Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/719PZLmeHqbujtRsKmvo5771XIo.roa
File: 719PZLmeHqbujtRsKmvo5771XIo.roa (raw, json)
Hash identifier: bsKRuhzJIveVWiHQvKvv+dLt6oNf3d66tNY6ht9/C3A=
Subject key identifier: EF:5F:4F:64:B9:9E:1E:A6:EE:8E:D4:6C:2A:6B:E8:E7:BE:F5:5C:8A
Certificate issuer: /CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Certificate serial: 0194222015DB9DC3BA4F5346748D18A4523A
Authority key identifier: A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/719PZLmeHqbujtRsKmvo5771XIo.roa
Signing time: Wed 01 Jan 2025 13:48:35 +0000
ROA not before: Wed 01 Jan 2025 13:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29255
IP address blocks: 82.147.192.0/19 maxlen: 19
85.194.64.0/18 maxlen: 18
89.237.128.0/18 maxlen: 18
89.237.128.0/19 maxlen: 19
89.237.176.0/20 maxlen: 20
185.27.220.0/22 maxlen: 22
185.29.92.0/22 maxlen: 22
212.24.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 23:34:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:15:db:9d:c3:ba:4f:53:46:74:8d:18:a4:52:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Validity
Not Before: Jan 1 13:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef5f4f64b99e1ea6ee8ed46c2a6be8e7bef55c8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:7e:e0:95:cb:dd:b6:72:ed:4c:79:30:20:30:
72:72:df:15:60:22:10:3d:64:63:61:60:4d:10:de:
92:41:a5:50:59:1a:48:13:b7:de:c3:72:63:34:2d:
d2:d1:5d:af:78:1c:6c:cc:6c:97:fa:26:be:1d:7f:
3f:f3:8c:1b:f8:c6:2e:17:70:31:c2:a8:c4:82:60:
6b:6c:ae:d7:d1:7a:df:26:c6:83:9b:b0:95:08:ee:
21:82:95:1c:b2:9f:8b:54:a1:d6:65:69:ef:42:26:
85:ac:29:1f:92:90:67:84:2a:0d:3a:f1:f4:ca:53:
45:51:ae:32:59:e9:f9:7a:ed:ad:06:ef:0c:60:c1:
a9:5f:2e:ee:be:f4:7e:58:9d:1e:18:31:a8:0b:5b:
9f:f2:f4:e2:61:05:cb:49:93:8e:73:ca:d2:04:5d:
73:8d:48:36:8a:8e:f9:bd:5a:83:54:0a:0e:14:c1:
43:9f:b8:e7:ed:0f:01:1a:81:68:19:be:de:f6:b8:
11:39:7b:44:68:b9:07:d3:a7:63:04:99:d8:5b:ce:
4b:37:7d:ad:09:66:a9:d4:a4:20:32:ee:5b:56:21:
16:c6:1a:89:bf:82:2a:33:89:29:f4:b3:c7:58:58:
90:08:b1:86:f5:ea:55:43:8e:6e:7f:46:c1:62:55:
c1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:5F:4F:64:B9:9E:1E:A6:EE:8E:D4:6C:2A:6B:E8:E7:BE:F5:5C:8A
X509v3 Authority Key Identifier:
keyid:A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/719PZLmeHqbujtRsKmvo5771XIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.147.192.0/19
85.194.64.0/18
89.237.128.0/18
185.27.220.0/22
185.29.92.0/22
212.24.224.0/19
Signature Algorithm: sha256WithRSAEncryption
78:d5:6d:9c:95:fb:dc:75:13:1e:8f:cf:d4:b0:42:29:dd:45:
fa:d7:9b:88:a4:ab:46:49:4e:8c:7e:df:95:66:1b:75:77:ce:
9a:4d:4e:5e:d3:c8:88:e5:fa:62:3a:95:b3:77:b8:75:c3:c9:
d1:38:c0:74:c1:65:40:a7:df:b4:af:94:5f:7b:46:02:08:05:
4f:5b:9a:4c:34:fa:ab:4f:e9:c6:f3:e8:6d:d1:03:28:c5:ea:
f4:b4:58:a7:e8:d4:88:9e:df:8a:fb:1b:84:8e:27:05:b7:f2:
41:8c:7b:53:0b:36:7c:f0:92:53:27:b7:50:af:23:be:d3:ba:
52:d1:88:17:76:a2:65:39:0c:3d:78:04:ac:26:7b:b8:b5:5a:
83:5d:1f:98:6a:d7:f6:36:19:af:5d:bd:84:21:9e:c3:99:18:
55:47:85:0e:07:f7:45:ba:d9:d2:e0:fe:28:1c:9c:7c:5a:3f:
f1:ad:0d:dd:b2:a6:bc:85:6b:1c:ad:94:01:f9:34:19:e7:f5:
84:18:e4:d4:98:d2:84:ec:25:91:eb:4f:b7:07:e2:92:f1:1e:
a0:52:ca:1b:2b:85:fd:5b:74:15:53:93:79:64:75:b2:e3:35:
d4:0b:4f:87:5a:18:80:28:ad:4e:6a:98:6b:62:eb:ed:ef:89:
13:a6:ea:fe
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQiIBXbncO6T1NGdI0YpFI6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2M2JjYzZkMjVmNzQ3NmZiYjNlYzMzZjZkYmMzZTllZWFk
OTIyMTIwHhcNMjUwMTAxMTM0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjVmNGY2NGI5OWUxZWE2ZWU4ZWQ0NmMyYTZiZThlN2JlZjU1YzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl37glcvdtnLtTHkwIDByct8VYCIQ
PWRjYWBNEN6SQaVQWRpIE7few3JjNC3S0V2veBxszGyX+ia+HX8/84wb+MYuF3Ax
wqjEgmBrbK7X0XrfJsaDm7CVCO4hgpUcsp+LVKHWZWnvQiaFrCkfkpBnhCoNOvH0
ylNFUa4yWen5eu2tBu8MYMGpXy7uvvR+WJ0eGDGoC1uf8vTiYQXLSZOOc8rSBF1z
jUg2io75vVqDVAoOFMFDn7jn7Q8BGoFoGb7e9rgROXtEaLkH06djBJnYW85LN32t
CWap1KQgMu5bViEWxhqJv4IqM4kp9LPHWFiQCLGG9epVQ45uf0bBYlXB3QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFO9fT2S5nh6m7o7UbCpr6Oe+9VyKMB8GA1UdIwQY
MBaAFKY7zG0l90dvuz7DP228Pp7q2SISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQt
NDkyNGZhMDAwYjdjLzEvNzE5UFpMbWVIcWJ1anRSc0ttdm81NzcxWElvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQtNDkyNGZhMDAwYjdj
LzEvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFUpPAAwQG
VcJAAwQGWe2AAwQCuRvcAwQCuR1cAwQF1BjgMA0GCSqGSIb3DQEBCwUAA4IBAQB4
1W2clfvcdRMej8/UsEIp3UX615uIpKtGSU6Mft+VZht1d86aTU5e08iI5fpiOpWz
d7h1w8nROMB0wWVAp9+0r5Rfe0YCCAVPW5pMNPqrT+nG8+ht0QMoxer0tFin6NSI
nt+K+xuEjicFt/JBjHtTCzZ88JJTJ7dQryO+07pS0YgXdqJlOQw9eASsJnu4tVqD
XR+Yatf2NhmvXb2EIZ7DmRhVR4UOB/dFutnS4P4oHJx8Wj/xrQ3dsqa8hWscrZQB
+TQZ5/WEGOTUmNKE7CWR60+3B+KS8R6gUsobK4X9W3QVU5N5ZHWy4zXUC0+HWhiA
KK1OaphrYuvt74kTpur+
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:28:01 2025 by rpki-client