Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1tf4gDn3E8oQJBa1P8YsiAEqDhM.roa
File: 1tf4gDn3E8oQJBa1P8YsiAEqDhM.roa (raw, json)
Hash identifier: 79Cfn4DIphA5rCTAyXxPmRPIy+pQ3OnQkEroI7+/vWI=
Subject key identifier: D6:D7:F8:80:39:F7:13:CA:10:24:16:B5:3F:C6:2C:88:01:2A:0E:13
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01973F374C58FD601CA25FD6572146DA801D
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1tf4gDn3E8oQJBa1P8YsiAEqDhM.roa
Signing time: Thu 05 Jun 2025 08:31:18 +0000
ROA not before: Thu 05 Jun 2025 08:31:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50835
IP address blocks: 37.97.120.0/24 maxlen: 24
37.97.121.0/24 maxlen: 24
46.173.248.0/22 maxlen: 24
46.173.254.0/23 maxlen: 23
77.36.58.0/24 maxlen: 24
77.36.66.0/23 maxlen: 23
81.161.8.0/22 maxlen: 22
81.161.48.0/22 maxlen: 22
91.193.30.0/23 maxlen: 23
91.233.200.0/24 maxlen: 24
91.236.76.0/24 maxlen: 24
91.239.226.0/24 maxlen: 24
91.246.192.0/22 maxlen: 24
91.246.203.0/24 maxlen: 24
93.120.34.0/23 maxlen: 23
93.120.40.0/23 maxlen: 23
109.207.128.0/24 maxlen: 24
109.207.130.0/24 maxlen: 24
109.207.132.0/24 maxlen: 24
176.96.94.0/24 maxlen: 24
176.113.180.0/22 maxlen: 22
176.115.236.0/22 maxlen: 24
176.116.236.0/24 maxlen: 24
176.121.108.0/23 maxlen: 24
194.33.66.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:37:4c:58:fd:60:1c:a2:5f:d6:57:21:46:da:80:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jun 5 08:31:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6d7f88039f713ca102416b53fc62c88012a0e13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e7:7a:38:cf:1d:33:9d:3c:5e:78:71:87:06:
be:10:2c:af:ce:8a:e6:9c:47:d3:ed:80:95:81:81:
9f:00:7a:b2:db:b7:34:50:a7:f8:00:af:00:de:96:
ae:d8:30:0d:94:32:b2:63:6f:12:e9:96:16:6d:1e:
fc:82:f2:f7:a3:f2:a5:ae:15:85:74:3d:86:1b:e4:
86:34:b0:db:65:86:76:4c:6f:dc:c7:70:0b:3b:27:
43:ed:b0:ee:cb:37:2f:9f:ed:16:f6:c7:e9:fb:12:
8b:bc:8f:b3:e6:9b:95:59:20:e4:3e:9e:89:0f:7b:
19:1b:8f:37:74:04:ca:be:11:d3:24:a8:0b:90:ec:
99:5c:50:f2:20:a9:85:fc:22:78:20:b0:c8:c2:ac:
d9:a3:21:ab:84:73:3e:c2:d5:64:6e:d8:b5:93:95:
ec:fc:68:fd:91:db:de:97:58:5b:a3:1f:5f:af:26:
d3:40:9e:b3:24:17:b1:8e:21:7e:82:ad:9c:0b:4c:
8e:d2:c0:bc:f0:0e:d9:af:33:96:19:e2:95:6b:65:
cd:bf:0c:2b:6e:61:a1:2e:7f:40:2d:18:e4:6c:ea:
41:67:53:46:6a:1b:7e:25:b3:12:03:43:9f:4b:d3:
9f:df:5e:cc:36:de:9c:c1:5a:3c:a8:43:0f:11:36:
e9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D7:F8:80:39:F7:13:CA:10:24:16:B5:3F:C6:2C:88:01:2A:0E:13
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1tf4gDn3E8oQJBa1P8YsiAEqDhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.120.0/23
46.173.248.0/22
46.173.254.0/23
77.36.58.0/24
77.36.66.0/23
81.161.8.0/22
81.161.48.0/22
91.193.30.0/23
91.233.200.0/24
91.236.76.0/24
91.239.226.0/24
91.246.192.0/22
91.246.203.0/24
93.120.34.0/23
93.120.40.0/23
109.207.128.0/24
109.207.130.0/24
109.207.132.0/24
176.96.94.0/24
176.113.180.0/22
176.115.236.0/22
176.116.236.0/24
176.121.108.0/23
194.33.66.0/23
Signature Algorithm: sha256WithRSAEncryption
50:18:69:97:a0:36:a2:73:a3:09:6d:35:c1:d4:a3:b4:1c:70:
4a:ba:55:d4:5f:c1:52:85:60:2e:bb:ae:53:66:b5:34:0a:dd:
e3:fc:e6:df:bd:ec:f0:25:d1:f5:10:7c:ac:cb:11:61:39:4d:
ad:bc:9c:bd:53:52:88:3b:8f:0e:70:ad:66:69:9c:34:e2:df:
21:df:cb:c8:c3:c1:e9:ff:98:2a:df:e2:0b:12:b7:17:c4:63:
42:46:61:39:65:ce:6f:8b:98:69:00:70:8c:9c:5c:e3:54:13:
65:e7:97:02:e1:70:53:01:73:7e:5b:d6:8a:0a:08:d9:42:d9:
04:9e:90:96:35:8c:6f:c2:9e:25:14:8f:d6:c0:a5:97:df:30:
11:98:06:78:94:1b:73:e1:8c:a6:97:d0:8b:17:a6:3f:e5:61:
16:cc:4f:43:b8:3a:9f:2c:03:57:0f:c5:ab:d0:90:92:2f:be:
b0:3b:4d:20:9c:0f:3d:66:f9:cd:39:fd:9c:7a:53:8a:d7:78:
23:1f:64:36:69:87:24:63:a7:bd:37:98:fc:1a:f2:4f:05:9d:
6e:85:74:fb:52:52:98:69:57:07:1c:74:69:d9:f9:da:c1:41:
40:d3:f4:ef:ea:70:14:5c:8e:cd:8a:de:3b:48:17:e8:cb:e2:
ef:9f:99:89
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZc/N0xY/WAcol/WVyFG2oAdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwNjA1MDgzMTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQ3Zjg4MDM5ZjcxM2NhMTAyNDE2YjUzZmM2MmM4ODAxMmEwZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+d6OM8dM508Xnhxhwa+ECyvzorm
nEfT7YCVgYGfAHqy27c0UKf4AK8A3pau2DANlDKyY28S6ZYWbR78gvL3o/KlrhWF
dD2GG+SGNLDbZYZ2TG/cx3ALOydD7bDuyzcvn+0W9sfp+xKLvI+z5puVWSDkPp6J
D3sZG483dATKvhHTJKgLkOyZXFDyIKmF/CJ4ILDIwqzZoyGrhHM+wtVkbti1k5Xs
/Gj9kdvel1hbox9frybTQJ6zJBexjiF+gq2cC0yO0sC88A7ZrzOWGeKVa2XNvwwr
bmGhLn9ALRjkbOpBZ1NGaht+JbMSA0OfS9Of317MNt6cwVo8qEMPETbpBQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFNbX+IA59xPKECQWtT/GLIgBKg4TMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvMXRmNGdEbjNFOG9RSkJhMVA4WXNpQUVxRGhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAEl
YXgDBAIurfgDBAEurf4DBABNJDoDBAFNJEIDBAJRoQgDBAJRoTADBAFbwR4DBABb
6cgDBABb7EwDBABb7+IDBAJb9sADBABb9ssDBAFdeCIDBAFdeCgDBABtz4ADBABt
z4IDBABtz4QDBACwYF4DBAKwcbQDBAKwc+wDBACwdOwDBAGweWwDBAHCIUIwDQYJ
KoZIhvcNAQELBQADggEBAFAYaZegNqJzowltNcHUo7QccEq6VdRfwVKFYC67rlNm
tTQK3eP85t+97PAl0fUQfKzLEWE5Ta28nL1TUog7jw5wrWZpnDTi3yHfy8jDwen/
mCrf4gsStxfEY0JGYTllzm+LmGkAcIycXONUE2XnlwLhcFMBc35b1ooKCNlC2QSe
kJY1jG/CniUUj9bApZffMBGYBniUG3PhjKaX0IsXpj/lYRbMT0O4Op8sA1cPxavQ
kJIvvrA7TSCcDz1m+c05/Zx6U4rXeCMfZDZphyRjp703mPwa8k8FnW6FdPtSUphp
VwccdGnZ+drBQUDT9O/qcBRcjs2K3jtIF+jL4u+fmYk=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:36:35 2025 by rpki-client