Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/I3GFCz8gt6Rki8DJxRT45IEltuo.roa
File: I3GFCz8gt6Rki8DJxRT45IEltuo.roa (raw, json)
Hash identifier: uBBouPhKhyaXIv9GSGFn2zrE6uv7a/jKMDEUQeG9Dfo=
Subject key identifier: 23:71:85:0B:3F:20:B7:A4:64:8B:C0:C9:C5:14:F8:E4:81:25:B6:EA
Certificate issuer: /CN=dd5f2e7cc2c687f58c0d1f6132bb2dcfdf38cb64
Certificate serial: 019427480B3686C4791AABFEA7E6FEC261CD
Authority key identifier: DD:5F:2E:7C:C2:C6:87:F5:8C:0D:1F:61:32:BB:2D:CF:DF:38:CB:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3V8ufMLGh_WMDR9hMrstz984y2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/I3GFCz8gt6Rki8DJxRT45IEltuo.roa
Signing time: Thu 02 Jan 2025 13:50:20 +0000
ROA not before: Thu 02 Jan 2025 13:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59931
IP address blocks: 109.75.64.0/24 maxlen: 24
109.75.65.0/24 maxlen: 24
109.75.66.0/24 maxlen: 24
109.75.67.0/24 maxlen: 24
109.75.68.0/24 maxlen: 24
109.75.69.0/24 maxlen: 24
109.75.70.0/24 maxlen: 24
109.75.71.0/24 maxlen: 24
109.75.72.0/24 maxlen: 24
109.75.73.0/24 maxlen: 24
109.75.74.0/24 maxlen: 24
109.75.75.0/24 maxlen: 24
109.75.76.0/24 maxlen: 24
109.75.77.0/24 maxlen: 24
109.75.78.0/24 maxlen: 24
109.75.79.0/24 maxlen: 24
185.204.48.0/24 maxlen: 24
185.204.49.0/24 maxlen: 24
185.204.50.0/24 maxlen: 24
185.204.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/3V8ufMLGh_WMDR9hMrstz984y2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/3V8ufMLGh_WMDR9hMrstz984y2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/3V8ufMLGh_WMDR9hMrstz984y2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 04:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:0b:36:86:c4:79:1a:ab:fe:a7:e6:fe:c2:61:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd5f2e7cc2c687f58c0d1f6132bb2dcfdf38cb64
Validity
Not Before: Jan 2 13:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2371850b3f20b7a4648bc0c9c514f8e48125b6ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d9:8c:bc:93:69:f0:cf:f5:b4:29:c6:c5:8a:
db:ef:d4:a0:22:80:16:05:aa:ac:76:a6:55:e3:33:
eb:6c:00:5c:41:ad:28:95:9a:64:b4:64:d9:2e:87:
1a:25:3b:0c:4f:31:90:0b:92:f6:1c:4e:a9:d2:66:
0c:ec:be:66:ec:05:cd:37:26:4b:32:7b:76:2d:5f:
b2:7d:6a:9a:f6:c9:47:13:40:7c:6f:a1:10:b2:48:
cd:ca:6f:de:70:38:f9:3a:0f:82:45:07:30:a2:db:
0e:df:a9:1c:d7:b2:98:96:eb:f8:67:d6:45:a1:74:
08:b9:42:92:b3:5a:92:6f:6c:c7:24:8f:b9:08:82:
96:95:b4:19:40:eb:5d:7c:94:52:4c:28:f7:d6:00:
33:cf:4c:94:57:10:af:b7:e2:b7:60:de:e9:44:69:
4c:08:5c:0a:26:49:dc:a0:e9:59:80:25:9b:14:08:
5b:ae:29:bd:83:2f:7d:74:73:99:05:5e:cd:51:6b:
3f:45:16:b2:6e:12:02:e7:02:a4:64:89:ee:c8:f6:
f1:fd:2f:14:23:b2:a6:0d:d3:9f:f4:ef:67:99:af:
c5:5a:95:ae:f8:2e:7a:33:84:b2:de:6a:cc:ee:88:
8d:28:99:02:73:19:da:f7:42:d9:bc:ea:86:57:86:
4f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:71:85:0B:3F:20:B7:A4:64:8B:C0:C9:C5:14:F8:E4:81:25:B6:EA
X509v3 Authority Key Identifier:
keyid:DD:5F:2E:7C:C2:C6:87:F5:8C:0D:1F:61:32:BB:2D:CF:DF:38:CB:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3V8ufMLGh_WMDR9hMrstz984y2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/I3GFCz8gt6Rki8DJxRT45IEltuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/3V8ufMLGh_WMDR9hMrstz984y2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.75.64.0/20
185.204.48.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:b8:b6:5e:6e:00:39:03:70:46:ed:69:3d:32:36:c4:d2:ff:
b0:d7:9e:05:66:c7:be:70:f3:4d:d6:e6:91:54:1e:ae:01:2a:
0a:6d:3c:b1:af:c4:05:0f:63:7f:fb:e9:b8:2c:df:d8:e4:eb:
25:e6:ae:5a:0b:70:a8:46:eb:7b:d7:b0:f4:7a:a8:a4:ac:27:
80:b1:91:8c:63:00:d5:cb:bc:94:13:67:e0:63:e3:1f:7b:68:
8a:d6:e4:42:bd:df:0d:4b:39:1c:c3:c1:5e:df:58:46:37:60:
52:64:6b:ed:6c:7c:a1:db:fc:d8:3a:27:6a:99:9b:ec:fe:3c:
f2:8b:ff:1f:9e:a2:4d:34:df:b0:bc:5c:73:af:62:78:ee:d5:
ed:ee:a2:b1:1c:fb:3d:ac:c6:e0:f7:b3:1a:64:16:ce:27:be:
b4:46:46:a0:37:3e:29:d4:da:4d:fd:e4:9f:e8:ce:01:8b:7b:
43:ce:37:5c:80:33:20:ab:a5:f7:77:11:93:61:58:17:9a:4e:
5a:10:16:fb:d3:80:a1:99:59:d5:c0:62:38:6c:e7:79:ec:fe:
71:57:fc:1f:83:84:35:eb:6d:2c:ce:7c:dc:3c:df:25:64:88:
f3:48:37:5a:97:4b:fa:21:e0:93:87:66:8f:7a:95:67:59:39:
37:8b:ea:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnSAs2hsR5Gqv+p+b+wmHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNWYyZTdjYzJjNjg3ZjU4YzBkMWY2MTMyYmIyZGNmZGYz
OGNiNjQwHhcNMjUwMTAyMTM1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzcxODUwYjNmMjBiN2E0NjQ4YmMwYzljNTE0ZjhlNDgxMjViNmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdmMvJNp8M/1tCnGxYrb79SgIoAW
BaqsdqZV4zPrbABcQa0olZpktGTZLocaJTsMTzGQC5L2HE6p0mYM7L5m7AXNNyZL
Mnt2LV+yfWqa9slHE0B8b6EQskjNym/ecDj5Og+CRQcwotsO36kc17KYluv4Z9ZF
oXQIuUKSs1qSb2zHJI+5CIKWlbQZQOtdfJRSTCj31gAzz0yUVxCvt+K3YN7pRGlM
CFwKJkncoOlZgCWbFAhbrim9gy99dHOZBV7NUWs/RRaybhIC5wKkZInuyPbx/S8U
I7KmDdOf9O9nma/FWpWu+C56M4Sy3mrM7oiNKJkCcxna90LZvOqGV4ZP/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCNxhQs/ILekZIvAycUU+OSBJbbqMB8GA1UdIwQY
MBaAFN1fLnzCxof1jA0fYTK7Lc/fOMtkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1Y4dWZNTEdoX1dNRFI5aE1yc3R6OTg0eTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iYzBhMjUtOTMzYS00ZjVhLWE1ZjMt
OWRjZmQyZWYzMDIzLzEvSTNHRkN6OGd0NlJraThESnhSVDQ1SUVsdHVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iYzBhMjUtOTMzYS00ZjVhLWE1ZjMtOWRjZmQyZWYzMDIz
LzEvM1Y4dWZNTEdoX1dNRFI5aE1yc3R6OTg0eTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEbUtAAwQC
ucwwMA0GCSqGSIb3DQEBCwUAA4IBAQAMuLZebgA5A3BG7Wk9MjbE0v+w154FZse+
cPNN1uaRVB6uASoKbTyxr8QFD2N/++m4LN/Y5Osl5q5aC3CoRut717D0eqikrCeA
sZGMYwDVy7yUE2fgY+Mfe2iK1uRCvd8NSzkcw8Fe31hGN2BSZGvtbHyh2/zYOidq
mZvs/jzyi/8fnqJNNN+wvFxzr2J47tXt7qKxHPs9rMbg97MaZBbOJ760RkagNz4p
1NpN/eSf6M4Bi3tDzjdcgDMgq6X3dxGTYVgXmk5aEBb704ChmVnVwGI4bOd57P5x
V/wfg4Q1620sznzcPN8lZIjzSDdal0v6IeCTh2aPepVnWTk3i+qT
-----END CERTIFICATE-----
Generated at Thu Apr 17 12:37:14 2025 by rpki-client