Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/PU3RtVE8bUTLDau3UULyJxnwYvk.roa
File: PU3RtVE8bUTLDau3UULyJxnwYvk.roa (raw, json)
Hash identifier: rurDzg32C4cm1zQE6cZCxEDJG3aKAFEXLx56a9lYAvQ=
Subject key identifier: 3D:4D:D1:B5:51:3C:6D:44:CB:0D:AB:B7:51:42:F2:27:19:F0:62:F9
Certificate issuer: /CN=0563cb263df50d2d4d073c0f7db6cd2776302c9d
Certificate serial: 019474797D2B4D4E0CDC7A816EBAA664584F
Authority key identifier: 05:63:CB:26:3D:F5:0D:2D:4D:07:3C:0F:7D:B6:CD:27:76:30:2C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/PU3RtVE8bUTLDau3UULyJxnwYvk.roa
Signing time: Fri 17 Jan 2025 13:35:06 +0000
ROA not before: Fri 17 Jan 2025 13:35:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49434
IP address blocks: 37.44.236.0/24 maxlen: 24
37.44.237.0/24 maxlen: 24
79.110.237.0/24 maxlen: 24
185.142.52.0/24 maxlen: 24
185.142.54.0/24 maxlen: 24
185.142.55.0/24 maxlen: 24
193.177.0.0/24 maxlen: 24
193.177.162.0/24 maxlen: 24
193.178.0.0/24 maxlen: 24
2a09:ca00::/29 maxlen: 29
2a0f:9240::/32 maxlen: 32
2a0f:9240:1300::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 08:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:74:79:7d:2b:4d:4e:0c:dc:7a:81:6e:ba:a6:64:58:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0563cb263df50d2d4d073c0f7db6cd2776302c9d
Validity
Not Before: Jan 17 13:35:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d4dd1b5513c6d44cb0dabb75142f22719f062f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ab:0c:bf:8d:b7:17:b8:f4:b5:05:2e:86:86:
96:cb:c6:bb:97:b9:96:a2:3d:9b:cc:33:ea:aa:a0:
ba:08:55:2c:b3:28:05:0c:39:29:9b:c8:d8:02:57:
7d:fc:fb:fd:56:65:5b:54:2f:59:9e:e0:08:0a:60:
73:44:d0:53:1b:16:60:d3:62:dd:7d:93:8b:10:d2:
e9:88:98:9b:91:6d:6d:8e:a5:69:0c:86:df:4d:e0:
41:ca:99:a3:a1:de:7d:13:21:ac:89:bf:2a:81:8c:
bd:0e:c0:4b:61:33:73:3a:3e:5b:dc:38:1c:f9:f5:
51:25:01:94:c3:ea:b3:5f:65:91:2d:ea:b9:76:1c:
0d:32:db:e2:b8:9c:b6:a1:6c:3d:7e:20:5f:64:d3:
62:35:a2:df:12:46:93:ea:e9:77:22:80:17:1b:eb:
bb:f4:56:06:e2:8c:a6:4e:eb:ab:12:cc:5d:e8:1b:
a8:34:9a:cc:c8:b7:0a:ca:51:2f:18:cb:40:4d:ea:
3b:3d:9a:2e:62:cf:cd:13:66:4d:3b:d8:d0:99:83:
af:36:76:6f:e9:e8:80:e5:9b:95:e6:f2:fb:8f:9e:
fc:7f:4f:89:a1:ed:96:5d:39:ee:6a:a4:38:ef:5d:
7d:e0:c9:4f:51:20:df:43:7e:29:9c:3b:3a:48:9c:
b8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:4D:D1:B5:51:3C:6D:44:CB:0D:AB:B7:51:42:F2:27:19:F0:62:F9
X509v3 Authority Key Identifier:
keyid:05:63:CB:26:3D:F5:0D:2D:4D:07:3C:0F:7D:B6:CD:27:76:30:2C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/PU3RtVE8bUTLDau3UULyJxnwYvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.236.0/23
79.110.237.0/24
185.142.52.0/24
185.142.54.0/23
193.177.0.0/24
193.177.162.0/24
193.178.0.0/24
IPv6:
2a09:ca00::/29
2a0f:9240::/32
Signature Algorithm: sha256WithRSAEncryption
46:ad:c8:3d:cb:60:c6:5e:74:58:15:f6:d5:e1:a8:86:bd:4b:
d3:81:cc:1c:e2:cc:f2:87:90:b4:41:7f:1b:8f:4d:74:99:59:
64:5e:cd:1b:83:2c:73:0b:e2:39:90:10:74:36:d3:a2:1e:fe:
da:4b:31:41:67:d1:38:c8:9c:29:fa:0d:ab:ed:73:f1:da:85:
03:5b:6d:55:13:53:cb:98:1f:27:d8:8d:4b:8c:19:e1:8e:c2:
37:8b:c9:85:13:6f:dd:07:95:a9:21:fb:57:2a:89:5f:76:b1:
f4:6d:a9:80:d7:85:95:a3:5c:93:4a:6f:43:98:81:45:b4:e9:
51:b5:dd:13:36:d6:7e:e5:d4:f8:97:e2:a4:32:65:64:c7:8d:
f0:54:81:dc:48:d0:b0:9d:80:85:35:6f:e4:7d:96:4b:06:be:
e4:69:2b:7e:ad:ce:fe:f0:28:52:49:45:e2:79:81:52:66:d5:
fd:6d:7c:d3:cb:cd:f9:38:d7:a5:46:e2:09:e3:18:91:c1:2c:
44:44:88:e6:63:bb:42:f9:6e:6f:8d:d6:79:e0:4f:40:27:e8:
22:23:8b:0e:16:16:91:0b:67:f0:e3:e3:74:39:1d:aa:9d:3f:
d7:35:99:62:74:df:a2:6b:40:6e:42:77:72:91:5e:c3:c1:57:
b7:f5:61:bc
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZR0eX0rTU4M3HqBbrqmZFhPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjNjYjI2M2RmNTBkMmQ0ZDA3M2MwZjdkYjZjZDI3NzYz
MDJjOWQwHhcNMjUwMTE3MTMzNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDRkZDFiNTUxM2M2ZDQ0Y2IwZGFiYjc1MTQyZjIyNzE5ZjA2MmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKsMv423F7j0tQUuhoaWy8a7l7mW
oj2bzDPqqqC6CFUssygFDDkpm8jYAld9/Pv9VmVbVC9ZnuAICmBzRNBTGxZg02Ld
fZOLENLpiJibkW1tjqVpDIbfTeBBypmjod59EyGsib8qgYy9DsBLYTNzOj5b3Dgc
+fVRJQGUw+qzX2WRLeq5dhwNMtviuJy2oWw9fiBfZNNiNaLfEkaT6ul3IoAXG+u7
9FYG4oymTuurEsxd6BuoNJrMyLcKylEvGMtATeo7PZouYs/NE2ZNO9jQmYOvNnZv
6eiA5ZuV5vL7j578f0+Joe2WXTnuaqQ471194MlPUSDfQ34pnDs6SJy4FwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFD1N0bVRPG1Eyw2rt1FC8icZ8GL5MB8GA1UdIwQY
MBaAFAVjyyY99Q0tTQc8D322zSd2MCydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldQTEpqMzFEUzFOQnp3UGZiYk5KM1l3TEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi82MmU1ZjItMjViMy00NTU3LWFhOTQt
MTUwMzU0YjAwZTU1LzEvUFUzUnRWRThiVVRMRGF1M1VVTHlKeG53WXZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi82MmU1ZjItMjViMy00NTU3LWFhOTQtMTUwMzU0YjAwZTU1
LzEvQldQTEpqMzFEUzFOQnp3UGZiYk5KM1l3TEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQBJSzsAwQA
T27tAwQAuY40AwQBuY42AwQAwbEAAwQAwbGiAwQAwbIAMBQEAgACMA4DBQMqCcoA
AwUAKg+SQDANBgkqhkiG9w0BAQsFAAOCAQEARq3IPctgxl50WBX21eGohr1L04HM
HOLM8oeQtEF/G49NdJlZZF7NG4MscwviOZAQdDbToh7+2ksxQWfROMicKfoNq+1z
8dqFA1ttVRNTy5gfJ9iNS4wZ4Y7CN4vJhRNv3QeVqSH7VyqJX3ax9G2pgNeFlaNc
k0pvQ5iBRbTpUbXdEzbWfuXU+JfipDJlZMeN8FSB3EjQsJ2AhTVv5H2WSwa+5Gkr
fq3O/vAoUklF4nmBUmbV/W1808vN+TjXpUbiCeMYkcEsRESI5mO7Qvlub43WeeBP
QCfoIiOLDhYWkQtn8OPjdDkdqp0/1zWZYnTfomtAbkJ3cpFew8FXt/VhvA==
-----END CERTIFICATE-----
Generated at Fri Apr 11 16:39:08 2025 by rpki-client