Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/3de94a-1e60-4eb8-9a5e-a142087ce890/1/_kWvdqNfB5Qi_pth9OeMu1E5uoI.roa
File: _kWvdqNfB5Qi_pth9OeMu1E5uoI.roa (raw, json)
Hash identifier: NWHqYOJDwR6XeYKKHls7B7q+f2asHmCl+FEc/+iucHA=
Subject key identifier: FE:45:AF:76:A3:5F:07:94:22:FE:9B:61:F4:E7:8C:BB:51:39:BA:82
Certificate issuer: /CN=d654436ed3242bddb96fdf139a1253deb986dfd0
Certificate serial: 019426D99A6CD1C7D93C6ECFDD58122433B3
Authority key identifier: D6:54:43:6E:D3:24:2B:DD:B9:6F:DF:13:9A:12:53:DE:B9:86:DF:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1lRDbtMkK925b98TmhJT3rmG39A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/3de94a-1e60-4eb8-9a5e-a142087ce890/1/_kWvdqNfB5Qi_pth9OeMu1E5uoI.roa
Signing time: Thu 02 Jan 2025 11:49:42 +0000
ROA not before: Thu 02 Jan 2025 11:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28753
IP address blocks: 37.58.48.0/20 maxlen: 20
46.165.192.0/18 maxlen: 18
78.159.96.0/19 maxlen: 19
84.16.224.0/19 maxlen: 19
91.109.16.0/20 maxlen: 20
178.162.192.0/18 maxlen: 18
185.17.144.0/22 maxlen: 22
212.95.32.0/19 maxlen: 19
217.20.112.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/3de94a-1e60-4eb8-9a5e-a142087ce890/1/1lRDbtMkK925b98TmhJT3rmG39A.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/3de94a-1e60-4eb8-9a5e-a142087ce890/1/1lRDbtMkK925b98TmhJT3rmG39A.mft
rsync://rpki.ripe.net/repository/DEFAULT/1lRDbtMkK925b98TmhJT3rmG39A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 23:34:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:9a:6c:d1:c7:d9:3c:6e:cf:dd:58:12:24:33:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d654436ed3242bddb96fdf139a1253deb986dfd0
Validity
Not Before: Jan 2 11:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe45af76a35f079422fe9b61f4e78cbb5139ba82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ea:21:f0:8a:37:32:89:4d:25:d8:48:72:75:
10:01:ef:21:9b:34:fd:8c:e1:bb:3c:2c:55:67:bd:
4e:74:4c:ce:3c:11:55:cf:46:89:30:c2:a6:f0:9a:
b4:a1:e6:dd:38:b5:18:8e:99:d0:2d:45:14:81:6e:
ac:e9:13:92:bf:3f:8b:fb:ad:ff:2c:18:98:4b:4b:
0d:e3:b1:0a:db:ac:1c:a8:0e:83:ad:13:19:47:06:
9d:f8:e3:28:4d:9f:8d:a4:63:6d:b3:97:0c:f8:54:
ab:8c:ff:79:3e:38:4e:6f:26:40:19:40:8c:b2:bb:
59:88:83:a4:58:f2:60:c6:91:b0:d6:19:18:35:dc:
83:45:3c:9f:df:e9:7d:ca:7f:a7:3a:e0:75:f7:c2:
e2:f3:7d:43:f4:af:fe:47:1c:20:59:24:a2:33:e9:
cb:d0:93:d9:b3:9a:66:44:a9:ef:9b:ff:3b:20:73:
e4:f5:26:a8:7d:d0:cc:f8:eb:3e:20:0f:58:5b:ca:
6f:6c:24:d5:74:be:da:6d:20:32:a0:45:fa:ea:25:
8b:74:df:7b:47:a0:01:42:f9:90:7b:39:d5:8c:a6:
57:7f:b2:aa:e7:b3:f9:75:13:be:97:e0:15:29:17:
58:f1:04:36:99:59:53:65:6b:b0:b8:cb:b2:0f:fb:
3c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:45:AF:76:A3:5F:07:94:22:FE:9B:61:F4:E7:8C:BB:51:39:BA:82
X509v3 Authority Key Identifier:
keyid:D6:54:43:6E:D3:24:2B:DD:B9:6F:DF:13:9A:12:53:DE:B9:86:DF:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1lRDbtMkK925b98TmhJT3rmG39A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/3de94a-1e60-4eb8-9a5e-a142087ce890/1/_kWvdqNfB5Qi_pth9OeMu1E5uoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/3de94a-1e60-4eb8-9a5e-a142087ce890/1/1lRDbtMkK925b98TmhJT3rmG39A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.58.48.0/20
46.165.192.0/18
78.159.96.0/19
84.16.224.0/19
91.109.16.0/20
178.162.192.0/18
185.17.144.0/22
212.95.32.0/19
217.20.112.0/20
Signature Algorithm: sha256WithRSAEncryption
48:4d:f5:f7:8c:a6:68:cf:86:80:8d:a0:16:59:3e:4b:2d:f1:
ea:55:ea:25:23:35:b0:0b:93:0d:5e:7e:96:44:a3:8f:dc:1d:
51:21:01:9b:d4:c3:9b:79:d8:bf:18:4b:96:77:41:99:88:d0:
7b:8d:c4:8b:c2:f6:f1:d5:5f:cf:23:e6:5a:c2:3f:c1:06:4a:
de:15:1f:27:04:8a:51:d1:4a:07:af:68:fd:5a:da:90:78:f5:
cc:39:e0:a8:f2:ed:d8:1b:9f:e2:bb:8f:cc:cf:ca:a6:d1:5d:
b6:a9:11:93:71:b0:db:2c:85:bb:c4:58:c5:3a:2b:72:b3:9d:
97:ca:92:02:d8:df:86:18:47:db:8e:b7:49:e2:56:fd:c7:8d:
00:31:bd:4c:c0:e1:8b:3a:16:6e:55:fd:9d:13:ee:a1:f9:79:
9e:14:ef:6c:12:17:38:26:6f:da:58:dc:af:ca:d1:d1:8c:0f:
d0:87:33:95:08:15:1a:88:85:9d:19:0a:91:12:e9:16:9c:e6:
7b:80:90:d9:b2:a0:8f:23:ad:4d:ea:55:ad:f1:dc:90:ac:d7:
32:17:83:a3:a5:29:b5:7f:f4:ad:1d:96:57:2c:60:82:63:8f:
ed:4b:7c:e3:f3:05:72:be:e2:6b:e2:b4:9f:37:25:15:34:c4:
99:bd:4e:20
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQm2Zps0cfZPG7P3VgSJDOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NTQ0MzZlZDMyNDJiZGRiOTZmZGYxMzlhMTI1M2RlYjk4
NmRmZDAwHhcNMjUwMTAyMTE0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTQ1YWY3NmEzNWYwNzk0MjJmZTliNjFmNGU3OGNiYjUxMzliYTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeoh8Io3MolNJdhIcnUQAe8hmzT9
jOG7PCxVZ71OdEzOPBFVz0aJMMKm8Jq0oebdOLUYjpnQLUUUgW6s6ROSvz+L+63/
LBiYS0sN47EK26wcqA6DrRMZRwad+OMoTZ+NpGNts5cM+FSrjP95PjhObyZAGUCM
srtZiIOkWPJgxpGw1hkYNdyDRTyf3+l9yn+nOuB198Li831D9K/+RxwgWSSiM+nL
0JPZs5pmRKnvm/87IHPk9SaofdDM+Os+IA9YW8pvbCTVdL7abSAyoEX66iWLdN97
R6ABQvmQeznVjKZXf7Kq57P5dRO+l+AVKRdY8QQ2mVlTZWuwuMuyD/s8uwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFP5Fr3ajXweUIv6bYfTnjLtRObqCMB8GA1UdIwQY
MBaAFNZUQ27TJCvduW/fE5oSU965ht/QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWxSRGJ0TWtLOTI1Yjk4VG1oSlQzcm1HMzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zZGU5NGEtMWU2MC00ZWI4LTlhNWUt
YTE0MjA4N2NlODkwLzEvX2tXdmRxTmZCNVFpX3B0aDlPZU11MUU1dW9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zZGU5NGEtMWU2MC00ZWI4LTlhNWUtYTE0MjA4N2NlODkw
LzEvMWxSRGJ0TWtLOTI1Yjk4VG1oSlQzcm1HMzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQEJTowAwQG
LqXAAwQFTp9gAwQFVBDgAwQEW20QAwQGsqLAAwQCuRGQAwQF1F8gAwQE2RRwMA0G
CSqGSIb3DQEBCwUAA4IBAQBITfX3jKZoz4aAjaAWWT5LLfHqVeolIzWwC5MNXn6W
RKOP3B1RIQGb1MObedi/GEuWd0GZiNB7jcSLwvbx1V/PI+Zawj/BBkreFR8nBIpR
0UoHr2j9WtqQePXMOeCo8u3YG5/iu4/Mz8qm0V22qRGTcbDbLIW7xFjFOitys52X
ypIC2N+GGEfbjrdJ4lb9x40AMb1MwOGLOhZuVf2dE+6h+XmeFO9sEhc4Jm/aWNyv
ytHRjA/QhzOVCBUaiIWdGQqREukWnOZ7gJDZsqCPI61N6lWt8dyQrNcyF4OjpSm1
f/StHZZXLGCCY4/tS3zj8wVyvuJr4rSfNyUVNMSZvU4g
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:21:08 2025 by rpki-client