Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/dIzdm0MU2b1raqa6-Fa3gboaEHw.roa
File: dIzdm0MU2b1raqa6-Fa3gboaEHw.roa (raw, json)
Hash identifier: RhUt8j6Y3LtSCbxcVVykE8aP23CP8dgjIgS/GYTQNrg=
Subject key identifier: 74:8C:DD:9B:43:14:D9:BD:6B:6A:A6:BA:F8:56:B7:81:BA:1A:10:7C
Certificate issuer: /CN=2874e46bf636ea63e5d12362f551b80b27714780
Certificate serial: 0194F3A7616671A5E3A3BBC361CF471F7AE9
Authority key identifier: 28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/dIzdm0MU2b1raqa6-Fa3gboaEHw.roa
Signing time: Tue 11 Feb 2025 06:17:00 +0000
ROA not before: Tue 11 Feb 2025 06:17:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57664
IP address blocks: 37.16.96.0/20 maxlen: 23
37.16.112.0/20 maxlen: 24
37.16.112.0/21 maxlen: 21
37.16.120.0/22 maxlen: 22
37.16.124.0/23 maxlen: 23
37.16.126.0/23 maxlen: 23
37.16.126.0/24 maxlen: 24
37.16.127.0/24 maxlen: 24
178.213.232.0/21 maxlen: 21
178.213.239.0/24 maxlen: 24
2a00:4cc0::/32 maxlen: 32
2a00:4cc1:2501::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/KHTka_Y26mPl0SNi9VG4CydxR4A.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/KHTka_Y26mPl0SNi9VG4CydxR4A.mft
rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Apr 2025 12:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f3:a7:61:66:71:a5:e3:a3:bb:c3:61:cf:47:1f:7a:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2874e46bf636ea63e5d12362f551b80b27714780
Validity
Not Before: Feb 11 06:17:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=748cdd9b4314d9bd6b6aa6baf856b781ba1a107c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:92:44:95:df:c4:b6:e7:57:9c:b5:01:86:b7:
d2:3c:a7:48:e2:fe:b7:9c:f5:36:38:61:dd:50:92:
e7:55:20:40:87:d2:b8:eb:6c:c9:69:9b:b3:5d:45:
b1:c1:93:6f:ae:b5:96:93:19:29:6f:0e:3f:d4:92:
fc:81:3a:ea:ca:f2:62:55:48:15:37:95:22:85:8d:
54:a4:ce:c2:7d:33:92:48:74:ce:68:b7:68:95:fc:
54:e4:71:a3:1f:7c:0a:88:24:3f:e3:1d:11:c9:8e:
63:ab:b6:1e:06:f3:18:cb:6f:77:41:b7:39:67:21:
07:e1:81:0d:9e:f2:d0:a1:59:39:16:ec:de:c1:6e:
5f:7e:5d:cf:f6:1e:f2:25:a7:86:33:f8:69:69:f2:
d2:32:70:2f:b8:dd:13:2e:0f:d5:10:63:8d:90:59:
01:78:5e:b9:96:fc:96:09:47:89:a7:12:a5:00:02:
2f:1c:35:96:07:0c:fb:c5:e4:3c:21:f6:25:2b:4e:
ac:03:4c:cf:62:5e:1f:bf:a5:c8:30:43:4e:ff:b6:
7a:39:63:ee:47:7e:bc:08:f6:14:48:ff:ed:68:d0:
54:b0:10:04:58:24:17:a5:6c:00:be:71:94:65:e5:
e8:e8:81:4b:cd:f1:e7:01:37:6d:15:d3:45:9b:06:
dc:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:8C:DD:9B:43:14:D9:BD:6B:6A:A6:BA:F8:56:B7:81:BA:1A:10:7C
X509v3 Authority Key Identifier:
keyid:28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/dIzdm0MU2b1raqa6-Fa3gboaEHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/KHTka_Y26mPl0SNi9VG4CydxR4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.96.0/19
178.213.232.0/21
IPv6:
2a00:4cc0::/32
2a00:4cc1:2501::/64
Signature Algorithm: sha256WithRSAEncryption
66:e4:18:15:44:6e:c5:e3:6f:30:56:08:32:e4:29:da:36:ef:
35:ba:a1:2b:ad:cf:79:ba:d3:d0:c1:1e:ff:97:eb:87:86:f4:
eb:a6:81:22:5a:81:8c:cd:0a:4f:21:91:d8:d2:54:4d:94:22:
e8:87:cd:64:b4:99:b1:31:61:1a:83:56:d9:f7:81:46:21:7c:
d9:bb:82:a4:56:17:1d:f8:f0:18:f9:7a:b1:10:89:d8:a0:8a:
e7:4a:69:38:09:26:d3:3a:38:46:e4:22:d7:4f:5a:38:fd:56:
af:e7:33:1b:0b:05:48:06:c0:c8:8a:d8:45:a0:5c:a9:f9:db:
40:88:07:d0:45:da:64:9e:e9:1a:91:90:83:c4:4d:df:87:83:
c3:bd:27:e6:75:9a:bc:56:2c:3a:be:e0:6d:f9:ed:e6:36:ce:
db:ca:5b:a7:b4:23:bf:57:03:c8:b9:a4:85:b2:59:f6:61:3d:
b1:6a:9e:5f:50:ad:b7:66:15:8e:ca:d6:12:bd:93:be:eb:6e:
42:4f:c0:8c:8a:7f:89:84:9c:e0:11:21:b3:76:19:8c:62:5d:
12:2f:47:08:4c:5a:36:6b:22:fb:7a:fb:8b:b8:18:08:5d:11:
42:a2:05:45:b5:65:6b:4e:1f:96:e3:94:98:2e:a7:e0:af:34:
d1:ed:34:94
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZTzp2FmcaXjo7vDYc9HH3rpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NzRlNDZiZjYzNmVhNjNlNWQxMjM2MmY1NTFiODBiMjc3
MTQ3ODAwHhcNMjUwMjExMDYxNzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDhjZGQ5YjQzMTRkOWJkNmI2YWE2YmFmODU2Yjc4MWJhMWExMDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJJEld/EtudXnLUBhrfSPKdI4v63
nPU2OGHdUJLnVSBAh9K462zJaZuzXUWxwZNvrrWWkxkpbw4/1JL8gTrqyvJiVUgV
N5UihY1UpM7CfTOSSHTOaLdolfxU5HGjH3wKiCQ/4x0RyY5jq7YeBvMYy293Qbc5
ZyEH4YENnvLQoVk5FuzewW5ffl3P9h7yJaeGM/hpafLSMnAvuN0TLg/VEGONkFkB
eF65lvyWCUeJpxKlAAIvHDWWBwz7xeQ8IfYlK06sA0zPYl4fv6XIMENO/7Z6OWPu
R368CPYUSP/taNBUsBAEWCQXpWwAvnGUZeXo6IFLzfHnATdtFdNFmwbc1wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHSM3ZtDFNm9a2qmuvhWt4G6GhB8MB8GA1UdIwQY
MBaAFCh05Gv2Nupj5dEjYvVRuAsncUeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0hUa2FfWTI2bVBsMFNOaTlWRzRDeWR4UjRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9lZGRjMDUtNDAyZC00ZGE3LTk3ZWYt
YzEwZGE2YWFjMWIxLzEvZEl6ZG0wTVUyYjFyYXFhNi1GYTNnYm9hRUh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9lZGRjMDUtNDAyZC00ZGE3LTk3ZWYtYzEwZGE2YWFjMWIx
LzEvS0hUa2FfWTI2bVBsMFNOaTlWRzRDeWR4UjRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQFJRBgAwQD
stXoMBgEAgACMBIDBQAqAEzAAwkAKgBMwSUBAAAwDQYJKoZIhvcNAQELBQADggEB
AGbkGBVEbsXjbzBWCDLkKdo27zW6oSutz3m609DBHv+X64eG9OumgSJagYzNCk8h
kdjSVE2UIuiHzWS0mbExYRqDVtn3gUYhfNm7gqRWFx348Bj5erEQidigiudKaTgJ
JtM6OEbkItdPWjj9Vq/nMxsLBUgGwMiK2EWgXKn520CIB9BF2mSe6RqRkIPETd+H
g8O9J+Z1mrxWLDq+4G357eY2ztvKW6e0I79XA8i5pIWyWfZhPbFqnl9QrbdmFY7K
1hK9k77rbkJPwIyKf4mEnOARIbN2GYxiXRIvRwhMWjZrIvt6+4u4GAhdEUKiBUW1
ZWtOH5bjlJgup+CvNNHtNJQ=
-----END CERTIFICATE-----
Generated at Wed Apr 23 20:09:55 2025 by rpki-client