Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/wDvIF8IUEQhjnYm69O7DnmCZNJY.roa
File: wDvIF8IUEQhjnYm69O7DnmCZNJY.roa (raw, json)
Hash identifier: AHCZUkCpuvskw07HtMA8aALHO5a1ETyk504pdPIdAIc=
Subject key identifier: C0:3B:C8:17:C2:14:11:08:63:9D:89:BA:F4:EE:C3:9E:60:99:34:96
Certificate issuer: /CN=cbd745ebfcec382df252c2f750db648f4f034abf
Certificate serial: 0194274859E0A06C819AA150299B0D358853
Authority key identifier: CB:D7:45:EB:FC:EC:38:2D:F2:52:C2:F7:50:DB:64:8F:4F:03:4A:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/wDvIF8IUEQhjnYm69O7DnmCZNJY.roa
Signing time: Thu 02 Jan 2025 13:50:40 +0000
ROA not before: Thu 02 Jan 2025 13:50:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3209
IP address blocks: 82.82.0.0/15 maxlen: 24
82.82.0.0/20 maxlen: 20
84.56.0.0/13 maxlen: 24
85.238.224.0/19 maxlen: 19
88.64.0.0/12 maxlen: 24
92.72.0.0/13 maxlen: 24
92.208.0.0/14 maxlen: 24
92.212.0.0/15 maxlen: 24
92.214.0.0/15 maxlen: 24
92.216.0.0/14 maxlen: 24
94.216.0.0/13 maxlen: 24
145.253.0.0/16 maxlen: 16
145.253.0.0/20 maxlen: 20
145.254.0.0/16 maxlen: 24
146.60.0.0/16 maxlen: 24
176.94.0.0/17 maxlen: 24
176.94.128.0/17 maxlen: 24
176.95.0.0/16 maxlen: 24
178.0.0.0/12 maxlen: 24
185.2.132.0/22 maxlen: 24
188.96.0.0/12 maxlen: 24
193.25.240.0/22 maxlen: 22
193.25.244.0/23 maxlen: 23
193.25.247.0/24 maxlen: 24
195.50.128.0/18 maxlen: 18
195.158.128.0/19 maxlen: 19
212.144.0.0/16 maxlen: 24
213.23.0.0/16 maxlen: 24
213.128.96.0/19 maxlen: 19
2a00::/22 maxlen: 22
2a00:20::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/y9dF6_zsOC3yUsL3UNtkj08DSr8.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/y9dF6_zsOC3yUsL3UNtkj08DSr8.mft
rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 04:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:59:e0:a0:6c:81:9a:a1:50:29:9b:0d:35:88:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd745ebfcec382df252c2f750db648f4f034abf
Validity
Not Before: Jan 2 13:50:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c03bc817c2141108639d89baf4eec39e60993496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:01:a1:1e:ea:17:74:66:1c:74:77:e3:2f:94:
8f:78:05:1d:98:36:e8:66:c1:0c:e0:a4:5d:a8:d6:
f6:dc:6c:84:99:4b:20:e1:e5:f2:2e:66:ef:81:ce:
d8:3c:2c:f7:2a:01:68:21:18:e3:e7:ae:45:e2:12:
02:77:33:ed:ee:7d:57:a4:d0:64:18:de:5a:f5:d8:
ea:ef:4a:28:33:3b:ce:40:33:ac:a5:a4:89:94:49:
b0:df:d5:48:2a:5a:c1:46:a5:1d:6a:7f:c0:88:73:
2c:0b:b8:c9:12:88:2a:c7:19:cf:4f:92:be:2c:e8:
98:0a:69:9d:d6:f0:9a:f5:e4:a9:f2:9b:7b:14:63:
bf:a2:87:b0:e2:da:8d:5d:c4:d7:d8:a3:4b:a4:11:
d8:25:cf:dc:b9:70:7e:12:69:40:f3:f4:0c:5f:fc:
85:57:c2:ec:8f:f2:31:92:5b:8e:f1:9c:58:d3:6a:
f7:d4:e9:14:5a:6e:8b:2c:19:10:97:a1:34:81:1d:
fa:bf:c5:cd:67:01:cf:a7:af:01:03:d4:3e:a3:8e:
61:fa:56:1b:06:05:e5:26:a5:3c:d9:91:32:3e:1a:
a0:9a:70:b9:15:dc:ee:3b:62:d9:31:30:c0:a7:05:
3f:6b:9e:8f:ce:e9:3b:a2:b6:05:44:21:2b:ad:75:
c8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:3B:C8:17:C2:14:11:08:63:9D:89:BA:F4:EE:C3:9E:60:99:34:96
X509v3 Authority Key Identifier:
keyid:CB:D7:45:EB:FC:EC:38:2D:F2:52:C2:F7:50:DB:64:8F:4F:03:4A:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/wDvIF8IUEQhjnYm69O7DnmCZNJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/y9dF6_zsOC3yUsL3UNtkj08DSr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.82.0.0/15
84.56.0.0/13
85.238.224.0/19
88.64.0.0/12
92.72.0.0/13
92.208.0.0-92.219.255.255
94.216.0.0/13
145.253.0.0-145.254.255.255
146.60.0.0/16
176.94.0.0/15
178.0.0.0/12
185.2.132.0/22
188.96.0.0/12
193.25.240.0-193.25.245.255
193.25.247.0/24
195.50.128.0/18
195.158.128.0/19
212.144.0.0/16
213.23.0.0/16
213.128.96.0/19
IPv6:
2a00::/22
Signature Algorithm: sha256WithRSAEncryption
48:e0:fa:f6:8e:44:b2:18:04:5c:5f:75:7b:27:5f:af:05:70:
bd:19:6a:4d:f3:4e:06:4a:93:71:90:15:0e:80:0c:26:4a:97:
39:cc:64:b5:a0:8a:cf:b2:b1:7d:77:bd:3d:a9:47:2f:5d:19:
ca:6e:5d:e8:40:a9:bd:67:c8:28:c4:d2:fe:4e:a9:1d:fd:39:
4b:38:bc:16:ed:d4:c7:44:e3:57:16:10:d4:f6:51:10:9a:dd:
03:d8:05:33:52:3c:b9:6f:68:c7:6c:33:7d:28:3f:91:0b:77:
93:7c:f4:ec:2f:bc:02:0d:e6:fb:8c:e7:54:5c:97:4c:66:e2:
09:7e:f4:14:b4:49:73:69:34:69:ef:5f:9c:18:40:3f:c9:ec:
55:3c:32:73:d7:d1:10:63:74:c9:7e:67:24:27:84:f0:11:49:
38:f0:c0:fc:eb:15:d8:31:78:a6:51:6d:30:a3:e7:cc:34:68:
61:a2:a2:72:70:6c:39:6a:70:b2:3f:5c:7f:b6:f6:af:40:0e:
bb:b3:f9:c1:cc:5c:3f:86:9c:2b:4e:ab:9c:78:95:27:e8:b1:
f0:72:46:f4:82:fb:1f:60:dc:b7:83:62:f4:4e:07:07:df:86:
9b:36:76:de:c8:72:ff:cd:8d:57:85:21:c0:b3:5c:a2:dd:84:
3f:31:7b:2d
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAZQnSFngoGyBmqFQKZsNNYhTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDc0NWViZmNlYzM4MmRmMjUyYzJmNzUwZGI2NDhmNGYw
MzRhYmYwHhcNMjUwMTAyMTM1MDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDNiYzgxN2MyMTQxMTA4NjM5ZDg5YmFmNGVlYzM5ZTYwOTkzNDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QGhHuoXdGYcdHfjL5SPeAUdmDbo
ZsEM4KRdqNb23GyEmUsg4eXyLmbvgc7YPCz3KgFoIRjj565F4hICdzPt7n1XpNBk
GN5a9djq70ooMzvOQDOspaSJlEmw39VIKlrBRqUdan/AiHMsC7jJEogqxxnPT5K+
LOiYCmmd1vCa9eSp8pt7FGO/ooew4tqNXcTX2KNLpBHYJc/cuXB+EmlA8/QMX/yF
V8Lsj/IxkluO8ZxY02r31OkUWm6LLBkQl6E0gR36v8XNZwHPp68BA9Q+o45h+lYb
BgXlJqU82ZEyPhqgmnC5FdzuO2LZMTDApwU/a56Pzuk7orYFRCErrXXI0wIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFMA7yBfCFBEIY52JuvTuw55gmTSWMB8GA1UdIwQY
MBaAFMvXRev87Dgt8lLC91DbZI9PA0q/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlkRjZfenNPQzN5VXNMM1VOdGtqMDhEU3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YjMyOWYtZjRmNS00YWYwLWE4MWUt
OTJiNjc5NmM3N2NjLzEvd0R2SUY4SVVFUWhqblltNjlPN0RubUNaTkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82YjMyOWYtZjRmNS00YWYwLWE4MWUtOTJiNjc5NmM3N2Nj
LzEveTlkRjZfenNPQzN5VXNMM1VOdGtqMDhEU3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBiAQCAAEwgYEDAwFS
UgMDA1Q4AwQFVe7gAwMEWEADAwNcSDAKAwMEXNADAwJc2AMDA17YMAoDAwCR/QMD
AJH+AwMAkjwDAwGwXgMDBLIAAwQCuQKEAwMEvGAwDAMEBMEZ8AMEAcEZ9AMEAMEZ
9wMEBsMygAMEBcOegAMDANSQAwMA1RcDBAXVgGAwDAQCAAIwBgMEAioAADANBgkq
hkiG9w0BAQsFAAOCAQEASOD69o5EshgEXF91eydfrwVwvRlqTfNOBkqTcZAVDoAM
JkqXOcxktaCKz7KxfXe9PalHL10Zym5d6ECpvWfIKMTS/k6pHf05Szi8Fu3Ux0Tj
VxYQ1PZREJrdA9gFM1I8uW9ox2wzfSg/kQt3k3z07C+8Ag3m+4znVFyXTGbiCX70
FLRJc2k0ae9fnBhAP8nsVTwyc9fREGN0yX5nJCeE8BFJOPDA/OsV2DF4plFtMKPn
zDRoYaKicnBsOWpwsj9cf7b2r0AOu7P5wcxcP4acK06rnHiVJ+ix8HJG9IL7H2Dc
t4Ni9E4HB9+GmzZ23shy/82NV4UhwLNcot2EPzF7LQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:24:17 2025 by rpki-client