Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/sCdHa8GDoglI_mdXJ5Cs8c0F3ts.roa
File: sCdHa8GDoglI_mdXJ5Cs8c0F3ts.roa (raw, json)
Hash identifier: MzLxzWRZS24YmZa+mNMBCsFOGmjiB2b/WusU+bbqWL8=
Subject key identifier: B0:27:47:6B:C1:83:A2:09:48:FE:67:57:27:90:AC:F1:CD:05:DE:DB
Certificate issuer: /CN=2e6b33413faa5e5e1d279a2a25ff81d8d15325df
Certificate serial: 019426D8BDA725E66103D46616A1497DFBBD
Authority key identifier: 2E:6B:33:41:3F:AA:5E:5E:1D:27:9A:2A:25:FF:81:D8:D1:53:25:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmszQT-qXl4dJ5oqJf-B2NFTJd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/sCdHa8GDoglI_mdXJ5Cs8c0F3ts.roa
Signing time: Thu 02 Jan 2025 11:48:45 +0000
ROA not before: Thu 02 Jan 2025 11:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2614
IP address blocks: 37.128.224.0/20 maxlen: 20
46.243.112.0/21 maxlen: 24
176.126.208.0/21 maxlen: 21
178.23.64.0/21 maxlen: 21
185.118.200.0/22 maxlen: 22
217.73.160.0/20 maxlen: 20
2001:b30::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/LmszQT-qXl4dJ5oqJf-B2NFTJd8.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/LmszQT-qXl4dJ5oqJf-B2NFTJd8.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmszQT-qXl4dJ5oqJf-B2NFTJd8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:bd:a7:25:e6:61:03:d4:66:16:a1:49:7d:fb:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6b33413faa5e5e1d279a2a25ff81d8d15325df
Validity
Not Before: Jan 2 11:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b027476bc183a20948fe67572790acf1cd05dedb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ba:08:a9:a2:43:39:7a:cb:3a:3f:59:77:45:
bf:e6:76:00:6d:3a:9b:9b:30:32:bd:f1:2d:09:c9:
d9:b7:bc:0a:db:12:fe:31:08:4b:69:1a:1f:58:7d:
5d:c9:2b:b2:79:a6:26:96:5b:fb:07:ac:cc:ed:29:
b5:61:ff:2c:b4:bf:ef:3f:f1:e9:5c:f7:0d:41:62:
7e:16:d9:e1:60:ba:0d:ea:0e:48:21:01:ed:43:aa:
8e:57:9f:5c:20:aa:88:a0:b7:96:fd:59:07:43:d0:
ea:1d:ba:e5:a6:8e:ee:ff:9f:df:a0:91:2f:9d:e5:
b3:85:eb:98:1b:6e:d0:ad:c0:81:54:52:0c:1d:21:
de:da:0e:eb:4a:13:85:8d:4e:66:b1:cf:02:00:5a:
78:15:a3:2b:e2:a1:71:03:d0:21:f5:e7:4a:c3:f8:
4e:a9:28:ff:21:74:34:16:69:85:ee:69:03:a6:bb:
b4:19:7a:50:f6:7b:76:bb:0f:21:c1:48:18:91:28:
bf:59:69:73:76:1f:c4:3e:df:9a:51:93:6f:da:52:
56:46:a6:59:0a:8b:77:e5:e9:9f:4d:fb:b3:bc:37:
06:b0:96:e9:c6:f4:eb:d8:b2:fe:db:6f:29:14:be:
07:b6:93:9e:7d:a6:72:27:38:5d:21:23:6a:5f:27:
c9:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:27:47:6B:C1:83:A2:09:48:FE:67:57:27:90:AC:F1:CD:05:DE:DB
X509v3 Authority Key Identifier:
keyid:2E:6B:33:41:3F:AA:5E:5E:1D:27:9A:2A:25:FF:81:D8:D1:53:25:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmszQT-qXl4dJ5oqJf-B2NFTJd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/sCdHa8GDoglI_mdXJ5Cs8c0F3ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/LmszQT-qXl4dJ5oqJf-B2NFTJd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.224.0/20
46.243.112.0/21
176.126.208.0/21
178.23.64.0/21
185.118.200.0/22
217.73.160.0/20
IPv6:
2001:b30::/29
Signature Algorithm: sha256WithRSAEncryption
6a:a6:14:3b:20:d0:4b:35:41:9e:b2:5c:81:6f:88:05:85:ba:
e9:ec:31:8b:7c:8d:8c:d7:e7:c5:6e:a5:d8:f7:4e:1f:b2:25:
75:ce:be:30:ad:18:80:9f:3d:88:e5:50:c4:be:54:df:d8:3f:
5e:29:f7:f0:37:c8:49:cf:ac:fa:8f:8e:57:39:d8:68:c3:5c:
d8:ab:f4:2c:3a:39:37:df:e9:2e:42:60:58:af:a3:14:83:dd:
2c:d7:d7:95:86:4e:7e:e3:5d:9c:cd:8a:32:bd:2e:e9:e3:3b:
7e:d7:0b:74:75:9d:a8:75:d1:9b:b2:d1:6a:6e:7b:74:97:d8:
da:df:f9:47:22:1f:5b:b3:e9:4f:2c:b8:df:2a:91:1e:85:e6:
1b:17:65:64:8a:b6:6b:23:56:35:ee:3b:ff:cd:95:12:54:c5:
27:64:fb:01:ef:64:d3:31:c3:01:a7:18:3b:3c:df:5b:3f:d7:
1a:8d:ad:7e:4d:e9:e7:61:07:83:09:a6:22:6d:ff:86:ca:b3:
d9:f7:3e:c8:eb:03:88:bf:0b:62:75:b4:ee:6a:c1:f1:c7:38:
f3:21:e0:a4:ec:48:bc:92:43:a5:e7:fa:93:78:46:4b:22:33:
71:f9:69:8e:2b:e7:8e:c2:cb:f5:00:75:a6:c6:5d:b9:f0:df:
c7:d6:1a:51
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQm2L2nJeZhA9RmFqFJffu9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmIzMzQxM2ZhYTVlNWUxZDI3OWEyYTI1ZmY4MWQ4ZDE1
MzI1ZGYwHhcNMjUwMTAyMTE0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDI3NDc2YmMxODNhMjA5NDhmZTY3NTcyNzkwYWNmMWNkMDVkZWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLoIqaJDOXrLOj9Zd0W/5nYAbTqb
mzAyvfEtCcnZt7wK2xL+MQhLaRofWH1dySuyeaYmllv7B6zM7Sm1Yf8stL/vP/Hp
XPcNQWJ+FtnhYLoN6g5IIQHtQ6qOV59cIKqIoLeW/VkHQ9DqHbrlpo7u/5/foJEv
neWzheuYG27QrcCBVFIMHSHe2g7rShOFjU5msc8CAFp4FaMr4qFxA9Ah9edKw/hO
qSj/IXQ0FmmF7mkDpru0GXpQ9nt2uw8hwUgYkSi/WWlzdh/EPt+aUZNv2lJWRqZZ
Cot35emfTfuzvDcGsJbpxvTr2LL+228pFL4HtpOefaZyJzhdISNqXyfJ5QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLAnR2vBg6IJSP5nVyeQrPHNBd7bMB8GA1UdIwQY
MBaAFC5rM0E/ql5eHSeaKiX/gdjRUyXfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1zelFULXFYbDRkSjVvcUpmLUIyTkZUSmQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hY2NkZTgtZjQ2Zi00ZWY5LTk0YWYt
OGRkODFlNGIzZTMzLzEvc0NkSGE4R0RvZ2xJX21kWEo1Q3M4YzBGM3RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hY2NkZTgtZjQ2Zi00ZWY5LTk0YWYtOGRkODFlNGIzZTMz
LzEvTG1zelFULXFYbDRkSjVvcUpmLUIyTkZUSmQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEJYDgAwQD
LvNwAwQDsH7QAwQDshdAAwQCuXbIAwQE2UmgMA0EAgACMAcDBQMgAQswMA0GCSqG
SIb3DQEBCwUAA4IBAQBqphQ7INBLNUGeslyBb4gFhbrp7DGLfI2M1+fFbqXY904f
siV1zr4wrRiAnz2I5VDEvlTf2D9eKffwN8hJz6z6j45XOdhow1zYq/QsOjk33+ku
QmBYr6MUg90s19eVhk5+412czYoyvS7p4zt+1wt0dZ2oddGbstFqbnt0l9ja3/lH
Ih9bs+lPLLjfKpEeheYbF2VkirZrI1Y17jv/zZUSVMUnZPsB72TTMcMBpxg7PN9b
P9caja1+TennYQeDCaYibf+GyrPZ9z7I6wOIvwtidbTuasHxxzjzIeCk7Ei8kkOl
5/qTeEZLIjNx+WmOK+eOwsv1AHWmxl258N/H1hpR
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:28:07 2025 by rpki-client