Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/8aba71-3ba8-4b8d-8eb6-346a3ec1868c/1/IjluqbVdM5zm7wvPSgQZOmXQjag.roa
File: IjluqbVdM5zm7wvPSgQZOmXQjag.roa (raw, json)
Hash identifier: QKwqMUOeWOJatNvuP/XT/XSpsSd9RiOppxhqX3P9KPo=
Subject key identifier: 22:39:6E:A9:B5:5D:33:9C:E6:EF:0B:CF:4A:04:19:3A:65:D0:8D:A8
Certificate issuer: /CN=27e0f7bbbe4031a24ef1b9db196aab0642e84a06
Certificate serial: 01941FFA578BEB520DCC7E6BD7407A93DFDE
Authority key identifier: 27:E0:F7:BB:BE:40:31:A2:4E:F1:B9:DB:19:6A:AB:06:42:E8:4A:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J-D3u75AMaJO8bnbGWqrBkLoSgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/8aba71-3ba8-4b8d-8eb6-346a3ec1868c/1/IjluqbVdM5zm7wvPSgQZOmXQjag.roa
Signing time: Wed 01 Jan 2025 03:48:07 +0000
ROA not before: Wed 01 Jan 2025 03:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8758
IP address blocks: 31.207.52.0/22 maxlen: 22
31.207.60.0/22 maxlen: 22
83.98.204.0/22 maxlen: 22
94.46.188.0/22 maxlen: 22
146.185.64.0/19 maxlen: 24
185.63.64.0/22 maxlen: 24
185.104.84.0/22 maxlen: 24
2a04:f340::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/8aba71-3ba8-4b8d-8eb6-346a3ec1868c/1/J-D3u75AMaJO8bnbGWqrBkLoSgY.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/8aba71-3ba8-4b8d-8eb6-346a3ec1868c/1/J-D3u75AMaJO8bnbGWqrBkLoSgY.mft
rsync://rpki.ripe.net/repository/DEFAULT/J-D3u75AMaJO8bnbGWqrBkLoSgY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 06:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:57:8b:eb:52:0d:cc:7e:6b:d7:40:7a:93:df:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27e0f7bbbe4031a24ef1b9db196aab0642e84a06
Validity
Not Before: Jan 1 03:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22396ea9b55d339ce6ef0bcf4a04193a65d08da8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b6:31:d0:4d:e9:f9:45:a0:5c:30:26:74:76:
fc:a3:71:11:0e:6d:08:86:17:2b:14:f5:17:31:d0:
89:45:67:ef:c7:59:50:3e:f2:2a:b4:03:59:cb:f0:
af:11:81:9e:7e:46:c7:d1:57:f3:46:92:20:d0:7c:
02:9d:c4:0c:bc:d7:0d:5a:9f:5f:c7:84:fd:32:e9:
98:13:a1:b4:68:23:f3:d7:1b:9d:d2:eb:31:bf:f9:
1c:9e:ff:71:7a:e3:d1:76:c4:7c:20:ff:07:24:fb:
1a:8b:24:ef:1b:87:c9:8c:c1:3c:a5:53:ab:d4:66:
43:dc:cf:a8:15:ff:9a:c8:fb:65:52:07:76:2f:a6:
bc:50:bf:07:af:a8:e2:9d:76:0f:63:fd:f0:de:58:
4c:a6:8b:53:e8:6c:38:a4:b5:94:00:06:85:96:fa:
a9:30:6c:fb:6a:c3:2f:57:21:87:c2:0e:16:62:28:
6a:3b:d5:97:e6:35:61:d2:85:2a:47:eb:bc:70:01:
01:73:d4:08:06:6d:f9:a2:d8:14:61:45:6a:67:0e:
6c:38:f3:16:8d:72:21:d5:e7:b0:92:07:94:ad:f7:
aa:15:86:22:53:ab:47:03:88:10:11:2c:c3:95:15:
18:3e:f8:c9:c7:9a:e3:76:c5:b8:f9:7b:4f:52:f2:
fc:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:39:6E:A9:B5:5D:33:9C:E6:EF:0B:CF:4A:04:19:3A:65:D0:8D:A8
X509v3 Authority Key Identifier:
keyid:27:E0:F7:BB:BE:40:31:A2:4E:F1:B9:DB:19:6A:AB:06:42:E8:4A:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J-D3u75AMaJO8bnbGWqrBkLoSgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8aba71-3ba8-4b8d-8eb6-346a3ec1868c/1/IjluqbVdM5zm7wvPSgQZOmXQjag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8aba71-3ba8-4b8d-8eb6-346a3ec1868c/1/J-D3u75AMaJO8bnbGWqrBkLoSgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.207.52.0/22
31.207.60.0/22
83.98.204.0/22
94.46.188.0/22
146.185.64.0/19
185.63.64.0/22
185.104.84.0/22
IPv6:
2a04:f340::/29
Signature Algorithm: sha256WithRSAEncryption
9f:2f:53:55:31:0b:87:6e:57:27:9f:ef:70:7f:0a:10:f5:50:
40:7f:55:a2:0b:a4:43:04:67:34:db:5c:30:bc:a5:ea:9f:3c:
fe:b4:1d:09:16:26:d2:fc:07:63:ef:90:69:99:d3:bf:4a:3e:
aa:35:f7:de:71:48:b4:24:f0:97:67:52:06:f6:3a:35:37:49:
e5:94:2e:1b:61:1d:6e:9c:d1:36:64:5e:32:c8:65:3b:fd:ca:
32:bb:74:e6:1a:64:35:6d:36:1e:e6:24:46:13:be:9f:60:42:
3c:b7:37:03:c9:90:23:80:e9:e1:9e:f3:26:43:af:ab:f4:d2:
aa:18:e6:29:d8:7f:da:31:5d:58:8a:5b:f6:f4:56:58:2b:19:
ed:06:20:39:e2:14:a2:e9:d5:6f:ed:b2:83:0e:34:7b:ef:2c:
c4:1a:e7:84:9b:96:1a:2d:1c:30:f2:12:0e:ab:6d:39:99:cc:
af:a3:98:cb:b4:2d:1b:ba:7a:27:40:4a:77:53:49:82:ff:c7:
0f:3f:4a:8a:f6:27:12:5c:08:4c:5e:a3:23:08:72:d3:44:bd:
d7:96:bb:f0:ee:8c:4b:b4:47:af:9b:f9:c4:c9:88:8f:d8:f0:
b5:73:d1:1d:4b:98:2f:6d:6f:ce:5c:b8:3c:5c:ea:33:44:50:
99:43:6f:ae
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQf+leL61INzH5r10B6k9/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZTBmN2JiYmU0MDMxYTI0ZWYxYjlkYjE5NmFhYjA2NDJl
ODRhMDYwHhcNMjUwMTAxMDM0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjM5NmVhOWI1NWQzMzljZTZlZjBiY2Y0YTA0MTkzYTY1ZDA4ZGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37Yx0E3p+UWgXDAmdHb8o3ERDm0I
hhcrFPUXMdCJRWfvx1lQPvIqtANZy/CvEYGefkbH0VfzRpIg0HwCncQMvNcNWp9f
x4T9MumYE6G0aCPz1xud0usxv/kcnv9xeuPRdsR8IP8HJPsaiyTvG4fJjME8pVOr
1GZD3M+oFf+ayPtlUgd2L6a8UL8Hr6jinXYPY/3w3lhMpotT6Gw4pLWUAAaFlvqp
MGz7asMvVyGHwg4WYihqO9WX5jVh0oUqR+u8cAEBc9QIBm35otgUYUVqZw5sOPMW
jXIh1eewkgeUrfeqFYYiU6tHA4gQESzDlRUYPvjJx5rjdsW4+XtPUvL8fwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFCI5bqm1XTOc5u8Lz0oEGTpl0I2oMB8GA1UdIwQY
MBaAFCfg97u+QDGiTvG52xlqqwZC6EoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSi1EM3U3NUFNYUpPOGJuYkdXcXJCa0xvU2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84YWJhNzEtM2JhOC00YjhkLThlYjYt
MzQ2YTNlYzE4NjhjLzEvSWpsdXFiVmRNNXptN3d2UFNnUVpPbVhRamFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84YWJhNzEtM2JhOC00YjhkLThlYjYtMzQ2YTNlYzE4Njhj
LzEvSi1EM3U3NUFNYUpPOGJuYkdXcXJCa0xvU2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCH880AwQC
H888AwQCU2LMAwQCXi68AwQFkrlAAwQCuT9AAwQCuWhUMA0EAgACMAcDBQMqBPNA
MA0GCSqGSIb3DQEBCwUAA4IBAQCfL1NVMQuHblcnn+9wfwoQ9VBAf1WiC6RDBGc0
21wwvKXqnzz+tB0JFibS/Adj75BpmdO/Sj6qNffecUi0JPCXZ1IG9jo1N0nllC4b
YR1unNE2ZF4yyGU7/coyu3TmGmQ1bTYe5iRGE76fYEI8tzcDyZAjgOnhnvMmQ6+r
9NKqGOYp2H/aMV1Yilv29FZYKxntBiA54hSi6dVv7bKDDjR77yzEGueEm5YaLRww
8hIOq205mcyvo5jLtC0bunonQEp3U0mC/8cPP0qK9icSXAhMXqMjCHLTRL3Xlrvw
7oxLtEevm/nEyYiP2PC1c9EdS5gvbW/OXLg8XOozRFCZQ2+u
-----END CERTIFICATE-----
Generated at Thu Apr 17 12:36:42 2025 by rpki-client