Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/78yzrAMUvPPiweEURUgqJfcIMBk.roa
File: 78yzrAMUvPPiweEURUgqJfcIMBk.roa (raw, json)
Hash identifier: zfQUxp4F2xMwb9r6ALu/P1TyG3gmcS2j5Ani40bq0LU=
Subject key identifier: EF:CC:B3:AC:03:14:BC:F3:E2:C1:E1:14:45:48:2A:25:F7:08:30:19
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258F9D330782D71FCEC928BD609E35BC
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/78yzrAMUvPPiweEURUgqJfcIMBk.roa
Signing time: Thu 02 Jan 2025 05:49:16 +0000
ROA not before: Thu 02 Jan 2025 05:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42772
IP address blocks: 92.38.64.0/20 maxlen: 24
93.170.184.0/23 maxlen: 24
93.171.112.0/20 maxlen: 24
95.46.16.0/20 maxlen: 24
95.46.46.0/24 maxlen: 24
95.46.200.0/21 maxlen: 24
95.46.208.0/24 maxlen: 24
146.120.32.0/21 maxlen: 24
146.120.128.0/20 maxlen: 24
146.120.144.0/21 maxlen: 24
151.249.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:9d:33:07:82:d7:1f:ce:c9:28:bd:60:9e:35:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=efccb3ac0314bcf3e2c1e11445482a25f7083019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ca:9f:10:6e:aa:a1:3d:13:14:50:d3:0c:5b:
2c:33:33:64:55:83:01:b4:cf:c6:48:ba:9f:c5:61:
a5:c4:c6:a3:a1:b6:8d:05:20:d5:6b:86:89:9b:6a:
5e:1a:40:2f:a1:6e:56:50:82:a0:44:f5:dc:9b:56:
2a:e4:c6:ff:5c:d5:bb:74:91:0f:ef:bc:ec:7b:b3:
bb:2e:3b:fd:bc:b2:6e:78:b8:0b:b7:f6:ca:c0:11:
e6:82:f9:4d:51:31:f0:c3:62:7a:a0:24:3a:2a:8a:
fa:94:2a:47:d2:75:e4:3e:c9:d7:25:a1:42:a0:55:
2c:34:cc:1d:ec:b2:0b:fe:78:e2:76:bd:cd:99:5b:
29:ea:e2:90:24:e0:7c:dc:2d:a3:f0:8a:1a:07:69:
70:39:8a:6a:57:9d:48:80:85:2c:2a:04:3b:5f:fc:
0d:ca:8a:b8:90:3a:f1:cf:a5:23:52:4a:39:b7:0f:
8e:ac:64:5f:30:65:64:79:99:6b:c1:42:7b:f9:10:
5c:37:57:c4:32:05:d0:39:eb:34:be:d5:85:05:0f:
d4:c5:f9:57:aa:01:d9:9f:fe:62:42:58:67:d2:c6:
6b:a8:e5:a8:63:6d:87:77:a1:f9:44:74:cb:20:e8:
b0:d3:b0:b8:a4:f9:82:11:0e:1e:6d:2b:35:75:78:
3c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:CC:B3:AC:03:14:BC:F3:E2:C1:E1:14:45:48:2A:25:F7:08:30:19
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/78yzrAMUvPPiweEURUgqJfcIMBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.64.0/20
93.170.184.0/23
93.171.112.0/20
95.46.16.0/20
95.46.46.0/24
95.46.200.0-95.46.208.255
146.120.32.0/21
146.120.128.0-146.120.151.255
151.249.128.0/17
Signature Algorithm: sha256WithRSAEncryption
99:a0:58:cb:93:1a:5d:42:eb:35:fd:45:0b:57:fc:99:dc:9e:
0d:11:4d:a5:cb:52:f4:3c:28:c6:e8:a0:7a:8b:8e:4d:84:b7:
73:5f:af:60:3e:f5:30:6f:e1:f6:4c:3c:92:fe:d9:6a:80:ea:
79:42:fa:0d:1a:c9:da:18:63:36:36:c9:c9:7e:ea:55:af:e2:
33:29:18:0a:dc:1f:e9:45:ac:c6:d4:3e:ea:f1:36:36:24:e7:
82:e2:73:a6:df:1e:ed:c8:f2:d1:2f:b4:2a:63:f3:b5:39:1b:
e5:8a:42:a6:c3:cc:6d:a0:5c:b2:c7:e2:3c:81:dc:f8:f6:ee:
1a:42:93:e7:37:7c:5d:31:f9:52:0c:ae:f3:6c:21:8d:95:c1:
b8:c2:bf:94:96:80:02:c7:82:4e:94:7e:7a:a6:08:c7:c6:26:
89:e3:1e:94:37:3c:ac:16:b4:e6:52:7c:e1:55:d5:44:8b:bc:
d3:76:56:8e:a4:0d:40:9f:89:ed:79:29:5e:77:01:ef:63:d8:
34:e7:d3:54:14:88:57:a8:02:e1:41:ed:bc:e6:13:11:3c:30:
de:2e:5c:73:03:80:4e:ab:4d:96:16:29:98:96:f3:71:53:ca:
df:ba:49:d5:63:13:d5:97:4b:04:87:e8:76:61:ac:5b:7e:03:
3b:ea:36:36
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZQlj50zB4LXH87JKL1gnjW8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmNjYjNhYzAzMTRiY2YzZTJjMWUxMTQ0NTQ4MmEyNWY3MDgzMDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cqfEG6qoT0TFFDTDFssMzNkVYMB
tM/GSLqfxWGlxMajobaNBSDVa4aJm2peGkAvoW5WUIKgRPXcm1Yq5Mb/XNW7dJEP
77zse7O7Ljv9vLJueLgLt/bKwBHmgvlNUTHww2J6oCQ6Kor6lCpH0nXkPsnXJaFC
oFUsNMwd7LIL/njidr3NmVsp6uKQJOB83C2j8IoaB2lwOYpqV51IgIUsKgQ7X/wN
yoq4kDrxz6UjUko5tw+OrGRfMGVkeZlrwUJ7+RBcN1fEMgXQOes0vtWFBQ/UxflX
qgHZn/5iQlhn0sZrqOWoY22Hd6H5RHTLIOiw07C4pPmCEQ4ebSs1dXg8YwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFO/Ms6wDFLzz4sHhFEVIKiX3CDAZMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvNzh5enJBTVV2UFBpd2VFVVJVZ3FKZmNJTUJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQEXCZAAwQB
Xaq4AwQEXatwAwQEXy4QAwQAXy4uMAwDBANfLsgDBABfLtADBAOSeCAwDAMEB5J4
gAMEA5J4kAMEB5f5gDANBgkqhkiG9w0BAQsFAAOCAQEAmaBYy5MaXULrNf1FC1f8
mdyeDRFNpctS9DwoxuigeouOTYS3c1+vYD71MG/h9kw8kv7ZaoDqeUL6DRrJ2hhj
NjbJyX7qVa/iMykYCtwf6UWsxtQ+6vE2NiTnguJzpt8e7cjy0S+0KmPztTkb5YpC
psPMbaBcssfiPIHc+PbuGkKT5zd8XTH5Ugyu82whjZXBuMK/lJaAAseCTpR+eqYI
x8YmieMelDc8rBa05lJ84VXVRIu803ZWjqQNQJ+J7XkpXncB72PYNOfTVBSIV6gC
4UHtvOYTETww3i5ccwOATqtNlhYpmJbzcVPK37pJ1WMT1ZdLBIfodmGsW34DO+o2
Ng==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:06:04 2025 by rpki-client