Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/oDVjxYPm7vPq-9FQVAv-wdPcmhE.roa
File: oDVjxYPm7vPq-9FQVAv-wdPcmhE.roa (raw, json)
Hash identifier: SVNTWU/SFE8BeAZ7Bb0M+S0ysWhdx0WLLM1QECYtWDg=
Subject key identifier: A0:35:63:C5:83:E6:EE:F3:EA:FB:D1:50:54:0B:FE:C1:D3:DC:9A:11
Certificate issuer: /CN=cec63b87a8aec093dbe47dcca92860ea841228e0
Certificate serial: 019424B27E606A53EBF0D5241154F8AA00FF
Authority key identifier: CE:C6:3B:87:A8:AE:C0:93:DB:E4:7D:CC:A9:28:60:EA:84:12:28:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsY7h6iuwJPb5H3MqShg6oQSKOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/oDVjxYPm7vPq-9FQVAv-wdPcmhE.roa
Signing time: Thu 02 Jan 2025 01:47:45 +0000
ROA not before: Thu 02 Jan 2025 01:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29513
IP address blocks: 37.60.184.0/21 maxlen: 21
46.31.208.0/21 maxlen: 21
89.251.48.0/20 maxlen: 20
146.66.144.0/21 maxlen: 21
146.66.149.0/24 maxlen: 24
193.105.225.0/24 maxlen: 24
194.180.228.0/22 maxlen: 22
217.64.48.0/20 maxlen: 20
2a01:1c0::/32 maxlen: 32
2a06:15c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/zsY7h6iuwJPb5H3MqShg6oQSKOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/zsY7h6iuwJPb5H3MqShg6oQSKOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zsY7h6iuwJPb5H3MqShg6oQSKOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:7e:60:6a:53:eb:f0:d5:24:11:54:f8:aa:00:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec63b87a8aec093dbe47dcca92860ea841228e0
Validity
Not Before: Jan 2 01:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a03563c583e6eef3eafbd150540bfec1d3dc9a11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4e:2e:88:a3:b6:2f:78:4f:16:4a:8b:4c:ce:
08:96:1d:b8:2d:d7:f0:7c:f5:a2:86:be:d9:24:0a:
e8:ff:15:54:4a:ff:14:6f:66:3c:ca:82:f3:fe:81:
66:de:94:02:73:c8:a3:0e:90:d1:bf:88:7f:a4:c4:
30:4d:86:b7:7e:3c:80:25:b8:3e:56:70:61:52:77:
78:f9:8b:06:75:74:7d:2f:11:e2:35:50:6c:81:ac:
ed:f2:90:f6:a9:b5:e7:46:aa:18:b2:14:11:46:a1:
61:cf:ac:8a:99:b3:d7:9f:a2:e0:a6:a0:f6:5d:2f:
9c:b3:bc:12:1f:29:fd:e1:bb:0d:f7:49:07:a6:43:
04:d0:5c:1b:79:89:f6:a7:e4:38:59:83:29:df:ee:
fa:69:bb:3a:1c:93:c4:ad:a7:09:fe:18:a1:18:47:
9c:43:61:b7:e0:68:28:49:f6:da:2d:83:95:38:79:
3b:cb:5f:90:70:4a:fd:6f:01:a2:c8:01:32:a4:0f:
cc:ff:82:f0:96:cd:1a:8d:52:fd:4e:b4:1e:32:a0:
a6:b4:8d:5b:08:17:b2:1c:dd:9d:f0:f1:c9:db:3c:
f4:21:12:45:79:c9:61:7c:39:4e:fc:d2:24:e7:08:
67:05:30:5f:ac:f3:50:9c:0e:fd:ff:85:05:11:05:
02:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:35:63:C5:83:E6:EE:F3:EA:FB:D1:50:54:0B:FE:C1:D3:DC:9A:11
X509v3 Authority Key Identifier:
keyid:CE:C6:3B:87:A8:AE:C0:93:DB:E4:7D:CC:A9:28:60:EA:84:12:28:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsY7h6iuwJPb5H3MqShg6oQSKOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/oDVjxYPm7vPq-9FQVAv-wdPcmhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/zsY7h6iuwJPb5H3MqShg6oQSKOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.184.0/21
46.31.208.0/21
89.251.48.0/20
146.66.144.0/21
193.105.225.0/24
194.180.228.0/22
217.64.48.0/20
IPv6:
2a01:1c0::/32
2a06:15c0::/29
Signature Algorithm: sha256WithRSAEncryption
16:fe:9c:8f:a6:8f:47:4d:77:3b:b1:b4:2e:cc:6e:2d:6f:1e:
0f:c3:b4:5a:c2:84:05:a3:fa:ce:8b:54:37:7f:7c:79:5b:f9:
69:64:46:8f:f9:4f:5e:30:b7:a3:a6:71:0d:d0:0a:d8:22:4b:
c6:90:f7:86:2f:2e:29:6c:14:20:0e:b6:9b:74:1c:2f:02:bf:
f0:73:6d:53:92:97:8c:16:d1:cc:6b:c9:cc:ba:9b:00:10:ad:
23:67:3a:d9:6f:89:07:72:56:b0:82:ac:d3:ff:98:b5:19:e1:
ab:7f:d5:7b:e9:58:63:8f:0e:5b:6d:57:21:dd:80:74:37:0c:
cb:43:02:91:41:10:cc:cf:a8:20:fe:3e:59:89:05:d6:26:a9:
0a:81:d0:c7:54:92:78:2a:6d:b2:07:f3:4a:9c:ff:43:d4:13:
02:4c:11:2d:79:19:9d:20:5a:98:fa:64:33:c8:26:d4:de:eb:
b7:59:08:f2:66:b9:36:05:23:58:31:65:9c:52:25:0c:44:10:
25:5d:68:2d:d9:a6:57:44:45:3b:ed:b7:a3:af:40:de:1c:68:
e9:fe:31:35:e9:89:0c:00:c6:2d:bb:dc:cc:cd:86:ff:96:29:
bf:0a:77:ca:d5:a1:f2:8d:7d:00:a2:2c:5d:45:a1:5b:33:55:
16:9d:1e:b5
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZQksn5galPr8NUkEVT4qgD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzYzYjg3YThhZWMwOTNkYmU0N2RjY2E5Mjg2MGVhODQx
MjI4ZTAwHhcNMjUwMTAyMDE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDM1NjNjNTgzZTZlZWYzZWFmYmQxNTA1NDBiZmVjMWQzZGM5YTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApE4uiKO2L3hPFkqLTM4Ilh24Ldfw
fPWihr7ZJAro/xVUSv8Ub2Y8yoLz/oFm3pQCc8ijDpDRv4h/pMQwTYa3fjyAJbg+
VnBhUnd4+YsGdXR9LxHiNVBsgazt8pD2qbXnRqoYshQRRqFhz6yKmbPXn6LgpqD2
XS+cs7wSHyn94bsN90kHpkME0FwbeYn2p+Q4WYMp3+76abs6HJPEracJ/hihGEec
Q2G34GgoSfbaLYOVOHk7y1+QcEr9bwGiyAEypA/M/4Lwls0ajVL9TrQeMqCmtI1b
CBeyHN2d8PHJ2zz0IRJFeclhfDlO/NIk5whnBTBfrPNQnA79/4UFEQUC1wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFKA1Y8WD5u7z6vvRUFQL/sHT3JoRMB8GA1UdIwQY
MBaAFM7GO4eorsCT2+R9zKkoYOqEEijgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNZN2g2aXV3SlBiNUgzTXFTaGc2b1FTS09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hODJmNDMtNTAyYi00MmZiLTg4ZWIt
ODNiZDY2ZjRlNmY2LzEvb0RWanhZUG03dlBxLTlGUVZBdi13ZFBjbWhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hODJmNDMtNTAyYi00MmZiLTg4ZWItODNiZDY2ZjRlNmY2
LzEvenNZN2g2aXV3SlBiNUgzTXFTaGc2b1FTS09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQDJTy4AwQD
Lh/QAwQEWfswAwQDkkKQAwQAwWnhAwQCwrTkAwQE2UAwMBQEAgACMA4DBQAqAQHA
AwUDKgYVwDANBgkqhkiG9w0BAQsFAAOCAQEAFv6cj6aPR013O7G0LsxuLW8eD8O0
WsKEBaP6zotUN398eVv5aWRGj/lPXjC3o6ZxDdAK2CJLxpD3hi8uKWwUIA62m3Qc
LwK/8HNtU5KXjBbRzGvJzLqbABCtI2c62W+JB3JWsIKs0/+YtRnhq3/Ve+lYY48O
W21XId2AdDcMy0MCkUEQzM+oIP4+WYkF1iapCoHQx1SSeCptsgfzSpz/Q9QTAkwR
LXkZnSBamPpkM8gm1N7rt1kI8ma5NgUjWDFlnFIlDEQQJV1oLdmmV0RFO+23o69A
3hxo6f4xNemJDADGLbvczM2G/5Ypvwp3ytWh8o19AKIsXUWhWzNVFp0etQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:56:06 2025 by rpki-client