Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/3rl0q0YfFZVgidosWF2yuIbD8yc.roa
File: 3rl0q0YfFZVgidosWF2yuIbD8yc.roa (raw, json)
Hash identifier: FggyKFjfEIP5vBx3Fm0JRTYveghMs6h1Lw6gFSOJIOs=
Subject key identifier: DE:B9:74:AB:46:1F:15:95:60:89:DA:2C:58:5D:B2:B8:86:C3:F3:27
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 01942747A090B45A6D89E77EBBC8A8F7DFCC
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/3rl0q0YfFZVgidosWF2yuIbD8yc.roa
Signing time: Thu 02 Jan 2025 13:49:52 +0000
ROA not before: Thu 02 Jan 2025 13:49:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60148
IP address blocks: 2.180.254.0/24 maxlen: 24
2.180.255.0/24 maxlen: 24
2.181.222.0/24 maxlen: 24
2.181.223.0/24 maxlen: 24
2.182.254.0/24 maxlen: 24
2.182.255.0/24 maxlen: 24
2.183.254.0/24 maxlen: 24
2.183.255.0/24 maxlen: 24
2.184.254.0/24 maxlen: 24
2.184.255.0/24 maxlen: 24
2.185.254.0/24 maxlen: 24
2.185.255.0/24 maxlen: 24
2.187.253.0/24 maxlen: 24
2.187.254.0/24 maxlen: 24
2.187.255.0/24 maxlen: 24
78.38.237.0/24 maxlen: 24
78.38.238.0/24 maxlen: 24
78.38.239.0/24 maxlen: 24
78.39.152.0/24 maxlen: 24
78.39.157.0/24 maxlen: 24
78.39.221.0/24 maxlen: 24
80.191.56.0/24 maxlen: 24
195.146.37.0/24 maxlen: 24
195.146.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.mft
rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 23:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:a0:90:b4:5a:6d:89:e7:7e:bb:c8:a8:f7:df:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 13:49:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=deb974ab461f15956089da2c585db2b886c3f327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:cd:c9:15:79:6a:13:63:dc:cc:db:b0:10:35:
61:44:4e:ce:44:36:15:cc:ad:c6:af:57:18:93:00:
04:59:4a:72:30:15:cd:ad:16:11:55:c4:df:71:51:
f7:0a:d6:c9:e8:62:e9:ac:da:a5:a9:46:8a:96:85:
a3:aa:a5:ad:0b:c7:2e:46:4e:b2:d8:e0:ca:6f:26:
cf:d3:0e:40:d8:4f:56:63:3c:c9:ec:fd:ba:3a:68:
78:09:8b:8c:3c:f4:a0:9e:5f:a0:4d:21:2e:a5:e3:
9c:47:4a:b5:ad:23:3f:06:3f:99:5f:fa:eb:15:e0:
7a:a5:43:a2:59:25:71:bd:3d:33:3d:5d:fc:fb:0d:
aa:c2:56:c7:de:18:41:af:f0:e3:18:e6:87:d6:94:
08:4f:ad:f5:1e:5c:68:a8:60:29:c1:17:66:92:83:
36:39:ef:bc:ad:26:90:48:8d:2a:28:55:a0:1e:ce:
ca:06:9f:52:d4:a1:90:fc:ce:4c:54:1c:3d:e5:57:
16:c4:d8:6c:20:d5:ab:5d:ea:53:c4:81:a3:e4:34:
a3:f9:83:99:d6:99:d2:79:3e:4d:86:dd:d9:77:95:
ec:f6:10:2c:fd:64:4a:95:37:dc:3d:74:3d:1f:c7:
54:d5:c3:f8:bd:4f:ac:db:cc:e7:2d:89:70:fe:ea:
92:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:B9:74:AB:46:1F:15:95:60:89:DA:2C:58:5D:B2:B8:86:C3:F3:27
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/3rl0q0YfFZVgidosWF2yuIbD8yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.180.254.0/23
2.181.222.0/23
2.182.254.0/23
2.183.254.0/23
2.184.254.0/23
2.185.254.0/23
2.187.253.0-2.187.255.255
78.38.237.0-78.38.239.255
78.39.152.0/24
78.39.157.0/24
78.39.221.0/24
80.191.56.0/24
195.146.37.0/24
195.146.59.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:64:59:e2:24:cb:99:4a:05:de:4f:12:8b:d5:b5:76:40:42:
76:7e:cd:45:1a:f2:dd:30:f9:5d:d7:b1:db:ce:25:3a:83:77:
cd:9e:45:8f:d5:c9:fd:ed:8d:2b:8e:d1:90:1e:a2:ec:7e:50:
2c:da:c7:a8:cf:fe:d0:f0:a5:c9:a6:6d:f2:44:02:ed:73:1d:
c2:2b:4a:c0:f4:a1:4f:51:48:f0:cd:0f:78:0a:c5:0f:ab:67:
14:a7:8f:7c:30:ba:b5:4f:5b:5b:42:22:bc:a5:5f:87:32:5a:
bc:49:81:0f:ba:71:6f:a4:fd:77:c6:de:ba:0a:f0:8c:3a:26:
b6:2f:f2:e8:ef:76:53:ac:8e:b6:7a:d4:14:d6:55:a7:a8:2b:
cc:d4:ae:54:1e:e6:ea:c1:b9:39:d9:cb:b8:b9:3d:07:d9:a5:
91:0e:ed:68:96:eb:5f:b0:79:3d:03:6c:43:be:47:60:98:97:
ed:98:42:a8:bd:c6:f2:f9:2f:03:27:26:fb:53:4c:30:1f:a0:
54:6d:e2:7e:7d:61:b2:0d:e1:fd:fc:01:63:5a:4f:91:96:99:
24:ff:5f:90:49:e4:58:2c:44:90:27:6c:e7:73:1b:25:56:7b:
df:5e:b6:f7:54:3c:1d:a8:63:cc:f0:8f:fe:ee:fb:d0:6c:88:
5f:87:75:8c
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZQnR6CQtFptied+u8io99/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjUwMTAyMTM0OTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWI5NzRhYjQ2MWYxNTk1NjA4OWRhMmM1ODVkYjJiODg2YzNmMzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoM3JFXlqE2PczNuwEDVhRE7ORDYV
zK3Gr1cYkwAEWUpyMBXNrRYRVcTfcVH3CtbJ6GLprNqlqUaKloWjqqWtC8cuRk6y
2ODKbybP0w5A2E9WYzzJ7P26Omh4CYuMPPSgnl+gTSEupeOcR0q1rSM/Bj+ZX/rr
FeB6pUOiWSVxvT0zPV38+w2qwlbH3hhBr/DjGOaH1pQIT631HlxoqGApwRdmkoM2
Oe+8rSaQSI0qKFWgHs7KBp9S1KGQ/M5MVBw95VcWxNhsINWrXepTxIGj5DSj+YOZ
1pnSeT5Nht3Zd5Xs9hAs/WRKlTfcPXQ9H8dU1cP4vU+s28znLYlw/uqSJQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFN65dKtGHxWVYInaLFhdsriGw/MnMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvM3JsMHEwWWZGWlZnaWRvc1dGMnl1SWJEOHljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBpBAIAATBjAwQBArT+AwQB
ArXeAwQBArb+AwQBArf+AwQBArj+AwQBArn+MAsDBAACu/0DAwICuDAMAwQATibt
AwQETibgAwQATieYAwQATiedAwQATifdAwQAUL84AwQAw5IlAwQAw5I7MA0GCSqG
SIb3DQEBCwUAA4IBAQCoZFniJMuZSgXeTxKL1bV2QEJ2fs1FGvLdMPld17HbziU6
g3fNnkWP1cn97Y0rjtGQHqLsflAs2seoz/7Q8KXJpm3yRALtcx3CK0rA9KFPUUjw
zQ94CsUPq2cUp498MLq1T1tbQiK8pV+HMlq8SYEPunFvpP13xt66CvCMOia2L/Lo
73ZTrI62etQU1lWnqCvM1K5UHubqwbk52cu4uT0H2aWRDu1olutfsHk9A2xDvkdg
mJftmEKovcby+S8DJyb7U0wwH6BUbeJ+fWGyDeH9/AFjWk+Rlpkk/1+QSeRYLESQ
J2zncxslVnvfXrb3VDwdqGPM8I/+7vvQbIhfh3WM
-----END CERTIFICATE-----
Generated at Thu Apr 10 05:54:26 2025 by rpki-client