Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/c3DCrLRFAJY72J3n3qrjNug2KJI.roa
File: c3DCrLRFAJY72J3n3qrjNug2KJI.roa (raw, json)
Hash identifier: dR7zsNeMamp+bQYtYrwKTVfIZFLqO0MP1cdCrGnLSmE=
Subject key identifier: 73:70:C2:AC:B4:45:00:96:3B:D8:9D:E7:DE:AA:E3:36:E8:36:28:92
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 0195283F29C6114E6697AF668F8A26B8FA98
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/c3DCrLRFAJY72J3n3qrjNug2KJI.roa
Signing time: Fri 21 Feb 2025 11:23:02 +0000
ROA not before: Fri 21 Feb 2025 11:23:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24877
IP address blocks: 84.55.24.0/21 maxlen: 21
84.55.38.0/23 maxlen: 23
84.55.40.0/21 maxlen: 21
84.55.40.0/22 maxlen: 22
84.55.44.0/23 maxlen: 23
84.55.46.0/23 maxlen: 23
88.222.0.0/17 maxlen: 17
88.222.128.0/18 maxlen: 18
88.222.192.0/20 maxlen: 20
88.222.216.0/24 maxlen: 24
88.222.224.0/20 maxlen: 20
88.222.248.0/22 maxlen: 22
88.223.64.0/20 maxlen: 20
88.223.64.0/21 maxlen: 21
88.223.72.0/21 maxlen: 21
88.223.100.0/22 maxlen: 22
88.223.132.0/22 maxlen: 22
88.223.136.0/23 maxlen: 23
88.223.136.0/24 maxlen: 24
88.223.139.0/24 maxlen: 24
88.223.140.0/22 maxlen: 22
88.223.156.0/22 maxlen: 22
88.223.179.0/24 maxlen: 24
88.223.182.0/24 maxlen: 24
213.164.112.0/22 maxlen: 22
217.147.32.0/23 maxlen: 23
217.147.32.0/24 maxlen: 24
217.147.33.0/24 maxlen: 24
217.147.39.0/24 maxlen: 24
217.147.42.0/23 maxlen: 23
2a01:7c80:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:28:3f:29:c6:11:4e:66:97:af:66:8f:8a:26:b8:fa:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Feb 21 11:23:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7370c2acb44500963bd89de7deaae336e8362892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:76:d9:7e:8a:7b:08:73:26:2e:dc:68:0d:72:
9c:02:9d:da:2b:63:46:c3:65:d5:7b:89:06:62:0b:
cf:20:e7:f4:8c:28:f9:35:b9:fe:c1:0b:96:df:5d:
d8:df:d4:9b:71:5b:62:43:0a:3f:ab:9b:9a:9a:2d:
d8:8e:46:6d:ad:e0:de:b5:58:51:31:40:a1:30:97:
b3:09:e8:2e:27:f7:bc:7f:52:f1:14:5b:45:09:80:
a2:2d:49:89:3b:62:56:85:98:e0:c7:6a:9d:a9:79:
f4:86:c5:b2:25:63:7e:fb:4a:24:a5:5c:42:96:a7:
e1:c8:4c:32:2f:b9:f5:95:2d:0a:3c:17:bd:ce:43:
fe:66:a4:62:f2:89:79:10:61:89:6b:ca:da:ce:a9:
56:0c:b5:13:e2:a5:2c:ff:f6:03:40:ad:ad:75:dc:
de:d7:2e:47:81:7d:8a:46:4b:4c:42:4b:31:35:72:
c0:49:d8:81:d0:cb:57:54:34:a8:e6:d7:36:c3:cc:
c9:56:dc:aa:66:1c:13:bd:3d:e6:e8:43:c5:78:e6:
86:f4:7f:4e:67:84:05:dc:13:b0:7c:88:c2:ad:ab:
ed:c3:6b:3c:43:0c:0e:c4:21:d8:7a:65:df:df:49:
4f:8b:2b:0f:91:d1:e1:d4:00:d3:0f:24:91:22:6f:
33:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:70:C2:AC:B4:45:00:96:3B:D8:9D:E7:DE:AA:E3:36:E8:36:28:92
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/c3DCrLRFAJY72J3n3qrjNug2KJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.55.24.0/21
84.55.38.0-84.55.47.255
88.222.0.0-88.222.207.255
88.222.216.0/24
88.222.224.0/20
88.222.248.0/22
88.223.64.0/20
88.223.100.0/22
88.223.132.0-88.223.137.255
88.223.139.0-88.223.143.255
88.223.156.0/22
88.223.179.0/24
88.223.182.0/24
213.164.112.0/22
217.147.32.0/23
217.147.39.0/24
217.147.42.0/23
IPv6:
2a01:7c80:8000::/33
Signature Algorithm: sha256WithRSAEncryption
30:17:08:2b:82:39:38:db:23:01:37:42:e8:54:12:47:4f:86:
ca:7c:0c:b1:ec:98:c2:08:34:38:ef:7d:c1:d7:08:b6:10:9d:
c9:ab:4d:83:c8:9f:85:6c:bb:d6:60:6d:1d:43:38:07:47:e3:
22:3f:71:c6:34:4a:75:07:b7:e6:0b:24:05:0b:54:22:86:bc:
47:57:e3:16:89:92:36:63:a8:dc:d3:e2:90:d0:22:14:35:e0:
5e:6b:ed:09:bb:62:d9:71:17:09:34:68:c9:a3:57:7a:c1:fe:
aa:5b:eb:54:44:86:27:91:aa:a7:b9:b4:ff:3d:bc:b0:a4:0f:
9f:18:62:55:d4:5b:59:6d:f4:2f:30:6a:25:b2:87:df:cf:8c:
da:88:0e:7e:6b:3c:5f:91:b7:10:81:6a:f3:c8:b7:ed:78:a8:
0d:50:4f:23:ce:16:7f:72:61:13:5d:af:51:49:44:db:2f:c8:
5c:a6:b7:6c:cf:91:b4:bc:5e:31:13:a8:6c:8c:3f:ac:e9:a9:
c6:0f:01:a2:29:03:2f:a8:b1:31:b1:e6:36:65:6c:26:b5:6c:
85:44:53:d7:77:0f:74:13:b3:75:dd:55:60:93:cd:0f:a5:77:
b0:05:a1:fb:7f:58:e5:44:c6:40:47:ad:ce:1f:08:13:0c:1a:
ba:7e:ca:5c
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgISAZUoPynGEU5ml69mj4omuPqYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjUwMjIxMTEyMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzcwYzJhY2I0NDUwMDk2M2JkODlkZTdkZWFhZTMzNmU4MzYyODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXbZfop7CHMmLtxoDXKcAp3aK2NG
w2XVe4kGYgvPIOf0jCj5Nbn+wQuW313Y39SbcVtiQwo/q5uami3YjkZtreDetVhR
MUChMJezCeguJ/e8f1LxFFtFCYCiLUmJO2JWhZjgx2qdqXn0hsWyJWN++0okpVxC
lqfhyEwyL7n1lS0KPBe9zkP+ZqRi8ol5EGGJa8razqlWDLUT4qUs//YDQK2tddze
1y5HgX2KRktMQksxNXLASdiB0MtXVDSo5tc2w8zJVtyqZhwTvT3m6EPFeOaG9H9O
Z4QF3BOwfIjCravtw2s8QwwOxCHYemXf30lPiysPkdHh1ADTDySRIm8z5QIDAQAB
o4ICnTCCApkwHQYDVR0OBBYEFHNwwqy0RQCWO9id596q4zboNiiSMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvYzNEQ3JMUkZBSlk3MkozbjNxcmpOdWcyS0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGyBggrBgEFBQcBBwEB/wSBojCBnzCBjAQCAAEwgYUDBANU
NxgwDAMEAVQ3JgMEBFQ3IDALAwMBWN4DBARY3sADBABY3tgDBARY3uADBAJY3vgD
BARY30ADBAJY32QwDAMEAljfhAMEAVjfiDAMAwQAWN+LAwQEWN+AAwQCWN+cAwQA
WN+zAwQAWN+2AwQC1aRwAwQB2ZMgAwQA2ZMnAwQB2ZMqMA4EAgACMAgDBgcqAXyA
gDANBgkqhkiG9w0BAQsFAAOCAQEAMBcIK4I5ONsjATdC6FQSR0+GynwMseyYwgg0
OO99wdcIthCdyatNg8ifhWy71mBtHUM4B0fjIj9xxjRKdQe35gskBQtUIoa8R1fj
FomSNmOo3NPikNAiFDXgXmvtCbti2XEXCTRoyaNXesH+qlvrVESGJ5Gqp7m0/z28
sKQPnxhiVdRbWW30LzBqJbKH38+M2ogOfms8X5G3EIFq88i37XioDVBPI84Wf3Jh
E12vUUlE2y/IXKa3bM+RtLxeMROobIw/rOmpxg8BoikDL6ixMbHmNmVsJrVshURT
13cPdBOzdd1VYJPND6V3sAWh+39Y5UTGQEetzh8IEwwaun7KXA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:47:33 2025 by rpki-client