Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/F1syaj2slElK5y18q2bJFyk_Xt4.roa
File: F1syaj2slElK5y18q2bJFyk_Xt4.roa (raw, json)
Hash identifier: 0cchVuYo1uzzUlT1evGpupW2C9gukJ9GqtBWuAJKa5E=
Subject key identifier: 17:5B:32:6A:3D:AC:94:49:4A:E7:2D:7C:AB:66:C9:17:29:3F:5E:DE
Certificate issuer: /CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Certificate serial: 019423698845A89D79E791973233BC2691EF
Authority key identifier: EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/F1syaj2slElK5y18q2bJFyk_Xt4.roa
Signing time: Wed 01 Jan 2025 19:48:26 +0000
ROA not before: Wed 01 Jan 2025 19:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15975
IP address blocks: 37.8.0.0/17 maxlen: 17
37.8.32.0/20 maxlen: 20
37.8.48.0/20 maxlen: 20
37.8.64.0/20 maxlen: 20
37.8.80.0/20 maxlen: 20
37.8.96.0/20 maxlen: 20
37.8.112.0/20 maxlen: 20
82.102.192.0/20 maxlen: 20
82.102.208.0/20 maxlen: 20
82.102.216.0/23 maxlen: 23
82.102.224.0/20 maxlen: 20
82.102.224.0/21 maxlen: 21
82.102.232.0/24 maxlen: 24
82.102.233.0/24 maxlen: 24
82.102.234.0/23 maxlen: 23
82.102.236.0/22 maxlen: 22
82.102.240.0/20 maxlen: 20
82.205.0.0/17 maxlen: 17
82.205.32.0/20 maxlen: 20
82.205.48.0/20 maxlen: 20
82.205.64.0/20 maxlen: 20
82.205.80.0/20 maxlen: 20
82.205.96.0/20 maxlen: 20
82.205.112.0/21 maxlen: 21
85.113.96.0/19 maxlen: 19
85.113.96.0/20 maxlen: 20
85.113.112.0/20 maxlen: 20
86.107.16.0/22 maxlen: 22
87.252.108.0/22 maxlen: 22
109.232.162.0/24 maxlen: 24
109.232.163.0/24 maxlen: 24
147.189.176.0/20 maxlen: 20
176.65.12.0/22 maxlen: 22
185.90.242.0/24 maxlen: 24
185.171.132.0/22 maxlen: 22
188.209.208.0/22 maxlen: 22
188.215.100.0/22 maxlen: 22
194.169.121.0/24 maxlen: 24
194.169.122.0/24 maxlen: 24
194.169.123.0/24 maxlen: 24
199.250.128.0/19 maxlen: 19
199.250.128.0/21 maxlen: 21
199.250.136.0/21 maxlen: 21
199.250.144.0/21 maxlen: 21
199.250.152.0/21 maxlen: 21
212.33.96.0/19 maxlen: 19
212.33.96.0/20 maxlen: 20
212.33.112.0/20 maxlen: 20
212.106.64.0/19 maxlen: 19
212.106.64.0/20 maxlen: 20
212.106.73.0/24 maxlen: 24
212.106.80.0/20 maxlen: 20
217.21.0.0/23 maxlen: 23
217.21.2.0/24 maxlen: 24
217.21.3.0/24 maxlen: 24
217.21.4.0/24 maxlen: 24
217.21.5.0/24 maxlen: 24
217.21.6.0/23 maxlen: 23
217.21.8.0/23 maxlen: 23
217.21.10.0/23 maxlen: 23
217.21.12.0/23 maxlen: 23
217.21.14.0/23 maxlen: 23
217.66.224.0/21 maxlen: 21
217.66.224.0/23 maxlen: 23
217.66.226.0/24 maxlen: 24
217.66.227.0/24 maxlen: 24
217.66.228.0/22 maxlen: 22
217.66.232.0/24 maxlen: 24
217.66.236.0/22 maxlen: 22
217.66.236.0/24 maxlen: 24
217.66.238.0/23 maxlen: 23
217.66.240.0/20 maxlen: 20
217.78.48.0/21 maxlen: 21
217.78.56.0/22 maxlen: 22
217.78.56.0/24 maxlen: 24
2a01:7f80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/7DpjPvLAglGlhgNWLlaqbvqT7CU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/7DpjPvLAglGlhgNWLlaqbvqT7CU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 01:01:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:88:45:a8:9d:79:e7:91:97:32:33:bc:26:91:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Validity
Not Before: Jan 1 19:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=175b326a3dac94494ae72d7cab66c917293f5ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:70:0d:1b:b4:0b:e2:e8:40:38:34:3b:a5:b0:
7b:d1:31:c1:30:da:84:c3:49:0b:36:71:67:d7:2e:
f4:d2:72:4b:ba:d1:93:ee:12:ad:57:fb:f9:cb:d5:
b5:fe:8b:f5:48:66:ae:e8:f8:93:58:6d:cf:cb:11:
f0:de:fe:1c:75:93:a2:c3:e6:cc:ac:c6:5f:aa:ba:
84:97:e0:1f:9c:4c:38:19:27:d6:f4:6d:03:75:74:
65:b6:62:86:79:22:e1:30:0c:9c:9a:52:60:17:f2:
a4:86:c3:50:fd:11:b0:c6:80:d5:6e:f1:17:bb:a5:
45:3a:8e:1b:c9:25:5f:20:c7:08:f4:c6:50:2d:ca:
5c:5e:b6:84:45:72:0e:82:72:d0:c5:3b:fb:ba:be:
5b:f4:9e:ef:c9:26:a7:58:66:c2:73:66:b5:32:cd:
95:45:a9:37:d1:8b:ad:75:4a:02:b7:af:8c:67:6c:
56:ef:48:1b:89:9a:8a:61:da:0c:30:9b:1e:8c:15:
67:f0:d6:1d:bb:77:d3:40:cf:af:ad:1a:9a:7e:d7:
40:00:e0:5a:04:f5:bb:0e:84:97:85:6f:1b:e8:ac:
b9:9d:e2:1d:7b:8e:d8:92:d3:db:17:49:3d:e1:b2:
b4:64:44:3f:a4:e6:72:26:e0:74:b5:0b:db:1e:e0:
7d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:5B:32:6A:3D:AC:94:49:4A:E7:2D:7C:AB:66:C9:17:29:3F:5E:DE
X509v3 Authority Key Identifier:
keyid:EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/F1syaj2slElK5y18q2bJFyk_Xt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/7DpjPvLAglGlhgNWLlaqbvqT7CU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.8.0.0/17
82.102.192.0/18
82.205.0.0/17
85.113.96.0/19
86.107.16.0/22
87.252.108.0/22
109.232.162.0/23
147.189.176.0/20
176.65.12.0/22
185.90.242.0/24
185.171.132.0/22
188.209.208.0/22
188.215.100.0/22
194.169.121.0-194.169.123.255
199.250.128.0/19
212.33.96.0/19
212.106.64.0/19
217.21.0.0/20
217.66.224.0-217.66.232.255
217.66.236.0-217.66.255.255
217.78.48.0-217.78.59.255
IPv6:
2a01:7f80::/32
Signature Algorithm: sha256WithRSAEncryption
37:a6:dc:1d:14:3d:da:97:44:92:d0:e5:ce:8a:c9:54:b9:d3:
68:e0:8e:d9:47:6f:50:63:19:fb:51:ed:14:9b:79:ac:b6:b9:
83:45:e9:f4:d5:d0:d2:bc:ce:17:9f:df:a3:4c:42:3c:40:f7:
9a:c3:4b:c3:f7:44:58:37:9f:5b:6e:82:bb:30:d1:10:ff:02:
ed:21:31:9a:c1:3e:01:61:d2:de:85:ab:f5:69:69:24:73:a9:
fc:96:50:d3:96:7c:13:5a:05:e7:24:8e:c0:39:aa:ef:0c:73:
3c:17:07:5e:ab:c7:b2:3e:be:fb:00:8f:f3:f6:c0:f5:7f:3b:
d6:44:f8:f3:50:e9:f4:d8:3c:11:9f:ea:80:3b:1e:17:93:24:
cd:95:29:11:b7:1e:8c:7e:0f:bf:bd:8f:0e:20:70:49:f5:b2:
07:6f:8b:63:3f:98:c2:6b:6e:d5:09:ef:ab:4a:60:72:5a:8a:
ca:1f:c5:8d:49:c9:1f:fd:b2:5f:d5:f5:fb:81:45:e0:c7:2f:
1a:56:e2:2b:05:9d:38:69:b4:06:2c:51:35:7e:e0:71:19:a2:
6b:aa:ed:8c:e3:5c:d2:aa:e8:0d:0d:08:72:f1:83:08:97:0c:
d1:0e:c3:b6:5b:0e:63:0c:09:25:98:4b:38:09:4d:3f:64:46:
02:2a:79:77
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZQjaYhFqJ1555GXMjO8JpHvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjM2E2MzNlZjJjMDgyNTFhNTg2MDM1NjJlNTZhYTZlZmE5
M2VjMjUwHhcNMjUwMTAxMTk0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzViMzI2YTNkYWM5NDQ5NGFlNzJkN2NhYjY2YzkxNzI5M2Y1ZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nANG7QL4uhAODQ7pbB70THBMNqE
w0kLNnFn1y700nJLutGT7hKtV/v5y9W1/ov1SGau6PiTWG3PyxHw3v4cdZOiw+bM
rMZfqrqEl+AfnEw4GSfW9G0DdXRltmKGeSLhMAycmlJgF/KkhsNQ/RGwxoDVbvEX
u6VFOo4bySVfIMcI9MZQLcpcXraERXIOgnLQxTv7ur5b9J7vySanWGbCc2a1Ms2V
Rak30YutdUoCt6+MZ2xW70gbiZqKYdoMMJsejBVn8NYdu3fTQM+vrRqaftdAAOBa
BPW7DoSXhW8b6Ky5neIde47YktPbF0k94bK0ZEQ/pOZyJuB0tQvbHuB9LQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFBdbMmo9rJRJSuctfKtmyRcpP17eMB8GA1UdIwQY
MBaAFOw6Yz7ywIJRpYYDVi5Wqm76k+wlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0RwalB2TEFnbEdsaGdOV0xsYXFidnFUN0NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMWIxZjAtMjM0Zi00NWQ1LTg1OTUt
ZjdjMmMyYTkxYmMyLzEvRjFzeWFqMnNsRWxLNXkxOHEyYkpGeWtfWHQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMWIxZjAtMjM0Zi00NWQ1LTg1OTUtZjdjMmMyYTkxYmMy
LzEvN0RwalB2TEFnbEdsaGdOV0xsYXFidnFUN0NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBpAQCAAEwgZ0DBAcl
CAADBAZSZsADBAdSzQADBAVVcWADBAJWaxADBAJX/GwDBAFt6KIDBASTvbADBAKw
QQwDBAC5WvIDBAK5q4QDBAK80dADBAK812QwDAMEAMKpeQMEAsKpeAMEBcf6gAME
BdQhYAMEBdRqQAMEBNkVADAMAwQF2ULgAwQA2ULoMAsDBALZQuwDAwDZQjAMAwQE
2U4wAwQC2U44MA0EAgACMAcDBQAqAX+AMA0GCSqGSIb3DQEBCwUAA4IBAQA3ptwd
FD3al0SS0OXOislUudNo4I7ZR29QYxn7Ue0Um3mstrmDRen01dDSvM4Xn9+jTEI8
QPeaw0vD90RYN59bboK7MNEQ/wLtITGawT4BYdLehav1aWkkc6n8llDTlnwTWgXn
JI7AOarvDHM8Fwdeq8eyPr77AI/z9sD1fzvWRPjzUOn02DwRn+qAOx4XkyTNlSkR
tx6Mfg+/vY8OIHBJ9bIHb4tjP5jCa27VCe+rSmByWorKH8WNSckf/bJf1fX7gUXg
xy8aVuIrBZ04abQGLFE1fuBxGaJrqu2M41zSqugNDQhy8YMIlwzRDsO2Ww5jDAkl
mEs4CU0/ZEYCKnl3
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:20:37 2025 by rpki-client