Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/C_oSNiLJQr2X2tWdNCKyN24TSm8.roa
File: C_oSNiLJQr2X2tWdNCKyN24TSm8.roa (raw, json)
Hash identifier: IcdqvH5m6qHy6hFuO4JNBdZL3v6QYY5jNmE6MpBrvRY=
Subject key identifier: 0B:FA:12:36:22:C9:42:BD:97:DA:D5:9D:34:22:B2:37:6E:13:4A:6F
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 01951D620225FC8FFA0099653F17139E9BE5
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/C_oSNiLJQr2X2tWdNCKyN24TSm8.roa
Signing time: Wed 19 Feb 2025 08:45:17 +0000
ROA not before: Wed 19 Feb 2025 08:45:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.44.228.0/22 maxlen: 24
45.66.92.0/23 maxlen: 23
45.66.94.0/23 maxlen: 23
192.145.52.0/22 maxlen: 24
192.145.52.0/24 maxlen: 24
193.219.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 11:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1d:62:02:25:fc:8f:fa:00:99:65:3f:17:13:9e:9b:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Feb 19 08:45:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0bfa123622c942bd97dad59d3422b2376e134a6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:ec:14:2b:42:f0:99:8d:de:b1:85:b5:a4:b5:
26:9d:87:00:c6:97:b9:88:43:49:24:18:a8:80:40:
c5:8f:19:53:21:d3:d0:00:e3:d5:78:fc:0b:31:e7:
15:2f:9a:43:81:11:43:13:c0:78:1f:00:e0:ba:bd:
a0:b3:5c:51:98:44:d5:a2:fc:95:ed:85:08:3f:37:
3b:75:0a:95:d9:73:c7:d2:40:92:d2:97:80:07:c7:
3b:7e:03:a6:ec:ba:82:19:c2:0a:15:65:c7:e9:a7:
bf:5a:e6:ac:3e:70:a4:39:27:f5:1f:f4:69:99:fa:
bd:94:82:45:cc:a8:7e:44:c4:59:f5:b0:b8:f6:8e:
f2:b9:68:04:fb:d7:e3:14:82:70:e9:d7:3b:82:07:
ee:2e:af:ea:6b:71:d8:e6:41:04:a3:9e:fc:b2:eb:
46:67:94:09:66:8c:20:51:e1:79:6a:89:eb:55:45:
3c:ca:d5:4f:9e:cf:09:0a:f3:b9:c9:91:91:a1:bc:
f3:cd:15:33:b7:cd:59:14:0f:da:8d:6d:56:64:7d:
a8:56:45:0b:60:cc:cd:a1:ce:79:13:00:e7:c8:b3:
34:39:3e:30:bf:e4:87:4f:57:69:6b:6c:b8:96:86:
a9:86:1d:86:d6:eb:d0:60:a8:81:0f:d7:36:91:17:
96:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:FA:12:36:22:C9:42:BD:97:DA:D5:9D:34:22:B2:37:6E:13:4A:6F
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/C_oSNiLJQr2X2tWdNCKyN24TSm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.228.0/22
45.66.92.0/22
192.145.52.0/22
193.219.99.0/24
Signature Algorithm: sha256WithRSAEncryption
55:7c:e4:f4:18:d8:2a:f1:c1:3e:86:1b:95:c4:9a:82:5b:53:
6a:41:6e:7e:64:d9:cf:1a:1b:5c:be:e1:1f:56:db:88:7c:d8:
6d:85:a1:97:4c:92:e7:6a:60:89:a8:a6:42:48:00:32:78:44:
58:14:e2:88:3b:5a:a9:cb:5c:ab:26:a9:32:96:35:95:14:ce:
4b:3c:e3:ea:7c:f4:c4:16:f0:23:51:92:1c:8c:fe:0a:d8:06:
54:ad:2c:0a:a6:13:43:a1:22:62:49:42:34:36:dc:ec:27:d9:
16:e0:b7:67:cf:1e:5a:ea:3c:c2:f5:ff:3e:20:48:d6:72:39:
7b:c3:61:66:ef:18:55:dc:66:e5:5b:e6:70:d0:d2:14:63:7a:
8a:18:03:c1:9a:f5:cf:09:66:f8:a3:b5:00:cd:0b:87:07:9d:
ea:c1:5c:1e:85:d6:0e:41:d4:d4:62:31:1a:72:83:2d:54:d4:
bd:71:11:d9:71:2a:0a:f9:79:20:7e:4a:1e:80:52:1b:a8:62:
e4:14:f0:14:75:65:73:01:58:51:0b:bf:ef:7a:64:bc:17:a8:
f7:91:81:a5:cc:2b:88:98:f4:ba:5c:10:c3:2f:50:b8:68:d7:
36:77:35:93:f0:a9:ca:75:ab:ce:4e:d0:02:0c:6f:cc:65:26:
53:9e:25:d5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZUdYgIl/I/6AJllPxcTnpvlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjUwMjE5MDg0NTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmZhMTIzNjIyYzk0MmJkOTdkYWQ1OWQzNDIyYjIzNzZlMTM0YTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4uwUK0LwmY3esYW1pLUmnYcAxpe5
iENJJBiogEDFjxlTIdPQAOPVePwLMecVL5pDgRFDE8B4HwDgur2gs1xRmETVovyV
7YUIPzc7dQqV2XPH0kCS0peAB8c7fgOm7LqCGcIKFWXH6ae/WuasPnCkOSf1H/Rp
mfq9lIJFzKh+RMRZ9bC49o7yuWgE+9fjFIJw6dc7ggfuLq/qa3HY5kEEo578sutG
Z5QJZowgUeF5aonrVUU8ytVPns8JCvO5yZGRobzzzRUzt81ZFA/ajW1WZH2oVkUL
YMzNoc55EwDnyLM0OT4wv+SHT1dpa2y4loaphh2G1uvQYKiBD9c2kReWDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAv6EjYiyUK9l9rVnTQisjduE0pvMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvQ19vU05pTEpRcjJYMnRXZE5DS3lOMjRUU204LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJSzkAwQC
LUJcAwQCwJE0AwQAwdtjMA0GCSqGSIb3DQEBCwUAA4IBAQBVfOT0GNgq8cE+hhuV
xJqCW1NqQW5+ZNnPGhtcvuEfVtuIfNhthaGXTJLnamCJqKZCSAAyeERYFOKIO1qp
y1yrJqkyljWVFM5LPOPqfPTEFvAjUZIcjP4K2AZUrSwKphNDoSJiSUI0NtzsJ9kW
4Ldnzx5a6jzC9f8+IEjWcjl7w2Fm7xhV3GblW+Zw0NIUY3qKGAPBmvXPCWb4o7UA
zQuHB53qwVwehdYOQdTUYjEacoMtVNS9cRHZcSoK+XkgfkoegFIbqGLkFPAUdWVz
AVhRC7/vemS8F6j3kYGlzCuImPS6XBDDL1C4aNc2dzWT8KnKdavOTtACDG/MZSZT
niXV
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:40:18 2025 by rpki-client