Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/7NihOyZF_R7D0oRjDBqP7p54r3Q.roa
File: 7NihOyZF_R7D0oRjDBqP7p54r3Q.roa (raw, json)
Hash identifier: 6eIPUNekSQv4qd1xq6GQRdkIc7iV8YKmzBGFftuZKtY=
Subject key identifier: EC:D8:A1:3B:26:45:FD:1E:C3:D2:84:63:0C:1A:8F:EE:9E:78:AF:74
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 0195281E33E91AB9939272CCB57956B37EB3
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/7NihOyZF_R7D0oRjDBqP7p54r3Q.roa
Signing time: Fri 21 Feb 2025 10:47:02 +0000
ROA not before: Fri 21 Feb 2025 10:47:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52041
IP address blocks: 82.215.64.0/24 maxlen: 24
86.54.213.0/24 maxlen: 24
185.248.134.0/24 maxlen: 24
194.46.57.0/24 maxlen: 24
2a12:bec0:d0::/44 maxlen: 48
2a12:bec0:e40::/44 maxlen: 44
2a12:bec0:7000::/48 maxlen: 48
2a12:bec0:7001::/48 maxlen: 48
2a12:bec0:7002::/48 maxlen: 48
2a12:bec0:7003::/48 maxlen: 48
2a12:bec0:7004::/48 maxlen: 48
2a12:bec0:7006::/48 maxlen: 48
2a12:bec0:7007::/48 maxlen: 48
2a12:bec0:7008::/48 maxlen: 48
2a12:bec0:b00b::/48 maxlen: 48
2a12:bec1::/32 maxlen: 48
2a12:bec1:2::/48 maxlen: 48
2a12:bec1:b00b::/48 maxlen: 48
2a12:bec2::/32 maxlen: 32
2a12:bec2:b00b::/48 maxlen: 48
2a12:bec3:b00b::/48 maxlen: 48
2a12:bec4:100::/44 maxlen: 44
2a12:bec4:1120::/44 maxlen: 44
2a12:bec4:1430::/44 maxlen: 44
2a12:bec4:1490::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:28:1e:33:e9:1a:b9:93:92:72:cc:b5:79:56:b3:7e:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Feb 21 10:47:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ecd8a13b2645fd1ec3d284630c1a8fee9e78af74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:40:2f:24:00:35:c7:3a:70:3c:bd:6f:31:90:
10:78:ea:88:75:1b:99:b4:67:02:c2:a3:2c:8c:46:
c2:67:88:be:d7:e6:80:23:e0:b7:6f:5f:33:33:e6:
02:2d:b8:80:c8:47:36:36:6a:19:0e:14:4e:f9:81:
f4:ca:88:39:e7:e4:ca:51:99:e3:77:1c:3c:1a:02:
e5:98:d8:8e:67:b9:26:9c:7f:65:7f:9e:94:ce:8d:
0d:f6:f6:c6:43:0b:8a:e9:c2:73:40:a3:dc:f1:18:
01:07:5d:ff:15:51:93:96:b7:80:a0:88:b8:1f:2b:
ab:26:c0:d9:80:45:79:1e:f5:3f:96:18:d4:84:e5:
1a:1c:73:a7:ea:e9:5d:6f:3b:ba:c0:4f:14:92:fb:
74:e1:1a:b1:eb:e3:1b:14:54:4a:8f:66:97:dd:97:
c6:d6:63:28:41:21:bc:a6:98:75:e0:e8:0a:53:74:
25:4a:71:e9:bc:0e:3a:7a:a4:32:21:de:e5:ae:3d:
dd:97:f9:b9:33:b8:47:66:4c:92:26:a8:1f:bc:7f:
97:d4:e4:d9:9c:55:53:f7:b1:d8:0f:7e:98:0d:9c:
ec:f4:5e:b3:a9:16:70:e3:01:75:9a:a5:16:7e:08:
b0:cf:4f:91:c4:a7:74:1c:b9:64:7d:c8:d9:a8:28:
75:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:D8:A1:3B:26:45:FD:1E:C3:D2:84:63:0C:1A:8F:EE:9E:78:AF:74
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/7NihOyZF_R7D0oRjDBqP7p54r3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.215.64.0/24
86.54.213.0/24
185.248.134.0/24
194.46.57.0/24
IPv6:
2a12:bec0:d0::/44
2a12:bec0:e40::/44
2a12:bec0:7000::-2a12:bec0:7004:ffff:ffff:ffff:ffff:ffff
2a12:bec0:7006::-2a12:bec0:7008:ffff:ffff:ffff:ffff:ffff
2a12:bec0:b00b::/48
2a12:bec1::-2a12:bec2:ffff:ffff:ffff:ffff:ffff:ffff
2a12:bec3:b00b::/48
2a12:bec4:100::/44
2a12:bec4:1120::/44
2a12:bec4:1430::/44
2a12:bec4:1490::/44
Signature Algorithm: sha256WithRSAEncryption
4c:f1:d5:fc:2a:24:05:39:b4:56:44:30:93:bd:30:06:9d:dd:
7f:58:61:4a:13:51:49:1e:27:9f:ae:ef:77:9c:53:79:64:df:
93:2a:44:11:0a:ae:f6:e1:0c:4f:8d:a8:73:bb:dd:4a:10:40:
16:a8:92:fa:a0:cb:d2:1b:59:ce:64:9e:c5:84:1a:94:25:76:
27:99:bf:76:ed:65:15:47:89:f7:a5:15:e5:f5:02:f2:6d:e2:
1f:4d:9f:5b:04:1b:97:2c:ad:5c:5c:bb:9c:18:e1:52:58:78:
cf:2d:cd:77:9d:91:7e:56:d2:f9:40:f3:b5:52:47:28:74:86:
e1:7f:2c:f3:c4:be:3a:9c:a3:f8:e7:b4:3a:95:73:2d:1a:25:
58:8c:3f:5f:b1:1d:e2:df:85:4b:7b:4e:2c:59:4e:4f:01:f9:
ac:ec:5d:1b:ba:2a:a0:7a:94:b2:da:e2:95:36:64:f0:66:59:
a1:f1:00:1e:f5:76:44:99:34:e8:fc:4e:79:2d:b3:65:85:f0:
d2:a6:32:99:ca:37:db:9a:5c:76:36:11:31:00:87:a0:26:d6:
0b:f1:11:a3:3f:d0:73:e9:58:14:55:73:2a:99:44:e3:15:aa:
27:ae:39:9a:89:34:d8:03:9b:32:56:0a:e5:52:29:cd:4a:f1:
38:f7:e6:c1
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZUoHjPpGrmTknLMtXlWs36zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMjIxMTA0NzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2Q4YTEzYjI2NDVmZDFlYzNkMjg0NjMwYzFhOGZlZTllNzhhZjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUAvJAA1xzpwPL1vMZAQeOqIdRuZ
tGcCwqMsjEbCZ4i+1+aAI+C3b18zM+YCLbiAyEc2NmoZDhRO+YH0yog55+TKUZnj
dxw8GgLlmNiOZ7kmnH9lf56Uzo0N9vbGQwuK6cJzQKPc8RgBB13/FVGTlreAoIi4
HyurJsDZgEV5HvU/lhjUhOUaHHOn6uldbzu6wE8Ukvt04Rqx6+MbFFRKj2aX3ZfG
1mMoQSG8pph14OgKU3QlSnHpvA46eqQyId7lrj3dl/m5M7hHZkySJqgfvH+X1OTZ
nFVT97HYD36YDZzs9F6zqRZw4wF1mqUWfgiwz0+RxKd0HLlkfcjZqCh1KwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFOzYoTsmRf0ew9KEYwwaj+6eeK90MB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvN05paE95WkZfUjdEMG9SakRCcVA3cDU0cjNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDAeBAIAATAYAwQAUtdA
AwQAVjbVAwQAufiGAwQAwi45MIGFBAIAAjB/AwcEKhK+wADQAwcEKhK+wA5AMBED
BgQqEr7AcAMHACoSvsBwBDASAwcBKhK+wHAGAwcAKhK+wHAIAwcAKhK+wLALMA4D
BQAqEr7BAwUAKhK+wgMHACoSvsOwCwMHBCoSvsQBAAMHBCoSvsQRIAMHBCoSvsQU
MAMHBCoSvsQUkDANBgkqhkiG9w0BAQsFAAOCAQEATPHV/CokBTm0VkQwk70wBp3d
f1hhShNRSR4nn67vd5xTeWTfkypEEQqu9uEMT42oc7vdShBAFqiS+qDL0htZzmSe
xYQalCV2J5m/du1lFUeJ96UV5fUC8m3iH02fWwQblyytXFy7nBjhUlh4zy3Nd52R
flbS+UDztVJHKHSG4X8s88S+Opyj+Oe0OpVzLRolWIw/X7Ed4t+FS3tOLFlOTwH5
rOxdG7oqoHqUstrilTZk8GZZofEAHvV2RJk06PxOeS2zZYXw0qYymco325pcdjYR
MQCHoCbWC/ERoz/Qc+lYFFVzKplE4xWqJ645mok02AObMlYK5VIpzUrxOPfmwQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:07:59 2025 by rpki-client