Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ea27f3-db74-4963-a18c-035281289bb0/1/36vP2RZocex6kBCMTbzrkEU173I.roa
File: 36vP2RZocex6kBCMTbzrkEU173I.roa (raw, json)
Hash identifier: aEiOZj8YmAwZwpDXXxUuOkmJFeM2AJc91e5CxmnRxTk=
Subject key identifier: DF:AB:CF:D9:16:68:71:EC:7A:90:10:8C:4D:BC:EB:90:45:35:EF:72
Certificate issuer: /CN=597487472d37cbd726181f9f3a20386f039b3ba8
Certificate serial: 0194221F47FD9977536225C4F4DFE13375AE
Authority key identifier: 59:74:87:47:2D:37:CB:D7:26:18:1F:9F:3A:20:38:6F:03:9B:3B:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXSHRy03y9cmGB-fOiA4bwObO6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/ea27f3-db74-4963-a18c-035281289bb0/1/36vP2RZocex6kBCMTbzrkEU173I.roa
Signing time: Wed 01 Jan 2025 13:47:42 +0000
ROA not before: Wed 01 Jan 2025 13:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41998
IP address blocks: 194.76.2.0/24 maxlen: 24
194.76.3.0/24 maxlen: 24
194.76.4.0/24 maxlen: 24
194.76.5.0/24 maxlen: 24
194.76.6.0/24 maxlen: 24
194.76.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/ea27f3-db74-4963-a18c-035281289bb0/1/WXSHRy03y9cmGB-fOiA4bwObO6g.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/ea27f3-db74-4963-a18c-035281289bb0/1/WXSHRy03y9cmGB-fOiA4bwObO6g.mft
rsync://rpki.ripe.net/repository/DEFAULT/WXSHRy03y9cmGB-fOiA4bwObO6g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 10:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:47:fd:99:77:53:62:25:c4:f4:df:e1:33:75:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=597487472d37cbd726181f9f3a20386f039b3ba8
Validity
Not Before: Jan 1 13:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfabcfd9166871ec7a90108c4dbceb904535ef72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:84:11:04:48:e1:13:4e:2c:0b:78:a9:e0:79:
50:c0:28:ab:11:ec:b9:46:17:e0:f9:da:32:28:19:
b6:12:13:14:da:49:4a:23:e2:5c:e2:20:2b:08:a9:
6b:b0:83:b2:8f:39:1b:d4:2f:bc:83:c5:64:37:7b:
6b:86:83:11:f0:39:4b:b2:82:fc:ad:c2:e8:46:4b:
95:74:b2:5f:58:40:e3:93:cb:80:cb:c5:97:6b:30:
61:dd:29:d0:12:87:5f:b9:09:49:00:53:e7:d8:a7:
20:c0:87:ae:b2:44:a4:f7:89:f0:c8:6b:10:e8:4f:
22:64:f7:0b:65:f3:e3:de:0a:1b:ea:52:44:97:d5:
2e:be:ab:5e:aa:ce:7a:47:06:e2:d8:30:a5:ef:a0:
10:cc:b5:99:04:62:6e:51:5b:36:c5:06:c8:7f:71:
b6:b0:5b:7f:c1:a5:18:0a:1b:f1:6e:63:eb:4a:e9:
8b:3d:e8:09:b4:58:59:dc:27:dd:70:48:ef:d2:cd:
d6:13:24:ae:92:b5:cb:7b:72:58:78:37:77:6c:8e:
dc:2a:52:3b:64:d5:63:f8:14:d6:58:78:b8:3a:24:
f3:7a:dd:b0:a7:6e:20:f6:a7:a3:a3:fc:7d:0c:0f:
00:5d:66:e0:fa:ab:0b:8a:91:af:d4:99:b1:f8:5a:
de:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:AB:CF:D9:16:68:71:EC:7A:90:10:8C:4D:BC:EB:90:45:35:EF:72
X509v3 Authority Key Identifier:
keyid:59:74:87:47:2D:37:CB:D7:26:18:1F:9F:3A:20:38:6F:03:9B:3B:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXSHRy03y9cmGB-fOiA4bwObO6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ea27f3-db74-4963-a18c-035281289bb0/1/36vP2RZocex6kBCMTbzrkEU173I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ea27f3-db74-4963-a18c-035281289bb0/1/WXSHRy03y9cmGB-fOiA4bwObO6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.2.0-194.76.7.255
Signature Algorithm: sha256WithRSAEncryption
a2:df:2c:03:46:6c:88:b6:fa:45:bb:77:9e:6f:0e:7c:c9:79:
19:9a:04:e3:5a:d0:da:c4:c1:d8:b8:d4:0a:ca:89:97:5d:67:
1c:80:49:32:c3:d4:99:4b:79:4f:08:6b:5f:7f:7e:c1:6c:21:
da:b2:c1:64:25:ab:84:ba:a1:f1:29:a4:df:1a:1f:5f:28:4d:
2c:84:c8:90:de:6c:c4:6c:17:08:c9:22:bc:57:69:ab:eb:fc:
e1:b9:67:eb:0f:e6:b6:7a:b6:d2:f4:9c:60:f8:e2:4e:d2:5f:
7b:a0:26:54:31:e2:19:df:c6:49:ff:f4:70:2b:8a:a6:c8:52:
6e:eb:70:d9:81:63:51:34:40:3f:27:62:ea:8c:62:94:d5:34:
37:2d:13:d7:66:57:db:90:fa:4c:1a:06:5f:ce:46:46:e6:56:
64:51:d8:e4:74:3a:84:8d:9a:3a:0c:ff:5d:0a:61:82:1d:1a:
ac:c2:cd:46:60:e0:d3:96:bc:6c:f6:4a:94:5b:8b:2c:a5:cc:
ad:93:d4:b2:d0:b0:3d:f6:4e:99:3e:88:d3:9b:ca:01:87:31:
59:e4:c4:3f:8e:f9:e9:92:16:94:ec:02:c4:41:8f:98:66:47:
50:2e:e2:a5:98:46:fa:0b:49:ef:76:2f:61:8a:22:01:7e:4d:
d5:6b:ab:84
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQiH0f9mXdTYiXE9N/hM3WuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NzQ4NzQ3MmQzN2NiZDcyNjE4MWY5ZjNhMjAzODZmMDM5
YjNiYTgwHhcNMjUwMTAxMTM0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmFiY2ZkOTE2Njg3MWVjN2E5MDEwOGM0ZGJjZWI5MDQ1MzVlZjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoQRBEjhE04sC3ip4HlQwCirEey5
Rhfg+doyKBm2EhMU2klKI+Jc4iArCKlrsIOyjzkb1C+8g8VkN3trhoMR8DlLsoL8
rcLoRkuVdLJfWEDjk8uAy8WXazBh3SnQEodfuQlJAFPn2KcgwIeuskSk94nwyGsQ
6E8iZPcLZfPj3gob6lJEl9Uuvqteqs56Rwbi2DCl76AQzLWZBGJuUVs2xQbIf3G2
sFt/waUYChvxbmPrSumLPegJtFhZ3CfdcEjv0s3WEySukrXLe3JYeDd3bI7cKlI7
ZNVj+BTWWHi4OiTzet2wp24g9qejo/x9DA8AXWbg+qsLipGv1Jmx+FrejQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFN+rz9kWaHHsepAQjE2865BFNe9yMB8GA1UdIwQY
MBaAFFl0h0ctN8vXJhgfnzogOG8DmzuoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hTSFJ5MDN5OWNtR0ItZk9pQTRid09iTzZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9lYTI3ZjMtZGI3NC00OTYzLWExOGMt
MDM1MjgxMjg5YmIwLzEvMzZ2UDJSWm9jZXg2a0JDTVRienJrRVUxNzNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9lYTI3ZjMtZGI3NC00OTYzLWExOGMtMDM1MjgxMjg5YmIw
LzEvV1hTSFJ5MDN5OWNtR0ItZk9pQTRid09iTzZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHCTAID
BAPCTAAwDQYJKoZIhvcNAQELBQADggEBAKLfLANGbIi2+kW7d55vDnzJeRmaBONa
0NrEwdi41ArKiZddZxyASTLD1JlLeU8Ia19/fsFsIdqywWQlq4S6ofEppN8aH18o
TSyEyJDebMRsFwjJIrxXaavr/OG5Z+sP5rZ6ttL0nGD44k7SX3ugJlQx4hnfxkn/
9HAriqbIUm7rcNmBY1E0QD8nYuqMYpTVNDctE9dmV9uQ+kwaBl/ORkbmVmRR2OR0
OoSNmjoM/10KYYIdGqzCzUZg4NOWvGz2SpRbiyylzK2T1LLQsD32Tpk+iNObygGH
MVnkxD+O+emSFpTsAsRBj5hmR1Au4qWYRvoLSe92L2GKIgF+TdVrq4Q=
-----END CERTIFICATE-----
Generated at Sat Apr 12 19:12:00 2025 by rpki-client