Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/1xA0E3JMPDydJ13Prmcc7Dnta0s.roa
File: 1xA0E3JMPDydJ13Prmcc7Dnta0s.roa (raw, json)
Hash identifier: ogbhbFSepGfxytpnhFuB67o0q79KylhQPVl2PN0hOHA=
Subject key identifier: D7:10:34:13:72:4C:3C:3C:9D:27:5D:CF:AE:67:1C:EC:39:ED:6B:4B
Certificate issuer: /CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Certificate serial: 01942823668628E75B76574E30D1DDFE00D5
Authority key identifier: B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/1xA0E3JMPDydJ13Prmcc7Dnta0s.roa
Signing time: Thu 02 Jan 2025 17:49:56 +0000
ROA not before: Thu 02 Jan 2025 17:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12541
IP address blocks: 77.72.104.0/21 maxlen: 24
84.18.0.0/19 maxlen: 24
92.60.160.0/20 maxlen: 24
176.98.220.0/22 maxlen: 24
185.66.60.0/22 maxlen: 24
185.145.224.0/22 maxlen: 24
185.155.64.0/22 maxlen: 24
185.173.44.0/22 maxlen: 24
185.187.180.0/22 maxlen: 24
185.224.76.0/22 maxlen: 24
193.34.240.0/22 maxlen: 24
195.5.64.0/19 maxlen: 24
212.49.128.0/18 maxlen: 24
212.49.189.0/24 maxlen: 24
212.66.161.0/24 maxlen: 24
212.66.162.0/23 maxlen: 23
212.66.163.0/24 maxlen: 24
212.66.164.0/22 maxlen: 22
212.66.168.0/21 maxlen: 21
212.66.176.0/20 maxlen: 24
212.163.0.0/16 maxlen: 24
213.9.128.0/17 maxlen: 24
213.192.192.0/18 maxlen: 24
213.192.193.0/24 maxlen: 24
213.192.200.0/22 maxlen: 22
213.192.203.0/24 maxlen: 24
213.192.206.0/23 maxlen: 23
213.192.212.0/22 maxlen: 22
213.192.213.0/24 maxlen: 24
213.192.216.0/21 maxlen: 21
213.192.224.0/22 maxlen: 22
213.192.228.0/23 maxlen: 23
213.192.232.0/22 maxlen: 22
213.192.238.0/24 maxlen: 24
213.192.239.0/24 maxlen: 24
213.192.240.0/24 maxlen: 24
213.192.241.0/24 maxlen: 24
213.192.242.0/23 maxlen: 23
213.192.244.0/23 maxlen: 23
213.192.246.0/24 maxlen: 24
213.192.247.0/24 maxlen: 24
213.192.248.0/21 maxlen: 21
213.192.249.0/24 maxlen: 24
213.192.251.0/24 maxlen: 24
213.192.252.0/23 maxlen: 23
213.192.253.0/24 maxlen: 24
213.192.254.0/24 maxlen: 24
213.192.255.0/24 maxlen: 24
2001:ac0::/29 maxlen: 29
2001:ac0::/32 maxlen: 48
2001:ac0:30fd::/48 maxlen: 48
2001:ac0:c0c0::/44 maxlen: 44
2001:ac0:c880::/44 maxlen: 44
2a0d:59c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:66:86:28:e7:5b:76:57:4e:30:d1:dd:fe:00:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Validity
Not Before: Jan 2 17:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7103413724c3c3c9d275dcfae671cec39ed6b4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:50:64:db:43:26:1c:05:13:6e:e8:4e:4c:d4:
50:50:83:9b:bc:e1:f5:90:a1:01:70:46:ca:ef:5c:
10:81:ce:1e:5d:9a:e1:3f:61:8e:c2:51:93:a5:45:
14:50:55:8d:a4:96:e1:19:63:12:77:29:7a:2e:f5:
c9:37:6f:3d:37:12:d2:71:32:48:d6:30:43:e5:be:
7d:04:00:26:8d:3d:55:27:12:b3:d9:59:81:f9:78:
5c:5a:09:ae:0d:76:5f:96:c1:16:bd:ab:23:10:bd:
80:87:fd:46:4e:69:3c:a5:8c:23:e6:00:fd:e5:3a:
57:9b:cb:11:b5:af:d7:05:76:76:c8:1b:3c:0f:f2:
2c:b3:cf:e3:6e:0d:99:e7:60:18:c5:09:dc:4e:99:
40:b9:b2:ae:62:c8:03:e5:86:23:a5:b4:4b:96:30:
58:17:88:48:0f:12:99:02:ce:67:2e:17:0e:bc:e4:
24:53:1e:63:c7:83:fb:3d:c5:fb:1d:12:43:e5:cd:
cc:bd:fd:f7:5e:46:ed:36:8d:49:5c:19:85:4e:82:
4f:ef:94:c4:4c:99:ae:29:c3:b1:64:39:ef:d5:0e:
81:d5:ff:89:ef:21:51:81:60:68:04:db:da:a8:19:
b6:25:73:ae:b2:24:d3:44:eb:bb:83:8a:74:0f:91:
99:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:10:34:13:72:4C:3C:3C:9D:27:5D:CF:AE:67:1C:EC:39:ED:6B:4B
X509v3 Authority Key Identifier:
keyid:B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/1xA0E3JMPDydJ13Prmcc7Dnta0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.104.0/21
84.18.0.0/19
92.60.160.0/20
176.98.220.0/22
185.66.60.0/22
185.145.224.0/22
185.155.64.0/22
185.173.44.0/22
185.187.180.0/22
185.224.76.0/22
193.34.240.0/22
195.5.64.0/19
212.49.128.0/18
212.66.161.0-212.66.191.255
212.163.0.0/16
213.9.128.0/17
213.192.192.0/18
IPv6:
2001:ac0::/29
2a0d:59c0::/29
Signature Algorithm: sha256WithRSAEncryption
68:49:88:e1:5c:5c:e1:c3:d1:1d:56:8f:ea:80:2a:a2:da:67:
59:e6:25:aa:36:60:86:f1:45:98:93:94:76:36:bc:4f:d8:e7:
b4:da:3f:d4:85:83:2e:42:1f:e7:20:c9:59:28:43:e4:71:3e:
f4:c7:6b:2f:8f:f2:04:4c:71:b5:4a:9f:c6:bf:63:d5:59:6c:
53:6d:f0:ff:10:03:e8:9c:bb:b8:8a:1f:a4:aa:20:9a:dc:f2:
ed:27:f9:30:72:c8:df:8a:f9:b4:08:aa:7d:62:3e:78:ac:6d:
55:74:a3:38:cb:d3:a4:06:4b:5a:5f:2f:37:a9:a2:f2:f7:6d:
54:e3:1f:e3:7f:f8:5d:a6:59:3b:72:57:34:5e:9d:41:d2:ee:
56:95:c6:bd:52:28:e2:a9:c3:6f:7c:b2:c6:81:fd:b2:2e:39:
65:c9:bc:3d:0f:80:3a:f5:30:e0:1d:55:cf:fe:99:eb:2e:ce:
b9:1e:5a:88:fc:46:d6:8f:ba:03:41:e9:62:27:c1:6e:c2:52:
9a:b0:c5:3e:28:c1:8b:99:14:34:58:12:25:dc:2c:d6:4c:cc:
db:e8:a9:0b:19:5e:71:b4:d3:f5:5b:51:5e:60:83:e4:33:d4:
ab:42:02:e6:2f:97:6c:7c:0d:67:79:61:ed:be:de:f1:c2:5a:
e2:57:7c:91
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAZQoI2aGKOdbdldOMNHd/gDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQ5NjFmNjdmMjJjNjFlODRhNjZjOGFkOWMxYThjZTUx
ZDA5OWIwHhcNMjUwMTAyMTc0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzEwMzQxMzcyNGMzYzNjOWQyNzVkY2ZhZTY3MWNlYzM5ZWQ2YjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1Bk20MmHAUTbuhOTNRQUIObvOH1
kKEBcEbK71wQgc4eXZrhP2GOwlGTpUUUUFWNpJbhGWMSdyl6LvXJN289NxLScTJI
1jBD5b59BAAmjT1VJxKz2VmB+XhcWgmuDXZflsEWvasjEL2Ah/1GTmk8pYwj5gD9
5TpXm8sRta/XBXZ2yBs8D/Iss8/jbg2Z52AYxQncTplAubKuYsgD5YYjpbRLljBY
F4hIDxKZAs5nLhcOvOQkUx5jx4P7PcX7HRJD5c3Mvf33XkbtNo1JXBmFToJP75TE
TJmuKcOxZDnv1Q6B1f+J7yFRgWBoBNvaqBm2JXOusiTTROu7g4p0D5GZlQIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFNcQNBNyTDw8nSddz65nHOw57WtLMB8GA1UdIwQY
MBaAFLkUlh9n8ixh6EpmyK2cGozlHQmbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTIt
Mjc0NzNjYTYxMmRlLzEvMXhBMEUzSk1QRHlkSjEzUHJtY2M3RG50YTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTItMjc0NzNjYTYxMmRl
LzEvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizBzBAIAATBtAwQDTUho
AwQFVBIAAwQEXDygAwQCsGLcAwQCuUI8AwQCuZHgAwQCuZtAAwQCua0sAwQCubu0
AwQCueBMAwQCwSLwAwQFwwVAAwQG1DGAMAwDBADUQqEDBAbUQoADAwDUowMEB9UJ
gAMEBtXAwDAUBAIAAjAOAwUDIAEKwAMFAyoNWcAwDQYJKoZIhvcNAQELBQADggEB
AGhJiOFcXOHD0R1Wj+qAKqLaZ1nmJao2YIbxRZiTlHY2vE/Y57TaP9SFgy5CH+cg
yVkoQ+RxPvTHay+P8gRMcbVKn8a/Y9VZbFNt8P8QA+icu7iKH6SqIJrc8u0n+TBy
yN+K+bQIqn1iPnisbVV0ozjL06QGS1pfLzepovL3bVTjH+N/+F2mWTtyVzRenUHS
7laVxr1SKOKpw298ssaB/bIuOWXJvD0PgDr1MOAdVc/+mesuzrkeWoj8RtaPugNB
6WInwW7CUpqwxT4owYuZFDRYEiXcLNZMzNvoqQsZXnG00/VbUV5gg+Qz1KtCAuYv
l2x8DWd5Ye2+3vHCWuJXfJE=
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:11:02 2025 by rpki-client