Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/A39EZrrDrXLk3J8BZLUN7wQ6C50.roa
File: A39EZrrDrXLk3J8BZLUN7wQ6C50.roa (raw, json)
Hash identifier: Ark/uTgt37FRO8Utnxml8XHzzu9fwVEDGjmOjqbxT4E=
Subject key identifier: 03:7F:44:66:BA:C3:AD:72:E4:DC:9F:01:64:B5:0D:EF:04:3A:0B:9D
Certificate issuer: /CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Certificate serial: 0194236A0DFC2E3508CD8FB9C8FBA5BB40BD
Authority key identifier: 17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/A39EZrrDrXLk3J8BZLUN7wQ6C50.roa
Signing time: Wed 01 Jan 2025 19:49:00 +0000
ROA not before: Wed 01 Jan 2025 19:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 5.180.179.0/24 maxlen: 24
31.217.248.0/24 maxlen: 24
185.137.164.0/24 maxlen: 24
193.35.228.0/24 maxlen: 24
2a11:53c0::/32 maxlen: 48
2a11:53c1::/32 maxlen: 48
2a11:53c2::/32 maxlen: 48
2a11:53c3::/32 maxlen: 48
2a11:53c4::/32 maxlen: 48
2a11:53c5::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 04:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:0d:fc:2e:35:08:cd:8f:b9:c8:fb:a5:bb:40:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Validity
Not Before: Jan 1 19:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=037f4466bac3ad72e4dc9f0164b50def043a0b9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:75:40:cc:d5:46:9f:d7:52:06:4e:fe:8b:f1:
65:5e:f1:37:ed:e0:e8:0b:17:90:22:a3:5c:04:3b:
9c:b3:af:55:3a:d1:1e:9f:55:02:d8:2b:a5:d3:00:
0d:9e:41:40:34:84:c2:d9:c7:7b:14:6a:1a:46:3d:
f4:eb:4b:08:ad:23:dc:61:38:79:a0:77:38:9a:cc:
87:d7:93:16:de:df:31:34:13:43:00:00:4c:82:ab:
70:7e:97:be:25:a2:67:9f:38:24:99:01:ea:87:36:
52:fd:77:26:ba:0e:31:a0:f0:08:9f:89:4f:15:ae:
35:d9:17:78:6d:ca:be:a2:db:1b:2c:ca:a1:b3:cc:
36:84:9f:76:ad:81:cc:83:87:e0:37:bf:47:60:d7:
93:a6:95:2b:c9:9a:9d:d8:8f:f2:0e:51:f6:65:ae:
aa:ee:d5:a9:ea:6b:8d:78:e0:e0:f4:d9:db:5c:19:
eb:ae:c3:77:b3:8e:14:c8:61:c8:77:38:fe:18:70:
9e:15:99:9c:25:a8:1b:93:82:25:0c:1c:6b:70:e2:
d4:29:f3:4f:a9:dd:8b:28:e2:0c:0a:b4:66:63:a5:
2b:56:99:03:1a:56:4c:83:70:c9:ab:a9:82:e7:5f:
87:6b:c9:bf:95:c0:c6:ab:a0:3e:31:45:d2:ef:8a:
f7:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:7F:44:66:BA:C3:AD:72:E4:DC:9F:01:64:B5:0D:EF:04:3A:0B:9D
X509v3 Authority Key Identifier:
keyid:17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/A39EZrrDrXLk3J8BZLUN7wQ6C50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.179.0/24
31.217.248.0/24
185.137.164.0/24
193.35.228.0/24
IPv6:
2a11:53c0::-2a11:53c5:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b8:90:ec:20:b2:5a:d0:cb:94:be:bd:9e:9b:72:2e:ff:73:89:
f6:37:1d:5f:09:43:03:9f:3d:4a:c6:25:8f:7e:06:87:58:b4:
72:9e:68:ec:ab:6d:bb:1f:ab:74:00:a6:f6:75:35:5c:52:5a:
d7:23:6b:4a:48:b3:e9:3b:67:d0:19:c2:66:0c:8d:44:1e:68:
3a:a2:3a:f5:8a:8b:c0:b0:86:c0:7b:fa:d8:be:bf:8f:be:fc:
22:f7:2d:8c:fc:98:71:9f:24:0c:b0:eb:64:5f:df:0e:b6:44:
10:3b:03:18:f4:f2:5c:ce:d4:63:f8:06:75:6a:3e:98:93:f8:
dc:2c:74:19:41:20:a8:34:fa:28:de:d4:e4:fa:8f:ff:d6:88:
4f:d4:52:90:c8:fb:04:ad:23:5f:0f:d6:32:90:22:52:a9:6f:
fd:74:83:1e:f0:b0:55:7f:96:9e:ad:7b:23:d5:b1:47:a4:3f:
65:d7:3b:eb:bf:66:c8:ef:25:19:22:7c:0c:4b:79:c5:46:49:
e7:bd:c4:02:7a:99:18:47:53:c8:8e:41:07:8c:2f:af:2a:28:
89:e7:93:0c:b2:21:e7:91:71:ad:19:d4:0e:86:5b:b6:e7:45:
8a:85:c5:e0:a6:27:bc:ac:6b:c0:d8:fe:f9:95:74:30:b4:4f:
ee:32:b1:56
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQjag38LjUIzY+5yPulu0C9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YjUwNDJmYzIwZDliYWIxNjc2ZTA5YWY3ZmYxYmE1YmZh
ZGFlNzUwHhcNMjUwMTAxMTk0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzdmNDQ2NmJhYzNhZDcyZTRkYzlmMDE2NGI1MGRlZjA0M2EwYjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHVAzNVGn9dSBk7+i/FlXvE37eDo
CxeQIqNcBDucs69VOtEen1UC2Cul0wANnkFANITC2cd7FGoaRj3060sIrSPcYTh5
oHc4msyH15MW3t8xNBNDAABMgqtwfpe+JaJnnzgkmQHqhzZS/Xcmug4xoPAIn4lP
Fa412Rd4bcq+otsbLMqhs8w2hJ92rYHMg4fgN79HYNeTppUryZqd2I/yDlH2Za6q
7tWp6muNeODg9NnbXBnrrsN3s44UyGHIdzj+GHCeFZmcJagbk4IlDBxrcOLUKfNP
qd2LKOIMCrRmY6UrVpkDGlZMg3DJq6mC51+Ha8m/lcDGq6A+MUXS74r3iwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAN/RGa6w61y5NyfAWS1De8EOgudMB8GA1UdIwQY
MBaAFBe1BC/CDZurFnbgmvf/G6W/ra51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQt
YmM2Nzk0ZTk1ZTVhLzEvQTM5RVpyckRyWExrM0o4QlpMVU43d1E2QzUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQtYmM2Nzk0ZTk1ZTVh
LzEvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQABbSzAwQA
H9n4AwQAuYmkAwQAwSPkMBYEAgACMBAwDgMFBioRU8ADBQEqEVPEMA0GCSqGSIb3
DQEBCwUAA4IBAQC4kOwgslrQy5S+vZ6bci7/c4n2Nx1fCUMDnz1KxiWPfgaHWLRy
nmjsq227H6t0AKb2dTVcUlrXI2tKSLPpO2fQGcJmDI1EHmg6ojr1iovAsIbAe/rY
vr+Pvvwi9y2M/JhxnyQMsOtkX98OtkQQOwMY9PJcztRj+AZ1aj6Yk/jcLHQZQSCo
NPoo3tTk+o//1ohP1FKQyPsErSNfD9YykCJSqW/9dIMe8LBVf5aerXsj1bFHpD9l
1zvrv2bI7yUZInwMS3nFRknnvcQCepkYR1PIjkEHjC+vKiiJ55MMsiHnkXGtGdQO
hlu250WKhcXgpie8rGvA2P75lXQwtE/uMrFW
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:57:00 2025 by rpki-client