Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/Db2mHELjbKafmmak8MMgrVJ9q6s.roa
File: Db2mHELjbKafmmak8MMgrVJ9q6s.roa (raw, json)
Hash identifier: 0wtkW6LztiP4K0i9kH54ddtGh234DUMSdImFiKp9l5M=
Subject key identifier: 0D:BD:A6:1C:42:E3:6C:A6:9F:9A:66:A4:F0:C3:20:AD:52:7D:AB:AB
Certificate issuer: /CN=83bf36eb18ef9a57c5fb603ada400fe6b6688e6e
Certificate serial: 019427B5E6B05B66E623008395017687949E
Authority key identifier: 83:BF:36:EB:18:EF:9A:57:C5:FB:60:3A:DA:40:0F:E6:B6:68:8E:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g7826xjvmlfF-2A62kAP5rZojm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/Db2mHELjbKafmmak8MMgrVJ9q6s.roa
Signing time: Thu 02 Jan 2025 15:50:20 +0000
ROA not before: Thu 02 Jan 2025 15:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25591
IP address blocks: 31.3.24.0/22 maxlen: 22
31.3.28.0/22 maxlen: 22
37.75.216.0/22 maxlen: 22
37.75.220.0/22 maxlen: 22
80.242.96.0/20 maxlen: 20
80.242.96.0/22 maxlen: 22
80.242.100.0/22 maxlen: 22
80.242.104.0/22 maxlen: 22
80.242.108.0/22 maxlen: 22
93.190.176.0/22 maxlen: 22
93.190.180.0/22 maxlen: 22
185.14.16.0/22 maxlen: 22
217.175.0.0/22 maxlen: 22
217.175.4.0/22 maxlen: 22
217.175.8.0/22 maxlen: 22
217.175.12.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/g7826xjvmlfF-2A62kAP5rZojm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/g7826xjvmlfF-2A62kAP5rZojm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/g7826xjvmlfF-2A62kAP5rZojm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 03:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:e6:b0:5b:66:e6:23:00:83:95:01:76:87:94:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83bf36eb18ef9a57c5fb603ada400fe6b6688e6e
Validity
Not Before: Jan 2 15:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0dbda61c42e36ca69f9a66a4f0c320ad527dabab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4d:58:2f:fa:bf:1d:be:d7:59:9e:cb:28:23:
74:9a:38:da:02:ee:b6:da:58:59:be:78:c4:6a:97:
b5:6c:cf:ed:2d:f4:f3:6c:50:3b:5f:80:e4:2b:a7:
b3:55:1e:8e:d7:82:74:a0:d7:08:c1:c1:10:98:61:
71:cf:5a:83:cb:3e:5b:3f:e9:2b:50:61:d7:b2:70:
50:72:f9:6e:39:9e:22:72:32:c7:92:5f:a3:73:ef:
84:50:c8:ce:28:37:c7:79:aa:8f:de:89:50:3d:eb:
6e:25:df:ab:21:3f:5b:93:db:a4:6d:76:00:25:a5:
2e:a5:03:97:f5:86:f1:f3:0c:b7:7d:5e:9e:bb:f2:
70:4c:27:cd:02:1d:26:72:09:e6:d9:a8:90:6b:aa:
07:a2:fa:b5:ef:f7:a5:c7:6f:d8:b1:be:3d:d8:4e:
77:2e:32:35:30:61:22:02:8a:15:66:ab:46:0a:f1:
c8:c7:39:bd:90:85:69:75:5d:25:0d:e7:fd:11:7a:
ea:a4:92:66:fa:68:a7:8c:ad:a0:5d:73:cf:2b:67:
30:02:04:a5:ad:19:e0:a3:5d:6f:cd:1c:29:37:15:
e6:98:7b:4a:1d:b9:e2:10:6e:84:ab:23:58:57:b9:
c4:2e:42:fd:91:5e:86:42:ab:94:7f:be:d3:55:1c:
a2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:BD:A6:1C:42:E3:6C:A6:9F:9A:66:A4:F0:C3:20:AD:52:7D:AB:AB
X509v3 Authority Key Identifier:
keyid:83:BF:36:EB:18:EF:9A:57:C5:FB:60:3A:DA:40:0F:E6:B6:68:8E:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g7826xjvmlfF-2A62kAP5rZojm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/Db2mHELjbKafmmak8MMgrVJ9q6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/g7826xjvmlfF-2A62kAP5rZojm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.24.0/21
37.75.216.0/21
80.242.96.0/20
93.190.176.0/21
185.14.16.0/22
217.175.0.0/20
Signature Algorithm: sha256WithRSAEncryption
8c:8a:55:34:b9:c8:0e:8a:86:24:95:41:29:a1:ba:3e:7e:51:
ce:25:e5:ea:f9:23:5a:82:bb:33:84:da:e8:67:ad:66:4a:d0:
b1:55:80:09:4e:a6:dd:d6:28:cd:c4:e7:0a:5d:5f:68:46:95:
17:56:cd:98:21:80:2a:79:4c:07:07:67:5b:26:07:71:17:4e:
f6:80:cb:30:6d:35:03:67:e8:72:b3:03:92:7e:b7:cb:8d:d9:
71:c3:46:96:e5:83:e1:66:bb:cb:59:2a:8e:0a:8a:36:1e:17:
75:ee:d1:72:6b:c6:ec:7f:b1:e5:f1:9b:47:04:c0:58:dc:24:
05:70:37:d8:0b:c7:b6:55:85:4f:48:12:d5:54:f6:e3:76:46:
5b:62:13:5c:76:a3:48:de:f0:e0:45:53:0c:b4:28:5d:17:ec:
5b:30:d3:81:47:d7:9c:49:d2:22:52:c1:40:c5:08:63:c9:d4:
6d:1b:b1:54:50:24:96:52:c8:82:67:66:7d:e9:0e:4d:fe:ca:
a5:a8:0a:50:c9:09:cf:45:2a:9e:fd:c4:74:23:cb:27:df:ed:
13:9e:ae:68:c7:0c:e6:35:12:c7:a1:40:f1:ba:75:88:29:df:
c2:55:3e:84:d7:be:f5:5b:b5:25:56:f9:38:fc:88:7d:34:44:
ce:bb:9d:16
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQnteawW2bmIwCDlQF2h5SeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYmYzNmViMThlZjlhNTdjNWZiNjAzYWRhNDAwZmU2YjY2
ODhlNmUwHhcNMjUwMTAyMTU1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGJkYTYxYzQyZTM2Y2E2OWY5YTY2YTRmMGMzMjBhZDUyN2RhYmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx01YL/q/Hb7XWZ7LKCN0mjjaAu62
2lhZvnjEape1bM/tLfTzbFA7X4DkK6ezVR6O14J0oNcIwcEQmGFxz1qDyz5bP+kr
UGHXsnBQcvluOZ4icjLHkl+jc++EUMjOKDfHeaqP3olQPetuJd+rIT9bk9ukbXYA
JaUupQOX9Ybx8wy3fV6eu/JwTCfNAh0mcgnm2aiQa6oHovq17/elx2/Ysb492E53
LjI1MGEiAooVZqtGCvHIxzm9kIVpdV0lDef9EXrqpJJm+minjK2gXXPPK2cwAgSl
rRngo11vzRwpNxXmmHtKHbniEG6EqyNYV7nELkL9kV6GQquUf77TVRyizwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFA29phxC42ymn5pmpPDDIK1SfaurMB8GA1UdIwQY
MBaAFIO/NusY75pXxftgOtpAD+a2aI5uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzc4MjZ4anZtbGZGLTJBNjJrQVA1clpvam00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9mNzdkNTEtZWUxYy00N2E5LTkwYmMt
ZTBkMmExYjZlOGFjLzEvRGIybUhFTGpiS2FmbW1hazhNTWdyVko5cTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9mNzdkNTEtZWUxYy00N2E5LTkwYmMtZTBkMmExYjZlOGFj
LzEvZzc4MjZ4anZtbGZGLTJBNjJrQVA1clpvam00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDHwMYAwQD
JUvYAwQEUPJgAwQDXb6wAwQCuQ4QAwQE2a8AMA0GCSqGSIb3DQEBCwUAA4IBAQCM
ilU0ucgOioYklUEpobo+flHOJeXq+SNagrszhNroZ61mStCxVYAJTqbd1ijNxOcK
XV9oRpUXVs2YIYAqeUwHB2dbJgdxF072gMswbTUDZ+hyswOSfrfLjdlxw0aW5YPh
ZrvLWSqOCoo2Hhd17tFya8bsf7Hl8ZtHBMBY3CQFcDfYC8e2VYVPSBLVVPbjdkZb
YhNcdqNI3vDgRVMMtChdF+xbMNOBR9ecSdIiUsFAxQhjydRtG7FUUCSWUsiCZ2Z9
6Q5N/sqlqApQyQnPRSqe/cR0I8sn3+0Tnq5oxwzmNRLHoUDxunWIKd/CVT6E1771
W7UlVvk4/Ih9NETOu50W
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:04:45 2025 by rpki-client