Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/0v7Hbx6uvAjTzMR1ae0wtzCXqPs.roa
File: 0v7Hbx6uvAjTzMR1ae0wtzCXqPs.roa (raw, json)
Hash identifier: X/0g7PrCl2CLKg5GGuiZl8qcF+NtmVWffZy1vRePW8E=
Subject key identifier: D2:FE:C7:6F:1E:AE:BC:08:D3:CC:C4:75:69:ED:30:B7:30:97:A8:FB
Certificate issuer: /CN=5af4de6e73c8e053cb640b74d2b912abd90b0580
Certificate serial: 0194228E19F287ABC9F6E80B2817959586C7
Authority key identifier: 5A:F4:DE:6E:73:C8:E0:53:CB:64:0B:74:D2:B9:12:AB:D9:0B:05:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WvTebnPI4FPLZAt00rkSq9kLBYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/0v7Hbx6uvAjTzMR1ae0wtzCXqPs.roa
Signing time: Wed 01 Jan 2025 15:48:45 +0000
ROA not before: Wed 01 Jan 2025 15:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12440
IP address blocks: 62.128.160.0/19 maxlen: 24
62.128.168.0/21 maxlen: 24
62.128.186.0/24 maxlen: 24
62.128.188.0/24 maxlen: 24
62.128.191.0/24 maxlen: 24
82.214.192.0/18 maxlen: 24
82.214.210.0/24 maxlen: 24
82.214.220.0/24 maxlen: 24
82.214.223.0/24 maxlen: 24
82.214.232.0/24 maxlen: 24
82.214.234.0/24 maxlen: 24
82.214.239.0/24 maxlen: 24
82.214.240.0/21 maxlen: 24
128.65.64.0/19 maxlen: 24
185.117.52.0/22 maxlen: 24
195.238.32.0/19 maxlen: 24
195.238.44.0/24 maxlen: 24
195.238.45.0/24 maxlen: 24
2a0a:1240::/32 maxlen: 40
2a0a:1241::/32 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/WvTebnPI4FPLZAt00rkSq9kLBYA.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/WvTebnPI4FPLZAt00rkSq9kLBYA.mft
rsync://rpki.ripe.net/repository/DEFAULT/WvTebnPI4FPLZAt00rkSq9kLBYA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:19:f2:87:ab:c9:f6:e8:0b:28:17:95:95:86:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5af4de6e73c8e053cb640b74d2b912abd90b0580
Validity
Not Before: Jan 1 15:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2fec76f1eaebc08d3ccc47569ed30b73097a8fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e2:90:71:f6:81:61:0e:9f:74:e9:86:62:d4:
5e:5b:20:2f:06:c5:19:21:99:df:83:d7:bd:f5:60:
71:48:8b:72:f2:95:9e:bf:45:aa:ce:f5:18:33:2a:
ef:15:8d:a8:7c:7a:53:f6:85:22:8c:1e:ad:40:d4:
47:b0:f4:b3:a8:57:3d:4c:e8:9a:7c:f1:12:69:f7:
71:ce:96:f7:23:89:11:47:1a:6d:cf:2c:e7:f1:bf:
a3:d5:d2:3d:c9:d9:56:ef:9a:61:82:65:63:c4:42:
80:ce:3f:f2:42:8a:48:2a:af:8b:99:61:78:f8:3b:
0a:0d:34:58:4b:3b:01:78:a2:0c:eb:ad:a8:40:40:
65:6f:46:51:06:ff:19:b1:1f:2b:7a:c3:f1:31:20:
c0:ea:39:81:8f:75:73:1e:00:10:f9:27:c7:63:0d:
e7:0a:d6:b2:ce:77:78:89:ed:6a:e0:13:a0:14:9b:
cf:87:8e:28:d6:93:9c:6b:ff:45:6a:b2:d6:24:4f:
62:f6:c5:a8:d5:4b:eb:de:73:31:63:2e:68:c7:cb:
f4:f3:f9:08:0a:0c:30:fd:1a:53:55:a8:04:e6:09:
28:a9:03:5d:5d:33:d5:d2:b5:ce:ca:88:f3:be:c3:
5c:8a:2f:1e:5d:c0:3f:d3:90:4e:84:35:22:8d:10:
50:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:FE:C7:6F:1E:AE:BC:08:D3:CC:C4:75:69:ED:30:B7:30:97:A8:FB
X509v3 Authority Key Identifier:
keyid:5A:F4:DE:6E:73:C8:E0:53:CB:64:0B:74:D2:B9:12:AB:D9:0B:05:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WvTebnPI4FPLZAt00rkSq9kLBYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/0v7Hbx6uvAjTzMR1ae0wtzCXqPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/WvTebnPI4FPLZAt00rkSq9kLBYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.128.160.0/19
82.214.192.0/18
128.65.64.0/19
185.117.52.0/22
195.238.32.0/19
IPv6:
2a0a:1240::/31
Signature Algorithm: sha256WithRSAEncryption
31:1d:f7:90:3c:8e:7d:fd:81:be:32:47:30:c6:ed:ff:ce:e6:
2e:8b:96:a9:98:fa:59:de:a8:11:37:34:ac:28:9d:0b:2e:48:
c3:9d:1e:95:a7:a5:5b:ba:0b:c5:05:17:31:62:55:1b:96:84:
8a:3d:c8:b7:07:a4:3f:e7:4a:ff:5f:c6:d7:62:27:44:91:1e:
a4:86:92:b3:d8:98:81:6d:83:3b:9f:94:e4:e9:ad:d0:5c:20:
df:2a:06:be:4e:57:e9:fb:63:82:e2:24:02:e1:e8:69:e0:2d:
7d:f9:79:31:2c:22:d0:36:0b:04:f5:9b:d5:ab:95:f3:fe:44:
47:8c:f4:25:fe:72:7f:42:e0:5b:11:b8:15:73:95:f9:80:5a:
93:cd:38:cc:9d:92:ec:4a:b9:ad:fb:1e:24:ad:a6:38:e1:d2:
85:45:f7:96:25:ba:97:ff:f5:fd:e5:6c:6c:ea:18:fa:56:46:
04:4c:85:66:82:bd:97:31:75:8f:16:60:3c:f2:d4:ed:11:13:
b1:89:49:c0:a3:82:9d:6a:30:3b:ec:26:22:12:4c:03:e7:20:
57:f6:48:db:cf:d9:58:33:f1:be:66:8b:be:66:b5:5f:1d:af:
5c:39:d4:b4:e6:e5:d0:62:54:f3:52:af:f8:3d:b6:f5:3e:5c:
63:35:a0:ae
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQijhnyh6vJ9ugLKBeVlYbHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZjRkZTZlNzNjOGUwNTNjYjY0MGI3NGQyYjkxMmFiZDkw
YjA1ODAwHhcNMjUwMTAxMTU0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmZlYzc2ZjFlYWViYzA4ZDNjY2M0NzU2OWVkMzBiNzMwOTdhOGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteKQcfaBYQ6fdOmGYtReWyAvBsUZ
IZnfg9e99WBxSIty8pWev0WqzvUYMyrvFY2ofHpT9oUijB6tQNRHsPSzqFc9TOia
fPESafdxzpb3I4kRRxptzyzn8b+j1dI9ydlW75phgmVjxEKAzj/yQopIKq+LmWF4
+DsKDTRYSzsBeKIM662oQEBlb0ZRBv8ZsR8resPxMSDA6jmBj3VzHgAQ+SfHYw3n
Ctayznd4ie1q4BOgFJvPh44o1pOca/9FarLWJE9i9sWo1Uvr3nMxYy5ox8v08/kI
Cgww/RpTVagE5gkoqQNdXTPV0rXOyojzvsNcii8eXcA/05BOhDUijRBQhwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNL+x28errwI08zEdWntMLcwl6j7MB8GA1UdIwQY
MBaAFFr03m5zyOBTy2QLdNK5EqvZCwWAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3ZUZWJuUEk0RlBMWkF0MDBya1NxOWtMQllBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9hZDM2OTYtZjM2Zi00ZGYwLWIyZGUt
YzFlOTM2MmIxYTUxLzEvMHY3SGJ4NnV2QWpUek1SMWFlMHd0ekNYcVBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9hZDM2OTYtZjM2Zi00ZGYwLWIyZGUtYzFlOTM2MmIxYTUx
LzEvV3ZUZWJuUEk0RlBMWkF0MDBya1NxOWtMQllBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFPoCgAwQG
UtbAAwQFgEFAAwQCuXU0AwQFw+4gMA0EAgACMAcDBQEqChJAMA0GCSqGSIb3DQEB
CwUAA4IBAQAxHfeQPI59/YG+Mkcwxu3/zuYui5apmPpZ3qgRNzSsKJ0LLkjDnR6V
p6VbugvFBRcxYlUbloSKPci3B6Q/50r/X8bXYidEkR6khpKz2JiBbYM7n5Tk6a3Q
XCDfKga+Tlfp+2OC4iQC4ehp4C19+XkxLCLQNgsE9ZvVq5Xz/kRHjPQl/nJ/QuBb
EbgVc5X5gFqTzTjMnZLsSrmt+x4kraY44dKFRfeWJbqX//X95Wxs6hj6VkYETIVm
gr2XMXWPFmA88tTtEROxiUnAo4KdajA77CYiEkwD5yBX9kjbz9lYM/G+Zou+ZrVf
Ha9cOdS05uXQYlTzUq/4Pbb1PlxjNaCu
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:13:20 2025 by rpki-client