Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/408667-0b39-4da0-9aa0-3cc11bc9d594/1/J8ZSaP5X7b8oUB1RfXySs77eTwE.roa
File: J8ZSaP5X7b8oUB1RfXySs77eTwE.roa (raw, json)
Hash identifier: O5hpA9e+z6B0C4p8y7a0RLXHzllt/qs6YXqVQLo/Jo0=
Subject key identifier: 27:C6:52:68:FE:57:ED:BF:28:50:1D:51:7D:7C:92:B3:BE:DE:4F:01
Certificate issuer: /CN=d00ba633f1e9824076d161a983d8b8e881263982
Certificate serial: 0194236A24160029317489AD88D47F3251B1
Authority key identifier: D0:0B:A6:33:F1:E9:82:40:76:D1:61:A9:83:D8:B8:E8:81:26:39:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0AumM_HpgkB20WGpg9i46IEmOYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/408667-0b39-4da0-9aa0-3cc11bc9d594/1/J8ZSaP5X7b8oUB1RfXySs77eTwE.roa
Signing time: Wed 01 Jan 2025 19:49:06 +0000
ROA not before: Wed 01 Jan 2025 19:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8818
IP address blocks: 37.18.44.0/22 maxlen: 22
37.230.164.0/22 maxlen: 22
37.230.214.0/23 maxlen: 23
37.230.216.0/22 maxlen: 22
37.230.220.0/23 maxlen: 23
46.243.151.0/24 maxlen: 24
88.83.0.0/19 maxlen: 19
88.83.24.0/21 maxlen: 21
128.0.70.0/24 maxlen: 24
178.170.132.0/22 maxlen: 22
178.170.147.0/24 maxlen: 24
178.170.160.0/22 maxlen: 22
178.170.199.0/24 maxlen: 24
178.170.200.0/22 maxlen: 22
178.170.202.0/24 maxlen: 24
178.170.203.0/24 maxlen: 24
178.170.204.0/23 maxlen: 23
178.170.210.0/23 maxlen: 23
178.170.212.0/22 maxlen: 22
178.170.216.0/24 maxlen: 24
185.57.160.0/22 maxlen: 22
188.72.71.0/24 maxlen: 24
194.177.224.0/19 maxlen: 19
2a00:1fa8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/408667-0b39-4da0-9aa0-3cc11bc9d594/1/0AumM_HpgkB20WGpg9i46IEmOYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/408667-0b39-4da0-9aa0-3cc11bc9d594/1/0AumM_HpgkB20WGpg9i46IEmOYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/0AumM_HpgkB20WGpg9i46IEmOYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:24:16:00:29:31:74:89:ad:88:d4:7f:32:51:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00ba633f1e9824076d161a983d8b8e881263982
Validity
Not Before: Jan 1 19:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=27c65268fe57edbf28501d517d7c92b3bede4f01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:52:c8:d3:70:31:1a:9f:3f:67:e7:d7:10:75:
f1:9b:dd:88:ac:fd:a3:37:4c:cb:b3:21:91:9d:7e:
61:e3:7c:9f:ec:a6:fb:5c:d7:bd:fa:ec:8c:48:d6:
f6:0d:31:f0:db:aa:2b:67:9d:cb:6e:3b:90:bf:d0:
03:a2:67:21:48:c9:a0:c9:2b:66:ab:e1:ec:ec:68:
b8:7d:9e:5d:df:ec:4f:1f:8a:2a:a9:24:25:67:78:
6a:15:2a:dd:0c:b4:d0:8d:ac:55:68:11:3c:f1:c4:
a2:ca:d6:fe:55:60:a9:67:01:d7:bf:91:59:6e:11:
e1:1e:fc:27:4c:bd:9e:0f:6b:90:11:b9:f6:e8:23:
3a:6f:4c:cf:34:2f:64:7a:e4:0e:ec:b5:a1:f4:44:
0c:e6:63:48:b6:18:0c:22:6e:92:4e:90:6d:a5:1e:
20:94:04:b3:4f:b8:cb:08:9a:1c:7a:9b:c6:7a:e5:
ef:b8:59:37:f7:31:a9:84:09:e5:88:f1:73:42:c9:
37:bc:fa:17:2d:13:73:08:74:65:05:5e:12:64:a0:
fb:1e:29:61:9b:30:4c:1f:4d:6e:cf:22:2b:26:5a:
42:50:fa:2c:51:21:9f:d0:9f:b3:71:eb:03:da:6b:
33:aa:43:a6:8e:ed:fc:d6:2d:98:dc:bd:78:27:d3:
d8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:C6:52:68:FE:57:ED:BF:28:50:1D:51:7D:7C:92:B3:BE:DE:4F:01
X509v3 Authority Key Identifier:
keyid:D0:0B:A6:33:F1:E9:82:40:76:D1:61:A9:83:D8:B8:E8:81:26:39:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AumM_HpgkB20WGpg9i46IEmOYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/408667-0b39-4da0-9aa0-3cc11bc9d594/1/J8ZSaP5X7b8oUB1RfXySs77eTwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/408667-0b39-4da0-9aa0-3cc11bc9d594/1/0AumM_HpgkB20WGpg9i46IEmOYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.44.0/22
37.230.164.0/22
37.230.214.0-37.230.221.255
46.243.151.0/24
88.83.0.0/19
128.0.70.0/24
178.170.132.0/22
178.170.147.0/24
178.170.160.0/22
178.170.199.0-178.170.205.255
178.170.210.0-178.170.216.255
185.57.160.0/22
188.72.71.0/24
194.177.224.0/19
IPv6:
2a00:1fa8::/32
Signature Algorithm: sha256WithRSAEncryption
67:c1:a0:89:db:0d:dc:da:23:7f:34:e0:bd:f9:87:98:9c:d6:
53:55:1a:a8:f5:5b:fc:ac:ca:bd:91:43:1d:b0:2b:07:62:52:
c6:69:56:fb:11:6d:08:92:9f:0c:24:6e:be:88:5b:54:f2:11:
ff:da:7c:f0:d7:d7:12:d8:df:e5:85:c9:51:68:c6:35:68:40:
76:24:f3:6e:e7:d5:a8:0a:5a:04:39:1b:78:fa:cc:4f:e4:e5:
2d:a2:d1:cb:64:b1:bb:8b:19:28:5e:49:72:20:90:5e:58:54:
35:5a:33:fc:45:d9:20:0f:ca:5c:a8:72:7d:06:c6:47:a6:fa:
03:46:6b:ea:81:1f:0b:49:e3:9f:87:e7:b6:14:32:71:e1:66:
3c:8a:63:79:10:6b:d1:85:53:72:7e:bc:42:68:5a:f3:b8:65:
6c:86:ae:e0:d0:07:06:71:d5:68:82:91:a0:74:b4:c7:e2:00:
13:82:6d:a2:bc:d8:a0:c3:a5:f4:e0:ce:0e:08:49:1b:29:85:
17:5b:36:1e:23:47:61:0a:4e:15:41:c8:d1:43:67:e1:c6:71:
9e:25:16:c8:db:85:36:07:f7:5a:78:bd:55:08:02:0c:5f:ad:
e9:ab:50:51:b9:9b:0d:4b:3c:cc:bd:d8:8d:82:a1:95:c1:76:
d2:3f:5c:c8
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZQjaiQWACkxdImtiNR/MlGxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGJhNjMzZjFlOTgyNDA3NmQxNjFhOTgzZDhiOGU4ODEy
NjM5ODIwHhcNMjUwMTAxMTk0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2M2NTI2OGZlNTdlZGJmMjg1MDFkNTE3ZDdjOTJiM2JlZGU0ZjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1LI03AxGp8/Z+fXEHXxm92IrP2j
N0zLsyGRnX5h43yf7Kb7XNe9+uyMSNb2DTHw26orZ53LbjuQv9ADomchSMmgyStm
q+Hs7Gi4fZ5d3+xPH4oqqSQlZ3hqFSrdDLTQjaxVaBE88cSiytb+VWCpZwHXv5FZ
bhHhHvwnTL2eD2uQEbn26CM6b0zPNC9keuQO7LWh9EQM5mNIthgMIm6STpBtpR4g
lASzT7jLCJocepvGeuXvuFk39zGphAnliPFzQsk3vPoXLRNzCHRlBV4SZKD7Hilh
mzBMH01uzyIrJlpCUPosUSGf0J+zcesD2mszqkOmju381i2Y3L14J9PYAQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFCfGUmj+V+2/KFAdUX18krO+3k8BMB8GA1UdIwQY
MBaAFNALpjPx6YJAdtFhqYPYuOiBJjmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEF1bU1fSHBna0IyMFdHcGc5aTQ2SUVtT1lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80MDg2NjctMGIzOS00ZGEwLTlhYTAt
M2NjMTFiYzlkNTk0LzEvSjhaU2FQNVg3YjhvVUIxUmZYeVNzNzdlVHdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80MDg2NjctMGIzOS00ZGEwLTlhYTAtM2NjMTFiYzlkNTk0
LzEvMEF1bU1fSHBna0IyMFdHcGc5aTQ2SUVtT1lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwQCJRIs
AwQCJeakMAwDBAEl5tYDBAEl5twDBAAu85cDBAVYUwADBACAAEYDBAKyqoQDBACy
qpMDBAKyqqAwDAMEALKqxwMEAbKqzDAMAwQBsqrSAwQAsqrYAwQCuTmgAwQAvEhH
AwQFwrHgMA0EAgACMAcDBQAqAB+oMA0GCSqGSIb3DQEBCwUAA4IBAQBnwaCJ2w3c
2iN/NOC9+YeYnNZTVRqo9Vv8rMq9kUMdsCsHYlLGaVb7EW0Ikp8MJG6+iFtU8hH/
2nzw19cS2N/lhclRaMY1aEB2JPNu59WoCloEORt4+sxP5OUtotHLZLG7ixkoXkly
IJBeWFQ1WjP8RdkgD8pcqHJ9BsZHpvoDRmvqgR8LSeOfh+e2FDJx4WY8imN5EGvR
hVNyfrxCaFrzuGVshq7g0AcGcdVogpGgdLTH4gATgm2ivNigw6X04M4OCEkbKYUX
WzYeI0dhCk4VQcjRQ2fhxnGeJRbI24U2B/daeL1VCAIMX63pq1BRuZsNSzzMvdiN
gqGVwXbSP1zI
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:03 2025 by rpki-client