Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/aZ8OKHhKdBhsmK1oNkifpmQtjJM.roa
File: aZ8OKHhKdBhsmK1oNkifpmQtjJM.roa (raw, json)
Hash identifier: YCnm10DG8eP5owKz+L8MyHybVtjTAg3FnFyPKxU2o1o=
Subject key identifier: 69:9F:0E:28:78:4A:74:18:6C:98:AD:68:36:48:9F:A6:64:2D:8C:93
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0194228D29499E555E3B2EFD102AA6A76E36
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/aZ8OKHhKdBhsmK1oNkifpmQtjJM.roa
Signing time: Wed 01 Jan 2025 15:47:43 +0000
ROA not before: Wed 01 Jan 2025 15:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31213
IP address blocks: 37.28.160.0/21 maxlen: 21
37.28.168.0/21 maxlen: 21
37.29.48.0/21 maxlen: 21
37.29.56.0/21 maxlen: 21
37.29.64.0/22 maxlen: 22
37.29.68.0/23 maxlen: 23
37.29.70.0/24 maxlen: 24
37.29.71.0/24 maxlen: 24
78.25.96.0/21 maxlen: 21
78.25.104.0/22 maxlen: 22
78.25.108.0/22 maxlen: 22
78.25.120.0/22 maxlen: 22
83.149.0.0/21 maxlen: 21
85.26.128.0/20 maxlen: 20
85.26.208.0/22 maxlen: 22
85.26.212.0/22 maxlen: 22
85.26.216.0/22 maxlen: 22
85.26.220.0/22 maxlen: 22
85.26.248.0/22 maxlen: 22
85.26.252.0/22 maxlen: 22
94.25.208.0/22 maxlen: 22
94.25.216.0/21 maxlen: 21
94.25.224.0/21 maxlen: 21
94.25.228.0/23 maxlen: 23
94.25.232.0/21 maxlen: 21
109.188.128.0/17 maxlen: 17
128.204.74.0/24 maxlen: 24
128.204.75.0/24 maxlen: 24
176.106.130.0/24 maxlen: 24
176.106.131.0/24 maxlen: 24
178.178.224.0/24 maxlen: 24
178.178.225.0/24 maxlen: 24
178.178.226.0/24 maxlen: 24
178.178.227.0/24 maxlen: 24
188.162.64.0/23 maxlen: 23
188.170.65.0/24 maxlen: 24
188.170.66.0/24 maxlen: 24
188.170.67.0/24 maxlen: 24
188.170.68.0/24 maxlen: 24
188.170.72.0/21 maxlen: 21
188.170.80.0/21 maxlen: 21
188.170.92.0/22 maxlen: 22
2a03:d000::/40 maxlen: 40
2a03:d000::/41 maxlen: 41
2a03:d000:80::/41 maxlen: 41
2a03:d000:100::/40 maxlen: 40
2a03:d000:100::/41 maxlen: 41
2a03:d000:180::/41 maxlen: 41
2a03:d000:200::/41 maxlen: 41
2a03:d000:280::/41 maxlen: 41
2a03:d000:301::/48 maxlen: 48
2a03:d000:400::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 23:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:29:49:9e:55:5e:3b:2e:fd:10:2a:a6:a7:6e:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 15:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=699f0e28784a74186c98ad6836489fa6642d8c93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:df:d3:68:0a:0c:bf:8b:fc:bf:21:14:33:e4:
e4:c5:1e:51:76:34:a7:f4:07:8c:ef:f7:8d:01:41:
2c:a7:a5:11:0c:cd:54:37:b9:7b:e3:d9:e2:6b:b1:
82:1a:25:34:c4:4a:55:52:a2:6a:33:73:c5:3b:df:
5b:db:8d:a5:6f:66:92:cc:2d:ee:0e:a4:ca:2f:58:
15:db:3b:92:70:b1:6e:6a:05:fb:a4:b9:9f:08:23:
4f:09:be:f2:49:41:53:6e:78:0e:61:70:13:e1:e0:
00:f4:7b:da:d8:b9:11:7e:85:14:6d:fe:64:b8:b0:
3b:ee:88:c2:9a:2a:62:c3:74:bb:87:14:41:1f:b5:
20:48:4f:ac:aa:14:c5:da:46:b3:92:ba:c8:90:94:
b2:7e:8b:cf:5c:62:3e:96:a5:7e:ba:b6:21:50:7d:
55:08:c7:2b:41:e4:08:b4:25:12:00:c8:95:7f:44:
2e:98:c5:f8:b4:4d:f9:c5:26:d8:96:7f:33:a2:4c:
a2:6e:5e:70:40:4f:bc:6e:6f:7a:63:2f:54:ba:a2:
1e:b9:e7:10:94:f7:67:8c:a9:00:b8:13:ae:bf:a8:
4a:95:b9:bc:52:fe:4f:88:b0:3b:db:13:6d:dc:89:
08:17:09:20:b4:07:ef:0c:f5:cf:6a:50:3b:6d:bd:
5d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:9F:0E:28:78:4A:74:18:6C:98:AD:68:36:48:9F:A6:64:2D:8C:93
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/aZ8OKHhKdBhsmK1oNkifpmQtjJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.160.0/20
37.29.48.0-37.29.71.255
78.25.96.0/20
78.25.120.0/22
83.149.0.0/21
85.26.128.0/20
85.26.208.0/20
85.26.248.0/21
94.25.208.0/22
94.25.216.0-94.25.239.255
109.188.128.0/17
128.204.74.0/23
176.106.130.0/23
178.178.224.0/22
188.162.64.0/23
188.170.65.0-188.170.68.255
188.170.72.0-188.170.87.255
188.170.92.0/22
IPv6:
2a03:d000::-2a03:d000:2ff:ffff:ffff:ffff:ffff:ffff
2a03:d000:301::/48
2a03:d000:400::/40
Signature Algorithm: sha256WithRSAEncryption
9a:92:5c:bb:92:0f:bb:94:1c:4a:97:11:55:3f:08:5b:89:2a:
40:a3:80:08:3d:34:f1:ab:eb:38:a5:9d:51:88:6e:74:0f:49:
fe:ef:66:cd:1e:7f:1d:e4:c5:e1:05:52:0a:eb:52:f0:33:8e:
37:58:19:b9:2c:2e:f5:c0:79:89:72:f6:49:28:37:93:00:4b:
d4:a9:a1:fe:53:1a:01:e3:9e:bf:50:b5:6a:37:6f:c2:94:1a:
94:f4:1a:f1:ae:a2:5b:dd:95:8c:6d:0a:e8:53:62:65:97:af:
c5:e9:ed:b9:db:c1:54:eb:4a:68:dc:06:60:a3:3a:25:bd:5a:
b7:96:f8:9f:87:ac:71:53:f4:98:a6:42:f3:be:16:9c:5c:e6:
30:ab:21:1c:d8:57:91:47:56:a1:8c:b7:27:12:14:2b:94:96:
88:8b:36:28:57:19:b5:58:3b:95:da:2f:86:86:13:b3:44:9a:
77:cc:f3:38:52:22:e1:3c:69:f9:be:97:05:e2:ae:7d:f5:60:
e2:8c:81:43:e7:2b:ea:7b:37:d2:db:94:80:db:dd:59:2a:ee:
3f:56:31:d0:4a:e5:2b:8d:93:41:94:f1:68:52:29:7a:ec:68:
84:8e:52:5a:96:f4:55:58:16:97:44:36:5f:8c:c1:68:fd:2f:
cf:70:73:c7
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgISAZQijSlJnlVeOy79ECqmp242MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjUwMTAxMTU0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTlmMGUyODc4NGE3NDE4NmM5OGFkNjgzNjQ4OWZhNjY0MmQ4YzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkt/TaAoMv4v8vyEUM+TkxR5RdjSn
9AeM7/eNAUEsp6URDM1UN7l749nia7GCGiU0xEpVUqJqM3PFO99b242lb2aSzC3u
DqTKL1gV2zuScLFuagX7pLmfCCNPCb7ySUFTbngOYXAT4eAA9Hva2LkRfoUUbf5k
uLA77ojCmipiw3S7hxRBH7UgSE+sqhTF2kazkrrIkJSyfovPXGI+lqV+urYhUH1V
CMcrQeQItCUSAMiVf0QumMX4tE35xSbYln8zokyibl5wQE+8bm96Yy9UuqIeuecQ
lPdnjKkAuBOuv6hKlbm8Uv5PiLA72xNt3IkIFwkgtAfvDPXPalA7bb1djQIDAQAB
o4ICvTCCArkwHQYDVR0OBBYEFGmfDih4SnQYbJitaDZIn6ZkLYyTMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvYVo4T0tIaEtkQmhzbUsxb05raWZwbVF0akpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHSBggrBgEFBQcBBwEB/wSBwjCBvzCBkwQCAAEwgYwDBAQl
HKAwDAMEBCUdMAMEAyUdQAMEBE4ZYAMEAk4ZeAMEA1OVAAMEBFUagAMEBFUa0AME
A1Ua+AMEAl4Z0DAMAwQDXhnYAwQEXhngAwQHbbyAAwQBgMxKAwQBsGqCAwQCsrLg
AwQBvKJAMAwDBAC8qkEDBAC8qkQwDAMEA7yqSAMEA7yqUAMEAryqXDAnBAIAAjAh
MA4DBAQqA9ADBgAqA9AAAgMHACoD0AADAQMGACoD0AAEMA0GCSqGSIb3DQEBCwUA
A4IBAQCakly7kg+7lBxKlxFVPwhbiSpAo4AIPTTxq+s4pZ1RiG50D0n+72bNHn8d
5MXhBVIK61LwM443WBm5LC71wHmJcvZJKDeTAEvUqaH+UxoB456/ULVqN2/ClBqU
9BrxrqJb3ZWMbQroU2Jll6/F6e2528FU60po3AZgozolvVq3lvifh6xxU/SYpkLz
vhacXOYwqyEc2FeRR1ahjLcnEhQrlJaIizYoVxm1WDuV2i+GhhOzRJp3zPM4UiLh
PGn5vpcF4q599WDijIFD5yvqezfS25SA291ZKu4/VjHQSuUrjZNBlPFoUil67GiE
jlJalvRVWBaXRDZfjMFo/S/PcHPH
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:03:36 2025 by rpki-client