Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/787386-b33f-46db-9c3e-90eb2b8867b8/1/3DrlLWhGcsMv-s4viwJB1FYsGOU.roa
File: 3DrlLWhGcsMv-s4viwJB1FYsGOU.roa (raw, json)
Hash identifier: s3b1rQsesdFt4DpbajXuJViVF04qZ0u1qGw5GYZzzXk=
Subject key identifier: DC:3A:E5:2D:68:46:72:C3:2F:FA:CE:2F:8B:02:41:D4:56:2C:18:E5
Certificate issuer: /CN=7d014c9a158218eed684ae2fc06d58e5cf671478
Certificate serial: 0194236A228F3C95A8372D49CD74E1BDA566
Authority key identifier: 7D:01:4C:9A:15:82:18:EE:D6:84:AE:2F:C0:6D:58:E5:CF:67:14:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQFMmhWCGO7WhK4vwG1Y5c9nFHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/787386-b33f-46db-9c3e-90eb2b8867b8/1/3DrlLWhGcsMv-s4viwJB1FYsGOU.roa
Signing time: Wed 01 Jan 2025 19:49:05 +0000
ROA not before: Wed 01 Jan 2025 19:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205424
IP address blocks: 185.51.36.0/24 maxlen: 24
185.51.37.0/24 maxlen: 24
185.51.38.0/24 maxlen: 24
185.51.39.0/24 maxlen: 24
185.80.20.0/24 maxlen: 24
185.80.21.0/24 maxlen: 24
185.80.22.0/24 maxlen: 24
185.80.23.0/24 maxlen: 24
185.82.252.0/24 maxlen: 24
185.82.253.0/24 maxlen: 24
185.82.254.0/24 maxlen: 24
185.82.255.0/24 maxlen: 24
185.218.244.0/24 maxlen: 24
185.218.245.0/24 maxlen: 24
185.218.246.0/24 maxlen: 24
185.218.247.0/24 maxlen: 24
2a0b:dac0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/787386-b33f-46db-9c3e-90eb2b8867b8/1/fQFMmhWCGO7WhK4vwG1Y5c9nFHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/787386-b33f-46db-9c3e-90eb2b8867b8/1/fQFMmhWCGO7WhK4vwG1Y5c9nFHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/fQFMmhWCGO7WhK4vwG1Y5c9nFHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:22:8f:3c:95:a8:37:2d:49:cd:74:e1:bd:a5:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d014c9a158218eed684ae2fc06d58e5cf671478
Validity
Not Before: Jan 1 19:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc3ae52d684672c32fface2f8b0241d4562c18e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:6f:eb:c0:d7:e3:22:9a:8d:55:7c:46:03:bb:
1b:e5:16:00:e0:b8:31:91:c2:f5:1b:80:e8:fd:a1:
12:86:90:60:87:11:ac:54:9d:7b:69:99:cb:56:1e:
b6:f9:84:05:7f:59:98:4d:47:e9:88:71:4c:9d:be:
99:f2:03:45:c0:31:e3:a1:7f:fe:89:cc:99:73:df:
ad:9f:a6:bc:40:5e:5a:0f:01:b8:9b:8e:0e:da:05:
16:2b:ff:69:4c:d0:f4:a9:73:09:e6:50:b3:55:85:
aa:2b:d4:2f:2b:05:65:84:7d:84:07:b8:5d:06:21:
a9:21:28:02:2c:50:50:ac:38:18:67:30:ee:5b:92:
37:fe:b6:2d:4e:ec:b5:95:a0:dc:32:e3:28:09:bb:
29:a1:cf:b2:9c:bf:67:78:82:ac:d1:68:38:49:0b:
4b:87:fc:bd:b1:de:75:6c:54:11:c9:37:2e:d3:b8:
d9:2e:80:26:40:20:e3:9b:6d:73:90:21:c7:04:dd:
3f:dc:b1:7f:f3:52:81:12:aa:c2:2d:30:e4:51:c5:
a3:07:51:46:4d:be:5f:83:b4:3c:1b:26:63:78:a2:
cc:0d:33:2d:5e:38:5c:55:94:d4:8a:85:f1:ab:53:
5d:62:86:00:3c:46:74:d4:04:26:88:ea:80:84:74:
e1:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:3A:E5:2D:68:46:72:C3:2F:FA:CE:2F:8B:02:41:D4:56:2C:18:E5
X509v3 Authority Key Identifier:
keyid:7D:01:4C:9A:15:82:18:EE:D6:84:AE:2F:C0:6D:58:E5:CF:67:14:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQFMmhWCGO7WhK4vwG1Y5c9nFHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/787386-b33f-46db-9c3e-90eb2b8867b8/1/3DrlLWhGcsMv-s4viwJB1FYsGOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/787386-b33f-46db-9c3e-90eb2b8867b8/1/fQFMmhWCGO7WhK4vwG1Y5c9nFHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.36.0/22
185.80.20.0/22
185.82.252.0/22
185.218.244.0/22
IPv6:
2a0b:dac0::/29
Signature Algorithm: sha256WithRSAEncryption
c5:b9:b4:6f:1b:5c:66:ce:ab:92:fa:0f:03:c5:a6:10:6c:b6:
b7:4f:f8:3e:03:cd:7e:19:c4:ed:8e:99:3d:44:43:28:18:5f:
07:92:ea:fd:33:3f:61:a3:af:6e:00:6a:c4:03:a4:9a:e5:c6:
a6:cf:24:30:50:25:87:61:d8:ae:ee:f6:da:33:1a:95:59:f5:
39:ea:09:83:b1:6a:37:6d:85:63:5b:c0:e1:ae:98:ba:dc:44:
be:d2:fd:05:01:b6:be:36:f5:6d:fd:8e:f7:d0:7b:84:47:6b:
ef:7c:77:d2:19:a4:e7:20:3e:92:bf:f6:ee:be:8d:5e:f9:a6:
a9:aa:ce:b2:fd:18:fe:fe:89:2b:b4:49:2c:c8:cc:08:36:a6:
83:b4:10:f5:b3:17:73:5b:70:9c:07:bd:94:a9:3c:a5:95:29:
07:f8:e5:0d:c7:98:ab:b4:bf:d7:5d:7a:4f:d8:53:52:64:29:
70:3f:3b:a3:54:9a:de:a1:20:fc:f9:d1:c2:80:5c:21:70:60:
7d:35:17:2e:c1:e7:cf:3b:af:03:cd:a0:5b:7f:45:71:e1:bd:
27:e2:b1:c1:4a:9b:27:91:00:55:a9:95:b4:91:dd:35:ab:07:
7d:6d:ae:7e:79:a8:41:b1:d4:ae:6b:27:ec:86:f5:b5:9f:a8:
4e:6c:12:bf
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQjaiKPPJWoNy1JzXThvaVmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDE0YzlhMTU4MjE4ZWVkNjg0YWUyZmMwNmQ1OGU1Y2Y2
NzE0NzgwHhcNMjUwMTAxMTk0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzNhZTUyZDY4NDY3MmMzMmZmYWNlMmY4YjAyNDFkNDU2MmMxOGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3W/rwNfjIpqNVXxGA7sb5RYA4Lgx
kcL1G4Do/aEShpBghxGsVJ17aZnLVh62+YQFf1mYTUfpiHFMnb6Z8gNFwDHjoX/+
icyZc9+tn6a8QF5aDwG4m44O2gUWK/9pTND0qXMJ5lCzVYWqK9QvKwVlhH2EB7hd
BiGpISgCLFBQrDgYZzDuW5I3/rYtTuy1laDcMuMoCbspoc+ynL9neIKs0Wg4SQtL
h/y9sd51bFQRyTcu07jZLoAmQCDjm21zkCHHBN0/3LF/81KBEqrCLTDkUcWjB1FG
Tb5fg7Q8GyZjeKLMDTMtXjhcVZTUioXxq1NdYoYAPEZ01AQmiOqAhHTh8QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNw65S1oRnLDL/rOL4sCQdRWLBjlMB8GA1UdIwQY
MBaAFH0BTJoVghju1oSuL8BtWOXPZxR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFGTW1oV0NHTzdXaEs0dndHMVk1YzluRkhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC83ODczODYtYjMzZi00NmRiLTljM2Ut
OTBlYjJiODg2N2I4LzEvM0RybExXaEdjc012LXM0dml3SkIxRllzR09VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC83ODczODYtYjMzZi00NmRiLTljM2UtOTBlYjJiODg2N2I4
LzEvZlFGTW1oV0NHTzdXaEs0dndHMVk1YzluRkhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuTMkAwQC
uVAUAwQCuVL8AwQCudr0MA0EAgACMAcDBQMqC9rAMA0GCSqGSIb3DQEBCwUAA4IB
AQDFubRvG1xmzquS+g8DxaYQbLa3T/g+A81+GcTtjpk9REMoGF8Hkur9Mz9ho69u
AGrEA6Sa5camzyQwUCWHYdiu7vbaMxqVWfU56gmDsWo3bYVjW8Dhrpi63ES+0v0F
Aba+NvVt/Y730HuER2vvfHfSGaTnID6Sv/buvo1e+aapqs6y/Rj+/okrtEksyMwI
NqaDtBD1sxdzW3CcB72UqTyllSkH+OUNx5irtL/XXXpP2FNSZClwPzujVJreoSD8
+dHCgFwhcGB9NRcuwefPO68DzaBbf0Vx4b0n4rHBSpsnkQBVqZW0kd01qwd9ba5+
eahBsdSuayfshvW1n6hObBK/
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:50 2025 by rpki-client