Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/BegdDrTAjfq3QF_xE0SFA-JsmmY.roa
File: BegdDrTAjfq3QF_xE0SFA-JsmmY.roa (raw, json)
Hash identifier: UdhM2lVwgozCDdJmvHRy0hTuIS1j9lD7X7Mun/eqHgw=
Subject key identifier: 05:E8:1D:0E:B4:C0:8D:FA:B7:40:5F:F1:13:44:85:03:E2:6C:9A:66
Certificate issuer: /CN=19f1a9dd126f37237ce200fb8616ff937bca966c
Certificate serial: 01942067F29B2830E4C07B39221B2039E531
Authority key identifier: 19:F1:A9:DD:12:6F:37:23:7C:E2:00:FB:86:16:FF:93:7B:CA:96:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GfGp3RJvNyN84gD7hhb_k3vKlmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/BegdDrTAjfq3QF_xE0SFA-JsmmY.roa
Signing time: Wed 01 Jan 2025 05:47:50 +0000
ROA not before: Wed 01 Jan 2025 05:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49467
IP address blocks: 37.152.72.0/24 maxlen: 24
37.152.73.0/24 maxlen: 24
37.152.74.0/24 maxlen: 24
37.152.75.0/24 maxlen: 24
37.152.76.0/24 maxlen: 24
85.95.224.0/24 maxlen: 24
85.95.225.0/24 maxlen: 24
85.95.226.0/24 maxlen: 24
85.95.227.0/24 maxlen: 24
85.95.228.0/24 maxlen: 24
85.95.229.0/24 maxlen: 24
85.95.230.0/24 maxlen: 24
85.95.231.0/24 maxlen: 24
85.95.232.0/24 maxlen: 24
85.95.233.0/24 maxlen: 24
85.95.234.0/24 maxlen: 24
85.95.235.0/24 maxlen: 24
85.95.236.0/24 maxlen: 24
85.95.245.0/24 maxlen: 24
85.95.246.0/24 maxlen: 24
85.95.247.0/24 maxlen: 24
85.95.248.0/24 maxlen: 24
85.95.249.0/24 maxlen: 24
85.95.250.0/24 maxlen: 24
85.95.251.0/24 maxlen: 24
85.95.252.0/24 maxlen: 24
85.95.253.0/24 maxlen: 24
85.95.254.0/24 maxlen: 24
92.42.32.0/24 maxlen: 24
92.42.33.0/24 maxlen: 24
92.42.34.0/24 maxlen: 24
92.42.35.0/24 maxlen: 24
92.42.36.0/24 maxlen: 24
92.42.37.0/24 maxlen: 24
92.42.38.0/24 maxlen: 24
92.42.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/GfGp3RJvNyN84gD7hhb_k3vKlmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/GfGp3RJvNyN84gD7hhb_k3vKlmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/GfGp3RJvNyN84gD7hhb_k3vKlmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:f2:9b:28:30:e4:c0:7b:39:22:1b:20:39:e5:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19f1a9dd126f37237ce200fb8616ff937bca966c
Validity
Not Before: Jan 1 05:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05e81d0eb4c08dfab7405ff113448503e26c9a66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ce:56:ba:8f:bd:0b:96:72:9e:e6:66:4c:3d:
a8:14:5b:a4:1d:cc:0d:0d:0a:6b:68:5c:27:c2:67:
30:9e:8d:82:7a:7b:1d:74:81:ec:9d:64:f7:0d:25:
b4:dc:8a:6b:4b:8d:4a:2b:19:91:57:e1:f4:f4:7e:
66:ee:46:31:e0:cf:89:ad:a3:bd:7c:74:93:d8:e2:
40:33:94:5c:6a:60:18:07:ce:be:51:57:fd:10:65:
17:1e:a6:25:a7:07:9e:4e:b2:62:b9:54:15:de:93:
18:ff:0e:dc:9a:0a:42:b9:4a:c1:51:bf:99:50:38:
2f:cc:20:19:4a:4e:15:6f:f5:f3:45:70:41:5c:f7:
b4:c7:fb:0c:d9:40:92:a5:cd:b3:85:0e:d2:89:f7:
f2:61:7d:50:c5:00:4c:17:7c:1b:5a:9a:ef:08:41:
b5:b4:55:ab:40:2f:50:1f:db:2b:2c:40:3a:50:d3:
2f:95:dc:86:73:2a:e9:c8:68:95:81:6f:72:ed:0d:
83:e9:21:a9:63:79:b0:f7:d3:e4:b3:04:be:ec:3b:
ff:59:06:c1:d9:69:bc:4b:36:46:c4:c2:1e:72:6e:
2e:49:25:a2:24:85:18:7a:0f:8b:33:a8:a0:76:99:
0e:00:26:78:9c:bf:c2:20:ba:9b:17:14:d7:a9:ef:
dc:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:E8:1D:0E:B4:C0:8D:FA:B7:40:5F:F1:13:44:85:03:E2:6C:9A:66
X509v3 Authority Key Identifier:
keyid:19:F1:A9:DD:12:6F:37:23:7C:E2:00:FB:86:16:FF:93:7B:CA:96:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GfGp3RJvNyN84gD7hhb_k3vKlmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/BegdDrTAjfq3QF_xE0SFA-JsmmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/GfGp3RJvNyN84gD7hhb_k3vKlmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.152.72.0-37.152.76.255
85.95.224.0-85.95.236.255
85.95.245.0-85.95.254.255
92.42.32.0/21
Signature Algorithm: sha256WithRSAEncryption
18:0d:ed:d4:90:61:87:aa:8a:c1:60:7b:60:2d:92:8d:52:a7:
d0:43:d3:59:32:81:cd:dc:c5:54:bd:46:1f:ad:c7:ee:0c:90:
93:6c:04:89:7e:af:2e:34:3c:e9:60:bf:bd:78:2b:11:8b:f7:
68:fc:54:3c:65:13:ae:8b:6d:58:b6:1d:0f:de:45:82:8f:c5:
9f:5d:7c:4f:17:0c:d6:ea:2d:af:91:a2:9e:6e:df:07:62:ec:
61:66:92:71:e3:97:86:52:1f:c9:a1:4d:e4:03:48:e8:0b:ca:
9f:ac:dd:25:23:c5:35:4c:e8:12:90:e3:d6:e7:10:c1:3f:85:
b5:fe:35:59:95:02:d3:3a:c6:05:38:66:a7:0a:a8:10:47:08:
c3:7c:c1:ac:10:47:c2:97:16:0a:15:7e:90:8d:a5:38:7a:77:
a0:20:68:7f:a5:0e:4b:2d:62:a3:d8:10:17:d3:80:f3:e8:ba:
00:0d:fd:37:ed:0f:76:85:00:57:db:26:fe:5e:3c:d0:6f:79:
d9:5c:00:e2:ac:ee:23:e1:7f:79:8a:33:04:b4:0d:06:92:a1:
3c:87:a7:a8:5d:80:ab:bd:b8:1f:3d:d2:7f:84:7f:40:07:65:
f5:89:2c:02:bf:80:c0:6a:c1:c3:fa:01:a7:92:ee:1c:72:6b:
16:74:79:5e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQgZ/KbKDDkwHs5IhsgOeUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZjFhOWRkMTI2ZjM3MjM3Y2UyMDBmYjg2MTZmZjkzN2Jj
YTk2NmMwHhcNMjUwMTAxMDU0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWU4MWQwZWI0YzA4ZGZhYjc0MDVmZjExMzQ0ODUwM2UyNmM5YTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh85Wuo+9C5ZynuZmTD2oFFukHcwN
DQpraFwnwmcwno2CensddIHsnWT3DSW03IprS41KKxmRV+H09H5m7kYx4M+JraO9
fHST2OJAM5RcamAYB86+UVf9EGUXHqYlpweeTrJiuVQV3pMY/w7cmgpCuUrBUb+Z
UDgvzCAZSk4Vb/XzRXBBXPe0x/sM2UCSpc2zhQ7SiffyYX1QxQBMF3wbWprvCEG1
tFWrQC9QH9srLEA6UNMvldyGcyrpyGiVgW9y7Q2D6SGpY3mw99PkswS+7Dv/WQbB
2Wm8SzZGxMIecm4uSSWiJIUYeg+LM6igdpkOACZ4nL/CILqbFxTXqe/ceQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAXoHQ60wI36t0Bf8RNEhQPibJpmMB8GA1UdIwQY
MBaAFBnxqd0SbzcjfOIA+4YW/5N7ypZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZHcDNSSnZOeU44NGdEN2hoYl9rM3ZLbG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9mOGE2M2QtMTczMC00ZDg4LWFiMzgt
M2ZkMzA5ODhmNjc3LzEvQmVnZERyVEFqZnEzUUZfeEUwU0ZBLUpzbW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9mOGE2M2QtMTczMC00ZDg4LWFiMzgtM2ZkMzA5ODhmNjc3
LzEvR2ZHcDNSSnZOeU44NGdEN2hoYl9rM3ZLbG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwMAwDBAMlmEgD
BAAlmEwwDAMEBVVf4AMEAFVf7DAMAwQAVV/1AwQAVV/+AwQDXCogMA0GCSqGSIb3
DQEBCwUAA4IBAQAYDe3UkGGHqorBYHtgLZKNUqfQQ9NZMoHN3MVUvUYfrcfuDJCT
bASJfq8uNDzpYL+9eCsRi/do/FQ8ZROui21Yth0P3kWCj8WfXXxPFwzW6i2vkaKe
bt8HYuxhZpJx45eGUh/JoU3kA0joC8qfrN0lI8U1TOgSkOPW5xDBP4W1/jVZlQLT
OsYFOGanCqgQRwjDfMGsEEfClxYKFX6QjaU4enegIGh/pQ5LLWKj2BAX04Dz6LoA
Df037Q92hQBX2yb+XjzQb3nZXADirO4j4X95ijMEtA0GkqE8h6eoXYCrvbgfPdJ/
hH9AB2X1iSwCv4DAasHD+gGnku4ccmsWdHle
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:44:44 2025 by rpki-client