Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/OoGFHq99aeIlQDP3XkJmShe_tmw.roa
File: OoGFHq99aeIlQDP3XkJmShe_tmw.roa (raw, json)
Hash identifier: BrG+T/bILirCfshb6nx3CG5GMwitUbA8ieBnXMn5ksY=
Subject key identifier: 3A:81:85:1E:AF:7D:69:E2:25:40:33:F7:5E:42:66:4A:17:BF:B6:6C
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0195FA9037C050F76D82F1D8E52733A51185
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/OoGFHq99aeIlQDP3XkJmShe_tmw.roa
Signing time: Thu 03 Apr 2025 07:31:50 +0000
ROA not before: Thu 03 Apr 2025 07:31:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8434
IP address blocks: 192.36.37.0/24 maxlen: 24
192.71.97.0/24 maxlen: 24
192.71.158.0/24 maxlen: 24
192.121.21.0/24 maxlen: 24
192.121.172.0/24 maxlen: 24
192.121.192.0/24 maxlen: 24
192.165.65.0/24 maxlen: 24
192.165.86.0/24 maxlen: 24
192.176.161.0/24 maxlen: 24
193.180.61.0/24 maxlen: 24
193.181.0.0/24 maxlen: 24
193.181.187.0/24 maxlen: 24
193.183.3.0/24 maxlen: 24
193.183.118.0/24 maxlen: 24
193.234.68.0/23 maxlen: 23
193.234.220.0/23 maxlen: 23
193.234.237.0/24 maxlen: 24
193.235.142.0/23 maxlen: 24
194.14.129.0/24 maxlen: 24
194.14.212.0/24 maxlen: 24
194.68.56.0/23 maxlen: 23
194.68.99.0/24 maxlen: 24
194.68.126.0/24 maxlen: 24
194.68.194.0/23 maxlen: 23
194.71.27.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
194.71.168.0/24 maxlen: 24
194.103.50.0/24 maxlen: 24
194.132.108.0/23 maxlen: 24
194.132.174.0/24 maxlen: 24
194.132.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fa:90:37:c0:50:f7:6d:82:f1:d8:e5:27:33:a5:11:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Apr 3 07:31:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a81851eaf7d69e2254033f75e42664a17bfb66c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a3:6d:f9:f6:bf:b6:71:e1:29:d8:56:73:ca:
9d:df:af:38:26:7d:bd:57:44:e8:d6:80:5a:1e:6c:
6f:a4:73:2d:31:ad:be:c8:ea:2d:1d:46:65:3b:ce:
36:85:7f:14:81:c5:b0:be:27:d6:0d:5a:87:34:15:
74:8a:94:07:2b:28:a2:19:b4:0f:5b:88:2a:e4:e3:
1a:f2:8f:85:69:af:81:24:37:47:3c:c5:3d:85:79:
46:6e:d0:df:ea:66:ae:19:23:86:52:d0:cf:c5:1a:
c0:33:17:26:4a:20:e8:3b:6b:50:65:0b:2a:0d:b7:
26:57:0d:7f:3b:28:48:ee:90:6f:2b:ba:c6:b0:98:
34:cd:97:70:6d:6d:08:73:19:19:9d:76:a5:3d:55:
e1:00:b7:b4:00:67:7e:1a:0f:d7:6c:b5:76:8c:98:
a5:c1:e0:08:01:0e:6b:54:59:56:0a:0a:f3:b8:6d:
0f:d1:bc:c0:36:32:dd:ee:43:68:05:2c:18:52:98:
82:59:b5:9c:85:30:7a:96:3c:04:96:ab:5c:c5:38:
a2:9b:99:86:6c:cf:28:07:2f:8b:ef:3e:2e:da:8a:
06:26:db:1e:6a:1b:34:b5:fa:f6:39:0b:f2:be:d0:
b6:70:87:a1:0f:b4:c0:1e:e6:45:45:a3:7e:c0:ca:
45:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:81:85:1E:AF:7D:69:E2:25:40:33:F7:5E:42:66:4A:17:BF:B6:6C
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/OoGFHq99aeIlQDP3XkJmShe_tmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.37.0/24
192.71.97.0/24
192.71.158.0/24
192.121.21.0/24
192.121.172.0/24
192.121.192.0/24
192.165.65.0/24
192.165.86.0/24
192.176.161.0/24
193.180.61.0/24
193.181.0.0/24
193.181.187.0/24
193.183.3.0/24
193.183.118.0/24
193.234.68.0/23
193.234.220.0/23
193.234.237.0/24
193.235.142.0/23
194.14.129.0/24
194.14.212.0/24
194.68.56.0/23
194.68.99.0/24
194.68.126.0/24
194.68.194.0/23
194.71.27.0/24
194.71.83.0/24
194.71.140.0/23
194.71.168.0/24
194.103.50.0/24
194.132.108.0/23
194.132.174.0/23
Signature Algorithm: sha256WithRSAEncryption
85:03:3a:6b:e1:ee:eb:f2:0e:bf:18:71:e8:76:70:9d:4b:e9:
c1:24:f7:d3:42:b4:46:fc:09:22:6a:fa:35:cd:89:e7:21:cd:
e7:a6:02:87:9a:66:12:70:0e:0c:18:71:85:a6:15:11:40:e0:
11:05:df:1d:0b:28:f8:43:78:e6:47:cf:83:8c:52:f0:2c:34:
03:76:38:32:00:23:8c:f4:0e:0b:7d:68:8a:58:9b:c3:85:56:
09:9d:b8:57:ef:e7:3c:1d:c5:5e:6d:4c:5b:d5:d2:59:99:8c:
f2:92:81:4d:e1:28:18:eb:03:c6:27:85:22:92:5c:28:d3:a2:
5b:b1:1a:54:02:bc:b1:95:f1:ea:84:54:de:06:04:a1:ae:0a:
a4:e7:3a:8c:a6:4e:5a:5c:65:c8:3a:5e:39:b2:25:ee:a2:b2:
b9:97:c4:be:7e:f6:ae:5b:9d:58:6c:24:19:18:5a:42:52:6a:
84:cb:a3:55:b8:1e:ae:2b:5f:6b:33:96:cd:f6:24:7b:9c:e2:
e7:d3:d0:a7:82:7b:45:ad:cb:29:1a:b4:26:da:38:80:f2:35:
b6:0d:5b:ce:af:c2:ad:6e:b8:e8:88:62:cd:da:f4:52:0a:d6:
08:de:90:b5:27:98:07:0f:49:55:57:9f:c7:c7:fc:b3:78:66:
17:4a:2f:06
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAZX6kDfAUPdtgvHY5SczpRGFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwNDAzMDczMTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTgxODUxZWFmN2Q2OWUyMjU0MDMzZjc1ZTQyNjY0YTE3YmZiNjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaNt+fa/tnHhKdhWc8qd3684Jn29
V0To1oBaHmxvpHMtMa2+yOotHUZlO842hX8UgcWwvifWDVqHNBV0ipQHKyiiGbQP
W4gq5OMa8o+Faa+BJDdHPMU9hXlGbtDf6mauGSOGUtDPxRrAMxcmSiDoO2tQZQsq
DbcmVw1/OyhI7pBvK7rGsJg0zZdwbW0IcxkZnXalPVXhALe0AGd+Gg/XbLV2jJil
weAIAQ5rVFlWCgrzuG0P0bzANjLd7kNoBSwYUpiCWbWchTB6ljwElqtcxTiim5mG
bM8oBy+L7z4u2ooGJtseahs0tfr2OQvyvtC2cIehD7TAHuZFRaN+wMpFrwIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFDqBhR6vfWniJUAz915CZkoXv7ZsMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvT29HRkhxOTlhZUlsUURQM1hrSm1TaGVfdG13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBwQQCAAEwgboDBADA
JCUDBADAR2EDBADAR54DBADAeRUDBADAeawDBADAecADBADApUEDBADApVYDBADA
sKEDBADBtD0DBADBtQADBADBtbsDBADBtwMDBADBt3YDBAHB6kQDBAHB6twDBADB
6u0DBAHB644DBADCDoEDBADCDtQDBAHCRDgDBADCRGMDBADCRH4DBAHCRMIDBADC
RxsDBADCR1MDBAHCR4wDBADCR6gDBADCZzIDBAHChGwDBAHChK4wDQYJKoZIhvcN
AQELBQADggEBAIUDOmvh7uvyDr8Yceh2cJ1L6cEk99NCtEb8CSJq+jXNiechzeem
AoeaZhJwDgwYcYWmFRFA4BEF3x0LKPhDeOZHz4OMUvAsNAN2ODIAI4z0Dgt9aIpY
m8OFVgmduFfv5zwdxV5tTFvV0lmZjPKSgU3hKBjrA8YnhSKSXCjToluxGlQCvLGV
8eqEVN4GBKGuCqTnOoymTlpcZcg6XjmyJe6isrmXxL5+9q5bnVhsJBkYWkJSaoTL
o1W4Hq4rX2szls32JHuc4ufT0KeCe0WtyykatCbaOIDyNbYNW86vwq1uuOiIYs3a
9FIK1gjekLUnmAcPSVVXn8fH/LN4ZhdKLwY=
-----END CERTIFICATE-----
Generated at Thu Apr 10 14:50:51 2025 by rpki-client