Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/ca698e-e6a8-41f4-869c-961f437135c6/1/A2mB37rJmerIuB24l4Bs4lzgXqo.roa
File: A2mB37rJmerIuB24l4Bs4lzgXqo.roa (raw, json)
Hash identifier: ndaVFcXFO0lVM0GIop/3BjpE63WSZdctz0XY3LjKsVI=
Subject key identifier: 03:69:81:DF:BA:C9:99:EA:C8:B8:1D:B8:97:80:6C:E2:5C:E0:5E:AA
Certificate issuer: /CN=7ba77362e314586d0d21884d01a85adb77665b74
Certificate serial: 019425FDEEA66456EECF37323529B6104890
Authority key identifier: 7B:A7:73:62:E3:14:58:6D:0D:21:88:4D:01:A8:5A:DB:77:66:5B:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6dzYuMUWG0NIYhNAaha23dmW3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/ca698e-e6a8-41f4-869c-961f437135c6/1/A2mB37rJmerIuB24l4Bs4lzgXqo.roa
Signing time: Thu 02 Jan 2025 07:49:46 +0000
ROA not before: Thu 02 Jan 2025 07:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206837
IP address blocks: 157.97.84.0/22 maxlen: 24
157.97.84.0/24 maxlen: 24
157.97.85.0/24 maxlen: 24
157.97.86.0/24 maxlen: 24
157.97.87.0/24 maxlen: 24
176.98.208.0/22 maxlen: 24
176.98.208.0/23 maxlen: 23
176.98.208.0/24 maxlen: 24
176.98.209.0/24 maxlen: 24
176.98.210.0/23 maxlen: 23
176.98.210.0/24 maxlen: 24
176.98.211.0/24 maxlen: 24
185.127.52.0/22 maxlen: 22
185.127.52.0/23 maxlen: 23
185.127.52.0/24 maxlen: 24
185.127.53.0/24 maxlen: 24
185.127.54.0/23 maxlen: 23
185.127.54.0/24 maxlen: 24
185.127.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/ca698e-e6a8-41f4-869c-961f437135c6/1/e6dzYuMUWG0NIYhNAaha23dmW3Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/ca698e-e6a8-41f4-869c-961f437135c6/1/e6dzYuMUWG0NIYhNAaha23dmW3Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/e6dzYuMUWG0NIYhNAaha23dmW3Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:ee:a6:64:56:ee:cf:37:32:35:29:b6:10:48:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ba77362e314586d0d21884d01a85adb77665b74
Validity
Not Before: Jan 2 07:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=036981dfbac999eac8b81db897806ce25ce05eaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:35:9b:c1:69:30:74:1c:f8:4f:5b:2e:81:90:
af:80:c3:83:9c:2f:53:36:af:6f:4c:92:bf:cb:10:
10:ac:ad:ac:8c:f6:1b:03:24:16:95:50:24:53:f0:
10:ec:8a:e4:88:e4:a9:95:28:66:8d:17:bd:12:1b:
44:7e:7e:ed:79:44:f1:94:17:48:3e:66:97:e4:3c:
c1:ba:a5:4f:bf:0f:14:cd:46:a4:9e:22:74:fa:95:
1d:12:e9:2f:e0:88:b5:d9:ce:4a:6e:c6:65:f6:2a:
5d:e1:e0:1f:ed:39:b4:2f:5c:90:61:cb:2e:6a:25:
ac:58:7c:d0:c6:6e:28:16:c2:87:7b:f5:5b:e6:d4:
8f:19:dc:bd:11:d4:4b:ec:60:b2:fc:1b:e5:c0:22:
24:4d:ea:20:29:bd:ea:c4:01:4a:68:fe:9c:5a:4b:
e4:34:d0:85:6d:e2:b0:88:3b:6c:a5:a7:6e:ed:00:
34:33:74:5d:3b:80:d3:1a:03:da:4d:7e:69:7e:ae:
6e:4f:e8:08:eb:48:cd:e3:71:d3:d3:0e:74:17:42:
30:ab:e7:bd:45:f7:b7:ea:26:44:c4:7b:7a:40:d1:
a1:55:09:30:16:da:b4:0c:7f:40:78:67:47:0d:8b:
68:af:9e:19:47:34:6b:b8:40:61:2a:c5:d0:90:27:
9d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:69:81:DF:BA:C9:99:EA:C8:B8:1D:B8:97:80:6C:E2:5C:E0:5E:AA
X509v3 Authority Key Identifier:
keyid:7B:A7:73:62:E3:14:58:6D:0D:21:88:4D:01:A8:5A:DB:77:66:5B:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6dzYuMUWG0NIYhNAaha23dmW3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/ca698e-e6a8-41f4-869c-961f437135c6/1/A2mB37rJmerIuB24l4Bs4lzgXqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/ca698e-e6a8-41f4-869c-961f437135c6/1/e6dzYuMUWG0NIYhNAaha23dmW3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.84.0/22
176.98.208.0/22
185.127.52.0/22
Signature Algorithm: sha256WithRSAEncryption
36:53:a7:0f:4b:9e:77:fd:cc:f1:f7:0b:2f:97:58:63:db:11:
00:97:87:0e:bf:19:a2:9d:03:84:0a:c0:83:f8:bf:98:00:f6:
c9:35:c2:47:f0:37:cf:44:b3:12:d9:ac:34:9d:7b:5d:e5:f7:
20:96:56:90:9f:51:ce:cf:65:c2:8c:64:cc:35:11:4e:18:75:
ff:47:8f:22:5b:73:51:92:5d:cb:ff:46:cd:60:9b:02:59:e1:
1a:55:7a:be:55:22:f7:96:bd:ba:bc:d7:31:d8:30:b6:cb:00:
0d:01:6d:49:bf:3f:a5:77:ea:2b:f9:ff:6f:58:de:9c:48:d5:
6a:8b:a6:09:15:d8:c6:0f:e1:35:f7:fc:57:45:41:df:ed:e0:
22:9a:1d:46:60:b7:a6:b0:a8:ac:13:9f:7d:76:9d:f0:2a:1f:
33:d5:0c:8e:bc:5f:86:df:cf:7d:99:97:b3:db:4b:90:a8:cc:
3d:fb:cb:22:82:ac:bb:47:42:0c:b5:7a:c7:90:33:d8:11:fc:
c7:64:a0:70:82:36:ea:27:f0:9b:fe:59:67:cd:a8:7e:d1:f9:
3a:3a:57:fc:b6:40:2e:22:8a:c4:3e:8f:68:66:a0:a9:22:82:
9c:20:f0:ea:fb:94:f6:36:92:cd:d8:e5:13:95:09:18:30:51:
f8:74:02:9b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQl/e6mZFbuzzcyNSm2EEiQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTc3MzYyZTMxNDU4NmQwZDIxODg0ZDAxYTg1YWRiNzc2
NjViNzQwHhcNMjUwMTAyMDc0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzY5ODFkZmJhYzk5OWVhYzhiODFkYjg5NzgwNmNlMjVjZTA1ZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjWbwWkwdBz4T1sugZCvgMODnC9T
Nq9vTJK/yxAQrK2sjPYbAyQWlVAkU/AQ7IrkiOSplShmjRe9EhtEfn7teUTxlBdI
PmaX5DzBuqVPvw8UzUakniJ0+pUdEukv4Ii12c5KbsZl9ipd4eAf7Tm0L1yQYcsu
aiWsWHzQxm4oFsKHe/Vb5tSPGdy9EdRL7GCy/BvlwCIkTeogKb3qxAFKaP6cWkvk
NNCFbeKwiDtspadu7QA0M3RdO4DTGgPaTX5pfq5uT+gI60jN43HT0w50F0Iwq+e9
Rfe36iZExHt6QNGhVQkwFtq0DH9AeGdHDYtor54ZRzRruEBhKsXQkCedhQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFANpgd+6yZnqyLgduJeAbOJc4F6qMB8GA1UdIwQY
MBaAFHunc2LjFFhtDSGITQGoWtt3Zlt0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZkell1TVVXRzBOSVloTkFhaGEyM2RtVzNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jYTY5OGUtZTZhOC00MWY0LTg2OWMt
OTYxZjQzNzEzNWM2LzEvQTJtQjM3ckptZXJJdUIyNGw0QnM0bHpnWHFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jYTY5OGUtZTZhOC00MWY0LTg2OWMtOTYxZjQzNzEzNWM2
LzEvZTZkell1TVVXRzBOSVloTkFhaGEyM2RtVzNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCnWFUAwQC
sGLQAwQCuX80MA0GCSqGSIb3DQEBCwUAA4IBAQA2U6cPS553/czx9wsvl1hj2xEA
l4cOvxminQOECsCD+L+YAPbJNcJH8DfPRLMS2aw0nXtd5fcgllaQn1HOz2XCjGTM
NRFOGHX/R48iW3NRkl3L/0bNYJsCWeEaVXq+VSL3lr26vNcx2DC2ywANAW1Jvz+l
d+or+f9vWN6cSNVqi6YJFdjGD+E19/xXRUHf7eAimh1GYLemsKisE599dp3wKh8z
1QyOvF+G3899mZez20uQqMw9+8sigqy7R0IMtXrHkDPYEfzHZKBwgjbqJ/Cb/lln
zah+0fk6Olf8tkAuIorEPo9oZqCpIoKcIPDq+5T2NpLN2OUTlQkYMFH4dAKb
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:55:44 2025 by rpki-client