Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/9aUDpcgA6maCgt07Eahm-5WcaJs.roa
File: 9aUDpcgA6maCgt07Eahm-5WcaJs.roa (raw, json)
Hash identifier: X/S54nVM9EqnKhRT8BDrMFb0JIJWk3STHP7cN6TfAmc=
Subject key identifier: F5:A5:03:A5:C8:00:EA:66:82:82:DD:3B:11:A8:66:FB:95:9C:68:9B
Certificate issuer: /CN=ee370985f83f41330111c350cd6b1e1eead526aa
Certificate serial: 019420685B81F0AD20BBFC62A13AFFB8A3D0
Authority key identifier: EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/9aUDpcgA6maCgt07Eahm-5WcaJs.roa
Signing time: Wed 01 Jan 2025 05:48:17 +0000
ROA not before: Wed 01 Jan 2025 05:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57152
IP address blocks: 31.7.32.0/24 maxlen: 24
31.7.33.0/24 maxlen: 24
31.7.34.0/24 maxlen: 24
31.7.35.0/24 maxlen: 24
31.7.36.0/24 maxlen: 24
31.7.37.0/24 maxlen: 24
31.7.38.0/24 maxlen: 24
31.7.39.0/24 maxlen: 24
185.140.124.0/24 maxlen: 24
185.140.125.0/24 maxlen: 24
185.140.126.0/24 maxlen: 24
185.140.127.0/24 maxlen: 24
2a0a:9f40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:5b:81:f0:ad:20:bb:fc:62:a1:3a:ff:b8:a3:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee370985f83f41330111c350cd6b1e1eead526aa
Validity
Not Before: Jan 1 05:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5a503a5c800ea668282dd3b11a866fb959c689b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:eb:1e:4e:65:65:b2:40:b1:34:da:77:1d:5f:
7b:83:81:77:80:e1:e5:fa:04:0e:4d:ec:69:78:0b:
f2:ca:d9:c4:84:ad:d1:a6:77:b7:34:4e:9d:07:31:
ff:fe:54:ef:64:a8:13:68:64:fd:8e:df:0f:30:5d:
5e:2a:f8:9e:18:72:32:37:73:2a:1f:1a:95:2d:d8:
4a:ca:96:29:83:f7:f1:8f:0a:61:b3:a5:d6:aa:1d:
c2:cd:2d:aa:af:67:a4:0f:bb:6a:c0:0f:59:73:89:
8b:18:71:58:4f:3e:3c:98:30:17:66:9c:f7:50:ad:
93:29:f7:95:3e:37:64:1d:d5:97:14:0e:41:ae:51:
a8:6f:5f:e3:92:b8:bf:e8:28:c1:5f:cd:1f:80:ec:
6c:58:98:83:f3:75:a8:16:a1:00:15:32:3e:20:50:
2e:72:29:43:47:ba:47:ad:28:95:f5:47:dc:2d:60:
31:48:69:09:26:74:61:00:75:4f:c2:e5:de:61:73:
3e:96:d0:f8:1e:8c:e6:f6:94:8b:19:42:20:d6:ff:
91:18:a3:5e:60:2d:56:46:ff:dd:5e:96:5d:78:ac:
ba:d7:0c:d5:fd:24:26:ee:d2:69:b5:23:2a:30:6f:
45:01:80:c3:53:94:5f:75:8b:e8:87:a7:b4:a0:1e:
26:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A5:03:A5:C8:00:EA:66:82:82:DD:3B:11:A8:66:FB:95:9C:68:9B
X509v3 Authority Key Identifier:
keyid:EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/9aUDpcgA6maCgt07Eahm-5WcaJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.32.0/21
185.140.124.0/22
IPv6:
2a0a:9f40::/29
Signature Algorithm: sha256WithRSAEncryption
83:6a:2f:2a:a8:81:29:dd:d2:83:3c:dc:09:af:1b:eb:7d:b1:
88:7b:7a:ee:56:bd:24:4d:66:61:fd:35:3c:34:8e:cb:43:3c:
fb:e6:c6:c4:3a:43:4e:41:e0:4f:bf:29:cc:a6:6e:7f:0d:2b:
14:e5:f7:3a:a4:6a:7d:dc:3a:c1:ca:4c:e7:22:c6:a5:b1:15:
8d:2e:b4:3e:50:03:4c:1d:73:3a:5e:ef:bb:96:96:6a:b5:ec:
81:81:61:30:d1:2e:3a:f4:22:01:3e:da:ea:69:da:c1:3d:52:
17:d1:77:49:09:dc:2d:33:cf:a2:2d:01:b0:07:8d:14:35:c3:
48:85:87:62:81:f7:d8:ab:0f:81:56:04:9f:8b:e6:66:b9:ed:
59:0e:00:e6:14:af:bc:ba:dd:45:d5:c0:f1:11:44:82:b1:b3:
77:a3:ed:29:18:03:1c:14:79:7c:7b:c1:b3:3e:e0:dc:c2:fd:
2d:18:97:9d:52:81:1d:59:5f:fb:f8:30:2d:5b:23:3e:01:1d:
15:c8:41:9e:70:52:75:d8:10:1f:b8:b6:aa:34:a9:8b:b7:7b:
2c:c1:e3:02:0c:1e:67:d1:57:18:c7:44:7a:32:19:5c:46:e1:
62:67:4a:57:2d:27:31:95:f3:7e:ae:2c:cd:e3:8e:40:78:3f:
fd:ce:30:8d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQgaFuB8K0gu/xioTr/uKPQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzcwOTg1ZjgzZjQxMzMwMTExYzM1MGNkNmIxZTFlZWFk
NTI2YWEwHhcNMjUwMTAxMDU0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWE1MDNhNWM4MDBlYTY2ODI4MmRkM2IxMWE4NjZmYjk1OWM2ODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuseTmVlskCxNNp3HV97g4F3gOHl
+gQOTexpeAvyytnEhK3Rpne3NE6dBzH//lTvZKgTaGT9jt8PMF1eKvieGHIyN3Mq
HxqVLdhKypYpg/fxjwphs6XWqh3CzS2qr2ekD7tqwA9Zc4mLGHFYTz48mDAXZpz3
UK2TKfeVPjdkHdWXFA5BrlGob1/jkri/6CjBX80fgOxsWJiD83WoFqEAFTI+IFAu
cilDR7pHrSiV9UfcLWAxSGkJJnRhAHVPwuXeYXM+ltD4Hozm9pSLGUIg1v+RGKNe
YC1WRv/dXpZdeKy61wzV/SQm7tJptSMqMG9FAYDDU5RfdYvoh6e0oB4m3wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPWlA6XIAOpmgoLdOxGoZvuVnGibMB8GA1UdIwQY
MBaAFO43CYX4P0EzARHDUM1rHh7q1SaqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAt
MzI0NDU0NmY4Y2JmLzEvOWFVRHBjZ0E2bWFDZ3QwN0VhaG0tNVdjYUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAtMzI0NDU0NmY4Y2Jm
LzEvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHwcgAwQC
uYx8MA0EAgACMAcDBQMqCp9AMA0GCSqGSIb3DQEBCwUAA4IBAQCDai8qqIEp3dKD
PNwJrxvrfbGIe3ruVr0kTWZh/TU8NI7LQzz75sbEOkNOQeBPvynMpm5/DSsU5fc6
pGp93DrBykznIsalsRWNLrQ+UANMHXM6Xu+7lpZqteyBgWEw0S469CIBPtrqadrB
PVIX0XdJCdwtM8+iLQGwB40UNcNIhYdigffYqw+BVgSfi+Zmue1ZDgDmFK+8ut1F
1cDxEUSCsbN3o+0pGAMcFHl8e8GzPuDcwv0tGJedUoEdWV/7+DAtWyM+AR0VyEGe
cFJ12BAfuLaqNKmLt3ssweMCDB5n0VcYx0R6MhlcRuFiZ0pXLScxlfN+rizN445A
eD/9zjCN
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:35:43 2025 by rpki-client