Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/1-r8ngTnAMIWnigi3kZKRlPxzAEg.roa
File: 1-r8ngTnAMIWnigi3kZKRlPxzAEg.roa (raw, json)
Hash identifier: 4upInjfh8BMDhZW1GMRFLRcUKFy4sgss61UjVbuCcN4=
Subject key identifier: FA:BF:27:81:39:C0:30:85:A7:8A:08:B7:91:92:91:94:FC:73:00:48
Certificate issuer: /CN=de90d43293cfebf87e7eab2b0d553fd21a6e9641
Certificate serial: 019421B1E411E3278B6A65F6182C6D9417BA
Authority key identifier: DE:90:D4:32:93:CF:EB:F8:7E:7E:AB:2B:0D:55:3F:D2:1A:6E:96:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pDUMpPP6_h-fqsrDVU_0hpulkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/1-r8ngTnAMIWnigi3kZKRlPxzAEg.roa
Signing time: Wed 01 Jan 2025 11:48:13 +0000
ROA not before: Wed 01 Jan 2025 11:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47172
IP address blocks: 37.218.240.0/21 maxlen: 24
37.218.240.0/24 maxlen: 24
37.218.241.0/24 maxlen: 24
37.218.242.0/24 maxlen: 24
37.218.243.0/24 maxlen: 24
37.218.244.0/24 maxlen: 24
37.218.245.0/24 maxlen: 24
37.218.246.0/24 maxlen: 24
37.218.247.0/24 maxlen: 24
185.88.140.0/22 maxlen: 24
185.200.104.0/22 maxlen: 24
185.200.104.0/24 maxlen: 24
185.200.106.0/24 maxlen: 24
185.200.107.0/24 maxlen: 24
193.29.139.0/24 maxlen: 24
195.190.28.0/24 maxlen: 24
213.108.104.0/21 maxlen: 24
2a00:c6c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/3pDUMpPP6_h-fqsrDVU_0hpulkE.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/3pDUMpPP6_h-fqsrDVU_0hpulkE.mft
rsync://rpki.ripe.net/repository/DEFAULT/3pDUMpPP6_h-fqsrDVU_0hpulkE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e4:11:e3:27:8b:6a:65:f6:18:2c:6d:94:17:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de90d43293cfebf87e7eab2b0d553fd21a6e9641
Validity
Not Before: Jan 1 11:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fabf278139c03085a78a08b791929194fc730048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ba:b7:a9:6f:e3:42:d3:25:82:df:2e:c3:05:
13:b9:d6:f8:6d:3b:4a:17:f1:84:60:0f:f5:08:b7:
e6:81:c0:57:f2:3a:d9:94:2f:33:0d:c1:0f:05:26:
31:73:06:82:b1:ee:a1:71:86:87:33:cf:c3:48:d1:
c3:c5:cc:9f:15:a7:cb:84:43:57:36:1d:89:53:66:
e6:a7:7f:b4:aa:27:ea:94:27:af:ea:3d:0c:e7:e4:
1b:02:77:26:28:94:cb:ba:b2:53:68:5c:dd:4d:11:
04:fd:1d:57:27:25:07:4c:ff:cd:43:f5:30:d1:15:
90:05:c7:6e:b2:40:ff:37:9b:65:03:eb:fb:ee:f7:
ef:8a:d9:fa:c4:e9:41:2d:2e:d6:0e:d7:43:67:db:
e1:50:70:57:20:5b:3c:6c:6f:8e:ba:53:20:63:0f:
03:10:c8:be:8f:ce:19:e7:3f:18:39:39:c8:c4:cb:
f6:2a:1c:42:4d:68:9d:2b:ee:f2:4a:67:75:1a:ae:
d9:cb:e3:c9:a3:e0:c8:62:b2:f9:4b:59:38:17:80:
b7:4c:db:f1:32:1d:fe:1b:22:9f:6f:09:d0:ce:bf:
8f:00:9f:67:c8:fe:fd:dd:2a:c7:ae:a8:ec:df:98:
dc:3a:6f:ad:65:0c:05:1e:84:23:b0:4e:24:7d:5f:
5a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:BF:27:81:39:C0:30:85:A7:8A:08:B7:91:92:91:94:FC:73:00:48
X509v3 Authority Key Identifier:
keyid:DE:90:D4:32:93:CF:EB:F8:7E:7E:AB:2B:0D:55:3F:D2:1A:6E:96:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pDUMpPP6_h-fqsrDVU_0hpulkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/1-r8ngTnAMIWnigi3kZKRlPxzAEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/3pDUMpPP6_h-fqsrDVU_0hpulkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.218.240.0/21
185.88.140.0/22
185.200.104.0/22
193.29.139.0/24
195.190.28.0/24
213.108.104.0/21
IPv6:
2a00:c6c0::/48
Signature Algorithm: sha256WithRSAEncryption
8d:49:a8:14:cb:59:8d:43:00:ed:bb:64:05:d4:ae:f7:9e:72:
fe:d2:28:9d:6e:43:3d:4b:7e:01:7b:f3:ec:10:05:8e:66:54:
72:aa:c5:9f:15:6b:79:45:7e:15:53:f7:35:50:88:06:52:01:
f8:b5:55:45:33:35:aa:ff:39:1d:04:e2:44:20:1b:69:ba:c0:
bb:c3:5a:17:79:11:0b:57:e0:b2:07:3b:e7:0d:35:79:48:33:
6c:49:09:72:46:72:ec:44:0b:2e:ab:a1:e9:d8:7f:e5:e3:7e:
9a:6c:88:ac:5e:5b:8d:26:0b:fd:6a:85:f9:36:68:7f:39:70:
66:15:87:ca:46:9f:5c:76:84:58:ab:c0:7a:00:d3:db:d3:77:
ed:d7:22:17:d0:2a:ea:8a:8c:db:6e:ce:8f:47:bb:54:51:a5:
e4:88:1e:a1:5f:e2:54:cd:b4:14:6d:0a:6d:c1:81:67:63:07:
4e:87:31:20:d2:12:3c:69:d2:c3:8a:36:74:69:9c:9b:12:cc:
a7:c6:b0:52:ee:ec:7e:ca:0e:01:18:1d:85:9f:1d:35:7a:60:
07:f5:31:e5:62:2b:56:12:e4:75:bf:e7:4c:25:8c:34:cc:f7:
82:cb:88:f2:7b:07:08:6d:a1:e7:bb:1a:95:36:c7:34:45:c2:
93:22:7a:cc
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQhseQR4yeLamX2GCxtlBe6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTBkNDMyOTNjZmViZjg3ZTdlYWIyYjBkNTUzZmQyMWE2
ZTk2NDEwHhcNMjUwMTAxMTE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWJmMjc4MTM5YzAzMDg1YTc4YTA4Yjc5MTkyOTE5NGZjNzMwMDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbq3qW/jQtMlgt8uwwUTudb4bTtK
F/GEYA/1CLfmgcBX8jrZlC8zDcEPBSYxcwaCse6hcYaHM8/DSNHDxcyfFafLhENX
Nh2JU2bmp3+0qifqlCev6j0M5+QbAncmKJTLurJTaFzdTREE/R1XJyUHTP/NQ/Uw
0RWQBcduskD/N5tlA+v77vfvitn6xOlBLS7WDtdDZ9vhUHBXIFs8bG+OulMgYw8D
EMi+j84Z5z8YOTnIxMv2KhxCTWidK+7ySmd1Gq7Zy+PJo+DIYrL5S1k4F4C3TNvx
Mh3+GyKfbwnQzr+PAJ9nyP793SrHrqjs35jcOm+tZQwFHoQjsE4kfV9a2QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFPq/J4E5wDCFp4oIt5GSkZT8cwBIMB8GA1UdIwQY
MBaAFN6Q1DKTz+v4fn6rKw1VP9IabpZBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BEVU1wUFA2X2gtZnFzckRWVV8waHB1bGtFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi82NDdlYmEtZDY2Ni00OWM3LWEwODkt
NTNlZGM2MjZiMjg3LzEvMS1yOG5nVG5BTUlXbmlnaTNrWktSbFB4ekFFZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2IvNjQ3ZWJhLWQ2NjYtNDljNy1hMDg5LTUzZWRjNjI2YjI4
Ny8xLzNwRFVNcFBQNl9oLWZxc3JEVlVfMGhwdWxrRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBOBggrBgEFBQcBBwEB/wQ/MD0wKgQCAAEwJAMEAyXa8AME
ArlYjAMEArnIaAMEAMEdiwMEAMO+HAMEA9VsaDAPBAIAAjAJAwcAKgDGwAAAMA0G
CSqGSIb3DQEBCwUAA4IBAQCNSagUy1mNQwDtu2QF1K73nnL+0iidbkM9S34Be/Ps
EAWOZlRyqsWfFWt5RX4VU/c1UIgGUgH4tVVFMzWq/zkdBOJEIBtpusC7w1oXeREL
V+CyBzvnDTV5SDNsSQlyRnLsRAsuq6Hp2H/l436abIisXluNJgv9aoX5Nmh/OXBm
FYfKRp9cdoRYq8B6ANPb03ft1yIX0Crqiozbbs6PR7tUUaXkiB6hX+JUzbQUbQpt
wYFnYwdOhzEg0hI8adLDijZ0aZybEsynxrBS7ux+yg4BGB2Fnx01emAH9THlYitW
EuR1v+dMJYw0zPeCy4jyewcIbaHnuxqVNsc0RcKTInrM
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:37:08 2025 by rpki-client