Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/podfBbvblbujwJeMWZwGbU0sPNA.roa
File: podfBbvblbujwJeMWZwGbU0sPNA.roa (raw, json)
Hash identifier: +aCb+Gg3Ip7BjJ/sgR8dzhKxDrlUXm7AtkYxnTfteRk=
Subject key identifier: A6:87:5F:05:BB:DB:95:BB:A3:C0:97:8C:59:9C:06:6D:4D:2C:3C:D0
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 0196F7E00118987C3589CC337E41840D646B
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/podfBbvblbujwJeMWZwGbU0sPNA.roa
Signing time: Thu 22 May 2025 12:02:54 +0000
ROA not before: Thu 22 May 2025 12:02:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50261
IP address blocks: 37.220.128.0/20 maxlen: 20
77.111.112.0/22 maxlen: 22
77.111.124.0/22 maxlen: 22
77.111.124.0/24 maxlen: 24
77.111.127.0/24 maxlen: 24
80.64.64.0/21 maxlen: 21
80.64.72.0/21 maxlen: 21
109.74.48.0/20 maxlen: 20
194.152.130.0/24 maxlen: 24
194.152.131.0/24 maxlen: 24
194.152.134.0/24 maxlen: 24
194.152.135.0/24 maxlen: 24
194.152.138.0/24 maxlen: 24
194.152.143.0/24 maxlen: 24
194.152.144.0/24 maxlen: 24
194.152.145.0/24 maxlen: 24
194.152.146.0/24 maxlen: 24
194.152.149.0/24 maxlen: 24
194.152.152.0/24 maxlen: 24
2a02:d400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 18:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f7:e0:01:18:98:7c:35:89:cc:33:7e:41:84:0d:64:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: May 22 12:02:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6875f05bbdb95bba3c0978c599c066d4d2c3cd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e2:1c:ac:c5:12:9e:56:c1:43:0b:cb:bc:a7:
70:86:6f:3c:7d:72:cc:eb:c3:f5:79:ff:97:2a:4b:
27:eb:f1:7f:ae:05:02:4c:bc:88:a1:4f:fb:6e:85:
fd:80:c7:51:fe:22:0a:37:b8:1a:2c:99:f3:ca:38:
ae:2c:47:37:2e:1a:89:d4:e9:9e:ce:0b:08:d3:1f:
82:6a:68:57:cb:e1:7f:8a:59:0f:d7:c7:5c:b3:5a:
87:2f:2a:5e:b8:0e:61:91:43:ce:07:4d:20:73:74:
a6:37:05:ad:00:e1:db:2c:93:91:59:33:7e:67:6b:
45:6b:89:b9:8b:9c:e7:1f:61:f0:33:e7:af:93:5b:
17:44:1e:e1:5f:5e:18:61:2d:af:82:ed:3b:f9:fc:
f8:d5:ac:ac:a9:00:b2:9d:32:b7:79:67:cd:31:af:
d9:51:f7:87:c2:b1:01:b9:6f:24:a0:c0:80:1b:b6:
0f:3c:86:f0:ef:0b:c4:da:bb:4d:89:03:41:e6:6a:
fd:3a:cf:9a:7a:e9:9a:06:8d:1c:87:14:1c:d3:0b:
c3:c0:af:50:b8:5b:a8:c4:37:0a:9b:c0:eb:29:bd:
5a:c5:b5:ad:14:36:4a:e4:b4:68:3c:41:52:61:29:
16:23:99:36:e2:ed:bd:69:ab:c1:eb:9d:80:7a:c5:
18:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:87:5F:05:BB:DB:95:BB:A3:C0:97:8C:59:9C:06:6D:4D:2C:3C:D0
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/podfBbvblbujwJeMWZwGbU0sPNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.128.0/20
77.111.112.0/22
77.111.124.0/22
80.64.64.0/20
109.74.48.0/20
194.152.130.0/23
194.152.134.0/23
194.152.138.0/24
194.152.143.0-194.152.146.255
194.152.149.0/24
194.152.152.0/24
IPv6:
2a02:d400::/29
Signature Algorithm: sha256WithRSAEncryption
b4:51:3f:19:a5:d9:f0:47:af:a0:b8:be:f7:66:8b:48:72:4b:
f7:f7:18:1c:fc:35:dd:04:7e:4b:d3:dd:70:5b:b5:14:bc:77:
88:54:d2:10:a4:5d:dd:33:3c:5a:c1:6d:e1:50:6d:a7:35:c3:
b7:e7:25:7b:43:95:de:f5:56:e2:f3:5f:0b:03:98:46:e0:ac:
53:b9:81:5a:7a:51:a6:9f:2d:5a:de:cb:4b:62:55:f8:41:4b:
89:5c:e9:36:ab:48:d3:44:1e:e7:68:a0:27:52:92:82:78:78:
a6:7f:0b:b2:bf:d3:d8:5f:f4:eb:1c:7d:ff:a2:f6:f5:42:a6:
52:56:1c:f8:ae:25:82:ac:c7:e1:48:51:bf:97:a1:8d:db:5b:
d9:96:e4:aa:00:c9:6e:9a:f6:39:15:ba:fe:53:f1:17:d2:35:
99:5a:d3:bb:7b:4f:4f:da:78:28:6a:44:21:14:7a:53:7f:10:
0a:97:bb:ad:14:6b:d1:eb:c7:16:03:6c:fc:ac:80:78:78:31:
a2:0a:0d:40:0d:63:bc:6d:4f:e9:3c:7d:13:a5:be:fb:31:9b:
1f:3c:6d:9c:e5:0c:b8:f6:06:48:01:b4:24:23:ca:ec:96:58:
b3:87:ac:1e:52:da:76:08:10:4c:48:7b:5e:e1:38:b0:6f:af:
68:8b:22:0f
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZb34AEYmHw1icwzfkGEDWRrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjUwNTIyMTIwMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjg3NWYwNWJiZGI5NWJiYTNjMDk3OGM1OTljMDY2ZDRkMmMzY2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+IcrMUSnlbBQwvLvKdwhm88fXLM
68P1ef+XKksn6/F/rgUCTLyIoU/7boX9gMdR/iIKN7gaLJnzyjiuLEc3LhqJ1Ome
zgsI0x+CamhXy+F/ilkP18dcs1qHLypeuA5hkUPOB00gc3SmNwWtAOHbLJORWTN+
Z2tFa4m5i5znH2HwM+evk1sXRB7hX14YYS2vgu07+fz41aysqQCynTK3eWfNMa/Z
UfeHwrEBuW8koMCAG7YPPIbw7wvE2rtNiQNB5mr9Os+aeumaBo0chxQc0wvDwK9Q
uFuoxDcKm8DrKb1axbWtFDZK5LRoPEFSYSkWI5k24u29aavB652AesUYvQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFKaHXwW725W7o8CXjFmcBm1NLDzQMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvcG9kZkJidmJsYnVqd0plTVdad0diVTBzUE5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQEJdyAAwQC
TW9wAwQCTW98AwQEUEBAAwQEbUowAwQBwpiCAwQBwpiGAwQAwpiKMAwDBADCmI8D
BADCmJIDBADCmJUDBADCmJgwDQQCAAIwBwMFAyoC1AAwDQYJKoZIhvcNAQELBQAD
ggEBALRRPxml2fBHr6C4vvdmi0hyS/f3GBz8Nd0EfkvT3XBbtRS8d4hU0hCkXd0z
PFrBbeFQbac1w7fnJXtDld71VuLzXwsDmEbgrFO5gVp6UaafLVrey0tiVfhBS4lc
6TarSNNEHudooCdSkoJ4eKZ/C7K/09hf9Oscff+i9vVCplJWHPiuJYKsx+FIUb+X
oY3bW9mW5KoAyW6a9jkVuv5T8RfSNZla07t7T0/aeChqRCEUelN/EAqXu60Ua9Hr
xxYDbPysgHh4MaIKDUANY7xtT+k8fROlvvsxmx88bZzlDLj2BkgBtCQjyuyWWLOH
rB5S2nYIEExIe17hOLBvr2iLIg8=
-----END CERTIFICATE-----
Generated at Fri Jun 6 03:45:10 2025 by rpki-client