Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/Rzcqv3xRVA9-aH1zwnBZyOoYf_Q.roa
File: Rzcqv3xRVA9-aH1zwnBZyOoYf_Q.roa (raw, json)
Hash identifier: t72fBqaq4f2yTVDlVEtEdGwLwQR8XcXVLoCv44pVZGg=
Subject key identifier: 47:37:2A:BF:7C:51:54:0F:7E:68:7D:73:C2:70:59:C8:EA:18:7F:F4
Certificate issuer: /CN=ec9b0931118f08bf4a34b3e052fd8f8a5c1ecab0
Certificate serial: 0195378ADE18E4EC1112AC7C5430946EE76A
Authority key identifier: EC:9B:09:31:11:8F:08:BF:4A:34:B3:E0:52:FD:8F:8A:5C:1E:CA:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7JsJMRGPCL9KNLPgUv2PilweyrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/Rzcqv3xRVA9-aH1zwnBZyOoYf_Q.roa
Signing time: Mon 24 Feb 2025 10:40:02 +0000
ROA not before: Mon 24 Feb 2025 10:40:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31621
IP address blocks: 91.194.188.0/23 maxlen: 24
91.194.188.0/24 maxlen: 24
178.21.152.0/21 maxlen: 24
178.21.153.0/24 maxlen: 24
185.31.24.0/22 maxlen: 24
193.23.48.0/24 maxlen: 24
194.0.251.0/24 maxlen: 24
2a02:dcc::/32 maxlen: 48
2a02:dcc:22::/48 maxlen: 48
2a02:dcd::/32 maxlen: 48
2a02:dce::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/7JsJMRGPCL9KNLPgUv2PilweyrA.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/7JsJMRGPCL9KNLPgUv2PilweyrA.mft
rsync://rpki.ripe.net/repository/DEFAULT/7JsJMRGPCL9KNLPgUv2PilweyrA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 22:02:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:8a:de:18:e4:ec:11:12:ac:7c:54:30:94:6e:e7:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec9b0931118f08bf4a34b3e052fd8f8a5c1ecab0
Validity
Not Before: Feb 24 10:40:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47372abf7c51540f7e687d73c27059c8ea187ff4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c4:21:07:6d:65:a5:45:00:11:06:40:2f:c7:
b9:8e:84:5b:e3:70:aa:f3:67:41:99:9d:e2:b3:6c:
ed:1a:4f:bc:53:72:e1:ee:58:fc:38:6f:7d:4a:6e:
39:bd:47:32:7e:94:6c:85:36:0c:fd:40:da:8e:67:
00:f6:4d:0f:bf:31:76:f2:a3:8b:7b:bf:92:52:e7:
66:8b:53:18:43:31:c7:b7:72:60:d0:ad:f5:3d:e4:
f8:aa:4e:a0:9e:3c:63:68:cf:22:d4:5d:f4:b6:cd:
01:ac:f7:39:56:92:29:1d:47:d7:fd:ad:e3:db:22:
8a:a9:79:15:b0:5a:17:6c:20:1d:ab:60:c0:65:54:
4b:55:8f:48:aa:60:33:50:0d:76:96:62:27:dd:6e:
f2:fc:8f:18:47:8a:f1:89:ba:f5:e7:d5:df:5b:4d:
7e:fb:33:ea:ce:34:58:75:5e:71:f2:fa:3c:53:e9:
83:a4:70:71:f6:0d:73:aa:da:46:82:21:5b:57:db:
7b:3c:29:00:61:3d:96:2c:95:5c:8c:2f:07:2a:42:
8e:79:50:c6:b7:ce:a4:b2:76:51:c5:7f:a4:e3:52:
eb:3b:e9:a5:ea:b4:ff:78:73:e9:6d:78:20:dc:d1:
9d:c5:2a:d3:ae:56:40:37:33:6e:83:56:95:67:48:
27:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:37:2A:BF:7C:51:54:0F:7E:68:7D:73:C2:70:59:C8:EA:18:7F:F4
X509v3 Authority Key Identifier:
keyid:EC:9B:09:31:11:8F:08:BF:4A:34:B3:E0:52:FD:8F:8A:5C:1E:CA:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7JsJMRGPCL9KNLPgUv2PilweyrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/Rzcqv3xRVA9-aH1zwnBZyOoYf_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/7JsJMRGPCL9KNLPgUv2PilweyrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.188.0/23
178.21.152.0/21
185.31.24.0/22
193.23.48.0/24
194.0.251.0/24
IPv6:
2a02:dcc::-2a02:dce:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a7:4c:38:6a:09:ee:11:5e:73:88:f4:60:7b:d5:46:6c:02:e9:
84:f0:61:ec:e1:69:07:e0:11:58:26:32:d0:4f:80:81:43:8a:
12:e8:2d:63:44:cb:85:93:a4:b2:40:f3:84:6e:9b:86:62:d7:
62:3c:d3:f1:a4:75:23:1f:7f:d7:98:86:16:42:59:cc:dd:47:
85:fb:00:4c:a6:c9:a4:cf:19:4f:f0:fa:1c:88:2c:e3:9c:37:
d9:81:0e:f0:f3:04:df:c9:13:b6:e7:2b:5b:ed:3c:5c:8d:46:
32:53:2e:7d:67:cb:ce:93:49:0b:97:74:01:10:e6:54:23:ed:
60:f3:8a:8f:0c:3b:a4:28:da:ac:ca:b1:10:ac:c0:17:7d:ac:
3f:14:61:c6:85:2a:4d:d1:40:84:68:15:34:7f:56:06:ce:08:
d1:05:9f:0d:5c:10:64:4d:15:d9:ab:37:a3:a8:df:2a:d3:1e:
38:2a:4a:77:0a:53:e1:81:25:d5:85:e4:75:00:f4:83:53:5f:
fd:94:bb:da:68:f3:cc:b8:77:74:45:8a:56:29:13:ef:9b:31:
61:bd:db:26:45:e0:7a:2c:c3:9a:3e:15:15:7b:18:e4:ee:fe:
17:d5:8a:1d:cd:5a:8a:81:dc:3f:0e:7e:a8:c9:29:95:6b:5e:
0d:05:ac:51
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZU3it4Y5OwREqx8VDCUbudqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjOWIwOTMxMTE4ZjA4YmY0YTM0YjNlMDUyZmQ4ZjhhNWMx
ZWNhYjAwHhcNMjUwMjI0MTA0MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzM3MmFiZjdjNTE1NDBmN2U2ODdkNzNjMjcwNTljOGVhMTg3ZmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisQhB21lpUUAEQZAL8e5joRb43Cq
82dBmZ3is2ztGk+8U3Lh7lj8OG99Sm45vUcyfpRshTYM/UDajmcA9k0PvzF28qOL
e7+SUudmi1MYQzHHt3Jg0K31PeT4qk6gnjxjaM8i1F30ts0BrPc5VpIpHUfX/a3j
2yKKqXkVsFoXbCAdq2DAZVRLVY9IqmAzUA12lmIn3W7y/I8YR4rxibr159XfW01+
+zPqzjRYdV5x8vo8U+mDpHBx9g1zqtpGgiFbV9t7PCkAYT2WLJVcjC8HKkKOeVDG
t86ksnZRxX+k41LrO+ml6rT/eHPpbXgg3NGdxSrTrlZANzNug1aVZ0gn8QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEc3Kr98UVQPfmh9c8JwWcjqGH/0MB8GA1UdIwQY
MBaAFOybCTERjwi/SjSz4FL9j4pcHsqwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0pzSk1SR1BDTDlLTkxQZ1V2MlBpbHdleXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8wNzc2YTItNWU4OS00ZTJjLTkzNzAt
NWIzMDRlZWMwMDI1LzEvUnpjcXYzeFJWQTktYUgxenduQlp5T29ZZl9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8wNzc2YTItNWU4OS00ZTJjLTkzNzAtNWIzMDRlZWMwMDI1
LzEvN0pzSk1SR1BDTDlLTkxQZ1V2MlBpbHdleXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQBW8K8AwQD
shWYAwQCuR8YAwQAwRcwAwQAwgD7MBYEAgACMBAwDgMFAioCDcwDBQAqAg3OMA0G
CSqGSIb3DQEBCwUAA4IBAQCnTDhqCe4RXnOI9GB71UZsAumE8GHs4WkH4BFYJjLQ
T4CBQ4oS6C1jRMuFk6SyQPOEbpuGYtdiPNPxpHUjH3/XmIYWQlnM3UeF+wBMpsmk
zxlP8PociCzjnDfZgQ7w8wTfyRO25ytb7TxcjUYyUy59Z8vOk0kLl3QBEOZUI+1g
84qPDDukKNqsyrEQrMAXfaw/FGHGhSpN0UCEaBU0f1YGzgjRBZ8NXBBkTRXZqzej
qN8q0x44Kkp3ClPhgSXVheR1APSDU1/9lLvaaPPMuHd0RYpWKRPvmzFhvdsmReB6
LMOaPhUVexjk7v4X1YodzVqKgdw/Dn6oySmVa14NBaxR
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:22:57 2025 by rpki-client