Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/ipnQ83UpKa8sWrTXie04nVeOWrE.roa
File: ipnQ83UpKa8sWrTXie04nVeOWrE.roa (raw, json)
Hash identifier: LCyjANuJcWqupF1L+w0MaO/qngWjk1y0gHyBxfWyWgs=
Subject key identifier: 8A:99:D0:F3:75:29:29:AF:2C:5A:B4:D7:89:ED:38:9D:57:8E:5A:B1
Certificate issuer: /CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Certificate serial: 01941FFAAFB68C8E384CA2C481CDB277C2DA
Authority key identifier: 98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/ipnQ83UpKa8sWrTXie04nVeOWrE.roa
Signing time: Wed 01 Jan 2025 03:48:30 +0000
ROA not before: Wed 01 Jan 2025 03:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29286
IP address blocks: 37.72.192.0/19 maxlen: 19
37.72.224.0/24 maxlen: 24
37.72.225.0/24 maxlen: 24
37.72.226.0/24 maxlen: 24
37.72.227.0/24 maxlen: 24
37.72.228.0/24 maxlen: 24
37.72.229.0/24 maxlen: 24
37.72.240.0/24 maxlen: 24
37.72.242.0/24 maxlen: 24
37.72.243.0/24 maxlen: 24
37.72.244.0/22 maxlen: 22
37.72.248.0/24 maxlen: 24
37.72.249.0/24 maxlen: 24
37.72.250.0/23 maxlen: 23
37.72.252.0/22 maxlen: 22
81.20.208.0/20 maxlen: 20
213.151.176.0/21 maxlen: 21
213.151.184.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:af:b6:8c:8e:38:4c:a2:c4:81:cd:b2:77:c2:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Validity
Not Before: Jan 1 03:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a99d0f3752929af2c5ab4d789ed389d578e5ab1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:01:77:9c:76:42:c0:e5:48:35:f6:0c:61:7e:
8b:59:ae:57:20:8f:e7:07:68:43:0d:4e:87:c0:b5:
18:95:15:8c:0e:7c:79:17:76:e5:14:4c:bc:20:f9:
72:8a:d3:99:2e:ce:f6:ae:a2:11:c4:2a:ff:c3:82:
25:07:a5:a0:56:ef:53:76:96:2a:b7:21:83:98:5e:
08:e9:72:21:70:4f:66:bb:df:88:68:63:e1:9e:68:
c0:89:54:11:17:97:b4:7b:45:4a:53:65:6f:4d:0b:
3a:d6:ca:58:25:46:39:2d:8f:09:db:8f:84:0d:c6:
d0:14:86:7d:ab:0e:5f:87:79:2b:0b:6b:1a:f3:44:
e2:87:b0:86:b7:68:0c:ae:1b:49:7b:29:0c:13:7c:
49:f4:9b:99:44:b4:12:5c:b9:8d:08:4e:68:e7:0a:
05:80:ed:fb:6d:0b:92:6a:73:1c:36:74:91:2b:13:
91:4f:b2:9b:b5:cf:a4:03:fe:4a:52:44:97:53:ce:
49:2f:61:85:11:43:16:1b:b0:90:58:81:2c:a6:63:
48:57:25:34:f8:46:90:32:a1:70:a0:a2:8f:c1:c1:
77:90:74:4c:73:89:33:0c:d1:86:db:6c:4e:56:ea:
72:9d:80:39:36:5f:6f:86:af:d2:e3:8b:65:b5:bc:
fe:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:99:D0:F3:75:29:29:AF:2C:5A:B4:D7:89:ED:38:9D:57:8E:5A:B1
X509v3 Authority Key Identifier:
keyid:98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/ipnQ83UpKa8sWrTXie04nVeOWrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.192.0-37.72.229.255
37.72.240.0/24
37.72.242.0-37.72.255.255
81.20.208.0/20
213.151.176.0-213.151.187.255
Signature Algorithm: sha256WithRSAEncryption
aa:2d:bb:20:b1:4a:7e:b3:e0:8e:bb:c2:12:2c:a5:d9:80:79:
61:22:dd:38:92:42:75:5d:e1:d1:a5:e5:b9:fb:c7:1e:3e:25:
32:db:95:49:0a:8c:56:c9:ae:61:ee:d6:3a:ed:e1:c4:cd:3e:
44:53:9b:a8:5a:7e:8b:a3:7b:88:16:92:e1:1a:77:2f:1f:39:
f3:59:ea:32:f3:a0:1d:43:f7:40:b9:da:b3:62:fb:40:39:db:
68:43:88:75:0a:01:2e:ab:af:48:65:5d:ee:3a:d0:6b:3c:c1:
93:9a:ac:14:a9:57:d0:aa:7d:fa:03:db:95:96:50:65:1c:e8:
cd:56:11:5b:29:79:7a:ce:43:71:54:f9:a5:7b:10:c3:24:db:
e0:97:cd:75:55:80:e8:50:6a:97:0c:5c:d5:08:50:e9:ca:6d:
03:15:05:9d:ff:ca:14:90:9f:99:aa:d1:aa:ec:62:02:40:f5:
c5:f8:92:b7:0e:cd:30:82:f1:c6:15:80:1b:42:54:0e:8e:19:
92:bc:c2:2a:ff:72:d3:f5:9d:bc:16:e6:0f:fd:e6:eb:4f:a8:
48:a9:15:59:0f:d2:f0:59:33:6e:d1:b5:1d:fe:6d:a9:58:6f:
e6:08:92:5b:22:e4:48:62:ad:93:e9:55:ea:6e:3f:7a:ef:cd:
f7:d2:89:9e
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQf+q+2jI44TKLEgc2yd8LaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTJlNDkxYWFhNjU1YjYzMjRkYmNjMGNmZjAwYThkNjMx
OTEwNzYwHhcNMjUwMTAxMDM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTk5ZDBmMzc1MjkyOWFmMmM1YWI0ZDc4OWVkMzg5ZDU3OGU1YWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQF3nHZCwOVINfYMYX6LWa5XII/n
B2hDDU6HwLUYlRWMDnx5F3blFEy8IPlyitOZLs72rqIRxCr/w4IlB6WgVu9TdpYq
tyGDmF4I6XIhcE9mu9+IaGPhnmjAiVQRF5e0e0VKU2VvTQs61spYJUY5LY8J24+E
DcbQFIZ9qw5fh3krC2sa80Tih7CGt2gMrhtJeykME3xJ9JuZRLQSXLmNCE5o5woF
gO37bQuSanMcNnSRKxORT7Kbtc+kA/5KUkSXU85JL2GFEUMWG7CQWIEspmNIVyU0
+EaQMqFwoKKPwcF3kHRMc4kzDNGG22xOVupynYA5Nl9vhq/S44tltbz+RQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFIqZ0PN1KSmvLFq014ntOJ1XjlqxMB8GA1UdIwQY
MBaAFJgS5JGqplW2Mk28wM/wCo1jGRB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUt
ZGZmZTE3ZjNkYjU0LzEvaXBuUTgzVXBLYThzV3JUWGllMDRuVmVPV3JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUtZGZmZTE3ZjNkYjU0
LzEvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTA7BAIAATA1MAwDBAYlSMAD
BAElSOQDBAAlSPAwCwMEASVI8gMDACVIAwQEURTQMAwDBATVl7ADBALVl7gwDQYJ
KoZIhvcNAQELBQADggEBAKotuyCxSn6z4I67whIspdmAeWEi3TiSQnVd4dGl5bn7
xx4+JTLblUkKjFbJrmHu1jrt4cTNPkRTm6hafouje4gWkuEady8fOfNZ6jLzoB1D
90C52rNi+0A522hDiHUKAS6rr0hlXe460Gs8wZOarBSpV9CqffoD25WWUGUc6M1W
EVspeXrOQ3FU+aV7EMMk2+CXzXVVgOhQapcMXNUIUOnKbQMVBZ3/yhSQn5mq0ars
YgJA9cX4krcOzTCC8cYVgBtCVA6OGZK8wir/ctP1nbwW5g/95utPqEipFVkP0vBZ
M27RtR3+balYb+YIklsi5EhirZPpVepuP3rvzffSiZ4=
-----END CERTIFICATE-----
Generated at Sat Apr 12 04:26:49 2025 by rpki-client