Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/36QOymunx5ltpfCv7RGqukViFTI.roa
File: 36QOymunx5ltpfCv7RGqukViFTI.roa (raw, json)
Hash identifier: V1hhAEF9YFC1x51fmgBF4Rv4xi3g8RRx1BsDO5r3iOw=
Subject key identifier: DF:A4:0E:CA:6B:A7:C7:99:6D:A5:F0:AF:ED:11:AA:BA:45:62:15:32
Certificate issuer: /CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Certificate serial: 0194228D37CD36060E23408FCE8405566048
Authority key identifier: AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/36QOymunx5ltpfCv7RGqukViFTI.roa
Signing time: Wed 01 Jan 2025 15:47:47 +0000
ROA not before: Wed 01 Jan 2025 15:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15785
IP address blocks: 5.1.2.0/24 maxlen: 24
5.1.3.0/24 maxlen: 24
31.128.65.0/24 maxlen: 24
88.81.244.0/23 maxlen: 23
88.81.250.0/24 maxlen: 24
188.0.68.0/24 maxlen: 24
188.0.69.0/24 maxlen: 24
188.0.70.0/24 maxlen: 24
188.0.71.0/24 maxlen: 24
188.0.72.0/24 maxlen: 24
188.0.74.0/24 maxlen: 24
188.0.75.0/24 maxlen: 24
188.0.76.0/24 maxlen: 24
194.110.79.0/24 maxlen: 24
194.146.199.0/24 maxlen: 24
2a01:758::/48 maxlen: 48
2a01:758:8300::/48 maxlen: 48
2a01:758:8301::/48 maxlen: 48
2a01:758:8302::/48 maxlen: 48
2a01:758:8303::/48 maxlen: 48
2a01:758:8304::/48 maxlen: 48
2a01:758:8305::/48 maxlen: 48
2a01:758:8306::/48 maxlen: 48
2a01:758:8307::/48 maxlen: 48
2a01:758:8308::/48 maxlen: 48
2a01:758:8309::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 16:11:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:37:cd:36:06:0e:23:40:8f:ce:84:05:56:60:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Validity
Not Before: Jan 1 15:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfa40eca6ba7c7996da5f0afed11aaba45621532
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9c:ea:3f:a6:6c:ae:c7:49:9c:c5:1a:9f:25:
07:24:c7:b2:a6:b6:11:8d:44:fc:41:51:3f:b5:ff:
38:79:1e:56:11:db:94:c4:11:72:7f:82:8e:ef:b5:
9a:e7:ee:92:00:48:03:c4:2d:6e:03:9f:4a:e6:f0:
42:7f:4a:ef:17:01:63:28:d5:85:cf:6e:16:d6:b5:
2e:c6:c4:28:97:ef:a7:74:84:e0:bd:a3:54:06:95:
03:cd:2b:37:bc:72:95:c6:22:83:74:2b:49:9e:47:
66:12:d3:76:62:91:42:28:9a:d0:e1:51:2d:f4:be:
97:29:03:4b:58:d3:9c:95:e6:b9:16:04:b7:0a:7f:
b7:54:20:8b:e9:56:75:54:9e:36:0f:5f:90:3c:9d:
2c:73:33:a5:fb:a2:40:c7:c6:9b:e7:3f:08:5d:00:
4b:be:65:2a:1f:0d:d1:49:a9:ff:5e:87:6c:e0:61:
39:65:3f:84:e2:c0:9d:ee:83:d0:ec:07:bb:2c:ec:
5f:ed:e2:c9:d6:d7:ae:31:c6:9e:0a:61:a6:5e:70:
39:b8:96:89:c1:44:d0:5d:7b:38:7d:29:04:a8:43:
9f:c5:e3:e7:fc:00:3c:04:8c:0c:cf:c0:77:d4:43:
d7:f2:63:16:ee:90:89:36:2c:52:1a:7a:0d:36:9d:
bd:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:A4:0E:CA:6B:A7:C7:99:6D:A5:F0:AF:ED:11:AA:BA:45:62:15:32
X509v3 Authority Key Identifier:
keyid:AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/36QOymunx5ltpfCv7RGqukViFTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.2.0/23
31.128.65.0/24
88.81.244.0/23
88.81.250.0/24
188.0.68.0-188.0.72.255
188.0.74.0-188.0.76.255
194.110.79.0/24
194.146.199.0/24
IPv6:
2a01:758::/48
2a01:758:8300::-2a01:758:8309:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
54:14:c7:5a:03:9c:29:1c:2d:bd:80:24:79:4a:d1:05:1b:1c:
e6:20:98:95:df:fc:7c:76:74:aa:2a:b8:43:47:72:ae:eb:42:
f6:2e:c0:94:7f:b5:fc:6b:60:3f:f6:cc:49:f1:c8:fe:01:db:
ad:be:e3:25:78:c9:9d:10:54:8c:cd:af:5a:af:04:4c:3e:1f:
57:d3:74:61:78:a1:1c:73:5b:f0:d7:46:f9:21:ab:ca:07:19:
d5:8f:a7:fd:ef:ff:63:88:c2:17:c3:d1:54:b8:0c:c6:78:80:
3d:64:f3:31:79:56:a4:a4:89:91:c1:5e:da:4c:08:77:cd:b0:
87:75:7f:94:20:a1:69:c8:40:c0:d7:2a:0d:d9:fc:a3:16:01:
40:39:08:5f:a2:bf:e3:90:ea:7f:16:d7:aa:ab:af:69:45:13:
1b:3b:49:7b:54:e8:47:07:97:71:3b:aa:78:58:b2:62:e1:8a:
03:1d:3b:d9:60:d1:e4:c3:78:96:77:6a:5c:3f:cc:73:cb:36:
c4:0a:9e:ee:e8:31:f2:04:70:36:30:b6:dd:6e:87:f4:d6:f8:
4c:1c:bc:9c:77:7a:f9:33:af:37:2a:3f:dd:fc:d1:ca:96:25:
e5:0d:aa:43:5a:e3:7e:33:3e:2c:ab:11:0f:c7:d1:04:7c:0b:
ae:9f:a0:68
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZQijTfNNgYOI0CPzoQFVmBIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYzhkYmU1MjA4M2FkMzM1YzlmMWZkZTYwMTZlYzhiNDky
OTMxNDAwHhcNMjUwMTAxMTU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmE0MGVjYTZiYTdjNzk5NmRhNWYwYWZlZDExYWFiYTQ1NjIxNTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpzqP6ZsrsdJnMUanyUHJMeyprYR
jUT8QVE/tf84eR5WEduUxBFyf4KO77Wa5+6SAEgDxC1uA59K5vBCf0rvFwFjKNWF
z24W1rUuxsQol++ndITgvaNUBpUDzSs3vHKVxiKDdCtJnkdmEtN2YpFCKJrQ4VEt
9L6XKQNLWNOclea5FgS3Cn+3VCCL6VZ1VJ42D1+QPJ0sczOl+6JAx8ab5z8IXQBL
vmUqHw3RSan/Xods4GE5ZT+E4sCd7oPQ7Ae7LOxf7eLJ1teuMcaeCmGmXnA5uJaJ
wUTQXXs4fSkEqEOfxePn/AA8BIwMz8B31EPX8mMW7pCJNixSGnoNNp29ZQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFN+kDsprp8eZbaXwr+0RqrpFYhUyMB8GA1UdIwQY
MBaAFKvI2+Ugg60zXJ8f3mAW7ItJKTFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcThqYjVTQ0RyVE5jbnhfZVlCYnNpMGtwTVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jZTZjY2ItMjVjZi00OTE3LWIzY2Qt
MzA1NmFmOWEzMzVlLzEvMzZRT3ltdW54NWx0cGZDdjdSR3F1a1ZpRlRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jZTZjY2ItMjVjZi00OTE3LWIzY2QtMzA1NmFmOWEzMzVl
LzEvcThqYjVTQ0RyVE5jbnhfZVlCYnNpMGtwTVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBGBAIAATBAAwQBBQECAwQA
H4BBAwQBWFH0AwQAWFH6MAwDBAK8AEQDBAC8AEgwDAMEAbwASgMEALwATAMEAMJu
TwMEAMKSxzAiBAIAAjAcAwcAKgEHWAAAMBEDBgAqAQdYgwMHASoBB1iDCDANBgkq
hkiG9w0BAQsFAAOCAQEAVBTHWgOcKRwtvYAkeUrRBRsc5iCYld/8fHZ0qiq4Q0dy
rutC9i7AlH+1/GtgP/bMSfHI/gHbrb7jJXjJnRBUjM2vWq8ETD4fV9N0YXihHHNb
8NdG+SGrygcZ1Y+n/e//Y4jCF8PRVLgMxniAPWTzMXlWpKSJkcFe2kwId82wh3V/
lCChachAwNcqDdn8oxYBQDkIX6K/45DqfxbXqquvaUUTGztJe1ToRweXcTuqeFiy
YuGKAx072WDR5MN4lndqXD/Mc8s2xAqe7ugx8gRwNjC23W6H9Nb4TBy8nHd6+TOv
Nyo/3fzRypYl5Q2qQ1rjfjM+LKsRD8fRBHwLrp+gaA==
-----END CERTIFICATE-----
Generated at Thu Apr 10 02:15:07 2025 by rpki-client