Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/CNv0NdNZKIhaMEB-_zcwx5XHpgI.roa
File: CNv0NdNZKIhaMEB-_zcwx5XHpgI.roa (raw, json)
Hash identifier: jSc4O0ONF5PwUEe8AoTXbFWewQ1vQ1toZjhU7yhjZAU=
Subject key identifier: 08:DB:F4:35:D3:59:28:88:5A:30:40:7E:FF:37:30:C7:95:C7:A6:02
Certificate issuer: /CN=34b419fa4a0a1605188318cdf4a2044992853b95
Certificate serial: 019422FB81D8982E918694FA60CAA5488317
Authority key identifier: 34:B4:19:FA:4A:0A:16:05:18:83:18:CD:F4:A2:04:49:92:85:3B:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLQZ-koKFgUYgxjN9KIESZKFO5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/CNv0NdNZKIhaMEB-_zcwx5XHpgI.roa
Signing time: Wed 01 Jan 2025 17:48:15 +0000
ROA not before: Wed 01 Jan 2025 17:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34309
IP address blocks: 37.153.80.0/24 maxlen: 24
37.153.81.0/24 maxlen: 24
37.153.82.0/24 maxlen: 24
37.153.83.0/24 maxlen: 24
37.153.84.0/24 maxlen: 24
37.153.85.0/24 maxlen: 24
37.153.86.0/24 maxlen: 24
37.153.87.0/24 maxlen: 24
185.224.180.0/22 maxlen: 24
195.8.198.0/24 maxlen: 24
195.8.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/NLQZ-koKFgUYgxjN9KIESZKFO5U.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/NLQZ-koKFgUYgxjN9KIESZKFO5U.mft
rsync://rpki.ripe.net/repository/DEFAULT/NLQZ-koKFgUYgxjN9KIESZKFO5U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 19:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:81:d8:98:2e:91:86:94:fa:60:ca:a5:48:83:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34b419fa4a0a1605188318cdf4a2044992853b95
Validity
Not Before: Jan 1 17:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08dbf435d35928885a30407eff3730c795c7a602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:d8:8f:be:37:65:bc:f3:c5:4e:f6:10:92:ff:
c6:1e:80:72:c4:92:60:46:ec:3c:e8:b3:a6:9b:b9:
28:d7:c4:39:56:3b:96:0b:dc:bb:ae:23:31:94:54:
4d:71:96:f7:9d:2d:0e:a7:0b:51:1b:a4:a2:8d:5b:
b0:af:52:bf:51:3f:c4:c8:38:55:54:f5:a3:cd:3a:
23:45:05:71:0c:52:63:d6:69:a7:eb:83:17:75:6c:
f0:cb:9c:1e:93:93:d4:36:69:79:77:e9:65:09:08:
76:30:ad:28:2f:24:10:7d:54:d9:64:de:d8:c7:40:
4e:23:e9:38:80:62:20:e8:63:e2:f9:98:06:c6:0e:
2e:bd:7e:df:56:c2:d6:9b:72:d2:22:e0:b3:bd:e6:
24:a9:02:20:6d:e9:91:43:6d:6d:5d:46:03:07:17:
b0:e5:31:a0:16:30:22:5c:4b:0d:52:dd:f2:80:29:
fc:c0:e8:8a:2e:a3:8a:f1:93:3a:70:52:9a:58:c7:
8e:2c:48:41:77:fb:1c:24:45:1d:5c:df:e0:2a:ce:
99:b5:35:9b:39:47:0c:bc:80:69:e8:8c:ed:01:d4:
8f:68:d0:93:2a:57:77:23:a3:08:fa:4d:74:1e:d2:
51:ca:e2:ef:d8:2c:b2:ed:18:4f:df:6c:de:c5:0e:
65:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:DB:F4:35:D3:59:28:88:5A:30:40:7E:FF:37:30:C7:95:C7:A6:02
X509v3 Authority Key Identifier:
keyid:34:B4:19:FA:4A:0A:16:05:18:83:18:CD:F4:A2:04:49:92:85:3B:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLQZ-koKFgUYgxjN9KIESZKFO5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/CNv0NdNZKIhaMEB-_zcwx5XHpgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/NLQZ-koKFgUYgxjN9KIESZKFO5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.80.0/21
185.224.180.0/22
195.8.198.0/23
Signature Algorithm: sha256WithRSAEncryption
51:db:24:04:aa:83:7c:ef:c4:1d:b4:38:e9:9d:e9:cd:65:84:
94:a6:3e:56:00:0b:16:f1:cd:d1:22:05:07:4d:79:b5:36:ec:
0a:73:1c:5b:a0:cc:d6:c4:9f:85:97:99:50:2c:9f:78:bc:51:
f0:ad:c3:05:76:48:40:f8:24:ec:83:b9:00:9a:32:4b:bc:b5:
5d:95:65:e6:88:07:f9:15:90:5e:56:94:a1:4f:6f:a4:f4:14:
84:3a:d7:ab:ff:4a:a1:12:5e:97:39:45:79:f2:43:44:d8:58:
55:1c:96:cf:b7:03:7a:eb:b8:1d:73:36:e6:37:af:00:59:f8:
35:38:32:e2:4b:ad:5c:23:68:1c:bb:b0:fa:3d:ad:69:01:75:
54:aa:5d:fe:33:1d:c0:87:33:39:c3:b5:b1:4a:dd:d9:77:0b:
b6:ed:ec:02:1a:9c:49:12:13:b9:38:a1:1c:da:64:ea:d1:04:
90:5e:53:c8:4b:86:1b:77:46:54:17:da:39:7b:0b:c4:2a:37:
26:cf:cf:7e:af:c4:88:e0:31:5a:03:93:bd:0d:fe:52:fb:09:
dc:a8:1e:fd:ec:ce:51:4f:77:e7:3c:92:a9:ea:d2:ac:f7:3f:
86:9b:a4:10:bb:9d:fd:db:a9:00:88:b8:a1:93:5d:b6:2e:72:
ac:8d:bf:8e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQi+4HYmC6RhpT6YMqlSIMXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YjQxOWZhNGEwYTE2MDUxODgzMThjZGY0YTIwNDQ5OTI4
NTNiOTUwHhcNMjUwMTAxMTc0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGRiZjQzNWQzNTkyODg4NWEzMDQwN2VmZjM3MzBjNzk1YzdhNjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA59iPvjdlvPPFTvYQkv/GHoByxJJg
Ruw86LOmm7ko18Q5VjuWC9y7riMxlFRNcZb3nS0OpwtRG6SijVuwr1K/UT/EyDhV
VPWjzTojRQVxDFJj1mmn64MXdWzwy5wek5PUNml5d+llCQh2MK0oLyQQfVTZZN7Y
x0BOI+k4gGIg6GPi+ZgGxg4uvX7fVsLWm3LSIuCzveYkqQIgbemRQ21tXUYDBxew
5TGgFjAiXEsNUt3ygCn8wOiKLqOK8ZM6cFKaWMeOLEhBd/scJEUdXN/gKs6ZtTWb
OUcMvIBp6IztAdSPaNCTKld3I6MI+k10HtJRyuLv2Cyy7RhP32zexQ5lmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAjb9DXTWSiIWjBAfv83MMeVx6YCMB8GA1UdIwQY
MBaAFDS0GfpKChYFGIMYzfSiBEmShTuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkxRWi1rb0tGZ1VZZ3hqTjlLSUVTWktGTzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84Yzc5ZmItN2E1Ny00MjlkLTljMzMt
ODc3NzU0NGM5Mjc1LzEvQ052ME5kTlpLSWhhTUVCLV96Y3d4NVhIcGdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84Yzc5ZmItN2E1Ny00MjlkLTljMzMtODc3NzU0NGM5Mjc1
LzEvTkxRWi1rb0tGZ1VZZ3hqTjlLSUVTWktGTzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJZlQAwQC
ueC0AwQBwwjGMA0GCSqGSIb3DQEBCwUAA4IBAQBR2yQEqoN878QdtDjpnenNZYSU
pj5WAAsW8c3RIgUHTXm1NuwKcxxboMzWxJ+Fl5lQLJ94vFHwrcMFdkhA+CTsg7kA
mjJLvLVdlWXmiAf5FZBeVpShT2+k9BSEOter/0qhEl6XOUV58kNE2FhVHJbPtwN6
67gdczbmN68AWfg1ODLiS61cI2gcu7D6Pa1pAXVUql3+Mx3AhzM5w7WxSt3Zdwu2
7ewCGpxJEhO5OKEc2mTq0QSQXlPIS4Ybd0ZUF9o5ewvEKjcmz89+r8SI4DFaA5O9
Df5S+wncqB797M5RT3fnPJKp6tKs9z+Gm6QQu53926kAiLihk122LnKsjb+O
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:13:37 2025 by rpki-client