Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/fa79dd-0fca-4661-8864-955537cb69f2/1/8HKSdNrm9QMyoSA380bXaBqQQ0o.roa
File: 8HKSdNrm9QMyoSA380bXaBqQQ0o.roa (raw, json)
Hash identifier: n0TkThrqHtx1QI4h5bmhzme4/EVU3X+pkCgBWj6DraA=
Subject key identifier: F0:72:92:74:DA:E6:F5:03:32:A1:20:37:F3:46:D7:68:1A:90:43:4A
Certificate issuer: /CN=b7ed30e96ea56b980e6b793d1a86c62dd5c0bc1f
Certificate serial: 01941FF9FED711B62EDEE051AF0FB076FF41
Authority key identifier: B7:ED:30:E9:6E:A5:6B:98:0E:6B:79:3D:1A:86:C6:2D:D5:C0:BC:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t-0w6W6la5gOa3k9GobGLdXAvB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/fa79dd-0fca-4661-8864-955537cb69f2/1/8HKSdNrm9QMyoSA380bXaBqQQ0o.roa
Signing time: Wed 01 Jan 2025 03:47:44 +0000
ROA not before: Wed 01 Jan 2025 03:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213208
IP address blocks: 37.200.85.0/24 maxlen: 24
2a07:5200::/29 maxlen: 48
2a07:5200::/48 maxlen: 48
2a07:5201::/48 maxlen: 48
2a07:5201:1::/48 maxlen: 48
2a07:5202::/48 maxlen: 48
2a07:5202:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/fa79dd-0fca-4661-8864-955537cb69f2/1/t-0w6W6la5gOa3k9GobGLdXAvB8.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/fa79dd-0fca-4661-8864-955537cb69f2/1/t-0w6W6la5gOa3k9GobGLdXAvB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/t-0w6W6la5gOa3k9GobGLdXAvB8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:f9:fe:d7:11:b6:2e:de:e0:51:af:0f:b0:76:ff:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7ed30e96ea56b980e6b793d1a86c62dd5c0bc1f
Validity
Not Before: Jan 1 03:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0729274dae6f50332a12037f346d7681a90434a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:79:31:d6:95:64:d8:2b:fc:10:cb:23:de:a0:
e0:a2:14:56:00:0f:88:e8:55:26:43:7e:e5:56:fd:
5b:ac:8e:24:fe:8b:a0:4e:f3:82:d9:26:e1:d9:1d:
c8:d9:36:d2:fb:77:33:8f:3b:2f:53:3a:46:b0:46:
13:80:0d:a0:a2:7f:f4:ee:49:fd:67:83:19:2c:ba:
e0:4e:24:bc:a0:c7:a5:59:31:89:b4:31:a6:7b:05:
9b:9f:07:fe:58:9a:88:d8:2c:21:0d:20:4d:88:75:
20:57:98:2f:d0:35:2e:38:f6:e3:dd:9f:ab:ac:a3:
5b:2d:08:3c:8c:dc:62:33:cf:24:3b:db:99:34:13:
ce:5a:24:b6:f3:f0:f0:ed:8e:62:09:56:4a:cd:c0:
eb:10:cf:ef:75:10:ba:36:5d:ca:ca:95:33:0d:b8:
79:3b:91:36:06:84:07:67:7b:93:da:ae:0b:8e:ae:
94:fb:9d:e0:1b:fa:ac:38:54:42:19:01:e2:e5:68:
4b:32:16:a3:0b:05:29:28:60:d2:5b:ce:63:98:58:
e7:32:39:b2:e3:3b:ce:16:4a:0b:68:eb:29:a8:52:
96:6a:ce:ca:43:2d:66:78:5a:5a:c3:f7:5c:7d:31:
55:9e:a8:6f:d4:f6:d2:b4:fc:7c:6c:e5:7a:a0:b1:
51:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:72:92:74:DA:E6:F5:03:32:A1:20:37:F3:46:D7:68:1A:90:43:4A
X509v3 Authority Key Identifier:
keyid:B7:ED:30:E9:6E:A5:6B:98:0E:6B:79:3D:1A:86:C6:2D:D5:C0:BC:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t-0w6W6la5gOa3k9GobGLdXAvB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/fa79dd-0fca-4661-8864-955537cb69f2/1/8HKSdNrm9QMyoSA380bXaBqQQ0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/fa79dd-0fca-4661-8864-955537cb69f2/1/t-0w6W6la5gOa3k9GobGLdXAvB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.200.85.0/24
IPv6:
2a07:5200::/29
Signature Algorithm: sha256WithRSAEncryption
64:b9:af:01:1f:dc:a5:41:43:ff:44:87:3a:a0:f1:7b:e5:b7:
da:50:71:f5:f8:20:e1:7f:54:54:b7:a9:d8:40:9c:63:92:a5:
68:67:d1:15:06:e0:96:f9:df:10:c6:e6:7f:c7:f1:7a:2a:a6:
c1:02:11:47:0e:55:1d:74:8e:22:f2:f8:d7:70:45:a3:0f:63:
5c:7d:4c:fa:74:13:2e:2e:6d:7b:4f:85:cf:f5:0a:9e:a5:fc:
34:ba:70:08:74:de:a6:d6:7c:41:88:04:f9:cd:e0:85:b0:3e:
89:58:4e:83:65:d5:f4:b7:0f:a5:51:18:3b:19:1e:ca:3b:59:
ca:11:7e:f9:40:d7:fd:71:19:f1:ae:2e:75:02:bd:0f:b6:3e:
99:46:c6:04:72:d9:d5:49:de:d0:54:08:a2:4c:d2:bd:51:46:
68:87:98:ee:ec:0c:c4:74:3f:ae:bd:0f:3f:5f:55:de:f4:5e:
eb:88:67:41:8d:d6:3d:9b:5e:fd:48:90:5d:7c:30:28:77:46:
3b:70:61:c2:c2:fc:6d:98:59:99:0c:a0:91:b2:22:8e:c2:64:
7e:cf:91:56:a5:14:ba:81:52:64:7e:64:85:91:44:28:63:21:
8f:4a:56:23:bb:bb:7f:a1:75:69:87:68:51:c7:c5:e7:12:9c:
14:eb:12:73
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQf+f7XEbYu3uBRrw+wdv9BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ZWQzMGU5NmVhNTZiOTgwZTZiNzkzZDFhODZjNjJkZDVj
MGJjMWYwHhcNMjUwMTAxMDM0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDcyOTI3NGRhZTZmNTAzMzJhMTIwMzdmMzQ2ZDc2ODFhOTA0MzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3kx1pVk2Cv8EMsj3qDgohRWAA+I
6FUmQ37lVv1brI4k/ougTvOC2Sbh2R3I2TbS+3czjzsvUzpGsEYTgA2gon/07kn9
Z4MZLLrgTiS8oMelWTGJtDGmewWbnwf+WJqI2CwhDSBNiHUgV5gv0DUuOPbj3Z+r
rKNbLQg8jNxiM88kO9uZNBPOWiS28/Dw7Y5iCVZKzcDrEM/vdRC6Nl3KypUzDbh5
O5E2BoQHZ3uT2q4Ljq6U+53gG/qsOFRCGQHi5WhLMhajCwUpKGDSW85jmFjnMjmy
4zvOFkoLaOspqFKWas7KQy1meFpaw/dcfTFVnqhv1PbStPx8bOV6oLFRmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPByknTa5vUDMqEgN/NG12gakENKMB8GA1UdIwQY
MBaAFLftMOlupWuYDmt5PRqGxi3VwLwfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdC0wdzZXNmxhNWdPYTNrOUdvYkdMZFhBdkI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9mYTc5ZGQtMGZjYS00NjYxLTg4NjQt
OTU1NTM3Y2I2OWYyLzEvOEhLU2ROcm05UU15b1NBMzgwYlhhQnFRUTBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9mYTc5ZGQtMGZjYS00NjYxLTg4NjQtOTU1NTM3Y2I2OWYy
LzEvdC0wdzZXNmxhNWdPYTNrOUdvYkdMZFhBdkI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAJchVMA0E
AgACMAcDBQMqB1IAMA0GCSqGSIb3DQEBCwUAA4IBAQBkua8BH9ylQUP/RIc6oPF7
5bfaUHH1+CDhf1RUt6nYQJxjkqVoZ9EVBuCW+d8QxuZ/x/F6KqbBAhFHDlUddI4i
8vjXcEWjD2NcfUz6dBMuLm17T4XP9Qqepfw0unAIdN6m1nxBiAT5zeCFsD6JWE6D
ZdX0tw+lURg7GR7KO1nKEX75QNf9cRnxri51Ar0Ptj6ZRsYEctnVSd7QVAiiTNK9
UUZoh5ju7AzEdD+uvQ8/X1Xe9F7riGdBjdY9m179SJBdfDAod0Y7cGHCwvxtmFmZ
DKCRsiKOwmR+z5FWpRS6gVJkfmSFkUQoYyGPSlYju7t/oXVph2hRx8XnEpwU6xJz
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:32:49 2025 by rpki-client