Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/i7xtJNh8nnR1YjvF1KD1JF-TMBI.roa
File: i7xtJNh8nnR1YjvF1KD1JF-TMBI.roa (raw, json)
Hash identifier: 6umGEi6/dEe09HM9YM5x0dVLfi2Oz5knxj0Mb66phQ4=
Subject key identifier: 8B:BC:6D:24:D8:7C:9E:74:75:62:3B:C5:D4:A0:F5:24:5F:93:30:12
Certificate issuer: /CN=90b8a15466c3ff1e915d780a10b0baa9ad694860
Certificate serial: 01954CA5838EB57F8B8C9CCF1F72602A61F3
Authority key identifier: 90:B8:A1:54:66:C3:FF:1E:91:5D:78:0A:10:B0:BA:A9:AD:69:48:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/i7xtJNh8nnR1YjvF1KD1JF-TMBI.roa
Signing time: Fri 28 Feb 2025 13:01:10 +0000
ROA not before: Fri 28 Feb 2025 13:01:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197979
IP address blocks: 37.130.49.0/24 maxlen: 24
37.130.55.0/24 maxlen: 24
91.231.24.0/24 maxlen: 24
91.231.25.0/24 maxlen: 24
91.231.26.0/24 maxlen: 24
91.231.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4c:a5:83:8e:b5:7f:8b:8c:9c:cf:1f:72:60:2a:61:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90b8a15466c3ff1e915d780a10b0baa9ad694860
Validity
Not Before: Feb 28 13:01:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8bbc6d24d87c9e7475623bc5d4a0f5245f933012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:52:21:06:eb:98:9f:2e:f0:8c:a2:69:e2:c3:
d7:5d:24:9f:14:b8:3f:9f:72:fc:ec:f6:f7:d3:c3:
15:01:ab:85:93:7c:c1:eb:89:bb:81:c5:a8:47:27:
3e:d1:9c:84:56:f3:34:18:3c:61:3e:d1:37:72:cd:
a7:69:b1:a7:c0:c5:6e:3a:bc:7e:47:2c:d8:d2:64:
ed:46:20:e2:cb:04:a2:55:c3:fd:d4:51:e8:df:03:
fd:43:5c:fa:ab:7a:0f:9b:82:af:56:d6:cf:b6:1d:
da:fb:e5:9f:5e:3c:5c:5a:5b:70:ba:07:83:1c:f4:
1f:01:b6:47:14:47:0d:19:a7:d3:a8:04:ea:9e:4f:
70:d3:cb:7d:3d:9a:bb:b2:03:31:32:dd:20:fe:5b:
08:18:20:09:64:31:3b:c2:dd:26:7d:21:b7:eb:24:
c9:d4:c9:ec:68:48:61:91:4e:d1:15:58:30:e2:b5:
db:f3:20:7f:4f:cd:d3:d9:c0:6d:1e:21:77:f0:3d:
90:2a:26:10:74:51:64:1b:1f:41:14:60:91:19:a7:
af:20:45:09:72:1c:a9:02:38:6a:00:ee:74:6d:95:
01:69:b2:32:9d:60:c2:60:00:3f:01:ea:00:d6:2d:
47:c3:01:21:95:3c:7b:e2:e4:28:59:01:7b:fc:59:
04:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:BC:6D:24:D8:7C:9E:74:75:62:3B:C5:D4:A0:F5:24:5F:93:30:12
X509v3 Authority Key Identifier:
keyid:90:B8:A1:54:66:C3:FF:1E:91:5D:78:0A:10:B0:BA:A9:AD:69:48:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/i7xtJNh8nnR1YjvF1KD1JF-TMBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.49.0/24
37.130.55.0/24
91.231.24.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:68:5d:ab:0e:04:3f:af:b5:0d:c7:20:27:e6:a8:b0:27:e5:
d7:f2:8c:f0:2b:5f:08:95:53:36:b0:64:57:46:07:28:a5:27:
44:12:43:9b:b0:21:a2:20:45:f6:8a:39:f6:cf:17:91:12:97:
c3:37:bd:3f:93:8d:8f:2c:fe:88:6c:88:c6:ff:31:c2:17:e3:
a2:36:82:7a:34:f2:2b:f9:31:e7:24:d9:da:35:cf:ab:ca:e6:
24:70:49:81:cf:8c:e4:11:0f:5b:7a:44:ae:6d:a5:25:82:83:
b5:f9:3f:9e:65:09:01:4d:db:c0:f4:6a:35:67:e6:10:56:08:
54:ba:fd:b6:e4:c8:3f:5b:5e:a0:66:3b:73:3e:df:fe:53:d4:
33:39:a1:2a:e6:2c:85:d3:27:83:da:18:52:44:5e:cc:cf:85:
09:72:13:f9:ef:42:04:de:5f:22:9c:4f:b5:ac:4e:0d:46:81:
f2:45:a7:f7:f2:8c:a5:e1:ca:10:da:4c:71:29:fb:91:c4:4a:
03:43:3b:b2:47:50:8f:a6:49:1d:01:0d:da:0b:ab:27:fc:5a:
e6:c7:40:08:15:ef:02:94:61:94:7d:e3:0c:56:01:a4:bd:34:
e9:74:ed:64:b0:98:2e:a6:cf:24:e0:7e:ed:9f:df:21:15:c3:
2c:72:fe:0a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVMpYOOtX+LjJzPH3JgKmHzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYjhhMTU0NjZjM2ZmMWU5MTVkNzgwYTEwYjBiYWE5YWQ2
OTQ4NjAwHhcNMjUwMjI4MTMwMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmJjNmQyNGQ4N2M5ZTc0NzU2MjNiYzVkNGEwZjUyNDVmOTMzMDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVIhBuuYny7wjKJp4sPXXSSfFLg/
n3L87Pb308MVAauFk3zB64m7gcWoRyc+0ZyEVvM0GDxhPtE3cs2nabGnwMVuOrx+
RyzY0mTtRiDiywSiVcP91FHo3wP9Q1z6q3oPm4KvVtbPth3a++WfXjxcWltwugeD
HPQfAbZHFEcNGafTqATqnk9w08t9PZq7sgMxMt0g/lsIGCAJZDE7wt0mfSG36yTJ
1MnsaEhhkU7RFVgw4rXb8yB/T83T2cBtHiF38D2QKiYQdFFkGx9BFGCRGaevIEUJ
chypAjhqAO50bZUBabIynWDCYAA/AeoA1i1HwwEhlTx74uQoWQF7/FkExQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIu8bSTYfJ50dWI7xdSg9SRfkzASMB8GA1UdIwQY
MBaAFJC4oVRmw/8ekV14ChCwuqmtaUhgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0xpaFZHYkRfeDZSWFhnS0VMQzZxYTFwU0dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hMmRmNDQtMzhiMi00ZDEyLTgzNDct
NzhlOTk3ODY5OTUyLzEvaTd4dEpOaDhublIxWWp2RjFLRDFKRi1UTUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hMmRmNDQtMzhiMi00ZDEyLTgzNDctNzhlOTk3ODY5OTUy
LzEva0xpaFZHYkRfeDZSWFhnS0VMQzZxYTFwU0dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJYIxAwQA
JYI3AwQCW+cYMA0GCSqGSIb3DQEBCwUAA4IBAQCMaF2rDgQ/r7UNxyAn5qiwJ+XX
8ozwK18IlVM2sGRXRgcopSdEEkObsCGiIEX2ijn2zxeREpfDN70/k42PLP6IbIjG
/zHCF+OiNoJ6NPIr+THnJNnaNc+ryuYkcEmBz4zkEQ9bekSubaUlgoO1+T+eZQkB
TdvA9Go1Z+YQVghUuv225Mg/W16gZjtzPt/+U9QzOaEq5iyF0yeD2hhSRF7Mz4UJ
chP570IE3l8inE+1rE4NRoHyRaf38oyl4coQ2kxxKfuRxEoDQzuyR1CPpkkdAQ3a
C6sn/Frmx0AIFe8ClGGUfeMMVgGkvTTpdO1ksJgups8k4H7tn98hFcMscv4K
-----END CERTIFICATE-----
Generated at Wed Apr 16 09:12:24 2025 by rpki-client