Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/Pl7-hE7wkLNvDQabKfSwU8DkQ6w.roa
File: Pl7-hE7wkLNvDQabKfSwU8DkQ6w.roa (raw, json)
Hash identifier: 27nFWy7GlxT7WEaqE4vpzeeamTgM2rIB5rRF1VNL9hc=
Subject key identifier: 3E:5E:FE:84:4E:F0:90:B3:6F:0D:06:9B:29:F4:B0:53:C0:E4:43:AC
Certificate issuer: /CN=adac830ccaa74783dd961fab241a228d7cc6f808
Certificate serial: 0194282317BC7E5419D58130004E302E4CE5
Authority key identifier: AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/Pl7-hE7wkLNvDQabKfSwU8DkQ6w.roa
Signing time: Thu 02 Jan 2025 17:49:35 +0000
ROA not before: Thu 02 Jan 2025 17:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20485
IP address blocks: 62.33.0.0/16 maxlen: 16
62.33.111.0/24 maxlen: 24
80.76.240.0/20 maxlen: 24
80.82.160.0/19 maxlen: 19
80.237.0.0/17 maxlen: 17
83.234.0.0/16 maxlen: 16
89.237.32.0/22 maxlen: 24
89.237.37.0/24 maxlen: 24
89.237.41.0/24 maxlen: 24
89.237.43.0/24 maxlen: 24
89.237.44.0/24 maxlen: 24
89.237.45.0/24 maxlen: 24
89.237.46.0/24 maxlen: 24
89.237.55.0/24 maxlen: 24
145.255.136.0/21 maxlen: 21
151.237.240.0/21 maxlen: 24
185.13.160.0/22 maxlen: 22
185.50.216.0/22 maxlen: 24
188.43.0.0/16 maxlen: 16
195.246.122.0/23 maxlen: 24
213.137.230.0/23 maxlen: 23
213.137.232.0/23 maxlen: 24
213.137.236.0/22 maxlen: 24
213.137.240.0/21 maxlen: 24
213.137.248.0/21 maxlen: 24
213.141.240.0/22 maxlen: 22
213.141.247.0/24 maxlen: 24
217.148.208.0/20 maxlen: 24
217.150.32.0/19 maxlen: 19
2a00:1e48::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.mft
rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:17:bc:7e:54:19:d5:81:30:00:4e:30:2e:4c:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adac830ccaa74783dd961fab241a228d7cc6f808
Validity
Not Before: Jan 2 17:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e5efe844ef090b36f0d069b29f4b053c0e443ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:aa:6f:54:dd:2d:c0:ee:ef:71:ac:8b:a0:9e:
76:bc:05:6f:ce:f7:95:fd:d2:2e:b3:e1:1c:bf:69:
60:9f:77:0b:99:13:70:24:aa:51:d9:f2:7b:da:c2:
b6:de:5e:fd:2d:80:9b:da:c4:ba:94:0c:17:a2:49:
27:2b:04:fa:6d:0a:07:7e:1b:e8:a4:ab:53:2d:e0:
f9:5d:f8:18:83:06:25:5c:9d:cb:af:6c:c7:9f:1f:
1c:56:a5:33:92:93:a9:90:9e:7b:d4:ea:c3:04:70:
38:4c:c3:80:7f:65:43:77:d5:81:02:e1:ff:1c:00:
f3:f9:55:a8:a0:6f:ef:82:0f:03:e3:c2:65:1d:ae:
e8:ff:dc:08:90:e1:2e:37:6c:18:9a:2e:29:67:46:
47:f3:0c:30:4e:b3:a4:2b:7e:d0:a8:98:f8:d7:63:
72:6f:16:ce:6f:55:93:55:bf:74:15:9e:9d:9d:4f:
cb:54:bf:03:73:b2:f6:fd:e2:93:60:7d:cb:a7:00:
fb:40:0d:fe:2d:1c:49:9e:42:43:da:22:cf:43:37:
bd:43:c7:ec:fc:bc:0b:34:5c:a8:8e:fc:84:51:04:
80:03:0b:6f:cd:5d:04:e9:d4:e8:6c:6e:c8:50:16:
2e:a8:91:e7:12:90:19:27:44:7d:23:af:07:6d:ca:
40:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:5E:FE:84:4E:F0:90:B3:6F:0D:06:9B:29:F4:B0:53:C0:E4:43:AC
X509v3 Authority Key Identifier:
keyid:AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/Pl7-hE7wkLNvDQabKfSwU8DkQ6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.33.0.0/16
80.76.240.0/20
80.82.160.0/19
80.237.0.0/17
83.234.0.0/16
89.237.32.0/22
89.237.37.0/24
89.237.41.0/24
89.237.43.0-89.237.46.255
89.237.55.0/24
145.255.136.0/21
151.237.240.0/21
185.13.160.0/22
185.50.216.0/22
188.43.0.0/16
195.246.122.0/23
213.137.230.0-213.137.233.255
213.137.236.0-213.137.255.255
213.141.240.0/22
213.141.247.0/24
217.148.208.0/20
217.150.32.0/19
IPv6:
2a00:1e48::/32
Signature Algorithm: sha256WithRSAEncryption
14:6b:e8:84:42:5e:e9:4b:64:0e:68:be:72:17:ec:44:a2:49:
ba:c7:85:99:e1:c3:e4:8e:b2:78:a1:22:17:85:87:ae:cb:29:
d0:6b:b3:1a:70:6d:a4:c2:97:3f:19:99:ef:25:c1:d9:69:cf:
55:61:e8:23:15:5c:51:ac:2e:bf:bc:e7:02:27:1e:01:8f:fc:
de:f3:6c:5c:db:6f:3b:6a:44:4d:86:fa:a7:0f:5a:14:b8:75:
b6:2f:3f:81:0f:68:11:d9:5c:ab:5a:0d:30:01:7e:b7:c7:ce:
7f:6c:0d:6a:40:ea:3f:e2:d4:1f:3d:64:d0:f1:c4:27:be:dd:
0e:95:af:48:11:47:35:e4:87:5c:29:e0:96:e2:82:5f:b6:29:
a9:3c:96:5a:57:aa:03:ef:54:d8:c6:45:f1:2a:b3:7d:56:c3:
5d:93:f0:56:e8:40:cd:f4:b0:fe:62:71:85:4f:2d:cc:74:c7:
e7:84:94:99:c6:8e:ae:d9:62:6f:af:44:0a:f4:f9:80:c4:0e:
49:e4:85:78:20:b4:7e:1a:fa:68:bb:8b:80:44:cd:8b:5c:f4:
a0:71:5d:46:dd:d5:da:91:4c:6c:a9:13:13:84:14:70:dd:fc:
5b:85:f4:ab:f4:ce:46:9d:d0:6f:c4:90:74:6f:a5:1a:0d:c6:
7d:45:40:ba
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQoIxe8flQZ1YEwAE4wLkzlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYWM4MzBjY2FhNzQ3ODNkZDk2MWZhYjI0MWEyMjhkN2Nj
NmY4MDgwHhcNMjUwMTAyMTc0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTVlZmU4NDRlZjA5MGIzNmYwZDA2OWIyOWY0YjA1M2MwZTQ0M2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16pvVN0twO7vcayLoJ52vAVvzveV
/dIus+Ecv2lgn3cLmRNwJKpR2fJ72sK23l79LYCb2sS6lAwXokknKwT6bQoHfhvo
pKtTLeD5XfgYgwYlXJ3Lr2zHnx8cVqUzkpOpkJ571OrDBHA4TMOAf2VDd9WBAuH/
HADz+VWooG/vgg8D48JlHa7o/9wIkOEuN2wYmi4pZ0ZH8wwwTrOkK37QqJj412Ny
bxbOb1WTVb90FZ6dnU/LVL8Dc7L2/eKTYH3LpwD7QA3+LRxJnkJD2iLPQze9Q8fs
/LwLNFyojvyEUQSAAwtvzV0E6dTobG7IUBYuqJHnEpAZJ0R9I68HbcpA2QIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFD5e/oRO8JCzbw0Gmyn0sFPA5EOsMB8GA1UdIwQY
MBaAFK2sgwzKp0eD3ZYfqyQaIo18xvgIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgt
OTI5ZjdkNjM1ZjRiLzEvUGw3LWhFN3drTE52RFFhYktmU3dVOERrUTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgtOTI5ZjdkNjM1ZjRi
LzEvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBnwQCAAEwgZgDAwA+
IQMEBFBM8AMEBVBSoAMEB1DtAAMDAFPqAwQCWe0gAwQAWe0lAwQAWe0pMAwDBABZ
7SsDBABZ7S4DBABZ7TcDBAOR/4gDBAOX7fADBAK5DaADBAK5MtgDAwC8KwMEAcP2
ejAMAwQB1YnmAwQB1YnoMAsDBALViewDAwHViAMEAtWN8AMEANWN9wMEBNmU0AME
BdmWIDANBAIAAjAHAwUAKgAeSDANBgkqhkiG9w0BAQsFAAOCAQEAFGvohEJe6Utk
Dmi+chfsRKJJuseFmeHD5I6yeKEiF4WHrssp0GuzGnBtpMKXPxmZ7yXB2WnPVWHo
IxVcUawuv7znAiceAY/83vNsXNtvO2pETYb6pw9aFLh1ti8/gQ9oEdlcq1oNMAF+
t8fOf2wNakDqP+LUHz1k0PHEJ77dDpWvSBFHNeSHXCngluKCX7YpqTyWWleqA+9U
2MZF8SqzfVbDXZPwVuhAzfSw/mJxhU8tzHTH54SUmcaOrtlib69ECvT5gMQOSeSF
eCC0fhr6aLuLgETNi1z0oHFdRt3V2pFMbKkTE4QUcN38W4X0q/TORp3Qb8SQdG+l
Gg3GfUVAug==
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:54:16 2025 by rpki-client