Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/1y9h67sjn_VjHFrVe0Z3K6XNjqA.roa
File: 1y9h67sjn_VjHFrVe0Z3K6XNjqA.roa (raw, json)
Hash identifier: 2JQPf5WO6517JYBXHWCSR7Hd0Z7lAJY8xvwRiWg3zfc=
Subject key identifier: D7:2F:61:EB:BB:23:9F:F5:63:1C:5A:D5:7B:46:77:2B:A5:CD:8E:A0
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 01941FFA371DF839EF47E909537824803F91
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/1y9h67sjn_VjHFrVe0Z3K6XNjqA.roa
Signing time: Wed 01 Jan 2025 03:47:59 +0000
ROA not before: Wed 01 Jan 2025 03:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60461
IP address blocks: 37.114.32.0/19 maxlen: 32
37.114.33.0/24 maxlen: 24
37.114.39.0/24 maxlen: 24
37.114.43.0/24 maxlen: 24
37.114.44.0/24 maxlen: 24
37.114.45.0/24 maxlen: 24
37.114.46.0/24 maxlen: 24
37.114.48.0/24 maxlen: 24
37.114.49.0/24 maxlen: 24
37.114.50.0/24 maxlen: 24
37.114.51.0/24 maxlen: 24
37.114.52.0/24 maxlen: 24
37.114.54.0/24 maxlen: 24
37.114.55.0/24 maxlen: 24
37.114.58.0/24 maxlen: 24
37.114.63.0/24 maxlen: 24
43.251.160.0/24 maxlen: 24
43.251.161.0/24 maxlen: 24
94.154.50.0/24 maxlen: 24
94.154.55.0/24 maxlen: 24
176.100.36.0/24 maxlen: 24
176.100.37.0/24 maxlen: 24
176.100.38.0/24 maxlen: 24
176.100.39.0/24 maxlen: 24
185.14.92.0/24 maxlen: 24
185.14.93.0/24 maxlen: 24
2a00:ccc3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:37:1d:f8:39:ef:47:e9:09:53:78:24:80:3f:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jan 1 03:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d72f61ebbb239ff5631c5ad57b46772ba5cd8ea0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:7e:60:75:a6:aa:25:c6:af:2f:9d:98:59:21:
65:e3:e5:6d:c2:c4:76:47:ba:c0:92:d5:4d:a6:c5:
90:d4:46:08:12:5c:77:32:10:53:7c:af:a0:52:12:
fb:8b:19:eb:09:17:e6:6f:38:5b:9c:86:1c:4d:46:
7f:ad:f2:f7:b8:24:71:40:f1:f4:6d:93:fa:c6:f8:
8a:0a:22:7c:39:df:94:77:78:d7:6a:dd:15:13:97:
1b:fc:17:16:65:d4:c5:9f:1a:c4:61:a3:a4:08:25:
ef:db:1d:ef:92:e2:90:b3:5e:3f:69:8d:76:2d:dc:
f3:74:54:5d:41:33:b5:6a:5f:d6:4e:65:11:50:8f:
db:94:95:fa:3b:3d:2f:9c:6a:f2:e3:ec:ae:97:bc:
58:e2:88:a0:7f:0f:e7:fd:80:8a:4e:1b:4e:e6:4b:
00:b8:e3:d5:30:4a:cb:6b:ef:5a:b0:01:27:10:0d:
ed:81:cf:70:20:9e:dd:96:d6:ab:0a:25:6f:2c:1d:
2e:c5:f9:a4:ac:83:2b:2f:81:2e:c6:99:19:3f:c3:
5a:fe:ff:a1:83:c3:6c:69:a3:f4:c5:50:ca:63:92:
ed:94:3b:db:40:bc:b5:19:75:9d:63:11:0e:f8:4c:
ed:45:d4:16:30:ce:9c:12:2d:8e:f0:12:2d:db:5b:
2d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:2F:61:EB:BB:23:9F:F5:63:1C:5A:D5:7B:46:77:2B:A5:CD:8E:A0
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/1y9h67sjn_VjHFrVe0Z3K6XNjqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.32.0/19
43.251.160.0/23
94.154.50.0/24
94.154.55.0/24
176.100.36.0/22
185.14.92.0/23
IPv6:
2a00:ccc3::/32
Signature Algorithm: sha256WithRSAEncryption
c9:44:2b:ee:a7:fd:79:a6:09:10:74:ab:3f:46:cd:f4:cc:cb:
95:7a:00:a7:59:e1:db:1a:71:b7:6f:3c:ab:dc:50:0e:7f:80:
4e:c2:49:02:37:57:df:d4:58:49:c9:c0:f8:b3:03:a1:15:cc:
2b:b9:fb:b8:e1:a0:20:c3:bf:47:e0:0e:89:36:ff:d8:7a:10:
50:c9:2a:fa:cb:c8:db:42:9e:6b:d8:6a:bc:55:ad:39:58:7c:
5e:62:d4:6c:37:05:57:b0:33:76:b4:b2:18:5b:c0:22:12:bc:
60:98:de:94:27:70:a1:c5:9e:2c:ab:30:71:77:b6:50:30:91:
cd:77:48:70:5d:12:38:71:df:eb:98:7c:d8:c4:c4:bb:b6:af:
47:f6:04:2c:15:46:de:bc:b5:c4:19:dd:9b:9b:a4:e1:65:71:
67:03:16:56:28:f2:ba:5a:2f:8e:88:56:83:91:48:0c:a9:bb:
0a:eb:32:67:a2:fe:6c:06:19:cb:5c:24:35:dc:61:be:1d:8f:
16:67:2a:85:97:a2:4b:36:b5:45:74:36:f7:4c:79:43:d6:65:
d1:20:ed:e3:aa:13:40:85:26:04:fe:58:d1:43:c6:24:b8:d5:
60:42:ce:a5:05:c4:35:f3:5f:dc:46:12:59:fa:20:c8:9b:66:
30:ef:eb:18
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQf+jcd+DnvR+kJU3gkgD+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjUwMTAxMDM0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzJmNjFlYmJiMjM5ZmY1NjMxYzVhZDU3YjQ2NzcyYmE1Y2Q4ZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAin5gdaaqJcavL52YWSFl4+VtwsR2
R7rAktVNpsWQ1EYIElx3MhBTfK+gUhL7ixnrCRfmbzhbnIYcTUZ/rfL3uCRxQPH0
bZP6xviKCiJ8Od+Ud3jXat0VE5cb/BcWZdTFnxrEYaOkCCXv2x3vkuKQs14/aY12
LdzzdFRdQTO1al/WTmURUI/blJX6Oz0vnGry4+yul7xY4oigfw/n/YCKThtO5ksA
uOPVMErLa+9asAEnEA3tgc9wIJ7dltarCiVvLB0uxfmkrIMrL4EuxpkZP8Na/v+h
g8NsaaP0xVDKY5LtlDvbQLy1GXWdYxEO+EztRdQWMM6cEi2O8BIt21stpQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFNcvYeu7I5/1Yxxa1XtGdyulzY6gMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvMXk5aDY3c2puX1ZqSEZyVmUwWjNLNlhOanFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFJXIgAwQB
K/ugAwQAXpoyAwQAXpo3AwQCsGQkAwQBuQ5cMA0EAgACMAcDBQAqAMzDMA0GCSqG
SIb3DQEBCwUAA4IBAQDJRCvup/15pgkQdKs/Rs30zMuVegCnWeHbGnG3bzyr3FAO
f4BOwkkCN1ff1FhJycD4swOhFcwrufu44aAgw79H4A6JNv/YehBQySr6y8jbQp5r
2Gq8Va05WHxeYtRsNwVXsDN2tLIYW8AiErxgmN6UJ3ChxZ4sqzBxd7ZQMJHNd0hw
XRI4cd/rmHzYxMS7tq9H9gQsFUbevLXEGd2bm6ThZXFnAxZWKPK6Wi+OiFaDkUgM
qbsK6zJnov5sBhnLXCQ13GG+HY8WZyqFl6JLNrVFdDb3THlD1mXRIO3jqhNAhSYE
/ljRQ8YkuNVgQs6lBcQ181/cRhJZ+iDIm2Yw7+sY
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:29:39 2025 by rpki-client