Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/tV6sObvzgTfPgUJ_zmLWZJP23Js.roa
File: tV6sObvzgTfPgUJ_zmLWZJP23Js.roa (raw, json)
Hash identifier: ruAGmOYz2wd7CtdLjtd2pZCz/+RLCcgBY+LOgFhOP3c=
Subject key identifier: B5:5E:AC:39:BB:F3:81:37:CF:81:42:7F:CE:62:D6:64:93:F6:DC:9B
Certificate issuer: /CN=0b1870c96ef09723811fb89250eea6eba963c0df
Certificate serial: 0194D63E63293A9B63F713073F01489D265F
Authority key identifier: 0B:18:70:C9:6E:F0:97:23:81:1F:B8:92:50:EE:A6:EB:A9:63:C0:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CxhwyW7wlyOBH7iSUO6m66ljwN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/tV6sObvzgTfPgUJ_zmLWZJP23Js.roa
Signing time: Wed 05 Feb 2025 13:13:20 +0000
ROA not before: Wed 05 Feb 2025 13:13:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 378
IP address blocks: 132.64.0.0/15 maxlen: 15
132.64.0.0/16 maxlen: 16
132.64.1.0/24 maxlen: 24
132.64.2.0/24 maxlen: 24
132.64.3.0/24 maxlen: 24
132.64.5.0/24 maxlen: 24
132.64.6.0/24 maxlen: 24
132.64.7.0/24 maxlen: 24
132.64.16.0/24 maxlen: 24
132.64.17.0/24 maxlen: 24
132.64.24.0/22 maxlen: 22
132.64.40.0/24 maxlen: 24
132.64.43.0/24 maxlen: 24
132.64.44.0/24 maxlen: 24
132.64.45.0/24 maxlen: 24
132.64.254.0/24 maxlen: 24
132.65.0.0/16 maxlen: 16
192.114.88.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/CxhwyW7wlyOBH7iSUO6m66ljwN8.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/CxhwyW7wlyOBH7iSUO6m66ljwN8.mft
rsync://rpki.ripe.net/repository/DEFAULT/CxhwyW7wlyOBH7iSUO6m66ljwN8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d6:3e:63:29:3a:9b:63:f7:13:07:3f:01:48:9d:26:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1870c96ef09723811fb89250eea6eba963c0df
Validity
Not Before: Feb 5 13:13:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b55eac39bbf38137cf81427fce62d66493f6dc9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:db:1c:62:90:f9:38:fa:ff:aa:c1:2b:5f:36:
7b:be:c5:a0:99:7e:66:dd:8e:df:3b:f2:54:42:4e:
b0:e5:43:37:f7:f1:19:d4:c3:fe:4e:55:21:43:32:
89:1c:17:84:e3:a6:0c:6c:4c:df:35:7f:01:71:6d:
d1:a2:dd:67:51:1b:13:d5:82:c4:ed:9c:c1:38:c3:
50:b0:7d:5f:10:21:83:bc:08:ce:39:bf:bd:95:74:
3a:db:1e:25:7e:14:2c:9f:c6:f4:03:2b:8e:64:d2:
6d:b2:e8:e0:8b:c2:81:bf:d8:c1:03:a5:57:a9:da:
1a:b1:57:d7:a9:e0:fe:a5:0d:27:0b:14:bd:76:d6:
c2:f7:d2:ff:be:c5:b9:04:58:69:e9:70:76:88:3e:
70:f8:a5:4e:96:b5:7a:3a:c4:5f:6f:7f:ff:2f:9f:
07:aa:ea:67:e7:33:d4:41:4a:9c:35:3b:8d:cd:f3:
c0:5b:57:a0:4b:a9:5a:9e:6f:93:2e:32:91:08:20:
6b:20:71:e3:64:c8:65:3f:34:ec:7c:48:43:69:2a:
9f:cf:34:a1:c3:ab:00:21:84:fc:8a:d1:b5:be:b7:
ba:b1:f9:37:88:b5:83:cb:17:0e:f0:c8:29:b0:85:
83:05:39:0b:84:1f:2f:41:cc:07:ad:a8:be:bc:27:
29:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:5E:AC:39:BB:F3:81:37:CF:81:42:7F:CE:62:D6:64:93:F6:DC:9B
X509v3 Authority Key Identifier:
keyid:0B:18:70:C9:6E:F0:97:23:81:1F:B8:92:50:EE:A6:EB:A9:63:C0:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CxhwyW7wlyOBH7iSUO6m66ljwN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/tV6sObvzgTfPgUJ_zmLWZJP23Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/CxhwyW7wlyOBH7iSUO6m66ljwN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.64.0.0/15
192.114.88.0/22
Signature Algorithm: sha256WithRSAEncryption
67:be:59:3b:d2:ec:49:6d:04:65:28:ff:15:ba:b2:4b:35:05:
3e:31:01:3b:91:40:9c:aa:15:bd:ce:68:0a:b9:a6:1a:7f:44:
fc:aa:c2:c1:72:b2:e3:3c:00:b8:be:63:a1:a5:19:9e:34:99:
14:7e:df:18:f9:d3:71:93:a6:db:58:d8:4c:d4:0d:10:0d:e2:
9a:a9:86:bb:86:4c:98:cf:3c:77:eb:a9:1c:37:be:2c:a2:01:
a5:59:8a:fb:69:c4:79:22:ba:58:fa:81:ad:61:d4:aa:da:83:
4c:87:d3:77:57:7b:da:80:be:a9:c5:df:4b:91:e5:4b:63:02:
eb:7a:85:6c:94:94:47:db:fd:74:9b:c3:0e:da:29:ed:4a:7f:
57:4a:16:15:99:49:c3:27:a9:9e:98:54:85:7c:b0:45:1c:76:
61:3c:f6:c9:51:4b:81:02:93:90:43:aa:76:f8:1d:95:ec:70:
3d:f8:d0:c3:d6:45:d7:32:40:07:7c:bf:4d:42:a7:96:a3:0e:
8b:6b:ea:a9:3a:43:55:10:81:bb:97:ee:ab:51:fd:6e:ba:4a:
a4:23:0a:41:b5:a2:3f:d2:de:be:1d:94:86:22:dc:3e:23:8e:
ed:c5:cb:05:4b:4e:0a:47:60:08:21:89:ea:f6:3d:cf:4d:d5:
9c:48:ff:5c
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZTWPmMpOptj9xMHPwFInSZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMTg3MGM5NmVmMDk3MjM4MTFmYjg5MjUwZWVhNmViYTk2
M2MwZGYwHhcNMjUwMjA1MTMxMzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTVlYWMzOWJiZjM4MTM3Y2Y4MTQyN2ZjZTYyZDY2NDkzZjZkYzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNscYpD5OPr/qsErXzZ7vsWgmX5m
3Y7fO/JUQk6w5UM39/EZ1MP+TlUhQzKJHBeE46YMbEzfNX8BcW3Rot1nURsT1YLE
7ZzBOMNQsH1fECGDvAjOOb+9lXQ62x4lfhQsn8b0AyuOZNJtsujgi8KBv9jBA6VX
qdoasVfXqeD+pQ0nCxS9dtbC99L/vsW5BFhp6XB2iD5w+KVOlrV6OsRfb3//L58H
qupn5zPUQUqcNTuNzfPAW1egS6lanm+TLjKRCCBrIHHjZMhlPzTsfEhDaSqfzzSh
w6sAIYT8itG1vre6sfk3iLWDyxcO8MgpsIWDBTkLhB8vQcwHrai+vCcpYQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFLVerDm784E3z4FCf85i1mST9tybMB8GA1UdIwQY
MBaAFAsYcMlu8JcjgR+4klDupuupY8DfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3hod3lXN3dseU9CSDdpU1VPNm02Nmxqd044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84NzcwMmEtM2FmNi00NmM3LWExMjMt
YTJlMjRmOTgwYjNmLzEvdFY2c09idnpnVGZQZ1VKX3ptTFdaSlAyM0pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny84NzcwMmEtM2FmNi00NmM3LWExMjMtYTJlMjRmOTgwYjNm
LzEvQ3hod3lXN3dseU9CSDdpU1VPNm02Nmxqd044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMBhEADBALA
clgwDQYJKoZIhvcNAQELBQADggEBAGe+WTvS7EltBGUo/xW6sks1BT4xATuRQJyq
Fb3OaAq5php/RPyqwsFysuM8ALi+Y6GlGZ40mRR+3xj503GTpttY2EzUDRAN4pqp
hruGTJjPPHfrqRw3viyiAaVZivtpxHkiulj6ga1h1Krag0yH03dXe9qAvqnF30uR
5UtjAut6hWyUlEfb/XSbww7aKe1Kf1dKFhWZScMnqZ6YVIV8sEUcdmE89slRS4EC
k5BDqnb4HZXscD340MPWRdcyQAd8v01Cp5ajDotr6qk6Q1UQgbuX7qtR/W66SqQj
CkG1oj/S3r4dlIYi3D4jju3FywVLTgpHYAghier2Pc9N1ZxI/1w=
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:15:30 2025 by rpki-client