Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/af1f72-ce8e-42b1-be5a-a283c9048f0f/1/pp7YHiA9bCcV4n9KXbmtGvXw0Hw.roa
File: pp7YHiA9bCcV4n9KXbmtGvXw0Hw.roa (raw, json)
Hash identifier: xXtqKC6cCm9cF/kgqDQZlMKjBn2ULr5S39vUn/a3JHc=
Subject key identifier: A6:9E:D8:1E:20:3D:6C:27:15:E2:7F:4A:5D:B9:AD:1A:F5:F0:D0:7C
Certificate issuer: /CN=b19549d68305e29dfb00069a52d3d4e1f2c5604c
Certificate serial: 0194258F18C6659F6A3AF6AC3D2A1518B3DF
Authority key identifier: B1:95:49:D6:83:05:E2:9D:FB:00:06:9A:52:D3:D4:E1:F2:C5:60:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sZVJ1oMF4p37AAaaUtPU4fLFYEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/af1f72-ce8e-42b1-be5a-a283c9048f0f/1/pp7YHiA9bCcV4n9KXbmtGvXw0Hw.roa
Signing time: Thu 02 Jan 2025 05:48:42 +0000
ROA not before: Thu 02 Jan 2025 05:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28909
IP address blocks: 213.167.0.0/24 maxlen: 24
213.167.1.0/24 maxlen: 24
213.167.2.0/24 maxlen: 24
213.167.3.0/24 maxlen: 24
213.167.4.0/24 maxlen: 24
213.167.5.0/24 maxlen: 24
213.167.6.0/24 maxlen: 24
213.167.7.0/24 maxlen: 24
213.167.8.0/24 maxlen: 24
213.167.9.0/24 maxlen: 24
213.167.10.0/24 maxlen: 24
213.167.11.0/24 maxlen: 24
213.167.12.0/24 maxlen: 24
213.167.13.0/24 maxlen: 24
213.167.14.0/24 maxlen: 24
213.167.15.0/24 maxlen: 24
213.167.16.0/24 maxlen: 24
213.167.17.0/24 maxlen: 24
213.167.18.0/24 maxlen: 24
213.167.19.0/24 maxlen: 24
213.167.20.0/24 maxlen: 24
213.167.21.0/24 maxlen: 24
213.167.22.0/24 maxlen: 24
213.167.23.0/24 maxlen: 24
213.167.24.0/24 maxlen: 24
213.167.25.0/24 maxlen: 24
213.167.26.0/24 maxlen: 24
213.167.27.0/24 maxlen: 24
213.167.28.0/24 maxlen: 24
213.167.29.0/24 maxlen: 24
213.167.30.0/24 maxlen: 24
213.167.31.0/24 maxlen: 24
2a0a:6740::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/af1f72-ce8e-42b1-be5a-a283c9048f0f/1/sZVJ1oMF4p37AAaaUtPU4fLFYEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/af1f72-ce8e-42b1-be5a-a283c9048f0f/1/sZVJ1oMF4p37AAaaUtPU4fLFYEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/sZVJ1oMF4p37AAaaUtPU4fLFYEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 23:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:18:c6:65:9f:6a:3a:f6:ac:3d:2a:15:18:b3:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b19549d68305e29dfb00069a52d3d4e1f2c5604c
Validity
Not Before: Jan 2 05:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a69ed81e203d6c2715e27f4a5db9ad1af5f0d07c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:05:66:ee:c5:01:8c:34:4c:3e:79:4b:3c:2e:
7a:86:55:58:53:37:15:e6:0e:4d:8d:f2:3e:9b:32:
85:aa:6b:1e:61:1b:b7:99:17:41:de:43:d0:a1:36:
0d:a2:85:e6:05:25:7a:55:e3:60:7e:ae:e5:5e:e6:
e3:06:8e:19:38:28:1e:71:88:3b:ee:fd:d7:d0:b2:
f9:59:e2:42:f7:14:e0:5d:67:28:9b:ce:53:b8:b7:
f7:69:2c:ed:fc:12:59:5f:5f:89:11:99:a1:ee:68:
1c:77:ee:9a:1d:53:d8:d7:0d:ad:e3:e6:7c:d5:1c:
56:73:59:3f:4b:a7:09:a4:b4:9d:ab:b6:0d:00:31:
33:9b:33:f5:4c:2e:cc:52:38:da:2e:15:f5:e9:b6:
59:e9:23:42:a7:a5:0b:f3:52:86:f2:1d:60:ec:3a:
d4:e3:64:6d:94:a4:08:b2:df:eb:7f:60:35:db:d7:
f4:a5:1a:5f:ad:8d:89:6a:e5:e1:09:c2:23:9a:cc:
4a:92:3c:f9:bc:92:eb:a5:2f:6c:c8:48:d0:c3:1c:
dc:4c:2e:70:35:19:92:9b:40:46:60:00:ed:83:b9:
9e:34:b3:37:da:2d:23:29:8a:e4:32:af:45:83:64:
5c:e8:91:75:ce:91:5b:e5:b7:ee:a9:c2:1b:f0:93:
72:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:9E:D8:1E:20:3D:6C:27:15:E2:7F:4A:5D:B9:AD:1A:F5:F0:D0:7C
X509v3 Authority Key Identifier:
keyid:B1:95:49:D6:83:05:E2:9D:FB:00:06:9A:52:D3:D4:E1:F2:C5:60:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sZVJ1oMF4p37AAaaUtPU4fLFYEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/af1f72-ce8e-42b1-be5a-a283c9048f0f/1/pp7YHiA9bCcV4n9KXbmtGvXw0Hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/af1f72-ce8e-42b1-be5a-a283c9048f0f/1/sZVJ1oMF4p37AAaaUtPU4fLFYEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.167.0.0/19
IPv6:
2a0a:6740::/32
Signature Algorithm: sha256WithRSAEncryption
6b:6c:d5:ad:e2:fb:14:cd:06:6b:13:51:f4:b4:61:51:48:12:
df:45:2f:55:33:5d:f8:2e:42:28:9f:0c:4a:5b:24:63:2f:14:
73:2c:73:03:5f:dc:e6:c6:89:71:06:3c:ab:d8:81:97:72:89:
f3:f7:29:cd:94:04:34:4e:66:99:6a:51:46:d8:15:41:0d:96:
c7:88:ed:bc:8a:05:27:e4:19:e3:1c:f2:eb:94:ef:dc:de:fc:
53:37:41:49:28:20:33:6b:04:e9:d1:a7:41:84:e1:38:b3:dc:
42:71:a1:3d:45:29:e8:9a:8a:61:e6:53:98:e7:39:94:17:cb:
c2:ee:40:b6:2e:51:7b:1c:93:80:5d:2a:bd:89:26:8f:c9:72:
20:4d:d1:13:f3:fb:25:c3:5f:15:c7:31:f8:00:50:90:b8:40:
c1:3c:34:48:95:9e:c0:3e:63:50:72:68:0a:0c:84:f0:cf:2c:
be:55:b5:0f:01:f4:91:54:5c:95:1a:3c:d3:c0:44:8a:33:95:
14:2c:89:68:bc:6c:f1:70:16:5b:f5:63:17:e7:cc:88:a3:34:
6c:a5:b4:f3:c1:13:36:fb:6c:64:ee:cd:90:3e:4d:31:89:ed:
46:80:64:46:7b:72:e3:39:a2:96:30:d9:9e:bb:fa:74:e7:33:
41:b8:6f:c3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQljxjGZZ9qOvasPSoVGLPfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxOTU0OWQ2ODMwNWUyOWRmYjAwMDY5YTUyZDNkNGUxZjJj
NTYwNGMwHhcNMjUwMTAyMDU0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjllZDgxZTIwM2Q2YzI3MTVlMjdmNGE1ZGI5YWQxYWY1ZjBkMDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAVm7sUBjDRMPnlLPC56hlVYUzcV
5g5NjfI+mzKFqmseYRu3mRdB3kPQoTYNooXmBSV6VeNgfq7lXubjBo4ZOCgecYg7
7v3X0LL5WeJC9xTgXWcom85TuLf3aSzt/BJZX1+JEZmh7mgcd+6aHVPY1w2t4+Z8
1RxWc1k/S6cJpLSdq7YNADEzmzP1TC7MUjjaLhX16bZZ6SNCp6UL81KG8h1g7DrU
42RtlKQIst/rf2A129f0pRpfrY2JauXhCcIjmsxKkjz5vJLrpS9syEjQwxzcTC5w
NRmSm0BGYADtg7meNLM32i0jKYrkMq9Fg2Rc6JF1zpFb5bfuqcIb8JNyQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKae2B4gPWwnFeJ/Sl25rRr18NB8MB8GA1UdIwQY
MBaAFLGVSdaDBeKd+wAGmlLT1OHyxWBMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1pWSjFvTUY0cDM3QUFhYVV0UFU0ZkxGWUV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9hZjFmNzItY2U4ZS00MmIxLWJlNWEt
YTI4M2M5MDQ4ZjBmLzEvcHA3WUhpQTliQ2NWNG45S1hibXRHdlh3MEh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9hZjFmNzItY2U4ZS00MmIxLWJlNWEtYTI4M2M5MDQ4ZjBm
LzEvc1pWSjFvTUY0cDM3QUFhYVV0UFU0ZkxGWUV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1acAMA0E
AgACMAcDBQAqCmdAMA0GCSqGSIb3DQEBCwUAA4IBAQBrbNWt4vsUzQZrE1H0tGFR
SBLfRS9VM134LkIonwxKWyRjLxRzLHMDX9zmxolxBjyr2IGXconz9ynNlAQ0TmaZ
alFG2BVBDZbHiO28igUn5BnjHPLrlO/c3vxTN0FJKCAzawTp0adBhOE4s9xCcaE9
RSnomoph5lOY5zmUF8vC7kC2LlF7HJOAXSq9iSaPyXIgTdET8/slw18VxzH4AFCQ
uEDBPDRIlZ7APmNQcmgKDITwzyy+VbUPAfSRVFyVGjzTwESKM5UULIlovGzxcBZb
9WMX58yIozRspbTzwRM2+2xk7s2QPk0xie1GgGRGe3LjOaKWMNmeu/p05zNBuG/D
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:54:19 2025 by rpki-client