Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/iwdwl1HuN2YXg9VICxrnQ2L8T_o.roa
File: iwdwl1HuN2YXg9VICxrnQ2L8T_o.roa (raw, json)
Hash identifier: tLBry0LnEHMR25EGcYFuNe2nISzjy4sXmppIiMI5cVo=
Subject key identifier: 8B:07:70:97:51:EE:37:66:17:83:D5:48:0B:1A:E7:43:62:FC:4F:FA
Certificate issuer: /CN=75e05bc21b2a6f1033711ffca6491c6c30ce5a4a
Certificate serial: 0194258F94F51B2D5EAF7A52D3F128656EE0
Authority key identifier: 75:E0:5B:C2:1B:2A:6F:10:33:71:1F:FC:A6:49:1C:6C:30:CE:5A:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/deBbwhsqbxAzcR_8pkkcbDDOWko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/iwdwl1HuN2YXg9VICxrnQ2L8T_o.roa
Signing time: Thu 02 Jan 2025 05:49:14 +0000
ROA not before: Thu 02 Jan 2025 05:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12956
IP address blocks: 2.57.224.0/22 maxlen: 22
5.53.0.0/21 maxlen: 21
5.255.144.0/21 maxlen: 21
45.135.52.0/22 maxlen: 22
80.76.8.0/21 maxlen: 21
81.173.104.0/21 maxlen: 21
84.16.0.0/19 maxlen: 19
89.32.176.0/21 maxlen: 21
94.142.96.0/19 maxlen: 19
103.244.236.0/22 maxlen: 22
176.52.248.0/21 maxlen: 21
185.43.180.0/22 maxlen: 22
185.153.168.0/22 maxlen: 22
185.190.8.0/22 maxlen: 22
185.210.28.0/22 maxlen: 22
188.214.148.0/23 maxlen: 23
193.36.134.0/23 maxlen: 23
213.140.32.0/19 maxlen: 19
2001:1498::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/deBbwhsqbxAzcR_8pkkcbDDOWko.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/deBbwhsqbxAzcR_8pkkcbDDOWko.mft
rsync://rpki.ripe.net/repository/DEFAULT/deBbwhsqbxAzcR_8pkkcbDDOWko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:94:f5:1b:2d:5e:af:7a:52:d3:f1:28:65:6e:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75e05bc21b2a6f1033711ffca6491c6c30ce5a4a
Validity
Not Before: Jan 2 05:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b07709751ee37661783d5480b1ae74362fc4ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ed:41:3f:a5:7d:60:d2:ea:8a:cc:ea:06:03:
1b:4d:c2:a0:21:ac:6f:bc:02:ff:47:d0:20:ce:dc:
dc:a3:6f:10:33:f8:07:ae:b6:e7:38:86:dc:56:1a:
98:59:f7:ce:0e:fd:bb:fc:c6:21:2f:b2:6c:fa:6b:
8f:36:7f:b5:01:99:11:4d:30:8e:00:bd:36:f7:44:
46:df:bf:a7:ba:0d:19:6b:65:0e:66:30:de:6a:bc:
e6:62:d5:6e:7a:21:ba:89:a6:ac:97:51:b9:73:c3:
0d:c7:68:7a:d2:e8:db:a9:9b:f2:74:95:4e:36:7a:
2e:fc:9d:74:3f:65:d9:70:66:69:f9:57:e4:25:f9:
5f:6b:54:b7:56:89:e6:f1:02:0f:95:ba:ca:bf:94:
7a:7c:83:47:ec:34:b8:31:3b:e8:9f:3a:54:9d:95:
ef:25:93:e4:1e:46:72:ea:2b:7a:84:5a:f8:74:83:
0f:d1:66:f8:af:cd:ff:69:a3:a7:93:f5:27:21:52:
47:ae:64:b7:1d:c7:da:e1:a2:c4:c7:fd:4d:84:06:
29:5f:5f:15:de:5a:76:fc:c4:d2:3d:c0:39:6d:68:
7b:09:2c:61:96:99:b3:99:76:7a:ba:fc:33:2e:aa:
6e:3d:ab:ea:e9:17:96:4c:c9:dd:44:90:93:55:e8:
9a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:07:70:97:51:EE:37:66:17:83:D5:48:0B:1A:E7:43:62:FC:4F:FA
X509v3 Authority Key Identifier:
keyid:75:E0:5B:C2:1B:2A:6F:10:33:71:1F:FC:A6:49:1C:6C:30:CE:5A:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/deBbwhsqbxAzcR_8pkkcbDDOWko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/iwdwl1HuN2YXg9VICxrnQ2L8T_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/deBbwhsqbxAzcR_8pkkcbDDOWko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.224.0/22
5.53.0.0/21
5.255.144.0/21
45.135.52.0/22
80.76.8.0/21
81.173.104.0/21
84.16.0.0/19
89.32.176.0/21
94.142.96.0/19
103.244.236.0/22
176.52.248.0/21
185.43.180.0/22
185.153.168.0/22
185.190.8.0/22
185.210.28.0/22
188.214.148.0/23
193.36.134.0/23
213.140.32.0/19
IPv6:
2001:1498::/32
Signature Algorithm: sha256WithRSAEncryption
a8:58:fd:5b:55:b4:78:5e:a0:ef:54:7d:8d:fb:b4:ba:08:f7:
3f:7b:5c:f6:8f:d2:32:50:44:67:98:d7:e9:7b:f4:ae:89:33:
d9:82:32:38:05:25:74:a6:b0:d6:ce:b1:26:f3:55:ca:74:fc:
73:77:90:44:35:3b:bc:f5:36:c7:43:49:66:23:0e:8d:3d:3a:
cd:38:3b:59:0a:7f:4b:39:28:c0:75:5c:33:21:62:7b:c5:25:
a5:21:1b:e3:a9:23:13:4c:5d:3e:ae:00:01:97:bf:02:6e:49:
db:bc:e4:72:52:53:22:7e:88:47:96:9e:65:72:b2:a3:33:5c:
c5:e3:d2:8d:ee:45:18:0e:b1:05:23:65:ae:1d:19:8d:f1:90:
3e:c6:ac:bc:89:69:f8:0b:3f:a8:b7:9b:45:92:e1:46:ac:88:
95:ca:e5:72:2a:5a:c8:58:d8:e5:66:8a:fb:f1:59:07:93:6f:
ce:9a:99:42:d6:0b:36:f6:6c:4f:d8:30:97:02:30:f3:d1:88:
a1:a5:b9:05:21:8d:90:83:b2:bb:15:c7:8e:7b:4d:ce:b6:8e:
a8:21:bc:01:e2:1d:99:ac:2f:1b:a0:8c:a3:fc:8d:86:48:0b:
5e:de:a9:0c:92:00:94:e9:52:1c:2e:07:0c:06:6c:cd:3b:a7:
6c:f2:6b:10
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZQlj5T1Gy1er3pS0/EoZW7gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZTA1YmMyMWIyYTZmMTAzMzcxMWZmY2E2NDkxYzZjMzBj
ZTVhNGEwHhcNMjUwMTAyMDU0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjA3NzA5NzUxZWUzNzY2MTc4M2Q1NDgwYjFhZTc0MzYyZmM0ZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+1BP6V9YNLqiszqBgMbTcKgIaxv
vAL/R9Agztzco28QM/gHrrbnOIbcVhqYWffODv27/MYhL7Js+muPNn+1AZkRTTCO
AL0290RG37+nug0Za2UOZjDearzmYtVueiG6iaasl1G5c8MNx2h60ujbqZvydJVO
Nnou/J10P2XZcGZp+VfkJflfa1S3Vonm8QIPlbrKv5R6fINH7DS4MTvonzpUnZXv
JZPkHkZy6it6hFr4dIMP0Wb4r83/aaOnk/UnIVJHrmS3Hcfa4aLEx/1NhAYpX18V
3lp2/MTSPcA5bWh7CSxhlpmzmXZ6uvwzLqpuPavq6ReWTMndRJCTVeia2QIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFIsHcJdR7jdmF4PVSAsa50Ni/E/6MB8GA1UdIwQY
MBaAFHXgW8IbKm8QM3Ef/KZJHGwwzlpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGVCYndoc3FieEF6Y1JfOHBra2NiRERPV2tvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8yYjQ5MzQtNGVhMi00NWMxLWFlMDct
ZDQ1YWI3ZGYyZGUxLzEvaXdkd2wxSHVOMllYZzlWSUN4cm5RMkw4VF9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8yYjQ5MzQtNGVhMi00NWMxLWFlMDctZDQ1YWI3ZGYyZGUx
LzEvZGVCYndoc3FieEF6Y1JfOHBra2NiRERPV2tvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwQCAjng
AwQDBTUAAwQDBf+QAwQCLYc0AwQDUEwIAwQDUa1oAwQFVBAAAwQDWSCwAwQFXo5g
AwQCZ/TsAwQDsDT4AwQCuSu0AwQCuZmoAwQCub4IAwQCudIcAwQBvNaUAwQBwSSG
AwQF1YwgMA0EAgACMAcDBQAgARSYMA0GCSqGSIb3DQEBCwUAA4IBAQCoWP1bVbR4
XqDvVH2N+7S6CPc/e1z2j9IyUERnmNfpe/SuiTPZgjI4BSV0prDWzrEm81XKdPxz
d5BENTu89TbHQ0lmIw6NPTrNODtZCn9LOSjAdVwzIWJ7xSWlIRvjqSMTTF0+rgAB
l78CbknbvORyUlMifohHlp5lcrKjM1zF49KN7kUYDrEFI2WuHRmN8ZA+xqy8iWn4
Cz+ot5tFkuFGrIiVyuVyKlrIWNjlZor78VkHk2/OmplC1gs29mxP2DCXAjDz0Yih
pbkFIY2Qg7K7FceOe03Oto6oIbwB4h2ZrC8boIyj/I2GSAte3qkMkgCU6VIcLgcM
BmzNO6ds8msQ
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:07:37 2025 by rpki-client