Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/7wC4oMNInA2Taw9GOl0TsBd5Chs.roa
File: 7wC4oMNInA2Taw9GOl0TsBd5Chs.roa (raw, json)
Hash identifier: Y+hjW1w9d8Sxta14JSTR+YLyy5V7ORFwFyZ8y4XnEPM=
Subject key identifier: EF:00:B8:A0:C3:48:9C:0D:93:6B:0F:46:3A:5D:13:B0:17:79:0A:1B
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019537F8BD917677FFC1065FC00187D2B3C8
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/7wC4oMNInA2Taw9GOl0TsBd5Chs.roa
Signing time: Mon 24 Feb 2025 12:40:03 +0000
ROA not before: Mon 24 Feb 2025 12:40:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209854
IP address blocks: 45.144.227.0/24 maxlen: 24
62.197.144.0/24 maxlen: 24
62.197.145.0/24 maxlen: 24
62.197.146.0/24 maxlen: 24
62.197.147.0/24 maxlen: 24
62.197.148.0/24 maxlen: 24
62.197.149.0/24 maxlen: 24
62.197.150.0/24 maxlen: 24
62.197.151.0/24 maxlen: 24
62.197.152.0/24 maxlen: 24
62.197.153.0/24 maxlen: 24
62.197.154.0/23 maxlen: 24
62.197.156.0/23 maxlen: 24
62.197.158.0/24 maxlen: 24
62.197.159.0/24 maxlen: 24
91.190.101.0/24 maxlen: 24
92.62.120.0/24 maxlen: 24
92.62.121.0/24 maxlen: 24
92.62.122.0/23 maxlen: 24
185.244.139.0/24 maxlen: 24
194.169.168.0/24 maxlen: 24
194.169.169.0/24 maxlen: 24
194.169.170.0/23 maxlen: 24
212.119.32.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:f8:bd:91:76:77:ff:c1:06:5f:c0:01:87:d2:b3:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 24 12:40:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef00b8a0c3489c0d936b0f463a5d13b017790a1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:df:bf:ee:e1:95:49:5d:84:ab:59:48:ea:1c:
b4:0c:c6:8c:c0:cd:cb:31:3a:38:ba:7f:2f:89:18:
d9:00:95:e9:40:6f:94:8c:84:07:0c:6f:e4:5a:2e:
21:e2:03:af:11:66:97:3e:7a:60:d9:36:6e:23:b6:
1c:94:96:6a:e0:20:b6:d5:9e:c9:6b:35:93:8d:3a:
32:22:84:a5:67:43:e0:02:b6:86:2a:ec:7a:10:21:
a8:1d:52:b9:fd:df:85:bd:9c:14:29:2d:f8:ef:57:
17:71:93:a2:ad:e5:b7:2e:09:61:1a:1e:18:f3:62:
50:1a:88:04:be:53:db:53:ec:94:c2:a5:ef:d4:c1:
ab:71:94:37:84:8c:55:ba:0a:41:94:6f:36:27:ef:
a7:5a:9c:49:35:7c:6a:0e:70:ce:ae:12:9b:cd:48:
5e:ec:17:b0:68:e0:36:8d:c4:4b:f0:b6:fd:d7:7a:
26:ea:91:12:4d:8b:0f:d7:59:31:8a:a9:fc:60:49:
11:ab:b4:0e:c7:74:8a:86:82:63:39:2b:c3:24:8d:
0a:db:93:3f:65:e8:fa:d2:e5:18:c6:cd:59:ed:c0:
ac:c0:1f:1b:2f:b5:20:7d:55:7c:ff:66:c2:5a:5a:
d8:cf:44:47:f7:d3:1b:bb:92:3a:52:d7:ac:c9:cc:
85:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:00:B8:A0:C3:48:9C:0D:93:6B:0F:46:3A:5D:13:B0:17:79:0A:1B
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/7wC4oMNInA2Taw9GOl0TsBd5Chs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.227.0/24
62.197.144.0/20
91.190.101.0/24
92.62.120.0/22
185.244.139.0/24
194.169.168.0/22
212.119.32.0/23
Signature Algorithm: sha256WithRSAEncryption
43:84:6e:ee:3f:7d:21:aa:13:4f:0e:fb:fc:bb:fb:16:02:00:
e2:bf:c2:04:8d:22:31:67:c2:2b:ef:fe:8e:93:fc:d1:0b:30:
88:66:30:80:a8:bd:82:2b:d2:0a:ff:50:1d:30:a4:7a:55:8d:
a2:b8:90:88:8f:25:e9:c7:22:be:47:56:97:a6:2e:98:75:9c:
ad:4d:aa:af:db:7f:a9:ea:5b:a4:ac:71:e0:97:b4:07:ca:49:
d3:9b:b4:0f:6e:75:75:c8:59:2d:fe:5e:9e:3f:f1:4a:a8:91:
5d:7e:48:dd:f9:0f:31:30:1c:59:bf:90:e2:44:9a:9b:34:fc:
4a:40:4f:f1:2d:e7:6e:2c:2c:f6:8b:81:63:ff:09:10:02:2d:
c1:71:2f:f2:2b:4f:32:e7:62:f6:52:b0:93:b2:c5:a9:c3:44:
7a:b9:7e:54:7b:fc:39:0c:06:05:ea:83:f4:cd:18:88:16:0a:
db:3f:db:1c:61:b2:9a:c0:10:99:fc:44:bd:34:e9:ef:3d:5d:
45:ce:b1:d0:20:59:60:fb:9e:07:bc:b3:5a:38:07:0b:29:d3:
ec:00:ec:5d:bf:b0:2d:00:2f:83:a6:24:bd:a7:05:92:6f:32:
8b:07:d1:af:b0:c2:09:8c:56:6a:b5:96:c1:c9:20:c4:5b:55:
6b:25:8e:1e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZU3+L2Rdnf/wQZfwAGH0rPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwMjI0MTI0MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjAwYjhhMGMzNDg5YzBkOTM2YjBmNDYzYTVkMTNiMDE3NzkwYTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAut+/7uGVSV2Eq1lI6hy0DMaMwM3L
MTo4un8viRjZAJXpQG+UjIQHDG/kWi4h4gOvEWaXPnpg2TZuI7YclJZq4CC21Z7J
azWTjToyIoSlZ0PgAraGKux6ECGoHVK5/d+FvZwUKS3471cXcZOireW3LglhGh4Y
82JQGogEvlPbU+yUwqXv1MGrcZQ3hIxVugpBlG82J++nWpxJNXxqDnDOrhKbzUhe
7BewaOA2jcRL8Lb913om6pESTYsP11kxiqn8YEkRq7QOx3SKhoJjOSvDJI0K25M/
Zej60uUYxs1Z7cCswB8bL7UgfVV8/2bCWlrYz0RH99Mbu5I6UtesycyFgwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFO8AuKDDSJwNk2sPRjpdE7AXeQobMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvN3dDNG9NTkluQTJUYXc5R09sMFRzQmQ1Q2hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALZDjAwQE
PsWQAwQAW75lAwQCXD54AwQAufSLAwQCwqmoAwQB1HcgMA0GCSqGSIb3DQEBCwUA
A4IBAQBDhG7uP30hqhNPDvv8u/sWAgDiv8IEjSIxZ8Ir7/6Ok/zRCzCIZjCAqL2C
K9IK/1AdMKR6VY2iuJCIjyXpxyK+R1aXpi6YdZytTaqv23+p6lukrHHgl7QHyknT
m7QPbnV1yFkt/l6eP/FKqJFdfkjd+Q8xMBxZv5DiRJqbNPxKQE/xLeduLCz2i4Fj
/wkQAi3BcS/yK08y52L2UrCTssWpw0R6uX5Ue/w5DAYF6oP0zRiIFgrbP9scYbKa
wBCZ/ES9NOnvPV1FzrHQIFlg+54HvLNaOAcLKdPsAOxdv7AtAC+DpiS9pwWSbzKL
B9GvsMIJjFZqtZbBySDEW1VrJY4e
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:35:04 2025 by rpki-client