Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/iMF3-wEOlEl8-fxeAaHN9OVNbhc.roa
File: iMF3-wEOlEl8-fxeAaHN9OVNbhc.roa (raw, json)
Hash identifier: xx7mxxpfQw9bcoEorpPJnh7FfLm+6U0hCgXVcjiH2os=
Subject key identifier: 88:C1:77:FB:01:0E:94:49:7C:F9:FC:5E:01:A1:CD:F4:E5:4D:6E:17
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0195F5C2A8C5D768E66E0CF3F29A6BD085E7
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/iMF3-wEOlEl8-fxeAaHN9OVNbhc.roa
Signing time: Wed 02 Apr 2025 09:08:49 +0000
ROA not before: Wed 02 Apr 2025 09:08:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 64.226.54.0/23 maxlen: 23
64.226.156.0/22 maxlen: 22
2a0e:1a80:1::/48 maxlen: 48
2a0e:c785:1::/48 maxlen: 48
2a0e:f200::/48 maxlen: 48
2a0f:1e80:d9a8::/48 maxlen: 48
2a0f:3d80:bac::/48 maxlen: 48
2a0f:7d06:102::/48 maxlen: 48
2a0f:e847:acab::/48 maxlen: 48
2a10:67c2:3::/48 maxlen: 48
2a12:ac43:1::/48 maxlen: 48
2a12:ac45::/32 maxlen: 32
2a13:18c0:2::/48 maxlen: 48
2a13:e103::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 16:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f5:c2:a8:c5:d7:68:e6:6e:0c:f3:f2:9a:6b:d0:85:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 2 09:08:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88c177fb010e94497cf9fc5e01a1cdf4e54d6e17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:54:5d:f4:b8:d4:3d:e9:3d:bc:cc:e7:e0:e2:
d6:62:cf:39:52:a2:69:79:ba:1a:a0:d4:02:28:ed:
fd:61:b5:1d:f2:11:17:1e:af:ab:7d:2a:0d:3c:2b:
13:f6:8d:4a:5e:3e:84:aa:e4:0b:4e:76:c1:31:0b:
7e:27:e5:a6:40:c7:9b:97:06:29:8f:06:49:b3:6b:
f1:f2:da:69:fa:4d:fd:01:f0:f9:fc:b7:7f:17:4f:
d1:b6:de:a9:9c:d4:b6:c3:ac:bd:b9:cc:4f:66:a9:
d2:52:d2:0e:07:2a:82:94:fa:da:ef:d6:10:8c:46:
1e:30:6a:34:3b:1c:71:1b:05:7a:60:5e:ad:c8:a3:
ce:f0:c0:fe:23:21:4f:32:cf:05:1d:f9:77:9c:7d:
15:03:ce:86:14:77:fc:2c:c5:a7:74:e0:5c:ab:07:
32:68:a8:4a:0a:74:ec:72:54:0b:3f:29:d0:2d:c7:
dc:af:a9:60:83:39:ec:c9:0e:fb:ee:a6:9b:fb:d7:
24:62:60:e9:50:4c:09:57:d9:a8:0b:13:90:f5:ef:
b4:0f:cf:f2:fd:0e:af:37:55:5b:7e:3c:6a:5d:88:
68:4a:8c:59:75:7f:9a:67:8a:d6:d5:85:4f:7e:d2:
52:39:fc:bc:04:30:d9:c4:65:db:8c:44:54:38:5d:
1c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C1:77:FB:01:0E:94:49:7C:F9:FC:5E:01:A1:CD:F4:E5:4D:6E:17
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/iMF3-wEOlEl8-fxeAaHN9OVNbhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.226.54.0/23
64.226.156.0/22
IPv6:
2a0e:1a80:1::/48
2a0e:c785:1::/48
2a0e:f200::/48
2a0f:1e80:d9a8::/48
2a0f:3d80:bac::/48
2a0f:7d06:102::/48
2a0f:e847:acab::/48
2a10:67c2:3::/48
2a12:ac43:1::/48
2a12:ac45::/32
2a13:18c0:2::/48
2a13:e103::/32
Signature Algorithm: sha256WithRSAEncryption
37:ec:6a:d5:3e:a2:de:d7:b0:ad:1d:51:b3:a8:0f:64:90:c8:
79:93:30:f3:98:89:a9:38:67:5e:2f:18:59:11:24:5f:8d:bb:
a5:5c:58:ab:c0:fe:47:44:95:b5:44:c9:98:8a:52:e8:b6:45:
79:f1:27:7e:a0:08:99:4e:53:45:d0:a4:6e:7e:b4:0a:a2:bf:
07:9e:7b:6a:05:44:a5:25:e2:9a:93:ea:5d:bd:24:c3:0a:4b:
97:96:4f:d5:1b:69:d4:07:4b:b8:0f:7e:ec:b2:66:62:92:63:
a3:04:9c:c2:ca:cc:29:33:18:09:ce:77:74:21:35:cf:74:56:
47:84:ad:36:5c:de:dc:06:a0:f8:ba:59:81:c9:65:e2:db:c4:
5b:6c:54:e0:26:22:1b:9b:22:f2:b6:8a:f8:81:2a:1a:81:4a:
76:e3:87:38:ac:3b:52:57:3c:ab:73:fe:f6:fb:4d:b2:01:60:
ca:14:77:4e:3c:2e:59:8c:01:74:c2:6f:46:01:32:ec:95:8a:
0f:22:e2:5b:da:0a:7e:b1:32:d1:0c:d3:5e:80:a2:81:6c:18:
f4:12:74:7a:f7:b6:32:1d:2b:24:a4:d6:5a:67:3e:2a:90:8d:
ef:a2:80:07:03:fe:bc:4b:75:54:83:7f:14:17:ea:a2:29:70:
67:a2:0f:6b
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAZX1wqjF12jmbgzz8ppr0IXnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNDAyMDkwODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGMxNzdmYjAxMGU5NDQ5N2NmOWZjNWUwMWExY2RmNGU1NGQ2ZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlRd9LjUPek9vMzn4OLWYs85UqJp
eboaoNQCKO39YbUd8hEXHq+rfSoNPCsT9o1KXj6EquQLTnbBMQt+J+WmQMeblwYp
jwZJs2vx8tpp+k39AfD5/Ld/F0/Rtt6pnNS2w6y9ucxPZqnSUtIOByqClPra79YQ
jEYeMGo0OxxxGwV6YF6tyKPO8MD+IyFPMs8FHfl3nH0VA86GFHf8LMWndOBcqwcy
aKhKCnTsclQLPynQLcfcr6lggznsyQ777qab+9ckYmDpUEwJV9moCxOQ9e+0D8/y
/Q6vN1VbfjxqXYhoSoxZdX+aZ4rW1YVPftJSOfy8BDDZxGXbjERUOF0cgwIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFIjBd/sBDpRJfPn8XgGhzfTlTW4XMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvaU1GMy13RU9sRWw4LWZ4ZUFhSE45T1ZOYmhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDASBAIAATAMAwQBQOI2
AwQCQOKcMG4EAgACMGgDBwAqDhqAAAEDBwAqDseFAAEDBwAqDvIAAAADBwAqDx6A
2agDBwAqDz2AC6wDBwAqD30GAQIDBwAqD+hHrKsDBwAqEGfCAAMDBwAqEqxDAAED
BQAqEqxFAwcAKhMYwAACAwUAKhPhAzANBgkqhkiG9w0BAQsFAAOCAQEAN+xq1T6i
3tewrR1Rs6gPZJDIeZMw85iJqThnXi8YWREkX427pVxYq8D+R0SVtUTJmIpS6LZF
efEnfqAImU5TRdCkbn60CqK/B557agVEpSXimpPqXb0kwwpLl5ZP1Rtp1AdLuA9+
7LJmYpJjowScwsrMKTMYCc53dCE1z3RWR4StNlze3Aag+LpZgcll4tvEW2xU4CYi
G5si8raK+IEqGoFKduOHOKw7Ulc8q3P+9vtNsgFgyhR3TjwuWYwBdMJvRgEy7JWK
DyLiW9oKfrEy0QzTXoCigWwY9BJ0eve2Mh0rJKTWWmc+KpCN76KABwP+vEt1VIN/
FBfqoilwZ6IPaw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:07:34 2025 by rpki-client