Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/B0iUIhkwv2ZZdyXRyu9yUh7Z61o.roa
File: B0iUIhkwv2ZZdyXRyu9yUh7Z61o.roa (raw, json)
Hash identifier: F6O6OkDRyyyGqFimHsLztSYsh0AUNFPNkRW3jSPwvEw=
Subject key identifier: 07:48:94:22:19:30:BF:66:59:77:25:D1:CA:EF:72:52:1E:D9:EB:5A
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 019427473795B8FAD92B805DDFECB2A2294E
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/B0iUIhkwv2ZZdyXRyu9yUh7Z61o.roa
Signing time: Thu 02 Jan 2025 13:49:26 +0000
ROA not before: Thu 02 Jan 2025 13:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212228
IP address blocks: 37.10.71.0/24 maxlen: 24
45.11.180.0/24 maxlen: 24
91.240.202.0/24 maxlen: 24
91.242.217.0/24 maxlen: 24
185.158.250.0/24 maxlen: 24
2a0b:7140:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:37:95:b8:fa:d9:2b:80:5d:df:ec:b2:a2:29:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 2 13:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=074894221930bf66597725d1caef72521ed9eb5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:de:80:43:7e:d1:ac:26:46:ec:6f:97:64:90:
39:4f:bd:94:9a:b7:9f:5f:df:59:ff:6f:0f:42:56:
51:de:de:bc:fc:76:30:32:a7:6e:f5:e5:6b:40:2c:
6c:46:94:8f:ea:e5:58:cd:50:da:37:2d:01:1f:a8:
5f:2a:5c:3a:d7:60:b9:ed:a0:70:3e:e9:ac:10:78:
6b:70:41:a9:ae:b6:e2:02:04:22:ae:a6:38:e1:ae:
15:6e:8b:c1:54:e8:ac:df:c9:90:f8:93:39:4f:72:
68:ed:91:65:fe:bf:dc:45:81:6e:6e:34:9c:83:96:
28:c9:40:80:3c:c4:0d:6c:06:5e:a8:29:6d:73:86:
9e:3c:fb:b8:a3:91:60:89:cf:12:aa:c8:a5:9e:35:
c0:78:21:3a:ec:85:62:ad:0b:7b:b4:5f:7b:da:31:
77:ab:ab:eb:6d:23:53:ca:eb:5e:89:08:bc:88:5a:
54:b9:20:81:94:49:03:e1:d4:59:75:fe:44:62:a7:
bf:e9:f0:a2:03:cd:0e:da:2f:30:33:45:68:bb:7f:
d9:d8:34:23:fe:74:a7:45:aa:17:e3:1f:7f:73:0f:
ab:1f:07:9c:24:79:ea:84:2e:7f:d9:6e:e5:2b:af:
22:07:7e:76:03:8b:31:84:1b:c2:d9:a2:57:71:b9:
8e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:48:94:22:19:30:BF:66:59:77:25:D1:CA:EF:72:52:1E:D9:EB:5A
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/B0iUIhkwv2ZZdyXRyu9yUh7Z61o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.10.71.0/24
45.11.180.0/24
91.240.202.0/24
91.242.217.0/24
185.158.250.0/24
IPv6:
2a0b:7140:2::/48
Signature Algorithm: sha256WithRSAEncryption
44:af:6f:45:b8:62:b2:6e:77:a7:60:ab:e8:c4:74:c5:93:5f:
f1:de:9c:f7:ed:06:c6:cc:7b:af:52:a0:1e:39:83:5f:5c:88:
69:c8:4c:19:34:da:eb:46:89:1c:57:4f:fd:f2:ff:76:a0:e1:
af:3d:25:ca:57:e4:38:a3:99:37:07:57:3a:a3:7d:aa:4b:34:
a8:f7:c6:21:10:64:da:e3:f8:57:be:2b:b3:93:8c:2c:1b:60:
4c:1c:53:f0:2b:4a:6a:f9:bb:f5:04:27:ad:a3:54:b2:74:be:
e4:9e:1c:87:34:7b:51:29:f6:48:e1:7f:c3:66:29:40:59:69:
c5:39:5b:72:0b:91:96:b1:31:55:7b:72:e2:c2:a9:39:3c:0b:
7d:cc:fe:41:c4:8c:38:97:5c:36:b4:1e:aa:d7:9d:f4:3e:2e:
d4:68:de:c8:90:61:95:4a:2e:60:48:7b:3c:ca:72:66:9b:7d:
54:f8:f9:84:83:64:38:15:98:e5:6e:83:f7:56:47:8f:4d:05:
d5:9e:d0:b8:c0:ff:99:3f:d8:77:b5:6a:d9:88:b5:d6:15:7c:
4b:bc:fe:71:3d:c2:82:95:01:88:2e:f2:8e:06:d7:17:70:9c:
39:db:6a:ec:fb:2a:b5:5b:78:ab:ed:e9:00:96:f1:c4:b4:4f:
cb:6e:74:40
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQnRzeVuPrZK4Bd3+yyoilOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjUwMTAyMTM0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzQ4OTQyMjE5MzBiZjY2NTk3NzI1ZDFjYWVmNzI1MjFlZDllYjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA096AQ37RrCZG7G+XZJA5T72Umref
X99Z/28PQlZR3t68/HYwMqdu9eVrQCxsRpSP6uVYzVDaNy0BH6hfKlw612C57aBw
PumsEHhrcEGprrbiAgQirqY44a4VbovBVOis38mQ+JM5T3Jo7ZFl/r/cRYFubjSc
g5YoyUCAPMQNbAZeqCltc4aePPu4o5Fgic8SqsilnjXAeCE67IVirQt7tF972jF3
q6vrbSNTyuteiQi8iFpUuSCBlEkD4dRZdf5EYqe/6fCiA80O2i8wM0Vou3/Z2DQj
/nSnRaoX4x9/cw+rHwecJHnqhC5/2W7lK68iB352A4sxhBvC2aJXcbmOAwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFAdIlCIZML9mWXcl0crvclIe2etaMB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvQjBpVUloa3d2MlpaZHlYUnl1OXlVaDdaNjFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAJQpHAwQA
LQu0AwQAW/DKAwQAW/LZAwQAuZ76MA8EAgACMAkDBwAqC3FAAAIwDQYJKoZIhvcN
AQELBQADggEBAESvb0W4YrJud6dgq+jEdMWTX/HenPftBsbMe69SoB45g19ciGnI
TBk02utGiRxXT/3y/3ag4a89JcpX5DijmTcHVzqjfapLNKj3xiEQZNrj+Fe+K7OT
jCwbYEwcU/ArSmr5u/UEJ62jVLJ0vuSeHIc0e1Ep9kjhf8NmKUBZacU5W3ILkZax
MVV7cuLCqTk8C33M/kHEjDiXXDa0HqrXnfQ+LtRo3siQYZVKLmBIezzKcmabfVT4
+YSDZDgVmOVug/dWR49NBdWe0LjA/5k/2He1atmItdYVfEu8/nE9woKVAYgu8o4G
1xdwnDnbauz7KrVbeKvt6QCW8cS0T8tudEA=
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:43:23 2025 by rpki-client