Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/4DVldFO5y9KBtzxCTr71AtgC-eU.roa
File: 4DVldFO5y9KBtzxCTr71AtgC-eU.roa (raw, json)
Hash identifier: sBM0L37YAXg4FUlTCLrrPugqQEHySprVmExRuh4Lv3Y=
Subject key identifier: E0:35:65:74:53:B9:CB:D2:81:B7:3C:42:4E:BE:F5:02:D8:02:F9:E5
Certificate issuer: /CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Certificate serial: 01941F8C81DAFA104D8110E3575B5F95B1EA
Authority key identifier: 64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/4DVldFO5y9KBtzxCTr71AtgC-eU.roa
Signing time: Wed 01 Jan 2025 01:48:09 +0000
ROA not before: Wed 01 Jan 2025 01:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57862
IP address blocks: 37.122.152.0/22 maxlen: 22
37.122.154.0/23 maxlen: 23
37.122.154.0/24 maxlen: 24
37.122.155.0/24 maxlen: 24
37.122.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 18:31:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:81:da:fa:10:4d:81:10:e3:57:5b:5f:95:b1:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Validity
Not Before: Jan 1 01:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e035657453b9cbd281b73c424ebef502d802f9e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ef:02:d3:25:30:f2:52:34:e7:54:0d:a7:85:
98:52:c6:2f:93:9d:93:a8:90:5b:9f:1e:ad:26:38:
d3:38:a9:ed:55:14:af:07:9d:88:ad:8b:6b:92:c2:
43:36:6b:6b:c3:cf:8c:2a:9b:28:a6:32:01:5f:98:
95:0c:57:f8:fe:6f:58:47:16:cf:c5:13:e7:4e:56:
31:7b:5f:55:ff:89:42:d8:e3:21:bf:77:b8:4c:dd:
a2:3f:73:de:ea:7e:85:61:54:55:e3:dc:21:8a:e6:
15:fe:c5:d1:eb:ab:a5:bf:3f:81:58:2a:f0:56:8d:
8f:36:46:af:73:be:c1:81:70:5d:20:ae:1f:3f:de:
d1:47:bd:e3:bb:ba:8d:53:0d:2c:1f:99:44:d0:22:
ef:44:62:dd:a9:07:af:a4:f4:09:2d:9e:22:ad:0a:
e4:1c:a3:cf:49:35:39:91:19:61:6b:14:5e:13:aa:
71:e9:ad:cc:56:bf:b1:ed:bc:ab:54:35:d1:18:ff:
ba:35:d5:59:76:d6:68:7e:f7:15:7b:76:22:ae:ef:
b2:78:f5:6d:a0:0b:f0:4a:7c:53:41:31:51:d9:74:
8e:ab:f9:1f:8c:05:1f:1f:45:5b:20:b1:95:60:99:
60:88:a3:cb:e2:29:b4:4e:e7:27:6d:c4:5e:a1:1d:
8a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:35:65:74:53:B9:CB:D2:81:B7:3C:42:4E:BE:F5:02:D8:02:F9:E5
X509v3 Authority Key Identifier:
keyid:64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/4DVldFO5y9KBtzxCTr71AtgC-eU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.152.0-37.122.156.255
Signature Algorithm: sha256WithRSAEncryption
95:f2:70:7e:42:24:d1:bd:55:15:c5:c5:55:50:42:ca:02:d9:
3d:24:60:14:ce:81:de:11:0c:40:28:93:95:2d:cc:71:4b:06:
69:17:ec:c3:a4:91:a3:22:6a:55:11:9b:9a:8f:38:69:2b:42:
0c:b8:ac:75:57:26:8d:0c:63:7d:20:42:0f:1d:d9:35:be:ae:
3b:07:cb:d6:18:fd:f4:df:1b:57:2b:17:c2:93:84:d2:6d:e6:
a7:c8:62:8d:10:71:e9:1d:53:4b:70:f9:b9:a7:06:12:c7:46:
ae:0f:fe:df:32:ac:38:00:4d:88:23:aa:14:dc:93:98:0d:54:
a4:08:31:ee:ca:78:0e:e6:5d:83:48:56:eb:28:92:b3:d1:06:
d1:c1:1f:d1:ee:32:eb:e2:fa:9c:89:ad:fb:4b:91:90:55:f0:
38:2e:fe:34:a4:41:41:c0:07:91:5d:1b:17:23:2c:6c:c5:a3:
7c:f0:3b:5b:aa:96:11:46:68:a9:d0:b9:14:f0:6f:4d:4c:2c:
62:58:45:00:c4:bb:03:5d:56:b9:60:8b:e1:25:70:89:72:5b:
30:ee:bf:b3:03:ae:42:68:16:b5:c9:fd:47:50:1b:ea:97:ca:
e1:74:bc:55:ef:64:07:4e:29:f0:53:0d:0d:a9:3a:d1:3a:e3:
14:39:52:e2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQfjIHa+hBNgRDjV1tflbHqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDE3MWY5M2NjMWNhNzE2ZmM4MDZlMzZhNTU4NTJjZGY0
ZjFjMWMwHhcNMjUwMTAxMDE0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDM1NjU3NDUzYjljYmQyODFiNzNjNDI0ZWJlZjUwMmQ4MDJmOWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArO8C0yUw8lI051QNp4WYUsYvk52T
qJBbnx6tJjjTOKntVRSvB52IrYtrksJDNmtrw8+MKpsopjIBX5iVDFf4/m9YRxbP
xRPnTlYxe19V/4lC2OMhv3e4TN2iP3Pe6n6FYVRV49whiuYV/sXR66ulvz+BWCrw
Vo2PNkavc77BgXBdIK4fP97RR73ju7qNUw0sH5lE0CLvRGLdqQevpPQJLZ4irQrk
HKPPSTU5kRlhaxReE6px6a3MVr+x7byrVDXRGP+6NdVZdtZofvcVe3Yiru+yePVt
oAvwSnxTQTFR2XSOq/kfjAUfH0VbILGVYJlgiKPL4im0TucnbcReoR2KwQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOA1ZXRTucvSgbc8Qk6+9QLYAvnlMB8GA1UdIwQY
MBaAFGTRcfk8wcpxb8gG42pVhSzfTxwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAt
YTQ2MzVkZjQ3ZDcwLzEvNERWbGRGTzV5OUtCdHp4Q1RyNzFBdGdDLWVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAtYTQ2MzVkZjQ3ZDcw
LzEvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMlepgD
BAAlepwwDQYJKoZIhvcNAQELBQADggEBAJXycH5CJNG9VRXFxVVQQsoC2T0kYBTO
gd4RDEAok5UtzHFLBmkX7MOkkaMialURm5qPOGkrQgy4rHVXJo0MY30gQg8d2TW+
rjsHy9YY/fTfG1crF8KThNJt5qfIYo0QcekdU0tw+bmnBhLHRq4P/t8yrDgATYgj
qhTck5gNVKQIMe7KeA7mXYNIVusokrPRBtHBH9HuMuvi+pyJrftLkZBV8Dgu/jSk
QUHAB5FdGxcjLGzFo3zwO1uqlhFGaKnQuRTwb01MLGJYRQDEuwNdVrlgi+ElcIly
WzDuv7MDrkJoFrXJ/UdQG+qXyuF0vFXvZAdOKfBTDQ2pOtE64xQ5UuI=
-----END CERTIFICATE-----
Generated at Mon Apr 14 03:25:48 2025 by rpki-client