Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/ISS1nVoFj6vql40oL7xs039XkbE.roa
File: ISS1nVoFj6vql40oL7xs039XkbE.roa (raw, json)
Hash identifier: Uj1JIR2yGWgQKTO1hh05hzaRctOY0c3hfi9SPLtZHjc=
Subject key identifier: 21:24:B5:9D:5A:05:8F:AB:EA:97:8D:28:2F:BC:6C:D3:7F:57:91:B1
Certificate issuer: /CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Certificate serial: 01942747882F56029E65649024DC9AAE7DF9
Authority key identifier: 56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/ISS1nVoFj6vql40oL7xs039XkbE.roa
Signing time: Thu 02 Jan 2025 13:49:46 +0000
ROA not before: Thu 02 Jan 2025 13:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8376
IP address blocks: 37.202.64.0/18 maxlen: 24
46.185.128.0/17 maxlen: 24
79.173.192.0/18 maxlen: 24
86.108.0.0/17 maxlen: 24
92.253.0.0/17 maxlen: 24
94.249.0.0/17 maxlen: 24
149.200.128.0/17 maxlen: 24
149.200.136.0/24 maxlen: 24
185.98.220.0/22 maxlen: 24
194.165.128.0/19 maxlen: 24
213.186.160.0/19 maxlen: 24
217.23.32.0/20 maxlen: 24
2a01:9700::/29 maxlen: 48
2a01:9700::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/VtDjso8r4z7FqdLKAKxkFVU2y8Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/VtDjso8r4z7FqdLKAKxkFVU2y8Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:88:2f:56:02:9e:65:64:90:24:dc:9a:ae:7d:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Validity
Not Before: Jan 2 13:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2124b59d5a058fabea978d282fbc6cd37f5791b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:82:e0:43:99:5a:7a:32:36:90:a5:af:9f:db:
11:b3:ca:5d:29:a9:62:17:4a:7d:6d:af:a3:8b:1f:
ae:7a:ab:8e:8a:01:0b:65:3c:d0:79:ce:e7:3c:40:
34:19:bb:8b:4c:77:2d:74:4b:28:a5:c4:ba:78:49:
ec:02:b6:a3:c3:4a:4a:56:7b:3d:22:53:7d:60:24:
55:f7:df:0e:2d:ca:e1:23:57:e8:7d:8d:89:76:df:
5c:66:8d:8d:67:dd:43:ab:a3:11:c3:48:1c:4a:af:
3b:99:09:9c:35:c4:5b:7a:29:77:f3:f8:de:e0:63:
e8:57:13:4d:42:0b:95:f0:f0:7f:f9:97:a8:0b:29:
38:9d:79:47:78:66:1f:ef:2f:a6:92:63:bf:d2:74:
0f:41:d3:bf:ac:b5:0c:f3:f7:db:32:65:79:ff:88:
45:7e:57:5a:d1:09:56:ea:c6:da:b4:1f:5b:2c:bf:
71:ee:a7:46:c3:09:43:7b:a4:82:45:14:2e:ac:bb:
c8:cf:41:91:05:7d:29:b3:58:75:ad:b8:a4:e1:60:
50:ac:8d:32:b2:98:f0:31:b6:7a:6f:d7:86:aa:2a:
df:0f:db:85:e0:ba:9a:81:fa:6d:26:32:20:de:91:
97:83:e7:68:28:5d:89:30:54:94:5b:a9:15:99:e1:
df:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:24:B5:9D:5A:05:8F:AB:EA:97:8D:28:2F:BC:6C:D3:7F:57:91:B1
X509v3 Authority Key Identifier:
keyid:56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/ISS1nVoFj6vql40oL7xs039XkbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/VtDjso8r4z7FqdLKAKxkFVU2y8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.64.0/18
46.185.128.0/17
79.173.192.0/18
86.108.0.0/17
92.253.0.0/17
94.249.0.0/17
149.200.128.0/17
185.98.220.0/22
194.165.128.0/19
213.186.160.0/19
217.23.32.0/20
IPv6:
2a01:9700::/29
Signature Algorithm: sha256WithRSAEncryption
02:39:a3:19:01:f3:4d:27:c2:00:af:80:52:2f:1f:18:57:49:
22:8f:84:b1:03:02:83:48:5a:70:04:f4:4e:59:80:41:96:4d:
0d:02:23:80:f7:bb:53:e3:3a:09:92:f9:df:cb:3b:52:a4:2e:
ea:f0:94:5d:69:eb:45:d2:ba:54:0d:56:ff:d4:1b:c5:c4:bd:
5f:b3:90:ea:d2:8f:83:5e:d3:ff:9a:f2:e9:03:65:48:9b:fb:
4f:e8:0a:63:36:02:d4:b1:6f:ca:71:f8:e8:c7:2a:13:36:5f:
cc:f6:83:65:1c:fe:20:ab:22:42:43:f4:0c:ff:99:0b:cc:0b:
4b:58:49:9a:b6:86:7e:24:d1:6e:60:ae:ab:d3:e2:fd:dd:14:
d1:42:dd:72:65:0c:9f:86:a9:09:35:73:c5:ee:88:6e:cb:2d:
f9:54:29:1b:ae:e4:7b:a8:f3:b2:e3:c9:e2:5a:bb:ba:2b:79:
29:fd:11:1c:75:97:3e:ec:a3:46:a2:14:f7:96:d7:7b:34:f1:
22:dc:b3:b5:d0:e3:62:95:55:af:2c:a1:a3:18:5f:c2:5a:a0:
0a:92:0a:57:8d:5f:2f:e8:32:71:30:45:54:75:3b:30:4a:94:
fb:11:f4:87:cb:28:65:9c:e6:c1:9e:23:f8:33:49:18:72:f2:
24:cc:8c:2d
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZQnR4gvVgKeZWSQJNyarn35MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZDBlM2IyOGYyYmUzM2VjNWE5ZDJjYTAwYWM2NDE1NTUz
NmNiYzYwHhcNMjUwMTAyMTM0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTI0YjU5ZDVhMDU4ZmFiZWE5NzhkMjgyZmJjNmNkMzdmNTc5MWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsILgQ5laejI2kKWvn9sRs8pdKali
F0p9ba+jix+uequOigELZTzQec7nPEA0GbuLTHctdEsopcS6eEnsArajw0pKVns9
IlN9YCRV998OLcrhI1fofY2Jdt9cZo2NZ91Dq6MRw0gcSq87mQmcNcRbeil38/je
4GPoVxNNQguV8PB/+ZeoCyk4nXlHeGYf7y+mkmO/0nQPQdO/rLUM8/fbMmV5/4hF
flda0QlW6sbatB9bLL9x7qdGwwlDe6SCRRQurLvIz0GRBX0ps1h1rbik4WBQrI0y
spjwMbZ6b9eGqirfD9uF4LqagfptJjIg3pGXg+doKF2JMFSUW6kVmeHfXwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFCEktZ1aBY+r6peNKC+8bNN/V5GxMB8GA1UdIwQY
MBaAFFbQ47KPK+M+xanSygCsZBVVNsvGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnREanNvOHI0ejdGcWRMS0FLeGtGVlUyeThZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9mZmJmNmEtNzJmMC00MDFmLWIyYzMt
OGI4ZDcyMTcyMDkwLzEvSVNTMW5Wb0ZqNnZxbDQwb0w3eHMwMzlYa2JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9mZmJmNmEtNzJmMC00MDFmLWIyYzMtOGI4ZDcyMTcyMDkw
LzEvVnREanNvOHI0ejdGcWRMS0FLeGtGVlUyeThZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQGJcpAAwQH
LrmAAwQGT63AAwQHVmwAAwQHXP0AAwQHXvkAAwQHlciAAwQCuWLcAwQFwqWAAwQF
1bqgAwQE2RcgMA0EAgACMAcDBQMqAZcAMA0GCSqGSIb3DQEBCwUAA4IBAQACOaMZ
AfNNJ8IAr4BSLx8YV0kij4SxAwKDSFpwBPROWYBBlk0NAiOA97tT4zoJkvnfyztS
pC7q8JRdaetF0rpUDVb/1BvFxL1fs5Dq0o+DXtP/mvLpA2VIm/tP6ApjNgLUsW/K
cfjoxyoTNl/M9oNlHP4gqyJCQ/QM/5kLzAtLWEmatoZ+JNFuYK6r0+L93RTRQt1y
ZQyfhqkJNXPF7ohuyy35VCkbruR7qPOy48niWru6K3kp/REcdZc+7KNGohT3ltd7
NPEi3LO10ONilVWvLKGjGF/CWqAKkgpXjV8v6DJxMEVUdTswSpT7EfSHyyhlnObB
niP4M0kYcvIkzIwt
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:34:34 2025 by rpki-client