Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a1ee96-2eed-4533-8afd-a958bf5acbea/1/Wh_K5Ot0PdOltJAZbDMBxaT8CJw.roa
File: Wh_K5Ot0PdOltJAZbDMBxaT8CJw.roa (raw, json)
Hash identifier: VIjWDHn3J2RwnBzOCzHWLW6nGxWdyzjrSq+KdnZiOMU=
Subject key identifier: 5A:1F:CA:E4:EB:74:3D:D3:A5:B4:90:19:6C:33:01:C5:A4:FC:08:9C
Certificate issuer: /CN=a7bdb2c7b334b94bcd43388f21f82092db6cfd4c
Certificate serial: 019422FB84CEF569B0B64DABE390A04D14C2
Authority key identifier: A7:BD:B2:C7:B3:34:B9:4B:CD:43:38:8F:21:F8:20:92:DB:6C:FD:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p72yx7M0uUvNQziPIfggktts_Uw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/a1ee96-2eed-4533-8afd-a958bf5acbea/1/Wh_K5Ot0PdOltJAZbDMBxaT8CJw.roa
Signing time: Wed 01 Jan 2025 17:48:16 +0000
ROA not before: Wed 01 Jan 2025 17:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57844
IP address blocks: 37.123.96.0/24 maxlen: 24
37.123.97.0/24 maxlen: 24
37.123.98.0/24 maxlen: 24
37.123.99.0/24 maxlen: 24
37.123.100.0/24 maxlen: 24
37.123.101.0/24 maxlen: 24
37.123.102.0/24 maxlen: 24
37.123.103.0/24 maxlen: 24
178.20.224.0/24 maxlen: 24
178.20.225.0/24 maxlen: 24
178.20.226.0/24 maxlen: 24
178.20.227.0/24 maxlen: 24
178.20.228.0/24 maxlen: 24
178.20.229.0/24 maxlen: 24
178.20.230.0/24 maxlen: 24
178.20.231.0/24 maxlen: 24
185.9.156.0/24 maxlen: 24
185.9.157.0/24 maxlen: 24
185.9.158.0/24 maxlen: 24
185.9.159.0/24 maxlen: 24
185.118.140.0/24 maxlen: 24
185.118.142.0/24 maxlen: 24
185.118.143.0/24 maxlen: 24
2a00:9bc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/a1ee96-2eed-4533-8afd-a958bf5acbea/1/p72yx7M0uUvNQziPIfggktts_Uw.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/a1ee96-2eed-4533-8afd-a958bf5acbea/1/p72yx7M0uUvNQziPIfggktts_Uw.mft
rsync://rpki.ripe.net/repository/DEFAULT/p72yx7M0uUvNQziPIfggktts_Uw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 05:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:84:ce:f5:69:b0:b6:4d:ab:e3:90:a0:4d:14:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7bdb2c7b334b94bcd43388f21f82092db6cfd4c
Validity
Not Before: Jan 1 17:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a1fcae4eb743dd3a5b490196c3301c5a4fc089c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:52:e8:46:9d:1b:07:60:8d:ea:fe:42:d1:8e:
4d:29:64:c1:68:22:1c:c2:05:a8:7e:3b:95:12:9e:
88:0a:95:fc:2d:00:b3:bf:0d:e8:0c:64:17:58:35:
26:19:1e:08:7f:5c:ca:2b:5a:cb:8b:95:7a:53:0f:
5a:40:63:8c:dd:a3:25:6f:8c:03:52:87:66:9a:d3:
aa:eb:b6:8c:ab:37:e8:12:ca:d9:4d:95:89:95:f6:
41:84:04:82:67:e4:d9:4c:28:7a:47:4f:93:e0:a9:
e4:15:20:a2:c8:84:10:60:3c:4e:0d:8e:51:ca:1b:
04:18:8c:fa:05:cd:d4:98:c5:d6:da:3d:12:aa:2a:
f7:3e:30:72:f4:78:25:10:62:2a:4b:46:9b:40:fe:
75:f1:14:2c:df:42:ee:c6:e7:3f:5c:bf:36:45:13:
3a:ec:93:fd:fb:a6:3e:5c:32:06:f0:17:27:e6:f2:
fe:f9:9c:b2:1b:d9:77:1a:51:16:be:38:f8:71:76:
05:bd:c8:9f:8b:32:d8:1d:e3:f7:9c:30:74:be:0d:
5b:99:d0:65:44:e4:55:06:a3:d4:7b:30:f2:98:6a:
14:1f:a9:93:72:2e:81:40:ba:23:7f:56:95:81:92:
f4:2d:60:7b:0c:f8:e3:ca:75:13:5c:9f:dd:30:c9:
5d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:1F:CA:E4:EB:74:3D:D3:A5:B4:90:19:6C:33:01:C5:A4:FC:08:9C
X509v3 Authority Key Identifier:
keyid:A7:BD:B2:C7:B3:34:B9:4B:CD:43:38:8F:21:F8:20:92:DB:6C:FD:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p72yx7M0uUvNQziPIfggktts_Uw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a1ee96-2eed-4533-8afd-a958bf5acbea/1/Wh_K5Ot0PdOltJAZbDMBxaT8CJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a1ee96-2eed-4533-8afd-a958bf5acbea/1/p72yx7M0uUvNQziPIfggktts_Uw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.96.0/21
178.20.224.0/21
185.9.156.0/22
185.118.140.0/24
185.118.142.0/23
IPv6:
2a00:9bc0::/32
Signature Algorithm: sha256WithRSAEncryption
92:df:f8:95:aa:ac:41:b4:e8:b1:6d:04:72:14:18:a9:26:f5:
c1:f8:76:63:8b:d1:a2:a1:b8:8e:f9:32:af:d8:ae:e3:36:6e:
9c:42:c5:6c:ba:fd:7c:df:44:58:9b:75:a5:42:3c:7b:a7:2e:
49:cc:79:e3:c3:76:03:1b:a2:9b:1d:97:e5:ad:c9:3e:98:7e:
d4:b0:f3:98:f3:42:e7:ab:fa:a1:6f:1c:86:fc:82:18:19:a0:
9d:1b:19:d7:8d:07:9c:19:e2:fc:5f:fd:b5:29:1e:33:40:f9:
f6:ed:24:9a:68:84:ae:2a:a6:27:d0:29:8f:a2:62:18:84:84:
7d:15:5a:5d:8f:73:6b:97:5c:9a:c6:f4:57:33:08:1b:df:6d:
91:26:c6:76:e4:b5:69:f8:85:bd:47:cc:37:04:20:21:44:59:
81:b5:7f:33:15:d1:38:e6:b9:71:02:90:47:68:f3:8a:58:86:
4b:e1:ed:05:36:9a:97:89:ef:b2:dc:5b:15:66:4e:28:ea:b2:
6f:32:4d:62:4e:55:e8:f1:e7:fc:b2:38:94:6e:77:ec:1c:2d:
80:62:38:78:3c:b4:3f:2c:c8:9c:d5:a6:61:c9:09:e3:2f:55:
55:d1:b9:e9:a2:07:f8:d9:23:2b:af:5b:99:47:b0:38:bd:7e:
f2:22:58:30
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQi+4TO9Wmwtk2r45CgTRTCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YmRiMmM3YjMzNGI5NGJjZDQzMzg4ZjIxZjgyMDkyZGI2
Y2ZkNGMwHhcNMjUwMTAxMTc0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTFmY2FlNGViNzQzZGQzYTViNDkwMTk2YzMzMDFjNWE0ZmMwODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVLoRp0bB2CN6v5C0Y5NKWTBaCIc
wgWofjuVEp6ICpX8LQCzvw3oDGQXWDUmGR4If1zKK1rLi5V6Uw9aQGOM3aMlb4wD
UodmmtOq67aMqzfoEsrZTZWJlfZBhASCZ+TZTCh6R0+T4KnkFSCiyIQQYDxODY5R
yhsEGIz6Bc3UmMXW2j0Sqir3PjBy9HglEGIqS0abQP518RQs30Luxuc/XL82RRM6
7JP9+6Y+XDIG8Bcn5vL++ZyyG9l3GlEWvjj4cXYFvcifizLYHeP3nDB0vg1bmdBl
RORVBqPUezDymGoUH6mTci6BQLojf1aVgZL0LWB7DPjjynUTXJ/dMMldIwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFofyuTrdD3TpbSQGWwzAcWk/AicMB8GA1UdIwQY
MBaAFKe9ssezNLlLzUM4jyH4IJLbbP1MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDcyeXg3TTB1VXZOUXppUElmZ2drdHRzX1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hMWVlOTYtMmVlZC00NTMzLThhZmQt
YTk1OGJmNWFjYmVhLzEvV2hfSzVPdDBQZE9sdEpBWmJETUJ4YVQ4Q0p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hMWVlOTYtMmVlZC00NTMzLThhZmQtYTk1OGJmNWFjYmVh
LzEvcDcyeXg3TTB1VXZOUXppUElmZ2drdHRzX1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJXtgAwQD
shTgAwQCuQmcAwQAuXaMAwQBuXaOMA0EAgACMAcDBQAqAJvAMA0GCSqGSIb3DQEB
CwUAA4IBAQCS3/iVqqxBtOixbQRyFBipJvXB+HZji9GiobiO+TKv2K7jNm6cQsVs
uv1830RYm3WlQjx7py5JzHnjw3YDG6KbHZflrck+mH7UsPOY80Lnq/qhbxyG/IIY
GaCdGxnXjQecGeL8X/21KR4zQPn27SSaaISuKqYn0CmPomIYhIR9FVpdj3Nrl1ya
xvRXMwgb322RJsZ25LVp+IW9R8w3BCAhRFmBtX8zFdE45rlxApBHaPOKWIZL4e0F
NpqXie+y3FsVZk4o6rJvMk1iTlXo8ef8sjiUbnfsHC2AYjh4PLQ/LMic1aZhyQnj
L1VV0bnpogf42SMrr1uZR7A4vX7yIlgw
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:05:41 2025 by rpki-client