Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/cgoioMwhBMFnR_o18uz7lh61zXU.roa
File: cgoioMwhBMFnR_o18uz7lh61zXU.roa (raw, json)
Hash identifier: muq8Pq9FVp8y13ZY1OD1P/qR19HpxP198AkqSx2L6EM=
Subject key identifier: 72:0A:22:A0:CC:21:04:C1:67:47:FA:35:F2:EC:FB:96:1E:B5:CD:75
Certificate issuer: /CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Certificate serial: 0195A4DB998BF92F685F09D1E1806A9546CA
Authority key identifier: AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/cgoioMwhBMFnR_o18uz7lh61zXU.roa
Signing time: Mon 17 Mar 2025 16:06:49 +0000
ROA not before: Mon 17 Mar 2025 16:06:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34587
IP address blocks: 5.226.176.0/21 maxlen: 24
81.94.208.0/20 maxlen: 24
81.94.213.0/24 maxlen: 24
81.94.214.0/24 maxlen: 24
178.237.160.0/23 maxlen: 24
178.237.163.0/24 maxlen: 24
178.237.164.0/24 maxlen: 24
178.237.165.0/24 maxlen: 24
178.237.170.0/24 maxlen: 24
178.237.172.0/24 maxlen: 24
178.237.173.0/24 maxlen: 24
178.237.174.0/24 maxlen: 24
178.237.175.0/24 maxlen: 24
2a03:a860:10::/44 maxlen: 48
2a03:a860:a00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a4:db:99:8b:f9:2f:68:5f:09:d1:e1:80:6a:95:46:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Validity
Not Before: Mar 17 16:06:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=720a22a0cc2104c16747fa35f2ecfb961eb5cd75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ad:c5:dc:d6:68:e1:9f:da:04:20:ad:e2:ea:
0c:24:17:4e:47:6c:45:8d:84:7d:08:db:0c:ad:61:
cc:46:dc:ac:d0:c7:f8:c7:a7:0a:55:ec:28:27:23:
4b:dd:2c:cc:56:3f:c2:c8:9e:81:15:13:3b:c1:3b:
42:a7:06:f5:20:d4:2c:6c:e3:2a:dc:ae:8e:23:2f:
22:9b:92:cd:27:57:fb:b3:62:a9:81:7a:72:f7:08:
19:08:ca:d4:ed:d6:02:77:ec:a6:5b:7f:9c:2b:61:
34:3a:28:92:7a:4d:66:fc:31:1a:11:73:8a:f9:5c:
14:e4:cd:1e:5c:81:4e:97:66:ed:e0:49:69:60:8e:
8d:22:c0:b9:59:b1:70:dd:03:dd:6e:2c:a7:d7:e9:
41:de:76:69:45:be:38:cf:11:3f:30:da:1e:2b:f7:
b3:24:37:2f:49:06:6e:7d:fb:24:59:73:6d:7c:31:
46:af:48:16:5f:58:95:6b:a5:41:80:10:c4:9c:f8:
bd:85:82:3b:ec:f9:2c:e9:f8:67:d3:a2:20:01:b4:
b8:95:e4:5f:fa:ed:48:1b:8f:d6:4e:37:03:61:f0:
c7:dc:95:4d:f6:db:09:74:67:84:60:f5:c2:7d:b8:
16:91:c6:44:2a:e7:16:81:47:d6:85:74:2c:30:0c:
4e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:0A:22:A0:CC:21:04:C1:67:47:FA:35:F2:EC:FB:96:1E:B5:CD:75
X509v3 Authority Key Identifier:
keyid:AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/cgoioMwhBMFnR_o18uz7lh61zXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.176.0/21
81.94.208.0/20
178.237.160.0/23
178.237.163.0-178.237.165.255
178.237.170.0/24
178.237.172.0/22
IPv6:
2a03:a860:10::/44
2a03:a860:a00::/40
Signature Algorithm: sha256WithRSAEncryption
58:7e:fa:f8:64:26:b8:d1:8d:60:40:f0:c5:b1:6f:ca:a9:21:
02:38:f4:0b:16:a5:0e:8a:c0:15:bf:f9:f5:e6:db:1b:e0:ce:
d0:df:67:13:77:74:b0:e7:d0:5e:0a:e3:43:e8:23:7f:ee:01:
93:61:d6:c7:a2:82:6d:cc:38:8d:9a:05:14:d6:70:d0:1c:24:
d6:18:3b:e2:1c:92:34:c8:d6:71:8a:21:a8:ab:10:77:bb:bd:
68:bd:d4:0b:b2:d5:3f:92:a4:e2:85:36:17:29:21:13:87:d7:
b7:84:9f:2c:59:09:9f:70:5e:f5:a8:ce:3e:26:21:4f:5b:e8:
b0:50:29:3b:67:06:df:7b:d7:16:99:81:72:72:e5:d8:c2:ee:
e7:5c:5e:a6:8f:34:d7:41:08:ed:53:2b:99:d4:12:c5:58:f9:
78:e1:11:77:84:3e:65:28:5e:ac:f4:67:ca:c1:c7:ca:df:2b:
a1:6a:c2:a1:c8:d4:40:26:03:bf:b3:ea:48:35:20:7a:1e:84:
17:1a:2d:c4:6f:69:de:93:24:b6:19:52:a9:ec:06:0a:f3:6e:
29:bd:d5:ba:80:d8:25:44:8c:ec:b4:f1:11:95:0c:54:32:ed:
3b:35:c8:a0:99:6d:75:28:74:9c:36:4c:15:f5:4e:bb:a7:92:
5a:fd:2b:10
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZWk25mL+S9oXwnR4YBqlUbKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjY2ZWM1ZThmMjQwNWY2ZjhkNDg2ZTczZmI4MmI4ZGUw
ZGVlMGYwHhcNMjUwMzE3MTYwNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjBhMjJhMGNjMjEwNGMxNjc0N2ZhMzVmMmVjZmI5NjFlYjVjZDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4K3F3NZo4Z/aBCCt4uoMJBdOR2xF
jYR9CNsMrWHMRtys0Mf4x6cKVewoJyNL3SzMVj/CyJ6BFRM7wTtCpwb1INQsbOMq
3K6OIy8im5LNJ1f7s2KpgXpy9wgZCMrU7dYCd+ymW3+cK2E0OiiSek1m/DEaEXOK
+VwU5M0eXIFOl2bt4ElpYI6NIsC5WbFw3QPdbiyn1+lB3nZpRb44zxE/MNoeK/ez
JDcvSQZuffskWXNtfDFGr0gWX1iVa6VBgBDEnPi9hYI77Pks6fhn06IgAbS4leRf
+u1IG4/WTjcDYfDH3JVN9tsJdGeEYPXCfbgWkcZEKucWgUfWhXQsMAxOCwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFHIKIqDMIQTBZ0f6NfLs+5Yetc11MB8GA1UdIwQY
MBaAFK62bsXo8kBfb41IbnP7grjeDe4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUt
NmFlYTkwNTdjODAwLzEvY2dvaW9Nd2hCTUZuUl9vMTh1ejdsaDYxelhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUtNmFlYTkwNTdjODAw
LzEvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAyBAIAATAsAwQDBeKwAwQE
UV7QAwQBsu2gMAwDBACy7aMDBAGy7aQDBACy7aoDBAKy7awwFwQCAAIwEQMHBCoD
qGAAEAMGACoDqGAKMA0GCSqGSIb3DQEBCwUAA4IBAQBYfvr4ZCa40Y1gQPDFsW/K
qSECOPQLFqUOisAVv/n15tsb4M7Q32cTd3Sw59BeCuND6CN/7gGTYdbHooJtzDiN
mgUU1nDQHCTWGDviHJI0yNZxiiGoqxB3u71ovdQLstU/kqTihTYXKSETh9e3hJ8s
WQmfcF71qM4+JiFPW+iwUCk7Zwbfe9cWmYFycuXYwu7nXF6mjzTXQQjtUyuZ1BLF
WPl44RF3hD5lKF6s9GfKwcfK3yuhasKhyNRAJgO/s+pINSB6HoQXGi3Eb2nekyS2
GVKp7AYK824pvdW6gNglRIzstPERlQxUMu07NcigmW11KHScNkwV9U67p5Ja/SsQ
-----END CERTIFICATE-----
Generated at Wed Apr 23 07:26:43 2025 by rpki-client