Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/54b0d0-e9fe-48d1-968d-9e243c2d8821/1/e4YwnyTHRcui9Qd2cuefi1c6MlA.roa
File: e4YwnyTHRcui9Qd2cuefi1c6MlA.roa (raw, json)
Hash identifier: LhO2Xz43s1AvMskc3d7cQoBTaqJHciWee5shF/NhU8I=
Subject key identifier: 7B:86:30:9F:24:C7:45:CB:A2:F5:07:76:72:E7:9F:8B:57:3A:32:50
Certificate issuer: /CN=4df2c6fa54a8cc2dc71e802cf83f5c776ce974c9
Certificate serial: 019420D5D7F5068BC63965598925DC6A0436
Authority key identifier: 4D:F2:C6:FA:54:A8:CC:2D:C7:1E:80:2C:F8:3F:5C:77:6C:E9:74:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TfLG-lSozC3HHoAs-D9cd2zpdMk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/54b0d0-e9fe-48d1-968d-9e243c2d8821/1/e4YwnyTHRcui9Qd2cuefi1c6MlA.roa
Signing time: Wed 01 Jan 2025 07:47:52 +0000
ROA not before: Wed 01 Jan 2025 07:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35205
IP address blocks: 46.28.80.0/21 maxlen: 21
77.78.160.0/19 maxlen: 19
77.78.160.0/20 maxlen: 20
77.78.166.0/24 maxlen: 24
77.78.176.0/20 maxlen: 20
77.78.181.0/24 maxlen: 24
77.78.184.0/22 maxlen: 22
77.78.188.0/22 maxlen: 22
185.27.152.0/22 maxlen: 22
212.37.160.0/19 maxlen: 19
212.37.160.0/20 maxlen: 20
212.37.164.0/22 maxlen: 22
212.37.168.0/21 maxlen: 21
212.37.176.0/20 maxlen: 20
2a03:ed00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/54b0d0-e9fe-48d1-968d-9e243c2d8821/1/TfLG-lSozC3HHoAs-D9cd2zpdMk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/54b0d0-e9fe-48d1-968d-9e243c2d8821/1/TfLG-lSozC3HHoAs-D9cd2zpdMk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TfLG-lSozC3HHoAs-D9cd2zpdMk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:d7:f5:06:8b:c6:39:65:59:89:25:dc:6a:04:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4df2c6fa54a8cc2dc71e802cf83f5c776ce974c9
Validity
Not Before: Jan 1 07:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b86309f24c745cba2f5077672e79f8b573a3250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:09:2d:09:29:0d:ed:e8:07:33:7b:b8:f9:08:
d9:29:b5:b1:f2:c5:66:c4:36:99:e3:eb:9f:8b:ea:
01:5b:c6:56:22:35:5e:a7:5d:b6:78:78:68:5f:30:
93:1f:01:e3:77:4f:a7:7b:99:38:c0:49:46:26:59:
6e:40:90:54:75:f1:66:4b:e0:a1:e2:29:44:a3:8c:
50:24:4b:26:4c:ad:fa:22:a8:c9:50:7c:fe:1e:64:
a5:4a:ea:43:39:55:01:64:ee:14:2b:95:57:2c:f3:
6d:ac:8c:32:31:b6:19:14:6a:4e:64:5d:b2:3a:c5:
0f:c7:ea:80:d2:8e:38:13:7b:02:8c:c1:05:bc:8b:
e4:b8:61:0d:c3:1a:48:a1:f2:49:c7:9a:26:43:95:
18:e6:58:fb:4c:b2:bb:4e:ce:60:71:63:72:fc:fa:
a3:d4:ed:2b:b7:86:c4:e2:c2:67:96:0e:ee:45:12:
30:db:09:bd:f9:71:63:0d:2c:43:db:71:b7:85:63:
63:9d:af:c5:2d:c2:f6:04:02:63:75:72:26:29:25:
1f:da:72:63:57:37:5b:1b:67:43:32:54:65:99:b4:
95:fb:d1:1e:18:73:fb:c5:18:ff:e1:cb:53:00:81:
b7:2b:55:93:47:00:a2:37:53:07:16:23:7a:2e:e4:
fa:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:86:30:9F:24:C7:45:CB:A2:F5:07:76:72:E7:9F:8B:57:3A:32:50
X509v3 Authority Key Identifier:
keyid:4D:F2:C6:FA:54:A8:CC:2D:C7:1E:80:2C:F8:3F:5C:77:6C:E9:74:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TfLG-lSozC3HHoAs-D9cd2zpdMk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/54b0d0-e9fe-48d1-968d-9e243c2d8821/1/e4YwnyTHRcui9Qd2cuefi1c6MlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/54b0d0-e9fe-48d1-968d-9e243c2d8821/1/TfLG-lSozC3HHoAs-D9cd2zpdMk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.80.0/21
77.78.160.0/19
185.27.152.0/22
212.37.160.0/19
IPv6:
2a03:ed00::/32
Signature Algorithm: sha256WithRSAEncryption
0b:21:42:ea:8b:cb:9d:d2:73:3c:53:ea:1a:fc:17:d1:0c:38:
bf:d0:51:75:15:27:6b:6c:6b:16:ee:bb:c7:02:00:a0:89:e3:
9b:09:87:8c:ec:ea:a6:ed:7d:8d:c9:22:5e:e7:02:22:4c:b4:
56:9f:10:01:fc:a6:60:82:d8:98:43:cc:2a:89:41:61:27:63:
5f:5f:c9:c8:0c:02:0c:f4:82:f3:dd:06:61:8c:c9:91:9d:63:
59:e4:a3:0e:83:4d:a3:60:82:75:e1:02:bf:8f:86:36:1b:f0:
e0:b2:b2:71:15:77:db:d5:60:20:85:6c:cd:3d:aa:9c:cf:89:
46:a9:ed:47:60:67:59:fc:e3:3f:78:c3:14:ce:d3:37:32:9e:
06:e6:48:33:71:3b:55:41:7b:02:1b:70:ab:a7:50:5f:b1:ec:
7a:28:aa:72:c3:04:8d:af:a3:7d:bf:de:63:2b:43:29:3f:8f:
8e:79:ee:80:01:e3:e0:fb:7a:56:f5:fc:c9:95:ae:e0:c5:0f:
06:4f:96:29:b9:24:b4:45:89:64:e4:97:76:7b:35:07:ea:2e:
9c:74:75:f7:86:e8:e5:9a:80:49:96:3f:74:61:21:8c:02:7e:
c7:3c:da:55:cf:3b:4f:91:b1:57:ec:33:de:bf:6c:a4:02:e6:
b6:18:5d:25
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQg1df1BovGOWVZiSXcagQ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZjJjNmZhNTRhOGNjMmRjNzFlODAyY2Y4M2Y1Yzc3NmNl
OTc0YzkwHhcNMjUwMTAxMDc0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yjg2MzA5ZjI0Yzc0NWNiYTJmNTA3NzY3MmU3OWY4YjU3M2EzMjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQktCSkN7egHM3u4+QjZKbWx8sVm
xDaZ4+ufi+oBW8ZWIjVep122eHhoXzCTHwHjd0+ne5k4wElGJlluQJBUdfFmS+Ch
4ilEo4xQJEsmTK36IqjJUHz+HmSlSupDOVUBZO4UK5VXLPNtrIwyMbYZFGpOZF2y
OsUPx+qA0o44E3sCjMEFvIvkuGENwxpIofJJx5omQ5UY5lj7TLK7Ts5gcWNy/Pqj
1O0rt4bE4sJnlg7uRRIw2wm9+XFjDSxD23G3hWNjna/FLcL2BAJjdXImKSUf2nJj
VzdbG2dDMlRlmbSV+9EeGHP7xRj/4ctTAIG3K1WTRwCiN1MHFiN6LuT6IwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHuGMJ8kx0XLovUHdnLnn4tXOjJQMB8GA1UdIwQY
MBaAFE3yxvpUqMwtxx6ALPg/XHds6XTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGZMRy1sU296QzNISG9Bcy1EOWNkMnpwZE1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy81NGIwZDAtZTlmZS00OGQxLTk2OGQt
OWUyNDNjMmQ4ODIxLzEvZTRZd255VEhSY3VpOVFkMmN1ZWZpMWM2TWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy81NGIwZDAtZTlmZS00OGQxLTk2OGQtOWUyNDNjMmQ4ODIx
LzEvVGZMRy1sU296QzNISG9Bcy1EOWNkMnpwZE1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLhxQAwQF
TU6gAwQCuRuYAwQF1CWgMA0EAgACMAcDBQAqA+0AMA0GCSqGSIb3DQEBCwUAA4IB
AQALIULqi8ud0nM8U+oa/BfRDDi/0FF1FSdrbGsW7rvHAgCgieObCYeM7Oqm7X2N
ySJe5wIiTLRWnxAB/KZggtiYQ8wqiUFhJ2NfX8nIDAIM9ILz3QZhjMmRnWNZ5KMO
g02jYIJ14QK/j4Y2G/DgsrJxFXfb1WAghWzNPaqcz4lGqe1HYGdZ/OM/eMMUztM3
Mp4G5kgzcTtVQXsCG3Crp1Bfsex6KKpywwSNr6N9v95jK0MpP4+Oee6AAePg+3pW
9fzJla7gxQ8GT5YpuSS0RYlk5Jd2ezUH6i6cdHX3hujlmoBJlj90YSGMAn7HPNpV
zztPkbFX7DPev2ykAua2GF0l
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:21:19 2025 by rpki-client