Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/oIUHNd2flzQuApFJl7WS3G_Ds7Q.roa
File: oIUHNd2flzQuApFJl7WS3G_Ds7Q.roa (raw, json)
Hash identifier: r9vW54cG8T4ZtS4qpMsUDsSVtPyOl8cyq1L4laCQ/ag=
Subject key identifier: A0:85:07:35:DD:9F:97:34:2E:02:91:49:97:B5:92:DC:6F:C3:B3:B4
Certificate issuer: /CN=8a7415ae634d613159cbd2ce74ac261a7d5ac4d4
Certificate serial: 019423D743386E1EAB44D6C5BA84B62C0B56
Authority key identifier: 8A:74:15:AE:63:4D:61:31:59:CB:D2:CE:74:AC:26:1A:7D:5A:C4:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/inQVrmNNYTFZy9LOdKwmGn1axNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/oIUHNd2flzQuApFJl7WS3G_Ds7Q.roa
Signing time: Wed 01 Jan 2025 21:48:17 +0000
ROA not before: Wed 01 Jan 2025 21:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60522
IP address blocks: 37.131.179.0/24 maxlen: 24
37.131.180.0/22 maxlen: 24
185.212.52.0/22 maxlen: 24
2a0b:72c0::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/inQVrmNNYTFZy9LOdKwmGn1axNQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/inQVrmNNYTFZy9LOdKwmGn1axNQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/inQVrmNNYTFZy9LOdKwmGn1axNQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 09:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:43:38:6e:1e:ab:44:d6:c5:ba:84:b6:2c:0b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a7415ae634d613159cbd2ce74ac261a7d5ac4d4
Validity
Not Before: Jan 1 21:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0850735dd9f97342e02914997b592dc6fc3b3b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:97:3f:d2:33:91:92:ef:dc:4e:7a:a3:96:19:
ac:e7:ab:b0:58:cf:6d:66:53:d9:2a:43:7f:fd:92:
ad:5d:85:ab:ed:5b:d5:0a:79:2f:54:82:27:25:25:
bb:e1:7f:3d:de:ca:24:d8:88:18:a8:6c:2f:05:ed:
37:3c:02:a4:20:76:bd:75:03:bb:23:1e:b1:e3:c3:
e8:6e:01:04:da:47:fd:de:13:7a:e3:82:be:53:cd:
e2:cc:8d:f7:be:ca:b6:2d:7e:4b:16:e5:1f:ed:a1:
bf:4a:93:b9:b3:c4:f1:0e:80:62:2d:9e:e2:d8:92:
1c:5c:00:1f:98:d9:63:86:e2:8a:66:ea:03:c4:e9:
12:96:c5:ee:ff:a1:08:8b:7e:b1:a8:af:37:96:e1:
f5:20:c9:31:d5:18:bb:f9:4a:7a:81:89:5f:de:96:
4e:3b:94:06:1d:f1:ba:ee:4f:9f:c7:05:00:8e:a8:
9a:a9:2f:ca:bd:9d:3f:d2:b7:14:dd:41:19:90:b7:
8d:0c:43:97:3f:f6:e3:4a:6d:60:6c:01:eb:33:8c:
06:8c:43:ab:ab:50:0e:d5:e3:49:b7:10:47:68:9b:
2c:4e:d4:e8:0a:b9:21:f6:36:fc:6b:45:9c:1e:e1:
b7:eb:e2:83:67:b1:24:dd:9e:fc:0a:df:87:b5:8d:
22:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:85:07:35:DD:9F:97:34:2E:02:91:49:97:B5:92:DC:6F:C3:B3:B4
X509v3 Authority Key Identifier:
keyid:8A:74:15:AE:63:4D:61:31:59:CB:D2:CE:74:AC:26:1A:7D:5A:C4:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/inQVrmNNYTFZy9LOdKwmGn1axNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/oIUHNd2flzQuApFJl7WS3G_Ds7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/inQVrmNNYTFZy9LOdKwmGn1axNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.131.179.0-37.131.183.255
185.212.52.0/22
IPv6:
2a0b:72c0::/32
Signature Algorithm: sha256WithRSAEncryption
42:a1:bf:57:b7:83:c1:e4:d8:5f:e5:10:a3:90:55:68:f3:5f:
09:aa:e4:0e:96:7c:0b:09:ed:ee:a2:b0:9f:62:ac:3a:21:f4:
d8:93:71:60:46:41:63:d9:b2:2f:1e:c8:2a:54:a9:60:ee:eb:
91:da:21:9b:54:79:8f:d6:03:4e:d0:cc:74:a0:a9:d0:57:27:
19:6e:4d:18:40:cd:de:ac:be:75:2e:15:12:b4:79:56:a4:d1:
40:94:52:ea:34:df:4c:3b:bf:59:95:e3:c3:27:f7:50:73:a7:
d1:47:76:c0:ec:6a:fd:dd:48:7e:0b:72:31:98:c5:c1:6c:84:
2c:fa:61:14:21:66:f0:37:36:1c:2f:b4:f0:e9:1e:35:48:1e:
2c:a5:eb:c9:e9:e2:d6:3c:d3:cb:98:49:fb:bb:e4:af:f4:23:
c5:bc:2d:c8:79:de:06:a8:ca:14:73:9c:a6:0b:ff:ce:ae:90:
91:40:45:74:f9:81:a7:b5:f3:98:62:9a:eb:9f:43:6f:e7:7b:
33:93:d5:d0:0c:fc:56:9b:9a:8e:80:67:47:89:6d:80:9d:b3:
40:7b:c8:cd:4b:d8:a4:f1:d6:3f:d3:ec:a0:5a:ca:a1:ec:26:
bd:ab:07:ec:8c:ae:fd:b0:19:e4:96:aa:b2:6e:6d:4a:21:dc:
06:b5:8a:c6
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQj10M4bh6rRNbFuoS2LAtWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNzQxNWFlNjM0ZDYxMzE1OWNiZDJjZTc0YWMyNjFhN2Q1
YWM0ZDQwHhcNMjUwMTAxMjE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDg1MDczNWRkOWY5NzM0MmUwMjkxNDk5N2I1OTJkYzZmYzNiM2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpc/0jORku/cTnqjlhms56uwWM9t
ZlPZKkN//ZKtXYWr7VvVCnkvVIInJSW74X893sok2IgYqGwvBe03PAKkIHa9dQO7
Ix6x48PobgEE2kf93hN644K+U83izI33vsq2LX5LFuUf7aG/SpO5s8TxDoBiLZ7i
2JIcXAAfmNljhuKKZuoDxOkSlsXu/6EIi36xqK83luH1IMkx1Ri7+Up6gYlf3pZO
O5QGHfG67k+fxwUAjqiaqS/KvZ0/0rcU3UEZkLeNDEOXP/bjSm1gbAHrM4wGjEOr
q1AO1eNJtxBHaJssTtToCrkh9jb8a0WcHuG36+KDZ7Ek3Z78Ct+HtY0iowIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKCFBzXdn5c0LgKRSZe1ktxvw7O0MB8GA1UdIwQY
MBaAFIp0Fa5jTWExWcvSznSsJhp9WsTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW5RVnJtTk5ZVEZaeTlMT2RLd21HbjFheE5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS83ZGJmZTctMzYxNC00NTZlLWJmNGMt
ZWY3ZjU2ODQyNTQ2LzEvb0lVSE5kMmZselF1QXBGSmw3V1MzR19EczdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS83ZGJmZTctMzYxNC00NTZlLWJmNGMtZWY3ZjU2ODQyNTQ2
LzEvaW5RVnJtTk5ZVEZaeTlMT2RLd21HbjFheE5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAAlg7MD
BAMlg7ADBAK51DQwDQQCAAIwBwMFACoLcsAwDQYJKoZIhvcNAQELBQADggEBAEKh
v1e3g8Hk2F/lEKOQVWjzXwmq5A6WfAsJ7e6isJ9irDoh9NiTcWBGQWPZsi8eyCpU
qWDu65HaIZtUeY/WA07QzHSgqdBXJxluTRhAzd6svnUuFRK0eVak0UCUUuo030w7
v1mV48Mn91Bzp9FHdsDsav3dSH4LcjGYxcFshCz6YRQhZvA3NhwvtPDpHjVIHiyl
68np4tY808uYSfu75K/0I8W8Lch53gaoyhRznKYL/86ukJFARXT5gae185himuuf
Q2/nezOT1dAM/Fabmo6AZ0eJbYCds0B7yM1L2KTx1j/T7KBayqHsJr2rB+yMrv2w
GeSWqrJubUoh3Aa1isY=
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:42:12 2025 by rpki-client