Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/1b60e9-b6e0-4890-9de1-13b431342ab8/1/L7Ga4vuHYQeZfIto9Yq8tgXI9O0.roa
File: L7Ga4vuHYQeZfIto9Yq8tgXI9O0.roa (raw, json)
Hash identifier: teLoUEZvE4nl+9Xvo/9jLeTnZ41UIdxLpAcgTrbJ4sA=
Subject key identifier: 2F:B1:9A:E2:FB:87:61:07:99:7C:8B:68:F5:8A:BC:B6:05:C8:F4:ED
Certificate issuer: /CN=96cbcf2e957ca8d942472a7b0044285b26db6b22
Certificate serial: 0194236A0F9E366EB496EAF4B79574245B08
Authority key identifier: 96:CB:CF:2E:95:7C:A8:D9:42:47:2A:7B:00:44:28:5B:26:DB:6B:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lsvPLpV8qNlCRyp7AEQoWybbayI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/1b60e9-b6e0-4890-9de1-13b431342ab8/1/L7Ga4vuHYQeZfIto9Yq8tgXI9O0.roa
Signing time: Wed 01 Jan 2025 19:49:00 +0000
ROA not before: Wed 01 Jan 2025 19:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58256
IP address blocks: 37.143.144.0/24 maxlen: 24
37.143.145.0/24 maxlen: 24
37.143.146.0/24 maxlen: 24
37.143.147.0/24 maxlen: 24
37.143.148.0/24 maxlen: 24
37.143.149.0/24 maxlen: 24
37.143.150.0/24 maxlen: 24
37.143.151.0/24 maxlen: 24
91.108.128.0/24 maxlen: 24
91.108.129.0/24 maxlen: 24
91.108.130.0/24 maxlen: 24
91.108.131.0/24 maxlen: 24
91.108.132.0/24 maxlen: 24
91.108.133.0/24 maxlen: 24
91.108.134.0/24 maxlen: 24
91.108.135.0/24 maxlen: 24
91.108.136.0/24 maxlen: 24
91.108.137.0/24 maxlen: 24
91.108.138.0/24 maxlen: 24
91.108.139.0/24 maxlen: 24
91.108.140.0/24 maxlen: 24
91.108.141.0/24 maxlen: 24
91.108.142.0/24 maxlen: 24
91.108.143.0/24 maxlen: 24
91.108.144.0/24 maxlen: 24
91.108.145.0/24 maxlen: 24
91.108.146.0/24 maxlen: 24
91.108.147.0/24 maxlen: 24
91.108.148.0/24 maxlen: 24
91.108.149.0/24 maxlen: 24
91.108.150.0/24 maxlen: 24
91.108.151.0/24 maxlen: 24
91.108.152.0/24 maxlen: 24
91.108.153.0/24 maxlen: 24
91.108.154.0/24 maxlen: 24
91.108.155.0/24 maxlen: 24
91.108.156.0/24 maxlen: 24
91.108.157.0/24 maxlen: 24
91.108.158.0/24 maxlen: 24
91.108.159.0/24 maxlen: 24
185.42.212.0/24 maxlen: 24
185.42.213.0/24 maxlen: 24
185.42.214.0/24 maxlen: 24
185.42.215.0/24 maxlen: 24
185.83.28.0/24 maxlen: 24
185.83.29.0/24 maxlen: 24
185.83.30.0/24 maxlen: 24
185.83.31.0/24 maxlen: 24
185.83.184.0/24 maxlen: 24
185.83.185.0/24 maxlen: 24
185.83.186.0/24 maxlen: 24
185.83.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/1b60e9-b6e0-4890-9de1-13b431342ab8/1/lsvPLpV8qNlCRyp7AEQoWybbayI.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/1b60e9-b6e0-4890-9de1-13b431342ab8/1/lsvPLpV8qNlCRyp7AEQoWybbayI.mft
rsync://rpki.ripe.net/repository/DEFAULT/lsvPLpV8qNlCRyp7AEQoWybbayI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 16:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:0f:9e:36:6e:b4:96:ea:f4:b7:95:74:24:5b:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96cbcf2e957ca8d942472a7b0044285b26db6b22
Validity
Not Before: Jan 1 19:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fb19ae2fb876107997c8b68f58abcb605c8f4ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0b:bc:ab:bd:51:08:8e:70:a7:ae:d6:1d:8a:
39:75:15:f7:3f:b0:4b:1d:43:9e:9d:26:f8:21:fd:
65:c1:21:7a:4e:66:22:70:78:fc:ab:40:e3:be:f2:
d1:0d:3f:f3:48:4d:9e:5e:26:4c:ff:12:d8:e1:d1:
30:26:91:a9:b3:80:ef:ed:1a:62:71:53:a8:cb:d4:
82:59:33:c6:e2:d2:23:11:e7:0f:9e:68:34:26:91:
56:da:a6:fe:c0:20:fb:ba:95:b8:76:ad:80:08:07:
b4:f6:f8:ed:35:17:78:de:1d:3b:66:7e:db:8a:7d:
f9:88:ba:b2:36:91:75:cc:e9:1f:f3:4d:7c:4e:a5:
45:c5:41:5d:d8:b2:02:74:64:45:9d:81:82:58:9f:
80:d2:3e:a3:9f:b4:b9:18:d1:ba:30:87:a4:50:67:
b0:86:43:99:84:16:a7:b3:3e:59:5a:ad:5b:29:10:
e5:9f:e6:f0:39:aa:b5:0f:94:c5:cb:b0:6f:7f:73:
0c:df:f5:78:28:0b:84:2e:ef:2a:7c:db:2b:c0:53:
ae:90:f2:be:ec:23:8b:c8:24:e1:48:60:40:e6:a7:
1f:55:1a:bf:25:b4:f4:d0:3f:46:29:80:43:95:c4:
03:57:c0:ff:d4:c0:7c:7a:b2:aa:00:46:88:04:f0:
2c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:B1:9A:E2:FB:87:61:07:99:7C:8B:68:F5:8A:BC:B6:05:C8:F4:ED
X509v3 Authority Key Identifier:
keyid:96:CB:CF:2E:95:7C:A8:D9:42:47:2A:7B:00:44:28:5B:26:DB:6B:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lsvPLpV8qNlCRyp7AEQoWybbayI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/1b60e9-b6e0-4890-9de1-13b431342ab8/1/L7Ga4vuHYQeZfIto9Yq8tgXI9O0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/1b60e9-b6e0-4890-9de1-13b431342ab8/1/lsvPLpV8qNlCRyp7AEQoWybbayI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.144.0/21
91.108.128.0/19
185.42.212.0/22
185.83.28.0/22
185.83.184.0/22
Signature Algorithm: sha256WithRSAEncryption
86:3a:34:c3:8f:72:72:63:e0:24:d9:39:10:7d:17:05:df:6f:
53:56:70:d9:02:85:91:c8:ab:80:7e:17:ec:9a:b6:16:d2:60:
96:82:68:48:6c:57:28:b8:43:9d:c5:95:8c:88:84:8b:15:1a:
61:ff:b7:16:91:83:d3:a0:7a:47:28:cd:31:9f:61:d8:6c:5d:
b3:9a:26:1c:9f:1d:e7:a6:7c:3f:37:6b:fa:63:ba:da:3b:3c:
dd:da:87:b7:61:f5:04:eb:b6:82:63:9f:b5:e7:f2:0a:2b:64:
89:1f:ff:49:44:ac:34:4f:d4:bc:4e:3e:fd:85:c5:3f:e4:a0:
6d:6a:d4:50:c8:a4:0b:34:fe:ae:6b:b1:99:71:3c:06:85:e4:
b2:6e:98:1f:cc:4d:0c:51:8b:d7:82:51:ad:7b:4d:0a:cb:95:
11:60:ca:02:8b:59:44:61:30:c8:30:30:ed:59:6d:90:eb:b4:
44:75:02:78:3b:16:c0:1b:1a:21:30:44:8b:61:9e:cb:a0:ce:
0a:7f:cc:1f:34:32:c9:9b:2a:c9:78:b9:65:94:a3:56:06:17:
b4:8e:54:d2:9e:a8:1c:4e:43:a4:b1:99:b6:78:94:26:d0:b9:
11:ef:e1:a3:1e:ad:7d:b9:11:15:d6:14:a6:2a:da:72:22:e0:
99:9c:7b:da
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQjag+eNm60lur0t5V0JFsIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2Y2JjZjJlOTU3Y2E4ZDk0MjQ3MmE3YjAwNDQyODViMjZk
YjZiMjIwHhcNMjUwMTAxMTk0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmIxOWFlMmZiODc2MTA3OTk3YzhiNjhmNThhYmNiNjA1YzhmNGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAu8q71RCI5wp67WHYo5dRX3P7BL
HUOenSb4If1lwSF6TmYicHj8q0DjvvLRDT/zSE2eXiZM/xLY4dEwJpGps4Dv7Rpi
cVOoy9SCWTPG4tIjEecPnmg0JpFW2qb+wCD7upW4dq2ACAe09vjtNRd43h07Zn7b
in35iLqyNpF1zOkf8018TqVFxUFd2LICdGRFnYGCWJ+A0j6jn7S5GNG6MIekUGew
hkOZhBansz5ZWq1bKRDln+bwOaq1D5TFy7Bvf3MM3/V4KAuELu8qfNsrwFOukPK+
7COLyCThSGBA5qcfVRq/JbT00D9GKYBDlcQDV8D/1MB8erKqAEaIBPAsWwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFC+xmuL7h2EHmXyLaPWKvLYFyPTtMB8GA1UdIwQY
MBaAFJbLzy6VfKjZQkcqewBEKFsm22siMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHN2UExwVjhxTmxDUnlwN0FFUW9XeWJiYXlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8xYjYwZTktYjZlMC00ODkwLTlkZTEt
MTNiNDMxMzQyYWI4LzEvTDdHYTR2dUhZUWVaZkl0bzlZcTh0Z1hJOU8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8xYjYwZTktYjZlMC00ODkwLTlkZTEtMTNiNDMxMzQyYWI4
LzEvbHN2UExwVjhxTmxDUnlwN0FFUW9XeWJiYXlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDJY+QAwQF
W2yAAwQCuSrUAwQCuVMcAwQCuVO4MA0GCSqGSIb3DQEBCwUAA4IBAQCGOjTDj3Jy
Y+Ak2TkQfRcF329TVnDZAoWRyKuAfhfsmrYW0mCWgmhIbFcouEOdxZWMiISLFRph
/7cWkYPToHpHKM0xn2HYbF2zmiYcnx3npnw/N2v6Y7raOzzd2oe3YfUE67aCY5+1
5/IKK2SJH/9JRKw0T9S8Tj79hcU/5KBtatRQyKQLNP6ua7GZcTwGheSybpgfzE0M
UYvXglGte00Ky5URYMoCi1lEYTDIMDDtWW2Q67REdQJ4OxbAGxohMESLYZ7LoM4K
f8wfNDLJmyrJeLlllKNWBhe0jlTSnqgcTkOksZm2eJQm0LkR7+GjHq19uREV1hSm
KtpyIuCZnHva
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:07:45 2025 by rpki-client