Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/dUDoTikRrhGqdHuoRq6nJ22ijx4.roa
File: dUDoTikRrhGqdHuoRq6nJ22ijx4.roa (raw, json)
Hash identifier: CZEX4tVYDKiuZFQCXPesSFgD4Ewr620I1xlB1PmSx34=
Subject key identifier: 75:40:E8:4E:29:11:AE:11:AA:74:7B:A8:46:AE:A7:27:6D:A2:8F:1E
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 019424457370DFC454339A69CFC11F439EE0
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/dUDoTikRrhGqdHuoRq6nJ22ijx4.roa
Signing time: Wed 01 Jan 2025 23:48:38 +0000
ROA not before: Wed 01 Jan 2025 23:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396356
IP address blocks: 147.136.77.0/24 maxlen: 24
147.136.85.0/24 maxlen: 24
168.199.145.0/24 maxlen: 24
168.199.166.0/24 maxlen: 24
168.199.209.0/24 maxlen: 24
168.199.218.0/24 maxlen: 24
168.199.219.0/24 maxlen: 24
168.199.220.0/24 maxlen: 24
168.199.221.0/24 maxlen: 24
168.199.222.0/24 maxlen: 24
168.199.223.0/24 maxlen: 24
168.199.224.0/24 maxlen: 24
168.199.225.0/24 maxlen: 24
168.199.226.0/24 maxlen: 24
168.199.228.0/24 maxlen: 24
168.199.229.0/24 maxlen: 24
168.199.230.0/24 maxlen: 24
168.199.232.0/24 maxlen: 24
168.199.234.0/24 maxlen: 24
168.199.235.0/24 maxlen: 24
168.199.236.0/24 maxlen: 24
168.199.237.0/24 maxlen: 24
168.199.238.0/24 maxlen: 24
168.199.239.0/24 maxlen: 24
192.95.86.0/24 maxlen: 24
192.95.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 11:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:73:70:df:c4:54:33:9a:69:cf:c1:1f:43:9e:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 1 23:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7540e84e2911ae11aa747ba846aea7276da28f1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:64:42:51:d0:b4:79:45:a1:97:66:52:6f:db:
70:74:f3:42:d7:22:f4:a1:86:81:91:a8:93:ea:44:
69:28:71:01:e6:97:0b:18:a6:5d:28:8f:18:7a:c0:
d8:a3:35:77:bc:92:a2:00:8f:a3:e1:dd:a7:8b:9a:
53:86:07:55:f2:db:51:c8:d8:ca:ce:98:d2:1a:24:
19:0f:47:11:16:a9:05:b5:8b:96:11:61:3f:44:e2:
c2:d6:68:d9:a5:e7:15:27:80:ad:ea:91:62:d8:db:
45:90:22:46:d8:42:ee:2d:b5:7e:c2:93:00:15:56:
e7:25:91:60:b4:e0:fd:03:8b:6e:ef:fa:e1:5d:5f:
71:ff:55:a8:3e:c6:d5:75:d3:8c:5a:81:58:25:b6:
f7:ee:ac:0f:96:b9:f2:5b:5a:c4:8d:f3:48:ef:d7:
79:45:3a:5a:8d:3e:41:4e:72:64:10:2d:33:74:8f:
1d:30:b1:79:ee:b5:ae:4a:93:f0:68:95:a7:e9:b9:
db:c4:33:8e:fe:24:a7:be:71:bc:47:8f:4a:65:00:
9a:cd:7f:c3:bd:16:d7:9e:38:40:e4:2b:4a:3e:74:
f3:a1:8b:ee:18:cd:b1:e9:47:6b:ff:3b:bf:4d:d5:
25:62:45:c0:20:d6:29:33:66:f1:0a:3a:4f:93:d2:
b4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:40:E8:4E:29:11:AE:11:AA:74:7B:A8:46:AE:A7:27:6D:A2:8F:1E
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/dUDoTikRrhGqdHuoRq6nJ22ijx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.136.77.0/24
147.136.85.0/24
168.199.145.0/24
168.199.166.0/24
168.199.209.0/24
168.199.218.0-168.199.226.255
168.199.228.0-168.199.230.255
168.199.232.0/24
168.199.234.0-168.199.239.255
192.95.86.0/24
192.95.91.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:1d:15:87:c0:72:13:7a:d2:73:91:73:30:b2:e4:82:4c:df:
67:56:b8:c7:71:25:3a:e5:92:98:c7:20:c9:54:7a:f3:f9:1e:
bc:3c:d1:30:66:a3:e8:b4:22:23:b2:3f:37:95:fd:ac:b8:57:
d0:63:f0:53:35:42:93:7f:bc:fe:22:c0:aa:0e:d8:46:99:28:
3b:02:75:9a:c2:34:3e:69:33:73:4a:49:70:ae:d3:94:de:47:
3a:6b:bf:05:4f:bc:6b:a4:60:3d:8c:5f:04:fe:01:dd:6c:a6:
00:bb:1a:4b:0e:45:cf:72:6d:ba:ce:e1:f7:53:2e:98:72:e0:
64:08:8a:9e:a3:42:44:cc:c5:f0:1e:e9:11:a8:7e:9c:a2:e5:
5a:1c:7f:2f:93:80:f6:25:99:d1:0b:ba:d4:28:f5:cc:97:b5:
24:d2:b3:fa:c7:3f:6b:f6:89:d6:65:6c:72:96:d9:ac:84:b4:
3a:10:4e:88:5e:74:10:00:94:da:31:9f:d0:e2:d0:64:ef:63:
e0:6a:94:04:95:dc:38:f8:aa:78:67:f6:ab:cd:63:59:8e:08:
d8:78:d4:f8:21:df:72:dd:ba:a1:e2:4e:7d:67:59:3d:f6:8c:
90:e5:b6:d3:58:e2:bd:e1:2e:f3:4b:0a:33:a7:0a:1a:20:d3:
03:4e:25:18
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZQkRXNw38RUM5ppz8EfQ57gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjUwMTAxMjM0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTQwZTg0ZTI5MTFhZTExYWE3NDdiYTg0NmFlYTcyNzZkYTI4ZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2RCUdC0eUWhl2ZSb9twdPNC1yL0
oYaBkaiT6kRpKHEB5pcLGKZdKI8YesDYozV3vJKiAI+j4d2ni5pThgdV8ttRyNjK
zpjSGiQZD0cRFqkFtYuWEWE/ROLC1mjZpecVJ4Ct6pFi2NtFkCJG2ELuLbV+wpMA
FVbnJZFgtOD9A4tu7/rhXV9x/1WoPsbVddOMWoFYJbb37qwPlrnyW1rEjfNI79d5
RTpajT5BTnJkEC0zdI8dMLF57rWuSpPwaJWn6bnbxDOO/iSnvnG8R49KZQCazX/D
vRbXnjhA5CtKPnTzoYvuGM2x6Udr/zu/TdUlYkXAINYpM2bxCjpPk9K0qwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFHVA6E4pEa4RqnR7qEaupydtoo8eMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvZFVEb1Rpa1JyaEdxZEh1b1JxNm5KMjJpang0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAk4hNAwQA
k4hVAwQAqMeRAwQAqMemAwQAqMfRMAwDBAGox9oDBACox+IwDAMEAqjH5AMEAKjH
5gMEAKjH6DAMAwQBqMfqAwQEqMfgAwQAwF9WAwQAwF9bMA0GCSqGSIb3DQEBCwUA
A4IBAQCxHRWHwHITetJzkXMwsuSCTN9nVrjHcSU65ZKYxyDJVHrz+R68PNEwZqPo
tCIjsj83lf2suFfQY/BTNUKTf7z+IsCqDthGmSg7AnWawjQ+aTNzSklwrtOU3kc6
a78FT7xrpGA9jF8E/gHdbKYAuxpLDkXPcm26zuH3Uy6YcuBkCIqeo0JEzMXwHukR
qH6couVaHH8vk4D2JZnRC7rUKPXMl7Uk0rP6xz9r9onWZWxyltmshLQ6EE6IXnQQ
AJTaMZ/Q4tBk72PgapQEldw4+Kp4Z/arzWNZjgjYeNT4Id9y3bqh4k59Z1k99oyQ
5bbTWOK94S7zSwozpwoaINMDTiUY
-----END CERTIFICATE-----
Generated at Wed Feb 5 18:56:16 2025 by rpki-client