Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/7XD1IA3NuhgKaHE-JXDF1aaN9pQ.roa
File: 7XD1IA3NuhgKaHE-JXDF1aaN9pQ.roa (raw, json)
Hash identifier: pAzeFuehJooQ3HnDhzcpevi2h5yf9fcJPHSsIig5+5A=
Subject key identifier: ED:70:F5:20:0D:CD:BA:18:0A:68:71:3E:25:70:C5:D5:A6:8D:F6:94
Certificate issuer: /CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Certificate serial: 019426D9A8E6025AE0440356291CC34E0FC1
Authority key identifier: 36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/7XD1IA3NuhgKaHE-JXDF1aaN9pQ.roa
Signing time: Thu 02 Jan 2025 11:49:46 +0000
ROA not before: Thu 02 Jan 2025 11:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200373
IP address blocks: 45.3.32.0/19 maxlen: 24
65.111.0.0/19 maxlen: 24
95.141.242.0/24 maxlen: 24
104.167.24.0/21 maxlen: 24
104.207.32.0/19 maxlen: 24
2a09:dc00::/29 maxlen: 32
2a0a:1f40::/29 maxlen: 32
2a0a:1f40::/32 maxlen: 32
2a0a:1f41::/32 maxlen: 32
2a0a:da40::/29 maxlen: 29
2a13:3f80::/32 maxlen: 32
2a13:3f83::/32 maxlen: 32
2a13:3f84::/32 maxlen: 32
2a13:3f85::/32 maxlen: 32
2a13:3f86::/32 maxlen: 32
2a13:3f87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.mft
rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:a8:e6:02:5a:e0:44:03:56:29:1c:c3:4e:0f:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Validity
Not Before: Jan 2 11:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed70f5200dcdba180a68713e2570c5d5a68df694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:25:53:0f:c2:2b:4e:b0:66:99:6a:80:a8:4a:
1c:46:df:c9:83:5a:d5:23:8a:05:27:33:a9:f4:40:
4e:c2:02:36:6a:d1:a9:89:28:c4:91:cc:1d:83:d0:
eb:8e:e6:ec:5e:34:fe:53:19:d4:69:22:a0:bd:45:
5d:62:61:c6:2a:d0:39:7c:8a:ba:97:42:6d:10:05:
c3:bb:d3:80:fd:51:9d:e8:f2:3d:b6:65:28:0f:67:
60:56:6e:57:d5:91:f7:76:32:f0:f7:ce:0b:7e:fe:
5d:49:fb:f1:fd:f0:3d:5d:99:0d:fa:08:d1:5d:dd:
55:cb:be:e3:5b:d0:5b:6e:0d:c1:f7:09:2b:68:b1:
20:79:2d:34:b9:34:56:47:be:a5:b8:11:93:ec:d2:
0b:d9:7f:2e:2b:c8:54:0e:92:77:23:fb:87:84:23:
58:4c:e5:e4:46:fc:91:c9:a4:23:e8:5a:d8:a6:35:
1b:cf:17:a6:39:21:6a:19:f9:4c:af:53:8f:d4:b3:
32:37:5f:5e:bf:c0:83:cd:67:6a:eb:b1:64:75:33:
a9:02:7c:90:ed:0f:54:8c:a4:c7:4a:a4:7b:f6:a0:
80:ed:a4:e1:c4:33:c3:78:f8:48:c2:af:b5:08:c7:
33:1d:d4:68:94:e9:21:2f:4c:d8:91:af:a6:fb:31:
dc:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:70:F5:20:0D:CD:BA:18:0A:68:71:3E:25:70:C5:D5:A6:8D:F6:94
X509v3 Authority Key Identifier:
keyid:36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/7XD1IA3NuhgKaHE-JXDF1aaN9pQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.3.32.0/19
65.111.0.0/19
95.141.242.0/24
104.167.24.0/21
104.207.32.0/19
IPv6:
2a09:dc00::/29
2a0a:1f40::/29
2a0a:da40::/29
2a13:3f80::/32
2a13:3f83::-2a13:3f87:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9e:b8:f9:6d:06:86:80:91:35:94:90:0f:f3:f2:09:6f:6a:69:
b2:47:4c:d2:e1:bb:99:c7:dd:d8:88:32:e1:12:6b:fe:18:a9:
99:ba:ce:c1:47:9d:6a:9d:8c:35:7e:65:30:bf:16:05:d7:57:
d8:30:f3:10:0a:a5:e1:4d:c0:a7:dd:36:3f:78:d4:ca:4a:8b:
e0:8a:26:ec:3e:2e:08:55:28:a0:db:e6:86:04:dd:db:77:54:
94:d1:d9:7b:51:73:1d:d3:90:a2:05:27:12:80:5e:66:5c:e8:
bd:b3:00:dd:79:29:fa:c1:62:17:98:b2:ac:9f:4f:d2:db:da:
92:40:16:74:08:23:ec:0d:cf:01:9f:42:39:4e:d6:88:5b:75:
5e:86:fd:b3:06:94:ab:f3:5d:42:b6:9b:c8:85:70:2c:23:a5:
89:e2:56:53:75:8a:99:2d:20:37:74:6c:96:f4:74:05:52:65:
04:e7:07:2d:32:47:fd:27:0d:b7:88:50:88:6c:b6:66:73:55:
e8:b5:72:71:8a:e0:ea:72:45:88:2d:b0:a7:91:0d:98:d5:6e:
67:28:37:eb:de:a0:66:86:ef:df:1c:85:72:fa:fb:c6:31:8f:
17:c5:f9:f5:1d:e2:d7:24:f0:b9:2e:9e:f3:2f:81:06:5b:df:
5b:d3:5e:34
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZQm2ajmAlrgRANWKRzDTg/BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjJmYzJmOGFkOGIwMDgzNTdkYmU2ZjAxOTU5NjBjOWRl
NjFiZDUwHhcNMjUwMTAyMTE0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDcwZjUyMDBkY2RiYTE4MGE2ODcxM2UyNTcwYzVkNWE2OGRmNjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSVTD8IrTrBmmWqAqEocRt/Jg1rV
I4oFJzOp9EBOwgI2atGpiSjEkcwdg9DrjubsXjT+UxnUaSKgvUVdYmHGKtA5fIq6
l0JtEAXDu9OA/VGd6PI9tmUoD2dgVm5X1ZH3djLw984Lfv5dSfvx/fA9XZkN+gjR
Xd1Vy77jW9Bbbg3B9wkraLEgeS00uTRWR76luBGT7NIL2X8uK8hUDpJ3I/uHhCNY
TOXkRvyRyaQj6FrYpjUbzxemOSFqGflMr1OP1LMyN19ev8CDzWdq67FkdTOpAnyQ
7Q9UjKTHSqR79qCA7aThxDPDePhIwq+1CMczHdRolOkhL0zYka+m+zHcjQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFO1w9SANzboYCmhxPiVwxdWmjfaUMB8GA1UdIwQY
MBaAFDYi/C+K2LAINX2+bwGVlgyd5hvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmIt
MDg4MzVkZmY2YzRmLzEvN1hEMUlBM051aGdLYUhFLUpYREYxYWFOOXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmItMDg4MzVkZmY2YzRm
LzEvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjAkBAIAATAeAwQFLQMgAwQF
QW8AAwQAX43yAwQDaKcYAwQFaM8gMDIEAgACMCwDBQMqCdwAAwUDKgofQAMFAyoK
2kADBQAqEz+AMA4DBQAqEz+DAwUDKhM/gDANBgkqhkiG9w0BAQsFAAOCAQEAnrj5
bQaGgJE1lJAP8/IJb2ppskdM0uG7mcfd2Igy4RJr/hipmbrOwUedap2MNX5lML8W
BddX2DDzEAql4U3Ap902P3jUykqL4Iom7D4uCFUooNvmhgTd23dUlNHZe1FzHdOQ
ogUnEoBeZlzovbMA3Xkp+sFiF5iyrJ9P0tvakkAWdAgj7A3PAZ9COU7WiFt1Xob9
swaUq/NdQrabyIVwLCOlieJWU3WKmS0gN3RslvR0BVJlBOcHLTJH/ScNt4hQiGy2
ZnNV6LVycYrg6nJFiC2wp5ENmNVuZyg3696gZobv3xyFcvr7xjGPF8X59R3i1yTw
uS6e8y+BBlvfW9NeNA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:31 2025 by rpki-client