Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/Cd-K1MEWA2ryKgiTfKMlpJrD0GQ.roa
File: Cd-K1MEWA2ryKgiTfKMlpJrD0GQ.roa (raw, json)
Hash identifier: B7DPcOBfNaFm0TXa9BBHsfzUSprwVkey6QgyDWplAfY=
Subject key identifier: 09:DF:8A:D4:C1:16:03:6A:F2:2A:08:93:7C:A3:25:A4:9A:C3:D0:64
Certificate issuer: /CN=ebf36087c3fcecfb006f518d7811b255ea57c90d
Certificate serial: 019587465A6D5A705BE3EFCEBFAC1397601E
Authority key identifier: EB:F3:60:87:C3:FC:EC:FB:00:6F:51:8D:78:11:B2:55:EA:57:C9:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_Ngh8P87PsAb1GNeBGyVepXyQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/Cd-K1MEWA2ryKgiTfKMlpJrD0GQ.roa
Signing time: Tue 11 Mar 2025 22:14:49 +0000
ROA not before: Tue 11 Mar 2025 22:14:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203712
IP address blocks: 37.18.132.0/22 maxlen: 24
185.126.104.0/24 maxlen: 24
185.126.105.0/24 maxlen: 24
185.126.106.0/24 maxlen: 24
185.126.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/6_Ngh8P87PsAb1GNeBGyVepXyQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/6_Ngh8P87PsAb1GNeBGyVepXyQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/6_Ngh8P87PsAb1GNeBGyVepXyQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 19:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:87:46:5a:6d:5a:70:5b:e3:ef:ce:bf:ac:13:97:60:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf36087c3fcecfb006f518d7811b255ea57c90d
Validity
Not Before: Mar 11 22:14:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09df8ad4c116036af22a08937ca325a49ac3d064
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7f:d9:8b:c5:ff:63:6b:e5:39:11:c9:68:f5:
f5:40:a8:ec:ec:b2:df:18:10:53:06:8c:98:b0:01:
9d:9b:16:5e:f0:bb:f2:9e:c6:81:81:a5:75:16:86:
f7:20:15:5a:a7:f5:ad:37:ac:1a:c5:7b:02:0b:92:
2e:86:51:6b:0a:59:e2:99:c9:a5:c7:aa:8f:9e:97:
44:28:6e:4b:21:fe:77:1e:a3:b7:7e:57:b3:4f:6b:
2b:f8:db:cd:e5:b1:86:33:74:d1:a8:20:09:bf:9b:
7d:49:6b:e2:3b:55:37:cd:ee:9c:a6:8b:ad:49:d0:
3b:62:bc:aa:b0:7c:98:c0:95:e3:68:5a:41:05:3e:
e3:db:a5:48:78:a3:f3:af:5d:f2:79:b9:d7:12:b8:
2e:0b:e4:ff:33:3a:ba:fe:d3:30:08:66:47:c3:82:
25:47:be:03:2d:e5:46:7e:62:9f:92:4a:e3:bd:67:
73:8a:e5:36:1e:f7:0d:75:0a:c1:e2:fb:2b:7b:94:
ce:36:4a:3f:fc:bd:5d:5a:d4:8a:74:78:93:e5:91:
6b:36:f7:f0:fb:28:55:41:3d:42:47:a3:12:34:a7:
86:04:c4:f6:a2:5e:83:9e:b6:76:aa:19:04:e9:db:
fb:bf:c5:87:90:d9:1c:14:a2:c7:37:72:9d:2e:85:
34:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:DF:8A:D4:C1:16:03:6A:F2:2A:08:93:7C:A3:25:A4:9A:C3:D0:64
X509v3 Authority Key Identifier:
keyid:EB:F3:60:87:C3:FC:EC:FB:00:6F:51:8D:78:11:B2:55:EA:57:C9:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_Ngh8P87PsAb1GNeBGyVepXyQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/Cd-K1MEWA2ryKgiTfKMlpJrD0GQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/6_Ngh8P87PsAb1GNeBGyVepXyQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.132.0/22
185.126.104.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:83:72:6a:04:5e:87:f7:d8:0e:69:d7:f3:cc:7c:83:6f:6f:
f3:9a:37:5f:e3:78:07:e3:57:37:f5:cd:58:7e:e8:30:1a:eb:
df:32:6f:00:61:69:56:7d:72:d3:fb:10:e7:9a:22:63:5f:0f:
cb:fe:d6:c5:c3:3c:5a:80:94:29:29:1f:d5:39:91:97:46:fb:
76:7c:16:39:95:b9:71:ae:17:d6:17:92:09:9d:51:41:26:fe:
8a:18:07:13:27:d3:54:9d:be:13:4d:ba:67:1f:c6:53:bc:3f:
93:83:1f:15:3f:e1:42:2f:a0:81:ee:e9:99:78:08:16:fd:d1:
47:d8:29:70:83:74:5f:a9:48:89:69:db:86:56:6f:7a:0c:ab:
42:2d:00:c2:d1:3c:db:50:6a:f4:86:bb:d1:2e:6c:bc:ab:1b:
cd:f6:8e:9f:38:e7:b7:60:15:7b:89:3c:eb:01:0f:05:15:2d:
e9:ab:fc:ae:84:0e:7f:80:63:b4:3b:d1:79:c1:e5:bf:8e:4d:
98:6b:dd:e2:ea:bf:be:55:cb:48:b1:ba:a7:bf:9c:0a:9b:3d:
9d:42:1d:90:d4:57:e8:ba:e9:70:bb:45:33:27:79:be:d9:49:
5b:cc:c7:ad:7b:c8:21:bb:38:cd:cd:e2:ee:8d:74:93:05:b0:
8a:1a:a0:cb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWHRlptWnBb4+/Ov6wTl2AeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjM2MDg3YzNmY2VjZmIwMDZmNTE4ZDc4MTFiMjU1ZWE1
N2M5MGQwHhcNMjUwMzExMjIxNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWRmOGFkNGMxMTYwMzZhZjIyYTA4OTM3Y2EzMjVhNDlhYzNkMDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsX/Zi8X/Y2vlORHJaPX1QKjs7LLf
GBBTBoyYsAGdmxZe8LvynsaBgaV1Fob3IBVap/WtN6waxXsCC5IuhlFrClnimcml
x6qPnpdEKG5LIf53HqO3flezT2sr+NvN5bGGM3TRqCAJv5t9SWviO1U3ze6cpout
SdA7YryqsHyYwJXjaFpBBT7j26VIeKPzr13yebnXErguC+T/Mzq6/tMwCGZHw4Il
R74DLeVGfmKfkkrjvWdziuU2HvcNdQrB4vsre5TONko//L1dWtSKdHiT5ZFrNvfw
+yhVQT1CR6MSNKeGBMT2ol6DnrZ2qhkE6dv7v8WHkNkcFKLHN3KdLoU0jQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAnfitTBFgNq8ioIk3yjJaSaw9BkMB8GA1UdIwQY
MBaAFOvzYIfD/Oz7AG9RjXgRslXqV8kNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9OZ2g4UDg3UHNBYjFHTmVCR3lWZXBYeVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80NjQzMWUtNDk1MS00ZTFhLTkxOTUt
NjhhNDU1MWY2OGE4LzEvQ2QtSzFNRVdBMnJ5S2dpVGZLTWxwSnJEMEdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80NjQzMWUtNDk1MS00ZTFhLTkxOTUtNjhhNDU1MWY2OGE4
LzEvNl9OZ2g4UDg3UHNBYjFHTmVCR3lWZXBYeVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJRKEAwQC
uX5oMA0GCSqGSIb3DQEBCwUAA4IBAQAPg3JqBF6H99gOadfzzHyDb2/zmjdf43gH
41c39c1YfugwGuvfMm8AYWlWfXLT+xDnmiJjXw/L/tbFwzxagJQpKR/VOZGXRvt2
fBY5lblxrhfWF5IJnVFBJv6KGAcTJ9NUnb4TTbpnH8ZTvD+Tgx8VP+FCL6CB7umZ
eAgW/dFH2Clwg3RfqUiJaduGVm96DKtCLQDC0TzbUGr0hrvRLmy8qxvN9o6fOOe3
YBV7iTzrAQ8FFS3pq/yuhA5/gGO0O9F5weW/jk2Ya93i6r++VctIsbqnv5wKmz2d
Qh2Q1Ffouulwu0UzJ3m+2UlbzMete8ghuzjNzeLujXSTBbCKGqDL
-----END CERTIFICATE-----
Generated at Sun Apr 13 06:32:54 2025 by rpki-client