Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/l63ezx_M0iAM5dKGQZtcWd8xPmQ.roa
File: l63ezx_M0iAM5dKGQZtcWd8xPmQ.roa (raw, json)
Hash identifier: qf8bDHKpJxynQt1q7hXqJrXbCZfUxZZ7MBpbrfJkMcU=
Subject key identifier: 97:AD:DE:CF:1F:CC:D2:20:0C:E5:D2:86:41:9B:5C:59:DF:31:3E:64
Certificate issuer: /CN=7d149f62447853689c12fb288afeb6b681cfebc1
Certificate serial: 0194266C159B26B83B51FD932F4DF37E5FBF
Authority key identifier: 7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/l63ezx_M0iAM5dKGQZtcWd8xPmQ.roa
Signing time: Thu 02 Jan 2025 09:50:05 +0000
ROA not before: Thu 02 Jan 2025 09:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6697
IP address blocks: 91.149.157.0/24 maxlen: 24
91.149.158.0/24 maxlen: 24
91.149.166.0/24 maxlen: 24
93.125.30.0/23 maxlen: 23
93.125.31.0/24 maxlen: 24
93.125.38.0/24 maxlen: 24
93.125.48.0/24 maxlen: 24
93.125.53.0/24 maxlen: 24
93.125.71.0/24 maxlen: 24
93.125.99.0/24 maxlen: 24
178.172.148.0/24 maxlen: 24
178.172.160.0/22 maxlen: 22
178.172.172.0/23 maxlen: 23
178.172.201.0/24 maxlen: 24
178.172.235.0/24 maxlen: 24
178.172.236.0/24 maxlen: 24
178.172.244.0/24 maxlen: 24
178.172.250.0/24 maxlen: 24
178.172.254.0/24 maxlen: 24
2a04:2e80:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.mft
rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:15:9b:26:b8:3b:51:fd:93:2f:4d:f3:7e:5f:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d149f62447853689c12fb288afeb6b681cfebc1
Validity
Not Before: Jan 2 09:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97addecf1fccd2200ce5d286419b5c59df313e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:22:6f:ce:90:84:c9:bc:73:22:82:fd:6f:c7:
8f:60:47:58:90:61:8b:da:85:ae:54:30:61:5e:9a:
2b:61:4f:bc:0c:1d:85:58:ab:e1:86:8d:48:25:32:
32:07:8b:af:e6:8e:84:62:4c:3c:16:5e:1a:a2:82:
9c:d8:11:a7:7d:78:91:19:d9:f4:ba:e3:df:86:a8:
b9:54:70:41:3f:e6:d6:85:ec:bc:79:e7:2c:42:4d:
ea:d5:59:2b:3f:01:7f:ac:f5:1f:9d:8f:41:0c:c4:
ca:b6:e5:b7:fa:6d:54:1b:b3:d9:92:4f:8a:c9:87:
5b:3f:eb:53:52:80:97:f7:c6:03:bb:8f:61:ba:c4:
d3:ce:4a:1a:c7:d8:c4:1f:a6:2d:c5:d4:d0:30:ee:
07:2c:98:f7:0a:ec:1a:3a:04:43:52:30:54:45:2c:
2d:d7:59:a5:bb:57:50:03:a7:f0:de:69:a5:59:0d:
cd:f1:8a:41:97:5c:20:04:66:a2:45:f6:0f:0f:32:
6a:40:1b:3a:de:a5:8c:64:13:c8:e4:6e:93:72:de:
bb:36:77:0a:6b:04:5b:d4:32:12:92:8a:d7:05:4e:
65:fa:20:86:c4:6a:c5:8d:de:28:d9:55:63:28:9c:
6e:a9:46:b1:8f:c0:1e:7c:04:ee:16:f3:49:c8:4f:
5c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:AD:DE:CF:1F:CC:D2:20:0C:E5:D2:86:41:9B:5C:59:DF:31:3E:64
X509v3 Authority Key Identifier:
keyid:7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/l63ezx_M0iAM5dKGQZtcWd8xPmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.157.0-91.149.158.255
91.149.166.0/24
93.125.30.0/23
93.125.38.0/24
93.125.48.0/24
93.125.53.0/24
93.125.71.0/24
93.125.99.0/24
178.172.148.0/24
178.172.160.0/22
178.172.172.0/23
178.172.201.0/24
178.172.235.0-178.172.236.255
178.172.244.0/24
178.172.250.0/24
178.172.254.0/24
IPv6:
2a04:2e80:7::/48
Signature Algorithm: sha256WithRSAEncryption
6a:0f:e6:c3:9d:23:31:b3:02:10:a1:e9:41:15:83:23:83:e6:
94:5e:95:98:77:38:48:56:e3:07:fb:54:d9:f0:e4:ab:17:ed:
a0:32:fc:30:88:ed:1e:3b:af:ff:f1:3d:8b:60:67:70:9e:4d:
cd:af:fe:82:6a:be:82:e9:b8:60:5a:07:6a:98:ce:b1:58:63:
1e:a1:47:70:91:ca:e5:c5:95:07:90:7a:e1:af:23:b3:b7:59:
3a:9f:3b:38:79:5c:6d:1c:db:db:27:3f:36:26:13:17:f4:1d:
be:29:d1:9c:91:c4:79:c3:85:f3:81:59:76:3d:28:a9:f7:04:
a0:1a:21:40:03:6a:77:35:ff:9d:69:cd:0d:45:3a:c8:dc:82:
ca:77:84:ae:5f:6c:33:38:c7:7b:5f:e9:26:86:8d:88:a2:16:
c8:c7:57:6c:ef:64:28:12:28:aa:72:24:fe:cd:41:10:f2:80:
b5:61:29:98:80:11:61:a5:d2:85:fa:fb:53:3e:78:18:b3:f8:
bc:de:35:2a:27:d9:b7:90:3d:e6:38:89:45:7d:e0:3e:3a:1f:
c0:9f:3b:40:1a:77:c3:03:d7:53:d9:79:2c:e4:a1:00:e2:3f:
f0:1b:0c:f0:2c:c5:49:0e:44:57:42:4a:d8:ae:db:44:44:de:
c8:c9:54:e4
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZQmbBWbJrg7Uf2TL03zfl+/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMTQ5ZjYyNDQ3ODUzNjg5YzEyZmIyODhhZmViNmI2ODFj
ZmViYzEwHhcNMjUwMTAyMDk1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2FkZGVjZjFmY2NkMjIwMGNlNWQyODY0MTliNWM1OWRmMzEzZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4iJvzpCEybxzIoL9b8ePYEdYkGGL
2oWuVDBhXporYU+8DB2FWKvhho1IJTIyB4uv5o6EYkw8Fl4aooKc2BGnfXiRGdn0
uuPfhqi5VHBBP+bWhey8eecsQk3q1VkrPwF/rPUfnY9BDMTKtuW3+m1UG7PZkk+K
yYdbP+tTUoCX98YDu49husTTzkoax9jEH6YtxdTQMO4HLJj3CuwaOgRDUjBURSwt
11mlu1dQA6fw3mmlWQ3N8YpBl1wgBGaiRfYPDzJqQBs63qWMZBPI5G6Tct67NncK
awRb1DISkorXBU5l+iCGxGrFjd4o2VVjKJxuqUaxj8AefATuFvNJyE9cPQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFJet3s8fzNIgDOXShkGbXFnfMT5kMB8GA1UdIwQY
MBaAFH0Un2JEeFNonBL7KIr+traBz+vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTct
YWFiMGU0MTRjYzYzLzEvbDYzZXp4X00waUFNNWRLR1FadGNXZDh4UG1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTctYWFiMGU0MTRjYzYz
LzEvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB2BAIAATBwMAwDBABb
lZ0DBABblZ4DBABblaYDBAFdfR4DBABdfSYDBABdfTADBABdfTUDBABdfUcDBABd
fWMDBACyrJQDBAKyrKADBAGyrKwDBACyrMkwDAMEALKs6wMEALKs7AMEALKs9AME
ALKs+gMEALKs/jAPBAIAAjAJAwcAKgQugAAHMA0GCSqGSIb3DQEBCwUAA4IBAQBq
D+bDnSMxswIQoelBFYMjg+aUXpWYdzhIVuMH+1TZ8OSrF+2gMvwwiO0eO6//8T2L
YGdwnk3Nr/6Car6C6bhgWgdqmM6xWGMeoUdwkcrlxZUHkHrhryOzt1k6nzs4eVxt
HNvbJz82JhMX9B2+KdGckcR5w4XzgVl2PSip9wSgGiFAA2p3Nf+dac0NRTrI3ILK
d4SuX2wzOMd7X+kmho2IohbIx1ds72QoEiiqciT+zUEQ8oC1YSmYgBFhpdKF+vtT
PngYs/i83jUqJ9m3kD3mOIlFfeA+Oh/AnztAGnfDA9dT2Xks5KEA4j/wGwzwLMVJ
DkRXQkrYrttERN7IyVTk
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:02:05 2025 by rpki-client