Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/YN7VOdrFA4DxBRGKlzu-DkZKxbw.roa
File: YN7VOdrFA4DxBRGKlzu-DkZKxbw.roa (raw, json)
Hash identifier: Tw2n5Zr+e89OCD53j7fn1mis/crLkVVV4D/UZkzzMS8=
Subject key identifier: 60:DE:D5:39:DA:C5:03:80:F1:05:11:8A:97:3B:BE:0E:46:4A:C5:BC
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0194266B8C42A3716854CE07BAA87CCD45F3
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/YN7VOdrFA4DxBRGKlzu-DkZKxbw.roa
Signing time: Thu 02 Jan 2025 09:49:29 +0000
ROA not before: Thu 02 Jan 2025 09:49:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34471
IP address blocks: 37.72.16.0/24 maxlen: 24
84.232.104.0/24 maxlen: 24
84.236.158.0/24 maxlen: 24
176.227.155.0/24 maxlen: 24
178.156.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 21:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:8c:42:a3:71:68:54:ce:07:ba:a8:7c:cd:45:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 09:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60ded539dac50380f105118a973bbe0e464ac5bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2f:81:2b:1a:21:ce:4b:a5:6f:b5:87:50:ba:
64:ef:fa:54:4d:60:f1:21:5b:77:8a:76:ba:43:01:
32:4f:16:8c:0e:fb:7f:32:10:19:47:72:59:48:7b:
17:4e:cc:71:45:31:e9:a3:eb:b3:62:a0:13:04:29:
c3:2e:b5:cf:14:34:68:e0:88:4e:ce:02:70:ce:fa:
17:6f:a3:81:22:a4:10:e1:b9:09:66:e3:a3:c7:bd:
3d:a0:76:06:32:76:d8:01:9d:24:b6:d6:9b:23:c5:
08:b9:f6:2a:2c:54:2f:e9:c9:22:4f:10:23:91:63:
38:9c:ec:77:6b:b6:d6:3a:97:e0:c4:dc:c0:fb:af:
71:cf:66:d6:fa:1a:87:bc:f3:3b:85:28:41:6f:d6:
a2:6f:ca:79:5d:54:1d:3e:4e:06:c4:e1:94:fe:a8:
b5:92:4d:28:3a:c1:fe:c8:64:80:88:18:12:1f:74:
70:e3:12:a4:03:c8:79:99:f9:52:23:e1:24:c0:e0:
51:c7:52:95:82:71:85:d7:73:bb:bb:6d:80:8e:f3:
7f:6b:99:d9:12:96:10:04:9a:14:17:83:dd:8c:45:
f2:22:4d:93:52:cf:a3:70:18:05:a1:f4:bc:06:3f:
6f:97:9b:2a:d9:a1:a3:4e:af:9b:29:4e:70:b1:cd:
88:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:DE:D5:39:DA:C5:03:80:F1:05:11:8A:97:3B:BE:0E:46:4A:C5:BC
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/YN7VOdrFA4DxBRGKlzu-DkZKxbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.16.0/24
84.232.104.0/24
84.236.158.0/24
176.227.155.0/24
178.156.34.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:b7:28:9e:b5:a8:d4:f7:d9:1f:f3:aa:f1:92:3c:af:f5:2b:
e0:d7:4a:96:96:d7:6f:1b:a0:13:da:d1:47:6d:3a:e2:84:35:
59:12:8d:9c:aa:37:44:b0:6a:06:c0:9a:7d:30:c1:85:bf:fd:
16:da:3e:25:e9:89:0b:bd:0a:89:a1:dd:0b:2f:00:cf:b0:87:
38:1c:2b:db:94:fc:2d:df:63:97:52:59:a6:4f:44:fc:89:b7:
d4:20:98:e9:96:f6:8f:19:e3:16:d3:45:5f:dd:9a:38:ec:23:
c8:46:6a:bb:5d:19:67:a7:b1:91:34:b1:b6:f0:79:ab:aa:e5:
53:f9:6d:b2:c9:64:08:2a:84:12:b3:ba:aa:90:82:5e:9f:7f:
1b:55:74:ae:02:e1:c2:b5:6a:cd:b6:31:41:e2:35:9b:be:ba:
bb:6d:37:b6:41:4a:fa:44:52:b3:8b:98:fc:6a:e6:f0:ac:47:
82:98:77:41:2b:1f:db:88:21:10:8f:1e:d9:77:45:de:60:28:
d6:27:87:31:11:0a:e5:d2:6e:91:ed:45:29:63:df:2f:65:fe:
bb:3b:85:ce:86:96:b8:40:a5:1e:1c:2c:e4:a3:81:d4:cb:09:
b3:06:fe:05:a9:e7:93:2e:f1:13:75:d3:24:92:3c:4d:52:43:
ab:e3:78:25
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQma4xCo3FoVM4Huqh8zUXzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUwMTAyMDk0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGRlZDUzOWRhYzUwMzgwZjEwNTExOGE5NzNiYmUwZTQ2NGFjNWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxi+BKxohzkulb7WHULpk7/pUTWDx
IVt3ina6QwEyTxaMDvt/MhAZR3JZSHsXTsxxRTHpo+uzYqATBCnDLrXPFDRo4IhO
zgJwzvoXb6OBIqQQ4bkJZuOjx709oHYGMnbYAZ0kttabI8UIufYqLFQv6ckiTxAj
kWM4nOx3a7bWOpfgxNzA+69xz2bW+hqHvPM7hShBb9aib8p5XVQdPk4GxOGU/qi1
kk0oOsH+yGSAiBgSH3Rw4xKkA8h5mflSI+EkwOBRx1KVgnGF13O7u22AjvN/a5nZ
EpYQBJoUF4PdjEXyIk2TUs+jcBgFofS8Bj9vl5sq2aGjTq+bKU5wsc2INwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGDe1TnaxQOA8QURipc7vg5GSsW8MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvWU43Vk9kckZBNER4QlJHS2x6dS1Ea1pLeGJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJUgQAwQA
VOhoAwQAVOyeAwQAsOObAwQAspwiMA0GCSqGSIb3DQEBCwUAA4IBAQBvtyietajU
99kf86rxkjyv9Svg10qWltdvG6AT2tFHbTrihDVZEo2cqjdEsGoGwJp9MMGFv/0W
2j4l6YkLvQqJod0LLwDPsIc4HCvblPwt32OXUlmmT0T8ibfUIJjplvaPGeMW00Vf
3Zo47CPIRmq7XRlnp7GRNLG28HmrquVT+W2yyWQIKoQSs7qqkIJen38bVXSuAuHC
tWrNtjFB4jWbvrq7bTe2QUr6RFKzi5j8aubwrEeCmHdBKx/biCEQjx7Zd0XeYCjW
J4cxEQrl0m6R7UUpY98vZf67O4XOhpa4QKUeHCzko4HUywmzBv4FqeeTLvETddMk
kjxNUkOr43gl
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:05:39 2025 by rpki-client