Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/64c2fa-df54-47ff-a8c9-bfe0ccb79fcc/1/xXvm8v3Fqzu_dszdmjsgqNl1Hcw.roa
File: xXvm8v3Fqzu_dszdmjsgqNl1Hcw.roa (raw, json)
Hash identifier: Nh/ftcdTWsREAPkqBZbyfany4F8e1nXpYHmf8szSz/Y=
Subject key identifier: C5:7B:E6:F2:FD:C5:AB:3B:BF:76:CC:DD:9A:3B:20:A8:D9:75:1D:CC
Certificate issuer: /CN=ba0e1264e07b3708bcb9db5a14e7cc9270863958
Certificate serial: 01941FFA2D312757B91C5B4259F2953BDC73
Authority key identifier: BA:0E:12:64:E0:7B:37:08:BC:B9:DB:5A:14:E7:CC:92:70:86:39:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ug4SZOB7Nwi8udtaFOfMknCGOVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/64c2fa-df54-47ff-a8c9-bfe0ccb79fcc/1/xXvm8v3Fqzu_dszdmjsgqNl1Hcw.roa
Signing time: Wed 01 Jan 2025 03:47:56 +0000
ROA not before: Wed 01 Jan 2025 03:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50596
IP address blocks: 37.75.200.0/21 maxlen: 22
46.254.160.0/21 maxlen: 22
93.179.104.0/21 maxlen: 22
109.201.96.0/19 maxlen: 22
178.57.208.0/21 maxlen: 22
185.8.220.0/22 maxlen: 23
188.68.8.0/21 maxlen: 22
188.68.168.0/21 maxlen: 22
188.68.192.0/21 maxlen: 22
2a03:3cc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/64c2fa-df54-47ff-a8c9-bfe0ccb79fcc/1/ug4SZOB7Nwi8udtaFOfMknCGOVg.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/64c2fa-df54-47ff-a8c9-bfe0ccb79fcc/1/ug4SZOB7Nwi8udtaFOfMknCGOVg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ug4SZOB7Nwi8udtaFOfMknCGOVg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:2d:31:27:57:b9:1c:5b:42:59:f2:95:3b:dc:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba0e1264e07b3708bcb9db5a14e7cc9270863958
Validity
Not Before: Jan 1 03:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c57be6f2fdc5ab3bbf76ccdd9a3b20a8d9751dcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:68:95:d8:04:2f:bd:4c:69:3a:2f:fc:2a:3a:
df:00:04:51:38:29:4b:70:f8:20:a2:ff:df:d7:68:
94:83:8f:52:38:68:d9:08:b9:13:1b:5c:c7:3d:53:
d1:93:e1:65:90:c8:b3:bf:97:2b:83:e0:8c:27:ad:
24:3a:df:76:5b:35:97:67:92:4c:99:aa:69:40:ac:
ae:6e:14:35:ea:24:e0:ce:2b:4c:5a:1a:ee:62:b9:
23:33:3a:00:34:20:8e:af:5e:d8:8a:e0:5e:12:61:
f7:03:a0:58:67:51:e1:00:ac:cb:9d:cf:ac:a9:34:
cd:bb:0b:18:af:dd:88:47:08:37:33:13:e2:9a:2a:
ef:3f:ca:2f:e8:c7:2e:a5:5c:16:26:1c:cd:ba:26:
1b:fd:28:96:06:df:76:75:b3:44:94:ae:d7:8e:48:
a6:19:af:ab:e9:18:32:35:e3:34:0a:0c:58:f9:43:
8b:71:f6:d9:4e:38:96:65:da:dc:15:7c:9a:3e:2f:
ab:2a:eb:21:d7:a0:cc:f3:fd:95:56:3e:f3:bb:11:
1b:45:bb:39:cf:6a:db:6f:e0:f5:4e:b5:dc:49:77:
cb:00:5e:81:86:75:28:96:2d:f5:67:c8:96:a4:a7:
35:39:1e:69:16:fc:a1:2a:07:38:22:e3:2c:d9:11:
d6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:7B:E6:F2:FD:C5:AB:3B:BF:76:CC:DD:9A:3B:20:A8:D9:75:1D:CC
X509v3 Authority Key Identifier:
keyid:BA:0E:12:64:E0:7B:37:08:BC:B9:DB:5A:14:E7:CC:92:70:86:39:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ug4SZOB7Nwi8udtaFOfMknCGOVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/64c2fa-df54-47ff-a8c9-bfe0ccb79fcc/1/xXvm8v3Fqzu_dszdmjsgqNl1Hcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/64c2fa-df54-47ff-a8c9-bfe0ccb79fcc/1/ug4SZOB7Nwi8udtaFOfMknCGOVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.200.0/21
46.254.160.0/21
93.179.104.0/21
109.201.96.0/19
178.57.208.0/21
185.8.220.0/22
188.68.8.0/21
188.68.168.0/21
188.68.192.0/21
IPv6:
2a03:3cc0::/29
Signature Algorithm: sha256WithRSAEncryption
a7:ae:1e:ae:0f:8e:c7:83:fc:b5:de:f6:79:e5:55:be:3c:94:
9c:71:dd:df:a4:d7:1a:a3:ef:e0:78:a2:e7:52:6f:3a:c1:5c:
b2:bc:b3:42:27:1c:b6:4d:a1:ee:43:eb:39:55:3f:df:86:8f:
55:ca:79:4a:ae:85:b8:71:ca:4e:55:2f:de:24:76:ed:62:9d:
39:92:0e:a6:cf:69:ea:ee:31:77:1a:26:1d:ec:c4:c7:d2:56:
71:b7:9e:f7:bd:57:e4:3b:f7:05:9e:9a:a7:33:4d:0d:48:ff:
84:59:a1:5c:3e:20:93:9c:35:e2:01:e2:76:b8:f3:9c:fa:65:
b9:a3:4c:42:ab:b4:4e:6d:49:b8:58:0f:48:6d:29:87:87:47:
c1:24:54:a7:7e:a3:6a:29:98:22:19:30:4d:96:10:13:4c:2f:
b3:b7:2c:2d:6b:e2:e8:5d:b5:fa:87:ba:19:5f:92:d2:57:22:
47:a6:fd:e6:41:fe:20:12:eb:30:7a:42:5a:ec:e8:6d:a7:36:
69:db:b7:31:e5:65:01:c2:e1:b0:66:8f:e3:88:8e:75:7c:fe:
82:ee:c8:8c:84:ba:cf:66:1b:be:48:8d:bd:78:3e:f5:63:dc:
d8:d5:2c:e7:4f:a4:e6:37:96:5b:44:06:e6:a3:a8:a2:6c:fd:
90:4d:92:3b
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZQf+i0xJ1e5HFtCWfKVO9xzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMGUxMjY0ZTA3YjM3MDhiY2I5ZGI1YTE0ZTdjYzkyNzA4
NjM5NTgwHhcNMjUwMTAxMDM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTdiZTZmMmZkYzVhYjNiYmY3NmNjZGQ5YTNiMjBhOGQ5NzUxZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGiV2AQvvUxpOi/8KjrfAARROClL
cPggov/f12iUg49SOGjZCLkTG1zHPVPRk+FlkMizv5crg+CMJ60kOt92WzWXZ5JM
mappQKyubhQ16iTgzitMWhruYrkjMzoANCCOr17YiuBeEmH3A6BYZ1HhAKzLnc+s
qTTNuwsYr92IRwg3MxPimirvP8ov6McupVwWJhzNuiYb/SiWBt92dbNElK7Xjkim
Ga+r6RgyNeM0CgxY+UOLcfbZTjiWZdrcFXyaPi+rKush16DM8/2VVj7zuxEbRbs5
z2rbb+D1TrXcSXfLAF6BhnUoli31Z8iWpKc1OR5pFvyhKgc4IuMs2RHWvQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFMV75vL9xas7v3bM3Zo7IKjZdR3MMB8GA1UdIwQY
MBaAFLoOEmTgezcIvLnbWhTnzJJwhjlYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWc0U1pPQjdOd2k4dWR0YUZPZk1rbkNHT1ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS82NGMyZmEtZGY1NC00N2ZmLWE4Yzkt
YmZlMGNjYjc5ZmNjLzEveFh2bTh2M0ZxenVfZHN6ZG1qc2dxTmwxSGN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS82NGMyZmEtZGY1NC00N2ZmLWE4YzktYmZlMGNjYjc5ZmNj
LzEvdWc0U1pPQjdOd2k4dWR0YUZPZk1rbkNHT1ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDJUvIAwQD
Lv6gAwQDXbNoAwQFbclgAwQDsjnQAwQCuQjcAwQDvEQIAwQDvESoAwQDvETAMA0E
AgACMAcDBQMqAzzAMA0GCSqGSIb3DQEBCwUAA4IBAQCnrh6uD47Hg/y13vZ55VW+
PJSccd3fpNcao+/geKLnUm86wVyyvLNCJxy2TaHuQ+s5VT/fho9VynlKroW4ccpO
VS/eJHbtYp05kg6mz2nq7jF3GiYd7MTH0lZxt573vVfkO/cFnpqnM00NSP+EWaFc
PiCTnDXiAeJ2uPOc+mW5o0xCq7RObUm4WA9IbSmHh0fBJFSnfqNqKZgiGTBNlhAT
TC+ztywta+LoXbX6h7oZX5LSVyJHpv3mQf4gEuswekJa7OhtpzZp27cx5WUBwuGw
Zo/jiI51fP6C7siMhLrPZhu+SI29eD71Y9zY1SznT6TmN5ZbRAbmo6iibP2QTZI7
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:42 2025 by rpki-client