Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/rJBUoTOBCbGpyq2LQ5qyqtlWDVk.roa
File: rJBUoTOBCbGpyq2LQ5qyqtlWDVk.roa (raw, json)
Hash identifier: OOOBfJlZtCKY/fNu/6lDyCNmP9uVM4ZIRjn3vJc9saw=
Subject key identifier: AC:90:54:A1:33:81:09:B1:A9:CA:AD:8B:43:9A:B2:AA:D9:56:0D:59
Certificate issuer: /CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Certificate serial: 0195E90B0A72A48E9CDAFB204324A3BFDCA0
Authority key identifier: B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/rJBUoTOBCbGpyq2LQ5qyqtlWDVk.roa
Signing time: Sun 30 Mar 2025 21:52:49 +0000
ROA not before: Sun 30 Mar 2025 21:52:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3266
IP address blocks: 78.24.72.0/24 maxlen: 24
78.24.73.0/24 maxlen: 24
78.24.74.0/24 maxlen: 24
78.24.75.0/24 maxlen: 24
78.24.77.0/24 maxlen: 24
78.24.78.0/24 maxlen: 24
78.24.79.0/24 maxlen: 24
2a00:1908::/35 maxlen: 35
2a00:1908::/48 maxlen: 48
2a00:1908:2000::/35 maxlen: 35
2a00:1908:4000::/35 maxlen: 35
2a00:1908:6000::/35 maxlen: 35
2a00:1908:8000::/35 maxlen: 35
2a00:1908:a000::/35 maxlen: 35
2a00:1909::/32 maxlen: 32
2a00:1909::/48 maxlen: 48
2a00:190a::/32 maxlen: 32
2a00:190a::/48 maxlen: 48
2a00:190f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.mft
rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e9:0b:0a:72:a4:8e:9c:da:fb:20:43:24:a3:bf:dc:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Validity
Not Before: Mar 30 21:52:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac9054a1338109b1a9caad8b439ab2aad9560d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3b:ee:0e:8a:59:e7:74:f5:de:a5:33:34:bd:
a5:41:a0:ee:f8:cd:e5:ee:f1:8a:45:d4:b8:ea:9a:
7c:cb:e9:f4:0d:cc:05:ac:1c:32:73:6d:4a:24:06:
c4:03:8e:68:a3:d5:12:48:88:b3:da:6e:62:1f:71:
75:44:a1:e3:38:29:3d:61:43:d2:ca:fc:de:e3:a2:
d3:30:82:d9:b8:1c:c6:98:dc:18:3a:e0:86:51:71:
a4:8b:36:b1:a1:ca:e4:6f:1a:2c:4c:71:6b:c3:9b:
68:86:b9:0d:b1:e1:28:2b:bc:a1:cf:4f:ec:2f:eb:
a7:6f:da:87:a6:6e:bd:bf:4a:e3:41:5c:95:e6:3b:
85:70:81:d3:12:a5:55:e9:29:40:e0:11:e0:ba:21:
93:c6:38:a9:f5:fc:11:f3:c4:8c:ab:41:17:27:d0:
14:c0:57:79:db:56:14:1c:43:11:cd:d4:df:8f:a8:
07:99:d1:5b:8d:ce:3e:68:1d:66:8d:0c:92:9a:57:
23:10:56:03:05:53:8a:0b:31:fc:60:97:37:ae:91:
f3:1d:9d:94:92:20:c6:71:67:22:a9:a9:5a:05:aa:
12:bd:72:d3:5b:ec:e3:95:73:78:15:b5:3a:a7:ca:
36:e7:84:84:33:f1:10:1b:b9:7c:8c:87:1b:97:86:
64:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:90:54:A1:33:81:09:B1:A9:CA:AD:8B:43:9A:B2:AA:D9:56:0D:59
X509v3 Authority Key Identifier:
keyid:B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/rJBUoTOBCbGpyq2LQ5qyqtlWDVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.72.0/22
78.24.77.0-78.24.79.255
IPv6:
2a00:1908::-2a00:1908:bfff:ffff:ffff:ffff:ffff:ffff
2a00:1909::-2a00:190a:ffff:ffff:ffff:ffff:ffff:ffff
2a00:190f::/48
Signature Algorithm: sha256WithRSAEncryption
8b:73:f2:80:8e:f6:6d:c3:86:ea:4b:1f:43:ce:74:a4:2a:33:
e1:b9:06:c0:25:c3:bb:5c:46:7a:f0:69:55:4f:d7:53:e1:cd:
00:43:62:ed:dd:89:34:61:f8:24:95:be:3f:63:10:35:50:bd:
16:ae:e7:a8:cb:d7:8e:41:16:16:4f:36:b0:33:9b:60:21:b3:
20:db:22:3d:74:d0:0e:f6:9f:9d:4e:63:50:48:91:87:99:d0:
2f:e7:df:39:ca:cd:db:1e:07:7d:16:d3:82:e5:af:b4:64:9e:
08:6b:8f:23:a2:45:e1:a5:73:bf:89:45:92:2a:7d:3d:65:b9:
e8:89:2f:09:e4:34:1b:76:3f:e1:c4:42:60:a3:de:c0:be:75:
8b:06:d3:bd:a3:ef:5d:da:1c:f5:14:32:21:64:08:f9:57:cc:
ab:c7:56:e5:22:8e:59:4b:c3:be:02:39:6c:8a:94:3b:75:dd:
24:07:5c:4d:65:63:81:98:cc:c7:df:61:3c:8e:42:d4:97:2d:
f6:c0:2a:62:99:61:db:78:12:7d:87:37:07:50:a7:e1:f8:3b:
1c:17:45:d5:91:24:ff:2c:6d:0c:86:47:c1:d0:9c:12:3f:71:
2a:77:16:92:70:27:8a:44:dc:c2:00:03:9b:82:a1:32:5b:1e:
6e:b6:b8:c6
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZXpCwpypI6c2vsgQySjv9ygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZTQ0OGI0YTA4ZjBlNGM1OGEyODNkODA3MzVhOGE4MDNl
MTBkNGUwHhcNMjUwMzMwMjE1MjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzkwNTRhMTMzODEwOWIxYTljYWFkOGI0MzlhYjJhYWQ5NTYwZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjvuDopZ53T13qUzNL2lQaDu+M3l
7vGKRdS46pp8y+n0DcwFrBwyc21KJAbEA45oo9USSIiz2m5iH3F1RKHjOCk9YUPS
yvze46LTMILZuBzGmNwYOuCGUXGkizaxocrkbxosTHFrw5tohrkNseEoK7yhz0/s
L+unb9qHpm69v0rjQVyV5juFcIHTEqVV6SlA4BHguiGTxjip9fwR88SMq0EXJ9AU
wFd521YUHEMRzdTfj6gHmdFbjc4+aB1mjQySmlcjEFYDBVOKCzH8YJc3rpHzHZ2U
kiDGcWciqalaBaoSvXLTW+zjlXN4FbU6p8o254SEM/EQG7l8jIcbl4ZknwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFKyQVKEzgQmxqcqti0OasqrZVg1ZMB8GA1UdIwQY
MBaAFLLkSLSgjw5MWKKD2Ac1qKgD4Q1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYt
MjA1NGQ0ZTkwM2JjLzEvckpCVW9UT0JDYkdweXEyTFE1cXlxdGxXRFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYtMjA1NGQ0ZTkwM2Jj
LzEvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAaBAIAATAUAwQCThhIMAwD
BABOGE0DBAROGEAwMAQCAAIwKjAPAwUDKgAZCAMGBioAGQiAMA4DBQAqABkJAwUA
KgAZCgMHACoAGQ8AADANBgkqhkiG9w0BAQsFAAOCAQEAi3PygI72bcOG6ksfQ850
pCoz4bkGwCXDu1xGevBpVU/XU+HNAENi7d2JNGH4JJW+P2MQNVC9Fq7nqMvXjkEW
Fk82sDObYCGzINsiPXTQDvafnU5jUEiRh5nQL+ffOcrN2x4HfRbTguWvtGSeCGuP
I6JF4aVzv4lFkip9PWW56IkvCeQ0G3Y/4cRCYKPewL51iwbTvaPvXdoc9RQyIWQI
+VfMq8dW5SKOWUvDvgI5bIqUO3XdJAdcTWVjgZjMx99hPI5C1Jct9sAqYplh23gS
fYc3B1Cn4fg7HBdF1ZEk/yxtDIZHwdCcEj9xKncWknAnikTcwgADm4KhMlsebra4
xg==
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:01:23 2025 by rpki-client