Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/T23Nk-nWZ13uL-vUgHBSmBD0a5Y.roa
File: T23Nk-nWZ13uL-vUgHBSmBD0a5Y.roa (raw, json)
Hash identifier: /bhq2aMKeWlXXVjqRKG1maK35mjghRj8veSjPURu6WI=
Subject key identifier: 4F:6D:CD:93:E9:D6:67:5D:EE:2F:EB:D4:80:70:52:98:10:F4:6B:96
Certificate issuer: /CN=75ea894ee05775e0ef061d086ca252147f5c91de
Certificate serial: 0194641036DE18B4A1A68626DEDBD852AA16
Authority key identifier: 75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/T23Nk-nWZ13uL-vUgHBSmBD0a5Y.roa
Signing time: Tue 14 Jan 2025 09:06:11 +0000
ROA not before: Tue 14 Jan 2025 09:06:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58075
IP address blocks: 37.235.80.0/21 maxlen: 24
45.95.68.0/22 maxlen: 24
45.154.44.0/22 maxlen: 24
185.21.52.0/22 maxlen: 24
185.43.20.0/22 maxlen: 24
185.74.184.0/22 maxlen: 24
185.96.148.0/22 maxlen: 24
185.186.172.0/22 maxlen: 24
194.110.22.0/24 maxlen: 24
194.110.27.0/24 maxlen: 24
194.110.30.0/24 maxlen: 24
194.110.72.0/24 maxlen: 24
2a04:9380::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/deqJTuBXdeDvBh0IbKJSFH9ckd4.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/deqJTuBXdeDvBh0IbKJSFH9ckd4.mft
rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:64:10:36:de:18:b4:a1:a6:86:26:de:db:d8:52:aa:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75ea894ee05775e0ef061d086ca252147f5c91de
Validity
Not Before: Jan 14 09:06:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f6dcd93e9d6675dee2febd48070529810f46b96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:eb:a5:b4:97:98:71:ba:a6:04:92:47:7b:de:
5b:25:5d:c3:16:62:5c:fd:e3:ac:53:ce:33:ea:28:
da:db:b9:b9:09:de:65:24:e7:15:0a:4c:a1:e8:cc:
a2:a5:b4:7d:76:fd:36:d0:76:a3:93:23:9e:60:3a:
00:16:4c:ad:6f:19:28:89:e5:7b:c0:ca:75:83:a9:
8e:7e:46:c7:bf:08:51:6b:c0:29:62:a4:f4:fd:17:
5f:4f:31:b0:77:4c:58:04:30:f9:40:9a:79:06:4a:
fb:7c:bc:3d:bc:43:67:3f:f6:45:f0:fa:91:dc:35:
4c:73:83:cd:f9:0d:28:92:bd:b2:e2:1a:3e:6d:4c:
39:3f:bf:10:03:03:7d:5b:89:ba:f4:c4:22:c6:ab:
e5:8a:95:14:ef:8b:25:c8:9a:60:fd:c4:67:b6:3e:
fc:d5:90:d5:1e:3e:aa:ef:99:b2:52:e6:5d:4e:0a:
ba:c8:ef:a2:c2:5f:41:e4:11:51:45:0c:5c:dc:da:
25:85:94:51:68:c3:9c:53:4f:77:f6:7e:fa:ed:4d:
2a:f4:97:6f:2c:e9:99:d9:61:18:bb:5f:9f:8f:7c:
35:95:92:95:07:f0:31:a7:31:4e:64:5f:d3:51:e4:
dc:e1:54:b7:80:36:a3:ba:7f:24:dc:18:45:c6:3a:
0c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:6D:CD:93:E9:D6:67:5D:EE:2F:EB:D4:80:70:52:98:10:F4:6B:96
X509v3 Authority Key Identifier:
keyid:75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/T23Nk-nWZ13uL-vUgHBSmBD0a5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/deqJTuBXdeDvBh0IbKJSFH9ckd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.80.0/21
45.95.68.0/22
45.154.44.0/22
185.21.52.0/22
185.43.20.0/22
185.74.184.0/22
185.96.148.0/22
185.186.172.0/22
194.110.22.0/24
194.110.27.0/24
194.110.30.0/24
194.110.72.0/24
IPv6:
2a04:9380::/29
Signature Algorithm: sha256WithRSAEncryption
a3:bf:f9:b0:2f:ff:a2:6f:ad:0f:5f:2c:79:74:a5:0a:ec:81:
c5:13:66:04:ab:ec:52:1f:c9:36:ce:b4:62:44:38:8c:0b:c2:
1c:af:29:27:7a:2f:18:5d:98:fc:f1:84:1a:24:fb:95:3f:c2:
3b:3c:04:f0:89:c7:25:77:67:03:45:72:43:30:df:b5:2e:9a:
82:9c:06:09:ae:34:b7:1f:20:90:d7:b3:4b:ca:20:3c:97:5c:
6e:c9:ce:7c:f8:0b:10:b5:07:42:f4:f9:24:cb:12:2b:cb:a6:
b8:1e:d1:1f:a4:ba:de:a4:d6:c8:e3:44:cc:58:9e:66:59:ce:
b8:f9:4a:aa:80:67:7f:1f:78:48:7a:59:0f:e6:f7:2c:f8:7b:
6e:e0:e0:16:24:30:2c:0a:6d:8e:49:00:10:8c:0f:08:cd:c2:
b9:1b:d4:a5:1b:b6:3e:f5:1a:6d:f0:29:f0:a2:30:b0:f1:5f:
59:1c:75:75:32:69:36:62:39:6f:a5:9d:5e:88:21:0b:34:ce:
1a:14:eb:b6:d9:1c:c7:17:20:3e:1f:dc:7d:db:3a:dd:11:6b:
93:af:7d:9b:fd:e0:c3:73:e3:39:73:3e:62:df:90:32:e3:c2:
72:2b:e2:03:90:83:01:5d:64:ac:c7:0d:13:65:54:01:4d:08:
28:ec:17:5b
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZRkEDbeGLShpoYm3tvYUqoWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZWE4OTRlZTA1Nzc1ZTBlZjA2MWQwODZjYTI1MjE0N2Y1
YzkxZGUwHhcNMjUwMTE0MDkwNjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjZkY2Q5M2U5ZDY2NzVkZWUyZmViZDQ4MDcwNTI5ODEwZjQ2Yjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9eultJeYcbqmBJJHe95bJV3DFmJc
/eOsU84z6ija27m5Cd5lJOcVCkyh6MyipbR9dv020HajkyOeYDoAFkytbxkoieV7
wMp1g6mOfkbHvwhRa8ApYqT0/RdfTzGwd0xYBDD5QJp5Bkr7fLw9vENnP/ZF8PqR
3DVMc4PN+Q0okr2y4ho+bUw5P78QAwN9W4m69MQixqvlipUU74slyJpg/cRntj78
1ZDVHj6q75myUuZdTgq6yO+iwl9B5BFRRQxc3NolhZRRaMOcU0939n767U0q9Jdv
LOmZ2WEYu1+fj3w1lZKVB/AxpzFOZF/TUeTc4VS3gDajun8k3BhFxjoMGwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFE9tzZPp1mdd7i/r1IBwUpgQ9GuWMB8GA1UdIwQY
MBaAFHXqiU7gV3Xg7wYdCGyiUhR/XJHeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEt
YjdmMjk4NGViNjUzLzEvVDIzTmstbldaMTN1TC12VWdIQlNtQkQwYTVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEtYjdmMjk4NGViNjUz
LzEvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDJetQAwQC
LV9EAwQCLZosAwQCuRU0AwQCuSsUAwQCuUq4AwQCuWCUAwQCubqsAwQAwm4WAwQA
wm4bAwQAwm4eAwQAwm5IMA0EAgACMAcDBQMqBJOAMA0GCSqGSIb3DQEBCwUAA4IB
AQCjv/mwL/+ib60PXyx5dKUK7IHFE2YEq+xSH8k2zrRiRDiMC8Icryknei8YXZj8
8YQaJPuVP8I7PATwiccld2cDRXJDMN+1LpqCnAYJrjS3HyCQ17NLyiA8l1xuyc58
+AsQtQdC9PkkyxIry6a4HtEfpLrepNbI40TMWJ5mWc64+UqqgGd/H3hIelkP5vcs
+Htu4OAWJDAsCm2OSQAQjA8IzcK5G9SlG7Y+9Rpt8CnwojCw8V9ZHHV1Mmk2Yjlv
pZ1eiCELNM4aFOu22RzHFyA+H9x92zrdEWuTr32b/eDDc+M5cz5i35Ay48JyK+ID
kIMBXWSsxw0TZVQBTQgo7Bdb
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:00:10 2025 by rpki-client