Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/aMCpVj1Fefbqz5te0ANwzU5pAtU.roa
File: aMCpVj1Fefbqz5te0ANwzU5pAtU.roa (raw, json)
Hash identifier: /TZGThQW9xF+8qGqInkXk4qaM698Wah4degkQvBR09w=
Subject key identifier: 68:C0:A9:56:3D:45:79:F6:EA:CF:9B:5E:D0:03:70:CD:4E:69:02:D5
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 019560F4F09675368FD186545252C6DF8618
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/aMCpVj1Fefbqz5te0ANwzU5pAtU.roa
Signing time: Tue 04 Mar 2025 11:40:19 +0000
ROA not before: Tue 04 Mar 2025 11:40:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213807
IP address blocks: 37.202.224.0/22 maxlen: 24
37.202.228.0/22 maxlen: 24
37.202.232.0/22 maxlen: 24
37.202.236.0/22 maxlen: 24
37.202.240.0/23 maxlen: 24
37.202.241.0/24 maxlen: 24
37.202.242.0/24 maxlen: 24
94.182.101.0/24 maxlen: 24
94.182.104.0/22 maxlen: 24
94.182.108.0/24 maxlen: 24
94.182.128.0/23 maxlen: 24
94.182.131.0/24 maxlen: 24
94.182.134.0/24 maxlen: 24
94.182.136.0/23 maxlen: 24
94.182.145.0/24 maxlen: 24
94.182.147.0/24 maxlen: 24
94.182.149.0/24 maxlen: 24
94.182.150.0/24 maxlen: 24
94.182.152.0/24 maxlen: 24
94.182.167.0/24 maxlen: 24
94.182.223.0/24 maxlen: 24
185.73.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 02:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:60:f4:f0:96:75:36:8f:d1:86:54:52:52:c6:df:86:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Mar 4 11:40:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68c0a9563d4579f6eacf9b5ed00370cd4e6902d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a8:a7:b8:0a:42:d3:9f:5b:79:eb:39:7e:2b:
3b:32:5a:f6:b7:19:af:fc:ee:0b:04:eb:9a:39:47:
72:24:fd:e8:e9:07:72:b9:8b:16:b2:e9:e8:74:e1:
70:e5:7c:32:eb:9e:ac:51:fd:3b:c1:aa:96:01:29:
ba:b9:d1:e7:aa:10:5e:9b:7d:3b:ce:2c:21:20:eb:
24:55:fc:f6:0a:32:f6:5b:21:a9:e5:27:29:16:79:
65:de:ce:40:ad:cf:4f:7f:ff:29:1e:de:3a:e9:44:
e9:bf:09:60:c4:85:49:fd:f7:13:2c:3e:92:6a:a1:
b0:94:c0:82:1a:67:de:e7:69:ac:28:2a:f4:f5:9e:
28:3b:c2:cf:13:d3:0a:ff:ce:02:54:e9:a6:f8:ea:
04:4b:2b:c2:39:42:a8:28:38:c7:35:37:55:bf:8b:
ef:5d:40:dd:50:3b:1d:52:0c:53:a3:25:1b:7c:fb:
ae:a0:4b:04:37:f5:44:a7:c2:19:1d:7f:6f:bd:d4:
6a:a2:f7:cc:cd:ec:e6:1a:72:bb:10:16:e1:aa:0f:
19:f4:47:a8:57:f1:e0:53:54:a6:1a:1b:a1:30:34:
8f:ee:52:ed:c3:4e:af:b6:42:9f:03:40:23:ff:ad:
e0:fc:89:7f:40:4a:2f:40:69:ac:40:8c:bf:af:4e:
fa:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C0:A9:56:3D:45:79:F6:EA:CF:9B:5E:D0:03:70:CD:4E:69:02:D5
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/aMCpVj1Fefbqz5te0ANwzU5pAtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.224.0-37.202.242.255
94.182.101.0/24
94.182.104.0-94.182.108.255
94.182.128.0/23
94.182.131.0/24
94.182.134.0/24
94.182.136.0/23
94.182.145.0/24
94.182.147.0/24
94.182.149.0-94.182.150.255
94.182.152.0/24
94.182.167.0/24
94.182.223.0/24
185.73.0.0/24
Signature Algorithm: sha256WithRSAEncryption
30:e9:36:0c:0f:d7:15:84:b5:14:5a:72:85:bb:f8:c1:20:c5:
fe:f3:7c:1d:04:83:62:d6:b5:06:c5:d4:b4:e7:c0:2f:82:0f:
f1:6e:5d:80:a8:f3:e4:8e:46:23:cb:b4:fd:9c:20:28:77:49:
17:d6:95:dc:0a:ff:62:c1:17:dc:b8:5a:ad:58:6b:d5:47:b7:
5b:5b:c1:5b:6f:2c:26:66:37:73:19:7b:17:07:d2:bc:3b:7f:
fd:c0:c2:f3:0c:80:22:8f:12:c5:00:98:b2:e7:49:59:08:2e:
3f:c6:51:94:b7:19:cd:e1:33:f5:d0:2a:c9:81:d1:69:65:89:
3a:0e:8a:db:cf:3f:3e:e5:7f:97:9b:81:0d:ec:83:1e:4f:ac:
29:2d:e1:df:6d:79:6b:7c:5a:a4:b4:36:b7:9c:c8:75:7e:8c:
91:ac:f0:71:c0:1f:3a:a0:75:31:f5:35:59:23:8a:3d:9a:56:
56:95:81:e4:a7:cf:3e:f4:4b:ce:03:be:42:f8:6c:6c:99:1a:
8e:31:65:18:5b:c0:22:06:f4:0b:2f:49:b2:a5:27:02:42:2a:
4f:db:84:ef:04:26:00:df:04:b1:45:fb:2c:9b:49:2a:08:a4:
e7:16:34:4c:51:d8:bf:1a:20:c5:94:48:f9:03:dd:b8:ab:f5:
bc:0c:6f:62
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZVg9PCWdTaP0YZUUlLG34YYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjUwMzA0MTE0MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGMwYTk1NjNkNDU3OWY2ZWFjZjliNWVkMDAzNzBjZDRlNjkwMmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArainuApC059bees5fis7Mlr2txmv
/O4LBOuaOUdyJP3o6QdyuYsWsunodOFw5Xwy656sUf07waqWASm6udHnqhBem307
ziwhIOskVfz2CjL2WyGp5ScpFnll3s5Arc9Pf/8pHt466UTpvwlgxIVJ/fcTLD6S
aqGwlMCCGmfe52msKCr09Z4oO8LPE9MK/84CVOmm+OoESyvCOUKoKDjHNTdVv4vv
XUDdUDsdUgxToyUbfPuuoEsEN/VEp8IZHX9vvdRqovfMzezmGnK7EBbhqg8Z9Eeo
V/HgU1SmGhuhMDSP7lLtw06vtkKfA0Aj/63g/Il/QEovQGmsQIy/r0769wIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFGjAqVY9RXn26s+bXtADcM1OaQLVMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvYU1DcFZqMUZlZmJxejV0ZTBBTnd6VTVwQXRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbDAMAwQFJcrg
AwQAJcryAwQAXrZlMAwDBANetmgDBABetmwDBAFetoADBABetoMDBABetoYDBAFe
togDBABetpEDBABetpMwDAMEAF62lQMEAF62lgMEAF62mAMEAF62pwMEAF623wME
ALlJADANBgkqhkiG9w0BAQsFAAOCAQEAMOk2DA/XFYS1FFpyhbv4wSDF/vN8HQSD
Yta1BsXUtOfAL4IP8W5dgKjz5I5GI8u0/ZwgKHdJF9aV3Ar/YsEX3LharVhr1Ue3
W1vBW28sJmY3cxl7FwfSvDt//cDC8wyAIo8SxQCYsudJWQguP8ZRlLcZzeEz9dAq
yYHRaWWJOg6K288/PuV/l5uBDeyDHk+sKS3h3215a3xapLQ2t5zIdX6MkazwccAf
OqB1MfU1WSOKPZpWVpWB5KfPPvRLzgO+QvhsbJkajjFlGFvAIgb0Cy9JsqUnAkIq
T9uE7wQmAN8EsUX7LJtJKgik5xY0TFHYvxogxZRI+QPduKv1vAxvYg==
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:09:46 2025 by rpki-client