Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/1dd1ac-4a87-4bf1-8d52-fd493c6a5c76/1/67OzM8ECZbyoq_BnZX1dgSdsSqE.roa
File: 67OzM8ECZbyoq_BnZX1dgSdsSqE.roa (raw, json)
Hash identifier: g9PYZvAqU4JsF+aihO2ckiHQRSBgUe4u8ImvTFXc4Uo=
Subject key identifier: EB:B3:B3:33:C1:02:65:BC:A8:AB:F0:67:65:7D:5D:81:27:6C:4A:A1
Certificate issuer: /CN=7b5754e4d208c6435f1abec937cde20009204dc0
Certificate serial: 019424B3727D10B303337C0614096CA0F630
Authority key identifier: 7B:57:54:E4:D2:08:C6:43:5F:1A:BE:C9:37:CD:E2:00:09:20:4D:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1dU5NIIxkNfGr7JN83iAAkgTcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/1dd1ac-4a87-4bf1-8d52-fd493c6a5c76/1/67OzM8ECZbyoq_BnZX1dgSdsSqE.roa
Signing time: Thu 02 Jan 2025 01:48:47 +0000
ROA not before: Thu 02 Jan 2025 01:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199486
IP address blocks: 31.47.64.0/21 maxlen: 21
31.47.69.0/24 maxlen: 24
185.123.132.0/22 maxlen: 22
185.214.156.0/24 maxlen: 24
185.214.157.0/24 maxlen: 24
185.214.158.0/24 maxlen: 24
2a09:2e80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/1dd1ac-4a87-4bf1-8d52-fd493c6a5c76/1/e1dU5NIIxkNfGr7JN83iAAkgTcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/1dd1ac-4a87-4bf1-8d52-fd493c6a5c76/1/e1dU5NIIxkNfGr7JN83iAAkgTcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1dU5NIIxkNfGr7JN83iAAkgTcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 10:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:72:7d:10:b3:03:33:7c:06:14:09:6c:a0:f6:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5754e4d208c6435f1abec937cde20009204dc0
Validity
Not Before: Jan 2 01:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ebb3b333c10265bca8abf067657d5d81276c4aa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:01:04:e1:16:de:f4:05:d9:6b:af:d6:2b:4a:
3d:0d:b5:21:1d:e1:fc:ad:8f:69:1e:dd:c4:ba:b8:
a4:1e:0b:39:45:f6:0e:c0:85:ad:1f:f8:44:b0:71:
8a:67:45:f7:9b:e5:ae:52:17:ff:51:28:34:a1:60:
e4:43:93:d8:e4:be:b9:ff:f0:e0:b2:53:af:b7:df:
9d:8d:bc:07:7a:98:c7:77:c7:f7:7e:48:d8:8e:e4:
80:4e:19:25:cf:eb:da:7d:d4:46:33:39:e1:00:ff:
c9:87:37:48:d9:9a:23:0e:27:f9:97:21:2e:48:ea:
65:f9:24:d0:c6:7e:2e:fe:87:2d:cf:76:0a:d9:4f:
4a:d1:8a:25:a9:12:3c:61:2a:ca:4c:e0:0b:5a:6d:
37:a5:65:d1:31:c1:d5:4e:b7:ff:f4:b7:a1:f0:e1:
ae:84:f7:d7:1b:36:07:ce:6d:9e:a9:22:9e:98:8d:
2a:37:ce:7c:f5:4d:18:6d:2a:00:86:5e:2a:92:8d:
bd:06:e8:b4:ca:d5:f9:14:c2:fe:46:13:bd:91:f6:
c3:12:4c:4f:e6:c9:09:cf:a1:d6:49:20:17:68:cb:
73:17:3a:7a:34:82:f5:6a:00:04:19:1f:8f:99:74:
84:91:b0:38:cf:92:f0:8c:ee:4f:3a:12:d5:75:f9:
40:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B3:B3:33:C1:02:65:BC:A8:AB:F0:67:65:7D:5D:81:27:6C:4A:A1
X509v3 Authority Key Identifier:
keyid:7B:57:54:E4:D2:08:C6:43:5F:1A:BE:C9:37:CD:E2:00:09:20:4D:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1dU5NIIxkNfGr7JN83iAAkgTcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/1dd1ac-4a87-4bf1-8d52-fd493c6a5c76/1/67OzM8ECZbyoq_BnZX1dgSdsSqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/1dd1ac-4a87-4bf1-8d52-fd493c6a5c76/1/e1dU5NIIxkNfGr7JN83iAAkgTcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.47.64.0/21
185.123.132.0/22
185.214.156.0-185.214.158.255
IPv6:
2a09:2e80::/29
Signature Algorithm: sha256WithRSAEncryption
6a:91:2c:02:6d:87:c7:53:66:f2:e2:a4:70:3c:8b:92:06:0c:
7b:37:c4:ca:51:39:0f:15:ec:f6:41:de:de:1f:59:6d:49:13:
ee:bb:8a:02:73:74:01:5d:35:fe:cc:3c:7a:b8:8e:6c:fd:9e:
57:5b:c1:0e:93:c4:79:4f:71:3c:30:48:e4:5d:75:8e:92:00:
19:82:4a:42:30:97:81:8b:83:22:54:29:7d:29:dc:e4:67:61:
78:fe:19:fe:55:0b:48:f0:22:ec:a2:8d:06:da:8b:5d:9a:46:
f6:8b:a5:6b:56:85:9e:10:5b:af:a9:62:fa:89:cd:21:b8:11:
9d:c3:1d:44:54:e5:6f:b5:8c:33:4f:b8:eb:a4:4e:50:d0:15:
4d:3f:79:ae:9d:78:79:4f:0f:45:f8:b0:4a:c7:70:72:bb:69:
9f:51:9a:cb:d1:11:66:40:76:f9:7e:30:9f:56:ac:02:cd:46:
f2:6d:46:ef:4f:4d:5f:87:26:f2:29:9e:32:e0:a9:2f:25:05:
fb:40:53:51:7e:ba:c6:e5:ae:ca:9a:15:ef:89:82:f2:1e:96:
5b:26:ab:c9:f4:c1:f3:f5:7e:df:34:58:09:7f:ab:1d:5b:c1:
54:81:e7:de:95:9c:f5:6f:c8:7c:9d:a0:06:7b:d9:c0:38:55:
c1:2d:17:fa
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQks3J9ELMDM3wGFAlsoPYwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNTc1NGU0ZDIwOGM2NDM1ZjFhYmVjOTM3Y2RlMjAwMDky
MDRkYzAwHhcNMjUwMTAyMDE0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmIzYjMzM2MxMDI2NWJjYThhYmYwNjc2NTdkNWQ4MTI3NmM0YWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AEE4Rbe9AXZa6/WK0o9DbUhHeH8
rY9pHt3EurikHgs5RfYOwIWtH/hEsHGKZ0X3m+WuUhf/USg0oWDkQ5PY5L65//Dg
slOvt9+djbwHepjHd8f3fkjYjuSAThklz+vafdRGMznhAP/JhzdI2ZojDif5lyEu
SOpl+STQxn4u/octz3YK2U9K0YolqRI8YSrKTOALWm03pWXRMcHVTrf/9Leh8OGu
hPfXGzYHzm2eqSKemI0qN8589U0YbSoAhl4qko29Bui0ytX5FML+RhO9kfbDEkxP
5skJz6HWSSAXaMtzFzp6NIL1agAEGR+PmXSEkbA4z5LwjO5POhLVdflAiQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFOuzszPBAmW8qKvwZ2V9XYEnbEqhMB8GA1UdIwQY
MBaAFHtXVOTSCMZDXxq+yTfN4gAJIE3AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTFkVTVOSUl4a05mR3I3Sk44M2lBQWtnVGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8xZGQxYWMtNGE4Ny00YmYxLThkNTIt
ZmQ0OTNjNmE1Yzc2LzEvNjdPek04RUNaYnlvcV9CblpYMWRnU2RzU3FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8xZGQxYWMtNGE4Ny00YmYxLThkNTItZmQ0OTNjNmE1Yzc2
LzEvZTFkVTVOSUl4a05mR3I3Sk44M2lBQWtnVGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQDHy9AAwQC
uXuEMAwDBAK51pwDBAC51p4wDQQCAAIwBwMFAyoJLoAwDQYJKoZIhvcNAQELBQAD
ggEBAGqRLAJth8dTZvLipHA8i5IGDHs3xMpROQ8V7PZB3t4fWW1JE+67igJzdAFd
Nf7MPHq4jmz9nldbwQ6TxHlPcTwwSORddY6SABmCSkIwl4GLgyJUKX0p3ORnYXj+
Gf5VC0jwIuyijQbai12aRvaLpWtWhZ4QW6+pYvqJzSG4EZ3DHURU5W+1jDNPuOuk
TlDQFU0/ea6deHlPD0X4sErHcHK7aZ9RmsvREWZAdvl+MJ9WrALNRvJtRu9PTV+H
JvIpnjLgqS8lBftAU1F+usblrsqaFe+JgvIellsmq8n0wfP1ft80WAl/qx1bwVSB
596VnPVvyHydoAZ72cA4VcEtF/o=
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:53:54 2025 by rpki-client