Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/v7cahpSyhHNf-9u3vX0WVgp6xg4.roa
File: v7cahpSyhHNf-9u3vX0WVgp6xg4.roa (raw, json)
Hash identifier: An2ilVmevKfJ9Krr3t4y0gOa1n+BDhvcN3VZHuTlMls=
Subject key identifier: BF:B7:1A:86:94:B2:84:73:5F:FB:DB:B7:BD:7D:16:56:0A:7A:C6:0E
Certificate issuer: /CN=2875f185823dbc6a82d105b3ca16077db5729377
Certificate serial: 01942823E5D1C2AC530BBA937C2473230A8A
Authority key identifier: 28:75:F1:85:82:3D:BC:6A:82:D1:05:B3:CA:16:07:7D:B5:72:93:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHXxhYI9vGqC0QWzyhYHfbVyk3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/v7cahpSyhHNf-9u3vX0WVgp6xg4.roa
Signing time: Thu 02 Jan 2025 17:50:28 +0000
ROA not before: Thu 02 Jan 2025 17:50:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31472
IP address blocks: 37.157.48.0/21 maxlen: 21
84.247.32.0/22 maxlen: 22
89.35.164.0/22 maxlen: 22
149.19.176.0/22 maxlen: 22
185.2.76.0/22 maxlen: 22
185.2.76.0/23 maxlen: 23
185.34.80.0/22 maxlen: 22
185.60.4.0/22 maxlen: 22
185.61.88.0/22 maxlen: 22
185.86.20.0/22 maxlen: 22
185.91.40.0/22 maxlen: 22
185.91.41.0/24 maxlen: 24
195.206.184.0/21 maxlen: 21
2a00:b840::/29 maxlen: 29
2a00:b840:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/KHXxhYI9vGqC0QWzyhYHfbVyk3c.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/KHXxhYI9vGqC0QWzyhYHfbVyk3c.mft
rsync://rpki.ripe.net/repository/DEFAULT/KHXxhYI9vGqC0QWzyhYHfbVyk3c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 05:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:e5:d1:c2:ac:53:0b:ba:93:7c:24:73:23:0a:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2875f185823dbc6a82d105b3ca16077db5729377
Validity
Not Before: Jan 2 17:50:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bfb71a8694b284735ffbdbb7bd7d16560a7ac60e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:30:37:3f:00:06:3f:00:9f:dd:0d:05:da:c7:
33:bc:5e:13:db:c0:8e:5c:f4:c4:24:27:b0:e6:9b:
89:84:15:a2:44:4b:d4:5b:fb:88:ee:ab:ca:3b:c4:
52:69:ad:68:93:ef:ac:78:c1:b8:3f:8e:5a:e2:f7:
9e:0c:d1:1d:c1:f4:28:73:c7:24:62:91:0a:9e:61:
6e:7c:aa:73:70:2b:95:fa:47:bd:39:10:12:a6:6f:
cb:12:26:9f:0c:c6:8e:2a:61:58:3a:b1:c2:28:10:
78:a3:07:49:30:5b:30:8d:7e:b3:57:69:ce:ea:f3:
f7:28:d8:eb:a0:54:f3:a0:b8:31:e0:30:22:6c:96:
28:b5:ec:ba:ad:a4:3d:47:b2:1f:86:91:94:f3:c3:
13:b6:44:cf:43:3c:25:1b:0a:0f:2f:a2:fb:32:c2:
1b:6b:fc:c4:58:f3:c7:44:e0:18:78:8d:c7:55:b9:
30:6b:8d:4b:cc:f1:5f:2f:d1:6a:ce:ad:2a:42:d8:
58:fc:07:91:ad:1f:21:1e:6d:32:ca:d1:80:05:4d:
5f:7b:42:c6:d8:79:12:c1:7a:3f:43:6d:51:3f:62:
cc:77:9c:da:b0:d3:e7:90:76:60:d9:2a:11:94:37:
6a:22:73:13:33:70:c2:2a:c5:8e:cc:9d:7a:17:26:
f1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:B7:1A:86:94:B2:84:73:5F:FB:DB:B7:BD:7D:16:56:0A:7A:C6:0E
X509v3 Authority Key Identifier:
keyid:28:75:F1:85:82:3D:BC:6A:82:D1:05:B3:CA:16:07:7D:B5:72:93:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHXxhYI9vGqC0QWzyhYHfbVyk3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/v7cahpSyhHNf-9u3vX0WVgp6xg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/KHXxhYI9vGqC0QWzyhYHfbVyk3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.48.0/21
84.247.32.0/22
89.35.164.0/22
149.19.176.0/22
185.2.76.0/22
185.34.80.0/22
185.60.4.0/22
185.61.88.0/22
185.86.20.0/22
185.91.40.0/22
195.206.184.0/21
IPv6:
2a00:b840::/29
Signature Algorithm: sha256WithRSAEncryption
45:1f:8c:62:82:a9:54:62:40:9a:14:c6:ae:dc:ce:48:01:6f:
31:13:8f:17:f9:a9:9a:0b:39:ad:11:a0:05:87:dc:f3:fa:a7:
bc:d5:e6:e5:f0:24:94:30:9d:32:75:02:18:fa:3a:fc:a3:d2:
aa:17:ca:e7:7d:46:dc:c4:e5:7d:d8:bc:3b:68:64:4a:e6:9a:
95:47:ae:0f:16:e6:56:fa:9a:7c:0c:83:53:73:7f:77:ae:51:
63:09:28:a7:03:9d:2e:10:33:ea:13:97:f0:91:4e:8d:9d:d9:
e3:76:17:d1:95:8b:0d:e6:bf:a3:13:9a:99:b7:8d:6b:22:45:
c7:09:a8:08:0c:1d:35:35:3f:bd:15:e2:ca:33:d4:2c:a2:ed:
e2:c9:65:f1:3d:f4:29:fd:47:27:0b:fa:30:a7:78:bd:16:6d:
12:ab:00:94:b6:da:13:20:a5:d7:75:1d:53:07:27:c5:89:ae:
a7:cc:ed:92:3e:a1:2f:b4:99:56:13:8a:1e:62:3e:4f:4f:9a:
6f:8a:4c:3f:b8:67:51:b9:b9:bc:a0:e9:21:a0:ab:23:ca:3d:
71:02:f7:f3:ac:1d:f7:1a:06:e2:b8:2f:a2:90:8c:16:5e:74:
4b:d8:3e:6f:6c:1d:c7:88:52:5a:e6:63:3c:01:35:3e:60:2d:
a5:11:78:12
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZQoI+XRwqxTC7qTfCRzIwqKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NzVmMTg1ODIzZGJjNmE4MmQxMDViM2NhMTYwNzdkYjU3
MjkzNzcwHhcNMjUwMTAyMTc1MDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmI3MWE4Njk0YjI4NDczNWZmYmRiYjdiZDdkMTY1NjBhN2FjNjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjA3PwAGPwCf3Q0F2sczvF4T28CO
XPTEJCew5puJhBWiREvUW/uI7qvKO8RSaa1ok++seMG4P45a4veeDNEdwfQoc8ck
YpEKnmFufKpzcCuV+ke9ORASpm/LEiafDMaOKmFYOrHCKBB4owdJMFswjX6zV2nO
6vP3KNjroFTzoLgx4DAibJYotey6raQ9R7IfhpGU88MTtkTPQzwlGwoPL6L7MsIb
a/zEWPPHROAYeI3HVbkwa41LzPFfL9Fqzq0qQthY/AeRrR8hHm0yytGABU1fe0LG
2HkSwXo/Q21RP2LMd5zasNPnkHZg2SoRlDdqInMTM3DCKsWOzJ16Fybx2QIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFL+3GoaUsoRzX/vbt719FlYKesYOMB8GA1UdIwQY
MBaAFCh18YWCPbxqgtEFs8oWB321cpN3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0hYeGhZSTl2R3FDMFFXenloWUhmYlZ5azNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9hMDRkYTYtOTg4Ny00MmE1LThlZDct
OTRlNWQ0OWNjNjI4LzEvdjdjYWhwU3loSE5mLTl1M3ZYMFdWZ3A2eGc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9hMDRkYTYtOTg4Ny00MmE1LThlZDctOTRlNWQ0OWNjNjI4
LzEvS0hYeGhZSTl2R3FDMFFXenloWUhmYlZ5azNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQDJZ0wAwQC
VPcgAwQCWSOkAwQClROwAwQCuQJMAwQCuSJQAwQCuTwEAwQCuT1YAwQCuVYUAwQC
uVsoAwQDw864MA0EAgACMAcDBQMqALhAMA0GCSqGSIb3DQEBCwUAA4IBAQBFH4xi
gqlUYkCaFMau3M5IAW8xE48X+amaCzmtEaAFh9zz+qe81ebl8CSUMJ0ydQIY+jr8
o9KqF8rnfUbcxOV92Lw7aGRK5pqVR64PFuZW+pp8DINTc393rlFjCSinA50uEDPq
E5fwkU6NndnjdhfRlYsN5r+jE5qZt41rIkXHCagIDB01NT+9FeLKM9Qsou3iyWXx
PfQp/UcnC/owp3i9Fm0SqwCUttoTIKXXdR1TByfFia6nzO2SPqEvtJlWE4oeYj5P
T5pvikw/uGdRubm8oOkhoKsjyj1xAvfzrB33GgbiuC+ikIwWXnRL2D5vbB3HiFJa
5mM8ATU+YC2lEXgS
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:24:00 2025 by rpki-client