Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/fubcea_39IkkaWowT_0PbtN75oM.roa
File: fubcea_39IkkaWowT_0PbtN75oM.roa (raw, json)
Hash identifier: b26RPXGBBJCeMiSKu69amdDTbZc6gUFdxgY2Yx3wVnw=
Subject key identifier: 7E:E6:DC:79:AF:F7:F4:89:24:69:6A:30:4F:FD:0F:6E:D3:7B:E6:83
Certificate issuer: /CN=353e3f28e647e92ac8a710c305c2e21b623edc1c
Certificate serial: 0194236A0BA8435C82BEE5BD6E5F4ACB1A22
Authority key identifier: 35:3E:3F:28:E6:47:E9:2A:C8:A7:10:C3:05:C2:E2:1B:62:3E:DC:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/fubcea_39IkkaWowT_0PbtN75oM.roa
Signing time: Wed 01 Jan 2025 19:48:59 +0000
ROA not before: Wed 01 Jan 2025 19:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57970
IP address blocks: 37.152.128.0/19 maxlen: 24
37.152.128.0/24 maxlen: 24
37.152.129.0/24 maxlen: 24
37.152.130.0/24 maxlen: 24
37.152.131.0/24 maxlen: 24
37.152.132.0/24 maxlen: 24
37.152.133.0/24 maxlen: 24
37.152.134.0/24 maxlen: 24
37.152.135.0/24 maxlen: 24
37.152.136.0/23 maxlen: 23
37.152.138.0/24 maxlen: 24
37.152.139.0/24 maxlen: 24
37.152.140.0/24 maxlen: 24
37.152.141.0/24 maxlen: 24
37.152.142.0/24 maxlen: 24
37.152.143.0/24 maxlen: 24
37.152.144.0/21 maxlen: 21
37.152.152.0/22 maxlen: 22
37.152.156.0/24 maxlen: 24
37.152.157.0/24 maxlen: 24
37.152.158.0/24 maxlen: 24
37.152.159.0/24 maxlen: 24
185.20.192.0/22 maxlen: 22
185.20.192.0/24 maxlen: 24
185.20.193.0/24 maxlen: 24
185.20.194.0/24 maxlen: 24
185.20.195.0/24 maxlen: 24
185.86.72.0/22 maxlen: 22
185.86.72.0/24 maxlen: 24
185.86.73.0/24 maxlen: 24
185.86.74.0/24 maxlen: 24
185.86.75.0/24 maxlen: 24
185.88.0.0/22 maxlen: 22
185.88.0.0/24 maxlen: 24
185.88.1.0/24 maxlen: 24
185.88.2.0/24 maxlen: 24
185.88.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.mft
rsync://rpki.ripe.net/repository/DEFAULT/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 10:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:0b:a8:43:5c:82:be:e5:bd:6e:5f:4a:cb:1a:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=353e3f28e647e92ac8a710c305c2e21b623edc1c
Validity
Not Before: Jan 1 19:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ee6dc79aff7f48924696a304ffd0f6ed37be683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:69:46:80:5b:77:63:60:0b:0e:bc:1a:09:1d:
24:35:47:e5:ec:4e:f3:ae:77:05:ca:49:f0:a4:d4:
1c:3a:5e:8a:0d:06:03:4f:da:d6:9f:f1:fa:06:7e:
2d:b6:b8:9f:d3:ce:29:32:e9:ff:92:de:9a:06:a4:
86:c0:6f:6f:39:2e:0c:fc:01:3d:7e:41:56:0c:c5:
49:39:14:a9:bd:a5:31:34:26:51:ea:e4:4e:08:74:
ae:91:84:20:20:1e:d3:54:a7:57:15:b8:6d:5b:5a:
01:ec:a3:10:46:13:19:bd:8a:22:3f:af:5c:2a:27:
30:e4:57:d9:cc:81:49:5f:af:c5:07:93:62:25:42:
dd:6a:03:5b:29:be:a0:5b:90:ee:62:28:ff:59:b6:
33:87:26:10:9d:6e:49:a6:c6:d5:4f:49:3d:95:9d:
c5:2f:fd:06:40:f4:b8:b9:4a:ba:bc:39:f8:43:3c:
6d:0a:51:05:67:54:46:23:cf:90:84:0d:0d:71:c9:
63:45:89:3e:f7:8f:23:91:ca:33:34:80:84:34:ff:
81:cf:cd:66:b3:bc:9e:6e:6f:74:29:7b:cc:0c:35:
dd:e6:92:cd:fc:00:48:9b:b5:d4:c5:87:af:da:d2:
f7:cb:e5:59:1a:84:a8:05:23:ad:d2:a4:23:61:28:
01:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:E6:DC:79:AF:F7:F4:89:24:69:6A:30:4F:FD:0F:6E:D3:7B:E6:83
X509v3 Authority Key Identifier:
keyid:35:3E:3F:28:E6:47:E9:2A:C8:A7:10:C3:05:C2:E2:1B:62:3E:DC:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/fubcea_39IkkaWowT_0PbtN75oM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.152.128.0/19
185.20.192.0/22
185.86.72.0/22
185.88.0.0/22
Signature Algorithm: sha256WithRSAEncryption
51:23:e0:a5:12:da:8e:4a:7b:ec:e4:98:87:33:67:74:e0:a7:
84:15:d8:ef:ee:b7:86:52:0a:51:b0:04:c0:6d:d0:8a:36:10:
9c:ae:9a:ee:1e:72:14:b1:32:d4:77:76:52:56:79:f4:d7:10:
4a:93:89:f5:39:0a:14:22:b9:96:eb:07:05:d6:59:b9:63:a1:
6a:b1:7f:58:56:66:bc:79:b6:11:d4:0c:26:f4:4b:12:25:d3:
17:b6:2f:33:c9:14:28:5f:34:a3:09:a2:1c:26:55:16:77:68:
75:56:af:c2:40:37:7e:0f:4e:d0:75:c6:ea:66:46:6d:93:26:
bd:55:1e:47:ba:cf:62:eb:28:f0:f8:2f:63:10:28:84:11:33:
40:66:f7:72:79:b5:61:c2:de:9f:48:69:6e:9e:00:47:98:62:
da:77:9a:77:aa:db:c3:64:4d:fa:b9:b3:1a:e8:67:a3:6d:01:
05:42:e2:56:0c:3f:f0:89:81:31:99:a3:1a:95:b3:b9:53:1a:
a9:40:dc:ff:df:fc:65:3f:b2:57:7c:44:4c:31:ca:ac:e2:5c:
16:6e:f7:04:bf:6c:ba:03:24:fc:44:34:50:d1:30:e7:93:15:
f1:60:75:95:c0:5c:da:20:77:59:ca:82:9c:2f:5b:a2:97:3b:
23:fa:54:24
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQjaguoQ1yCvuW9bl9KyxoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1M2UzZjI4ZTY0N2U5MmFjOGE3MTBjMzA1YzJlMjFiNjIz
ZWRjMWMwHhcNMjUwMTAxMTk0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWU2ZGM3OWFmZjdmNDg5MjQ2OTZhMzA0ZmZkMGY2ZWQzN2JlNjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWlGgFt3Y2ALDrwaCR0kNUfl7E7z
rncFyknwpNQcOl6KDQYDT9rWn/H6Bn4ttrif084pMun/kt6aBqSGwG9vOS4M/AE9
fkFWDMVJORSpvaUxNCZR6uROCHSukYQgIB7TVKdXFbhtW1oB7KMQRhMZvYoiP69c
Kicw5FfZzIFJX6/FB5NiJULdagNbKb6gW5DuYij/WbYzhyYQnW5JpsbVT0k9lZ3F
L/0GQPS4uUq6vDn4QzxtClEFZ1RGI8+QhA0NccljRYk+948jkcozNICENP+Bz81m
s7yebm90KXvMDDXd5pLN/ABIm7XUxYev2tL3y+VZGoSoBSOt0qQjYSgBcQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH7m3Hmv9/SJJGlqME/9D27Te+aDMB8GA1UdIwQY
MBaAFDU+PyjmR+kqyKcQwwXC4htiPtwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlQ0X0tPWkg2U3JJcHhEREJjTGlHMkktM0J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83Njc5MzMtNGE3My00YjJmLWFjODQt
ZGFjYTI2ZGU2ZjdiLzEvZnViY2VhXzM5SWtrYVdvd1RfMFBidE43NW9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83Njc5MzMtNGE3My00YjJmLWFjODQtZGFjYTI2ZGU2Zjdi
LzEvTlQ0X0tPWkg2U3JJcHhEREJjTGlHMkktM0J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFJZiAAwQC
uRTAAwQCuVZIAwQCuVgAMA0GCSqGSIb3DQEBCwUAA4IBAQBRI+ClEtqOSnvs5JiH
M2d04KeEFdjv7reGUgpRsATAbdCKNhCcrpruHnIUsTLUd3ZSVnn01xBKk4n1OQoU
IrmW6wcF1lm5Y6FqsX9YVma8ebYR1Awm9EsSJdMXti8zyRQoXzSjCaIcJlUWd2h1
Vq/CQDd+D07QdcbqZkZtkya9VR5Hus9i6yjw+C9jECiEETNAZvdyebVhwt6fSGlu
ngBHmGLad5p3qtvDZE36ubMa6GejbQEFQuJWDD/wiYExmaMalbO5UxqpQNz/3/xl
P7JXfERMMcqs4lwWbvcEv2y6AyT8RDRQ0TDnkxXxYHWVwFzaIHdZyoKcL1uilzsj
+lQk
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:46:21 2025 by rpki-client