Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/PkVu03D1CRld76GED_NQa3Zviig.roa
File: PkVu03D1CRld76GED_NQa3Zviig.roa (raw, json)
Hash identifier: OkHPN7thUETTaMK2SKswCUlcs0r0An8Tlc/LHXOT+S8=
Subject key identifier: 3E:45:6E:D3:70:F5:09:19:5D:EF:A1:84:0F:F3:50:6B:76:6F:8A:28
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 01941FFA36A6C0DEE3680CF3714E2A1CD82A
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/PkVu03D1CRld76GED_NQa3Zviig.roa
Signing time: Wed 01 Jan 2025 03:47:59 +0000
ROA not before: Wed 01 Jan 2025 03:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59592
IP address blocks: 37.114.32.0/19 maxlen: 32
37.114.35.0/24 maxlen: 24
37.114.36.0/24 maxlen: 24
37.114.38.0/24 maxlen: 24
37.114.39.0/24 maxlen: 24
37.114.58.0/24 maxlen: 24
43.251.160.0/24 maxlen: 24
43.251.161.0/24 maxlen: 24
94.154.48.0/21 maxlen: 24
94.154.49.0/24 maxlen: 24
94.154.51.0/24 maxlen: 24
94.154.52.0/24 maxlen: 24
94.154.53.0/24 maxlen: 24
94.154.54.0/24 maxlen: 24
176.100.32.0/21 maxlen: 32
176.100.32.0/24 maxlen: 24
176.100.33.0/24 maxlen: 24
176.100.34.0/24 maxlen: 24
176.100.35.0/24 maxlen: 24
176.100.36.0/24 maxlen: 24
176.100.37.0/24 maxlen: 24
185.14.92.0/22 maxlen: 22
2a00:ccc0::/29 maxlen: 128
2a00:ccc2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:36:a6:c0:de:e3:68:0c:f3:71:4e:2a:1c:d8:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jan 1 03:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e456ed370f509195defa1840ff3506b766f8a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0d:b1:9a:64:98:0e:aa:79:e9:5b:d7:7f:d2:
47:ca:50:40:ec:d0:81:b6:d1:12:b5:7a:99:21:78:
b8:a2:72:6e:9c:f4:fa:1e:4b:0f:78:e4:83:1d:40:
27:fc:0a:03:39:5a:24:45:07:30:eb:52:e7:68:c7:
f1:62:f8:86:42:98:2a:dc:35:47:54:c9:10:51:ce:
74:14:12:d5:9d:81:14:ca:b1:14:eb:6d:34:97:41:
6a:1a:f3:1a:28:27:99:5f:f2:25:f7:be:cc:04:20:
8d:d4:50:6b:d8:96:af:9c:cb:13:56:44:9a:84:59:
4c:c0:a3:04:5d:37:88:0a:75:0c:0b:c8:bf:96:bd:
e5:d9:1b:5c:3d:a4:fb:d1:c0:4b:30:b9:7e:3d:f6:
09:e8:b2:67:98:6f:0a:a0:2a:dc:73:eb:a7:e7:6e:
f1:93:b4:19:cf:cb:ca:b0:06:36:bb:b3:b1:92:4d:
f1:5c:a4:3d:0e:8a:9e:5b:10:11:c2:b1:99:da:a2:
b4:c9:40:c3:5e:95:2e:37:bd:c2:76:4c:c7:f1:5c:
32:cd:6c:c3:ac:89:e3:99:18:20:31:cc:e9:a2:e5:
08:2b:98:6a:23:93:52:87:f7:6a:81:fb:42:dd:ed:
8b:e7:ec:61:56:9d:a6:82:dd:f4:b3:2d:b1:bb:e3:
e1:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:45:6E:D3:70:F5:09:19:5D:EF:A1:84:0F:F3:50:6B:76:6F:8A:28
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/PkVu03D1CRld76GED_NQa3Zviig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.32.0/19
43.251.160.0/23
94.154.48.0/21
176.100.32.0/21
185.14.92.0/22
IPv6:
2a00:ccc0::/29
Signature Algorithm: sha256WithRSAEncryption
48:eb:1d:8a:55:1e:51:dd:c6:4f:ca:3c:42:bf:c0:8d:67:b2:
0e:08:ea:8a:2c:e4:c5:3a:65:37:0e:f6:6e:c8:6b:55:08:c2:
b0:f0:4e:a4:b7:14:14:de:29:2d:08:07:38:9e:f5:b6:c4:11:
4d:89:d2:cb:e2:f1:3c:77:c3:e7:64:8d:e6:8a:fd:84:12:12:
b7:c9:c7:d4:4e:dd:00:a5:2c:7e:43:2c:da:74:b0:32:49:56:
8d:bb:a4:32:5a:63:93:01:ca:f5:a4:b2:01:8c:2f:a9:c7:6e:
1c:f4:d8:0c:a4:2d:88:de:3b:bd:1d:7a:6c:21:8b:e7:72:5a:
04:a9:19:2e:58:97:06:02:33:3d:86:c9:48:28:f9:8f:eb:91:
89:15:05:78:ca:54:3a:78:d7:52:51:6b:a9:af:71:9b:e3:41:
8b:09:c5:22:95:f6:23:2d:36:0f:43:62:4d:88:66:4e:19:28:
f2:00:7b:26:0d:fd:92:91:4b:52:20:47:47:8e:46:50:9b:9b:
94:5b:2c:5e:3a:7c:69:a0:33:3f:27:c3:94:a1:57:1a:dc:97:
b1:79:bc:68:40:38:ba:a8:4f:52:51:4c:7e:5a:35:5b:70:ac:
83:2e:2d:3d:d8:c5:53:1f:bc:7a:37:fa:09:5b:45:88:7c:ab:
40:0e:d7:f9
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQf+jamwN7jaAzzcU4qHNgqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjUwMTAxMDM0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTQ1NmVkMzcwZjUwOTE5NWRlZmExODQwZmYzNTA2Yjc2NmY4YTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg2xmmSYDqp56VvXf9JHylBA7NCB
ttEStXqZIXi4onJunPT6HksPeOSDHUAn/AoDOVokRQcw61LnaMfxYviGQpgq3DVH
VMkQUc50FBLVnYEUyrEU6200l0FqGvMaKCeZX/Il977MBCCN1FBr2JavnMsTVkSa
hFlMwKMEXTeICnUMC8i/lr3l2RtcPaT70cBLMLl+PfYJ6LJnmG8KoCrcc+un527x
k7QZz8vKsAY2u7Oxkk3xXKQ9DoqeWxARwrGZ2qK0yUDDXpUuN73CdkzH8VwyzWzD
rInjmRggMczpouUIK5hqI5NSh/dqgftC3e2L5+xhVp2mgt30sy2xu+PhIQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFD5FbtNw9QkZXe+hhA/zUGt2b4ooMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvUGtWdTAzRDFDUmxkNzZHRURfTlFhM1p2aWlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFJXIgAwQB
K/ugAwQDXpowAwQDsGQgAwQCuQ5cMA0EAgACMAcDBQMqAMzAMA0GCSqGSIb3DQEB
CwUAA4IBAQBI6x2KVR5R3cZPyjxCv8CNZ7IOCOqKLOTFOmU3DvZuyGtVCMKw8E6k
txQU3iktCAc4nvW2xBFNidLL4vE8d8PnZI3miv2EEhK3ycfUTt0ApSx+QyzadLAy
SVaNu6QyWmOTAcr1pLIBjC+px24c9NgMpC2I3ju9HXpsIYvncloEqRkuWJcGAjM9
hslIKPmP65GJFQV4ylQ6eNdSUWupr3Gb40GLCcUilfYjLTYPQ2JNiGZOGSjyAHsm
Df2SkUtSIEdHjkZQm5uUWyxeOnxpoDM/J8OUoVca3JexebxoQDi6qE9SUUx+WjVb
cKyDLi092MVTH7x6N/oJW0WIfKtADtf5
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:29:31 2025 by rpki-client