Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/L6CuAoBzB0WrcqddR3qESKR3bvY.roa
File: L6CuAoBzB0WrcqddR3qESKR3bvY.roa (raw, json)
Hash identifier: Gsko8/+UGivF8br90Q1HaCu/U5FOZSGAgc6YJCANek4=
Subject key identifier: 2F:A0:AE:02:80:73:07:45:AB:72:A7:5D:47:7A:84:48:A4:77:6E:F6
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01942747EC29F405D9104AB79B3BF12F1438
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/L6CuAoBzB0WrcqddR3qESKR3bvY.roa
Signing time: Thu 02 Jan 2025 13:50:12 +0000
ROA not before: Thu 02 Jan 2025 13:50:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43561
IP address blocks: 37.157.169.0/24 maxlen: 24
37.157.191.0/24 maxlen: 24
84.40.65.0/24 maxlen: 24
84.40.73.0/24 maxlen: 24
84.40.74.0/24 maxlen: 24
84.40.93.0/24 maxlen: 24
84.40.116.0/24 maxlen: 24
95.43.250.0/24 maxlen: 24
95.87.199.0/24 maxlen: 24
95.87.209.0/24 maxlen: 24
95.87.223.0/24 maxlen: 24
95.87.228.0/24 maxlen: 24
95.87.255.0/24 maxlen: 24
185.60.66.0/24 maxlen: 24
185.60.67.0/24 maxlen: 24
2a02:1338::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Mar 2025 14:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:ec:29:f4:05:d9:10:4a:b7:9b:3b:f1:2f:14:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 2 13:50:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fa0ae0280730745ab72a75d477a8448a4776ef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ac:2c:8b:a5:04:97:eb:80:95:ad:f3:5d:f2:
a7:76:8d:60:a2:fe:62:74:00:86:97:b1:79:f0:12:
89:ab:92:86:ef:9f:31:92:05:9e:24:d1:c8:a1:e9:
fc:3e:6d:79:39:7e:df:f3:9a:78:c7:29:c1:7d:2d:
ce:6c:57:fd:37:cb:4a:3a:99:27:ef:d7:b5:1a:cb:
0d:ce:97:7c:0f:18:da:4b:69:23:03:8e:a6:36:68:
55:f1:95:f1:05:6c:45:9a:8c:7b:b3:bf:a2:ed:b3:
c8:d3:b5:61:ae:15:8f:b4:9f:51:7d:9c:67:03:fe:
37:ae:ac:de:bd:2b:db:f9:c8:1e:1c:3f:7a:7f:28:
be:18:25:64:65:f2:07:24:c2:04:4d:99:73:a9:8f:
02:74:35:48:61:0a:88:27:a5:92:4c:e8:52:24:a6:
f7:88:d8:b5:5c:aa:b9:97:7d:8f:94:64:47:6f:e8:
ab:0f:bb:ef:e6:dd:2a:f7:d6:f6:4b:ea:41:7e:b7:
fd:d0:90:7d:79:22:6b:57:db:36:78:35:47:c1:88:
57:35:9b:62:db:53:6b:76:5c:5a:b2:7c:ae:08:8b:
e8:41:4b:18:bc:69:cd:16:b8:3a:de:8e:65:22:06:
b0:5a:70:7e:c5:ad:6d:35:7e:22:58:72:0c:d5:d5:
f0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:A0:AE:02:80:73:07:45:AB:72:A7:5D:47:7A:84:48:A4:77:6E:F6
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/L6CuAoBzB0WrcqddR3qESKR3bvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.169.0/24
37.157.191.0/24
84.40.65.0/24
84.40.73.0-84.40.74.255
84.40.93.0/24
84.40.116.0/24
95.43.250.0/24
95.87.199.0/24
95.87.209.0/24
95.87.223.0/24
95.87.228.0/24
95.87.255.0/24
185.60.66.0/23
IPv6:
2a02:1338::/32
Signature Algorithm: sha256WithRSAEncryption
38:54:fd:9d:4a:67:57:ea:7e:be:0a:fc:06:28:3c:b2:ec:43:
8c:4b:c3:d9:46:4f:0d:8a:fd:65:11:7d:ba:da:77:0f:42:3d:
32:14:9a:19:ad:2e:f7:af:45:c8:fc:16:72:40:cd:d6:e4:65:
be:1c:aa:06:e1:6b:d5:b2:00:f2:28:d6:60:50:66:61:c3:c6:
7e:fd:33:f4:a6:21:95:a7:a7:26:a0:3c:87:09:06:73:27:46:
67:eb:a9:bf:1f:7c:64:29:84:08:16:05:d1:98:5e:1b:30:37:
ce:4d:d6:38:9d:ab:5f:7f:89:3c:99:c3:4b:94:23:ce:e6:2b:
ad:5e:2f:d5:46:ce:79:19:5f:2c:7c:ed:4f:95:4e:6b:59:9b:
96:d3:fc:f4:3a:b3:6d:cc:20:59:68:da:ce:43:eb:ab:9c:cb:
36:0f:56:46:8e:80:0c:2d:aa:72:7a:d4:3d:2f:37:b3:69:fa:
c8:41:0d:ff:f8:cf:14:d7:f4:80:58:a3:d8:96:42:5c:ed:eb:
58:f6:6f:d5:11:22:55:50:5a:a4:da:79:b8:3a:74:3a:dd:3f:
56:f5:57:3e:d9:14:70:93:54:9e:53:2a:37:4d:a1:c0:fe:fa:
e7:44:51:1f:2d:f3:e0:0e:dc:cf:09:e0:68:fa:a8:79:21:3a:
c8:ba:d1:55
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAZQnR+wp9AXZEEq3mzvxLxQ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjUwMTAyMTM1MDEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmEwYWUwMjgwNzMwNzQ1YWI3MmE3NWQ0NzdhODQ0OGE0Nzc2ZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnawsi6UEl+uAla3zXfKndo1gov5i
dACGl7F58BKJq5KG758xkgWeJNHIoen8Pm15OX7f85p4xynBfS3ObFf9N8tKOpkn
79e1GssNzpd8DxjaS2kjA46mNmhV8ZXxBWxFmox7s7+i7bPI07VhrhWPtJ9RfZxn
A/43rqzevSvb+cgeHD96fyi+GCVkZfIHJMIETZlzqY8CdDVIYQqIJ6WSTOhSJKb3
iNi1XKq5l32PlGRHb+irD7vv5t0q99b2S+pBfrf90JB9eSJrV9s2eDVHwYhXNZti
21NrdlxasnyuCIvoQUsYvGnNFrg63o5lIgawWnB+xa1tNX4iWHIM1dXw+wIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFC+grgKAcwdFq3KnXUd6hEikd272MB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvTDZDdUFvQnpCMFdyY3FkZFIzcUVTS1IzYnZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBcBAIAATBWAwQAJZ2pAwQA
JZ2/AwQAVChBMAwDBABUKEkDBABUKEoDBABUKF0DBABUKHQDBABfK/oDBABfV8cD
BABfV9EDBABfV98DBABfV+QDBABfV/8DBAG5PEIwDQQCAAIwBwMFACoCEzgwDQYJ
KoZIhvcNAQELBQADggEBADhU/Z1KZ1fqfr4K/AYoPLLsQ4xLw9lGTw2K/WURfbra
dw9CPTIUmhmtLvevRcj8FnJAzdbkZb4cqgbha9WyAPIo1mBQZmHDxn79M/SmIZWn
pyagPIcJBnMnRmfrqb8ffGQphAgWBdGYXhswN85N1jidq19/iTyZw0uUI87mK61e
L9VGznkZXyx87U+VTmtZm5bT/PQ6s23MIFlo2s5D66ucyzYPVkaOgAwtqnJ61D0v
N7Np+shBDf/4zxTX9IBYo9iWQlzt61j2b9URIlVQWqTaebg6dDrdP1b1Vz7ZFHCT
VJ5TKjdNocD++udEUR8t8+AO3M8J4Gj6qHkhOsi60VU=
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:22:56 2025 by rpki-client