Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/dwfEfRg8877Atw4vgQddrhHW_dc.roa
File: dwfEfRg8877Atw4vgQddrhHW_dc.roa (raw, json)
Hash identifier: SdtTc5eD1TxuTF/mYnxmN25vPFVewXwZEmOu76MAXN0=
Subject key identifier: 77:07:C4:7D:18:3C:F3:BE:C0:B7:0E:2F:81:07:5D:AE:11:D6:FD:D7
Certificate issuer: /CN=af121cd6e11da095f856d79deec469d0c6358494
Certificate serial: 01942445924323C25A03B73342A46A034544
Authority key identifier: AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/dwfEfRg8877Atw4vgQddrhHW_dc.roa
Signing time: Wed 01 Jan 2025 23:48:46 +0000
ROA not before: Wed 01 Jan 2025 23:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55293
IP address blocks: 85.187.128.0/19 maxlen: 24
114.129.128.0/19 maxlen: 24
185.52.148.0/22 maxlen: 24
185.62.136.0/22 maxlen: 24
185.132.4.0/22 maxlen: 24
185.133.20.0/22 maxlen: 24
185.141.188.0/22 maxlen: 24
185.143.44.0/22 maxlen: 24
185.146.20.0/22 maxlen: 24
185.146.28.0/22 maxlen: 24
185.148.44.0/22 maxlen: 24
185.148.128.0/22 maxlen: 24
185.149.112.0/22 maxlen: 24
185.151.48.0/22 maxlen: 24
185.160.65.0/24 maxlen: 24
185.160.66.0/23 maxlen: 24
185.166.145.0/24 maxlen: 24
185.166.146.0/23 maxlen: 24
185.168.108.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:92:43:23:c2:5a:03:b7:33:42:a4:6a:03:45:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af121cd6e11da095f856d79deec469d0c6358494
Validity
Not Before: Jan 1 23:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7707c47d183cf3bec0b70e2f81075dae11d6fdd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:76:5a:b5:24:38:dd:b4:b3:55:28:9c:7c:c3:
66:42:e3:1e:d5:a3:d0:f3:41:bb:87:63:16:3e:e2:
dc:d4:e3:2a:71:ff:04:2d:55:3b:96:0e:16:d2:40:
37:7a:60:16:a6:d0:aa:c8:33:de:7f:3d:5e:01:37:
7e:1e:3d:9e:91:8b:7c:2e:14:e3:cb:4d:82:9a:b6:
80:24:64:32:75:93:02:64:9f:aa:cb:8a:7c:ae:a2:
08:3a:fb:d4:fa:aa:e9:86:ff:f0:ed:ab:91:63:bf:
bb:e9:08:eb:4b:66:ac:8d:1b:56:e9:4d:c0:9f:76:
78:d6:6e:6e:4c:dd:8b:08:35:78:62:d1:18:71:a5:
08:d8:bc:11:bf:61:80:5c:f0:3c:22:c8:c7:fb:94:
3d:83:af:15:6a:ff:55:0e:c9:7d:03:b4:ef:fa:2b:
61:bd:9a:ed:58:70:11:8f:63:63:21:4d:3b:48:41:
8b:3e:3e:57:45:de:ee:24:ac:0d:c1:b0:a5:de:00:
f6:16:13:7a:89:45:42:d8:5b:1d:cb:cc:d7:7b:27:
46:c0:86:ed:3b:2c:44:fe:1d:f4:ab:d1:09:a6:cf:
23:ca:2c:6e:49:34:31:a3:71:c2:c2:62:34:9b:df:
e2:f3:a2:b2:12:ba:08:f1:d8:89:c0:80:ad:52:aa:
c2:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:07:C4:7D:18:3C:F3:BE:C0:B7:0E:2F:81:07:5D:AE:11:D6:FD:D7
X509v3 Authority Key Identifier:
keyid:AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/dwfEfRg8877Atw4vgQddrhHW_dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.128.0/19
114.129.128.0/19
185.52.148.0/22
185.62.136.0/22
185.132.4.0/22
185.133.20.0/22
185.141.188.0/22
185.143.44.0/22
185.146.20.0/22
185.146.28.0/22
185.148.44.0/22
185.148.128.0/22
185.149.112.0/22
185.151.48.0/22
185.160.65.0-185.160.67.255
185.166.145.0-185.166.147.255
185.168.108.0/22
Signature Algorithm: sha256WithRSAEncryption
17:19:26:ba:2a:97:4a:80:01:89:61:32:6c:71:51:45:f2:63:
f2:ca:fc:af:92:d2:e1:cd:d7:33:b4:53:95:e7:1b:0f:af:11:
2f:e4:d4:a8:f1:2a:5d:00:93:ea:7c:17:f9:e2:3d:22:5a:42:
b3:19:d6:65:1b:5e:3b:fb:ba:2b:e7:62:b4:76:0e:e4:cb:42:
49:0c:77:4d:64:28:42:64:b8:d4:17:24:12:0d:7f:d4:99:e1:
65:af:7f:d4:bf:a0:19:4d:25:fe:bb:ec:0b:f7:c6:47:ec:c1:
86:a1:ca:e8:fe:4e:39:bd:42:e0:aa:ce:be:c7:cf:73:87:8a:
ca:2d:13:f8:b9:73:0d:09:67:ba:b3:43:d0:5e:98:b2:18:f1:
a6:9d:9a:8d:c8:8b:52:17:7e:f3:42:29:d8:80:b0:a7:5c:03:
0b:7c:a1:d3:a0:e8:df:9d:3d:ae:e2:2a:73:94:18:f9:65:69:
0e:3f:ac:84:12:5b:fc:5c:3f:16:27:ec:0e:70:50:0a:14:2d:
e2:74:fb:63:2e:04:4b:68:17:69:f2:f2:43:33:67:7a:a8:ea:
f3:91:82:fa:f1:64:3e:fd:e4:15:88:fd:50:27:32:d2:ac:dd:
05:c5:4f:b1:8c:58:a5:c1:58:de:b9:43:8e:a0:04:d4:18:5f:
6a:34:27:5d
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZQkRZJDI8JaA7czQqRqA0VEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMTIxY2Q2ZTExZGEwOTVmODU2ZDc5ZGVlYzQ2OWQwYzYz
NTg0OTQwHhcNMjUwMTAxMjM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzA3YzQ3ZDE4M2NmM2JlYzBiNzBlMmY4MTA3NWRhZTExZDZmZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3ZatSQ43bSzVSicfMNmQuMe1aPQ
80G7h2MWPuLc1OMqcf8ELVU7lg4W0kA3emAWptCqyDPefz1eATd+Hj2ekYt8LhTj
y02CmraAJGQydZMCZJ+qy4p8rqIIOvvU+qrphv/w7auRY7+76QjrS2asjRtW6U3A
n3Z41m5uTN2LCDV4YtEYcaUI2LwRv2GAXPA8IsjH+5Q9g68Vav9VDsl9A7Tv+ith
vZrtWHARj2NjIU07SEGLPj5XRd7uJKwNwbCl3gD2FhN6iUVC2Fsdy8zXeydGwIbt
OyxE/h30q9EJps8jyixuSTQxo3HCwmI0m9/i86KyEroI8diJwICtUqrCLQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFHcHxH0YPPO+wLcOL4EHXa4R1v3XMB8GA1UdIwQY
MBaAFK8SHNbhHaCV+FbXne7EadDGNYSUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnhJYzF1RWRvSlg0VnRlZDdzUnAwTVkxaEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9mZDYwNjktNDE3OS00NWJlLWI4MmEt
YWYzZjc5NGFlNjA3LzEvZHdmRWZSZzg4NzdBdHc0dmdRZGRyaEhXX2RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9mZDYwNjktNDE3OS00NWJlLWI4MmEtYWYzZjc5NGFlNjA3
LzEvcnhJYzF1RWRvSlg0VnRlZDdzUnAwTVkxaEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAVVu4AD
BAVygYADBAK5NJQDBAK5PogDBAK5hAQDBAK5hRQDBAK5jbwDBAK5jywDBAK5khQD
BAK5khwDBAK5lCwDBAK5lIADBAK5lXADBAK5lzAwDAMEALmgQQMEArmgQDAMAwQA
uaaRAwQCuaaQAwQCuahsMA0GCSqGSIb3DQEBCwUAA4IBAQAXGSa6KpdKgAGJYTJs
cVFF8mPyyvyvktLhzdcztFOV5xsPrxEv5NSo8SpdAJPqfBf54j0iWkKzGdZlG147
+7or52K0dg7ky0JJDHdNZChCZLjUFyQSDX/UmeFlr3/Uv6AZTSX+u+wL98ZH7MGG
ocro/k45vULgqs6+x89zh4rKLRP4uXMNCWe6s0PQXpiyGPGmnZqNyItSF37zQinY
gLCnXAMLfKHToOjfnT2u4ipzlBj5ZWkOP6yEElv8XD8WJ+wOcFAKFC3idPtjLgRL
aBdp8vJDM2d6qOrzkYL68WQ+/eQViP1QJzLSrN0FxU+xjFilwVjeuUOOoATUGF9q
NCdd
-----END CERTIFICATE-----
Generated at Sun Apr 13 08:44:20 2025 by rpki-client