi9kwB87xh1V9VpCnhZ2ccpBgVC8LMXx558AO1M
QahPbF3Heo+hurWb7epM30f3VMmBlLEEvNzKBD+zoiPWG75tRj62jUlprQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFNGzPMJhM81I1rODmhvxIdW8qt9mMB8GA1UdIwQY
MBaAFNRN5ll1mwJ0Ekp7SB0JdoQLet4GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUUzbVdYV2JBblFTU250SUhRbDJoQXQ2M2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy83NTIxNmQtNjg0Yi00N2NjLWE5NWUt
ZGI0ZDM5ZGM0ZWM3LzEvMGJNOHdtRXp6VWpXczRPYUdfRWgxYnlxMzJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy83NTIxNmQtNjg0Yi00N2NjLWE5NWUtZGI0ZDM5ZGM0ZWM3
LzEvMUUzbVdYV2JBblFTU250SUhRbDJoQXQ2M2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAJY+oAwQA
JY+vAwQCW8lMAwQAW9UiAwQCue44AwQAwSCMAwQCwe44MA0EAgACMAcDBQEqA4+A
MA0GCSqGSIb3DQEBCwUAA4IBAQDClnWiO1k6p3iv0OuDCKNwMZrpSwlu/nyWEQxK
pTBJ8IqDRao6G1kLwdHqUIPOysi+GXqL44de8Cs7MC0dnQzbv3xI340mXQMd7D+P
Vwa4zTy274LADCiFjp3/QnJwoHPp/X/VMOCUA5p43dtQasFTQ9tS9Ctzl7pL8urx
TX/yyicyrF1ipPy0zd4pQupa5J8YOCzaftVTPeo3t/nk7uSFZ8aSJxeC8bq95BLp
xZpy+/DW0tXHt8YgtoJD3RFjuCU6A20xESYKuEF586CHibwXS6cxjLzIpt0C+lK7
r8Ioz/7u+BzDo2Zaw2JYsbMfXUMI2Aygw06O4f1BY2Qvbnpx
-----END CERTIFICATE-----
Generated at Sat Apr 12 15:09:44 2025 by rpki-client