Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/tnIQiCnzeKmPjZiRA44S-d9GuQY.roa
File: tnIQiCnzeKmPjZiRA44S-d9GuQY.roa (raw, json)
Hash identifier: /GBtHH9QN/HF6h4AUheNXJylb8jys3mkssfa6hcaaDw=
Subject key identifier: B6:72:10:88:29:F3:78:A9:8F:8D:98:91:03:8E:12:F9:DF:46:B9:06
Certificate issuer: /CN=d66738a8dadac2d0d3aeddb934f820066b9f5feb
Certificate serial: 019565F96C3D174D78A3CFC132645EC7C08C
Authority key identifier: D6:67:38:A8:DA:DA:C2:D0:D3:AE:DD:B9:34:F8:20:06:6B:9F:5F:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1mc4qNrawtDTrt25NPggBmufX-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/tnIQiCnzeKmPjZiRA44S-d9GuQY.roa
Signing time: Wed 05 Mar 2025 11:03:19 +0000
ROA not before: Wed 05 Mar 2025 11:03:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20771
IP address blocks: 37.233.128.0/17 maxlen: 17
78.139.128.0/18 maxlen: 18
80.241.184.0/24 maxlen: 24
80.241.244.0/22 maxlen: 22
80.241.252.0/24 maxlen: 24
85.117.32.0/19 maxlen: 19
85.117.32.0/20 maxlen: 20
85.117.48.0/20 maxlen: 20
88.210.192.0/18 maxlen: 18
89.232.0.0/19 maxlen: 19
134.90.0.0/17 maxlen: 17
176.73.0.0/16 maxlen: 16
185.19.96.0/22 maxlen: 22
185.19.96.0/23 maxlen: 23
185.19.98.0/23 maxlen: 23
212.72.130.0/24 maxlen: 24
2a02:23f0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/1mc4qNrawtDTrt25NPggBmufX-s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/1mc4qNrawtDTrt25NPggBmufX-s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1mc4qNrawtDTrt25NPggBmufX-s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:65:f9:6c:3d:17:4d:78:a3:cf:c1:32:64:5e:c7:c0:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d66738a8dadac2d0d3aeddb934f820066b9f5feb
Validity
Not Before: Mar 5 11:03:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b672108829f378a98f8d9891038e12f9df46b906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:58:b8:30:d7:b6:6f:1c:93:7a:ef:2d:84:fb:
ff:7c:c3:61:11:30:c1:60:96:6e:33:b2:51:9e:7d:
51:34:9d:09:75:fc:ee:2e:67:9f:38:0f:0f:64:76:
c6:bd:1f:de:66:e1:96:0a:92:48:e5:7d:0f:4c:04:
69:ee:c8:1f:86:41:05:97:6f:37:19:fc:4a:33:be:
e5:b3:1b:9b:32:08:f2:98:ee:a4:09:5e:74:67:b4:
b6:85:2a:17:ad:89:d1:d5:81:85:35:01:a7:15:47:
b8:81:4c:d8:e6:ff:aa:d5:ec:d8:a9:46:e9:3f:d3:
f2:83:a1:d0:ba:3a:8c:28:5a:c9:f6:41:b7:8d:11:
7f:9a:0e:09:c0:29:04:c9:9f:f7:cf:d0:35:50:ed:
ff:71:bb:8d:09:51:05:2a:70:66:d3:82:7b:a2:4b:
ef:c0:13:d3:e3:65:7a:df:20:20:fc:e7:4e:eb:d5:
a3:f5:20:2f:81:af:71:0e:4e:b1:eb:9f:74:97:f6:
7b:b8:7d:ea:05:bd:ce:93:3b:9a:7c:d5:1f:b8:fc:
5f:0e:2c:36:9d:4f:bc:f1:e4:b9:7d:34:f5:0a:b0:
a9:60:35:cd:be:b3:4b:d6:ea:3f:e4:1e:c5:56:e1:
f6:92:cb:c8:a5:43:6c:47:a0:62:ca:d7:06:d1:02:
37:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:72:10:88:29:F3:78:A9:8F:8D:98:91:03:8E:12:F9:DF:46:B9:06
X509v3 Authority Key Identifier:
keyid:D6:67:38:A8:DA:DA:C2:D0:D3:AE:DD:B9:34:F8:20:06:6B:9F:5F:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1mc4qNrawtDTrt25NPggBmufX-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/tnIQiCnzeKmPjZiRA44S-d9GuQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/1mc4qNrawtDTrt25NPggBmufX-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.233.128.0/17
78.139.128.0/18
80.241.184.0/24
80.241.244.0/22
80.241.252.0/24
85.117.32.0/19
88.210.192.0/18
89.232.0.0/19
134.90.0.0/17
176.73.0.0/16
185.19.96.0/22
212.72.130.0/24
IPv6:
2a02:23f0::/32
Signature Algorithm: sha256WithRSAEncryption
0b:9e:02:d9:cf:ae:57:ca:29:dc:d7:3a:37:78:f9:ff:83:7a:
22:52:5c:e8:67:7e:95:4c:90:b3:02:b1:90:2a:0e:3f:0a:e3:
4d:73:7f:f6:04:ce:a3:dd:b8:f4:4d:4d:91:d4:6f:37:44:22:
26:63:62:47:29:9a:87:b3:bd:b0:32:77:4c:a5:28:09:f8:9d:
7f:60:47:42:be:33:e7:4e:a9:ec:4f:d3:dc:8d:eb:1b:76:fe:
ba:4c:3f:c6:d9:a8:e0:c1:fe:ca:b3:16:7a:7b:c9:d2:d8:cd:
9e:3f:d3:e6:55:e5:5c:9d:50:09:be:80:0f:01:af:44:e2:8f:
e1:e7:b5:32:75:a1:ac:9f:88:8f:a7:35:6f:d7:9a:98:ff:29:
c8:b1:af:23:7d:52:63:5f:1c:89:d3:c6:d2:e3:bb:a9:6d:fe:
c8:a7:42:a4:9e:eb:42:c6:04:c1:92:81:70:82:47:0f:61:1b:
90:96:5c:f8:71:ff:32:7b:69:f4:ef:17:b3:35:03:a9:cf:d9:
89:c4:da:95:91:e0:76:4d:6f:ec:f3:58:b5:70:b6:73:66:53:
75:18:ba:a9:87:dc:93:49:bf:31:a6:78:32:dd:f7:2b:d3:38:
c8:79:da:5f:1d:ad:d9:29:68:c2:34:54:bf:1a:3d:85:9d:24:
fc:cf:ad:08
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZVl+Ww9F014o8/BMmRex8CMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NjczOGE4ZGFkYWMyZDBkM2FlZGRiOTM0ZjgyMDA2NmI5
ZjVmZWIwHhcNMjUwMzA1MTEwMzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjcyMTA4ODI5ZjM3OGE5OGY4ZDk4OTEwMzhlMTJmOWRmNDZiOTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVi4MNe2bxyTeu8thPv/fMNhETDB
YJZuM7JRnn1RNJ0JdfzuLmefOA8PZHbGvR/eZuGWCpJI5X0PTARp7sgfhkEFl283
GfxKM77lsxubMgjymO6kCV50Z7S2hSoXrYnR1YGFNQGnFUe4gUzY5v+q1ezYqUbp
P9Pyg6HQujqMKFrJ9kG3jRF/mg4JwCkEyZ/3z9A1UO3/cbuNCVEFKnBm04J7okvv
wBPT42V63yAg/OdO69Wj9SAvga9xDk6x6590l/Z7uH3qBb3OkzuafNUfuPxfDiw2
nU+88eS5fTT1CrCpYDXNvrNL1uo/5B7FVuH2ksvIpUNsR6BiytcG0QI33wIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFLZyEIgp83ipj42YkQOOEvnfRrkGMB8GA1UdIwQY
MBaAFNZnOKja2sLQ067duTT4IAZrn1/rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW1jNHFOcmF3dERUcnQyNU5QZ2dCbXVmWC1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jNTc3MjctOTM5Ni00YmY4LWIyNWQt
NmExZTBlYzcxZGE4LzEvdG5JUWlDbnplS21QalppUkE0NFMtZDlHdVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jNTc3MjctOTM5Ni00YmY4LWIyNWQtNmExZTBlYzcxZGE4
LzEvMW1jNHFOcmF3dERUcnQyNU5QZ2dCbXVmWC1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBNBAIAATBHAwQHJemAAwQG
TouAAwQAUPG4AwQCUPH0AwQAUPH8AwQFVXUgAwQGWNLAAwQFWegAAwQHhloAAwMA
sEkDBAK5E2ADBADUSIIwDQQCAAIwBwMFACoCI/AwDQYJKoZIhvcNAQELBQADggEB
AAueAtnPrlfKKdzXOjd4+f+DeiJSXOhnfpVMkLMCsZAqDj8K401zf/YEzqPduPRN
TZHUbzdEIiZjYkcpmoezvbAyd0ylKAn4nX9gR0K+M+dOqexP09yN6xt2/rpMP8bZ
qODB/sqzFnp7ydLYzZ4/0+ZV5VydUAm+gA8Br0Tij+HntTJ1oayfiI+nNW/Xmpj/
KcixryN9UmNfHInTxtLju6lt/sinQqSe60LGBMGSgXCCRw9hG5CWXPhx/zJ7afTv
F7M1A6nP2YnE2pWR4HZNb+zzWLVwtnNmU3UYuqmH3JNJvzGmeDLd9yvTOMh52l8d
rdkpaMI0VL8aPYWdJPzPrQg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:28:05 2025 by rpki-client