Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/NwuwAQ8yW-eS7iDHs-oh4c7VA1o.roa
File: NwuwAQ8yW-eS7iDHs-oh4c7VA1o.roa (raw, json)
Hash identifier: /XTfBMGaAD5mH+2G1jCnIVVFT5MVhjdLW9mt9kHu4/8=
Subject key identifier: 37:0B:B0:01:0F:32:5B:E7:92:EE:20:C7:B3:EA:21:E1:CE:D5:03:5A
Certificate issuer: /CN=07e5c4e4be3b8cbde0eae9460a11032d6a64ab71
Certificate serial: 019424B280D33B19FD4881931D07CB07B8AE
Authority key identifier: 07:E5:C4:E4:BE:3B:8C:BD:E0:EA:E9:46:0A:11:03:2D:6A:64:AB:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B-XE5L47jL3g6ulGChEDLWpkq3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/NwuwAQ8yW-eS7iDHs-oh4c7VA1o.roa
Signing time: Thu 02 Jan 2025 01:47:45 +0000
ROA not before: Thu 02 Jan 2025 01:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202425
IP address blocks: 80.82.64.0/24 maxlen: 24
80.82.65.0/24 maxlen: 24
80.82.66.0/24 maxlen: 24
80.82.67.0/24 maxlen: 24
80.82.68.0/24 maxlen: 24
80.82.69.0/24 maxlen: 24
80.82.70.0/24 maxlen: 24
80.82.76.0/24 maxlen: 24
80.82.77.0/24 maxlen: 24
80.82.78.0/24 maxlen: 24
80.82.79.0/24 maxlen: 24
89.248.160.0/24 maxlen: 24
89.248.161.0/24 maxlen: 24
89.248.162.0/24 maxlen: 24
89.248.163.0/24 maxlen: 24
89.248.164.0/24 maxlen: 24
89.248.165.0/24 maxlen: 24
89.248.166.0/24 maxlen: 24
89.248.167.0/24 maxlen: 24
89.248.168.0/24 maxlen: 24
89.248.169.0/24 maxlen: 24
89.248.170.0/24 maxlen: 24
89.248.171.0/24 maxlen: 24
89.248.172.0/24 maxlen: 24
89.248.173.0/24 maxlen: 24
89.248.174.0/24 maxlen: 24
93.174.88.0/24 maxlen: 24
93.174.89.0/24 maxlen: 24
93.174.90.0/24 maxlen: 24
93.174.91.0/24 maxlen: 24
93.174.92.0/24 maxlen: 24
93.174.93.0/24 maxlen: 24
93.174.94.0/24 maxlen: 24
93.174.95.0/24 maxlen: 24
94.102.48.0/24 maxlen: 24
94.102.49.0/24 maxlen: 24
94.102.50.0/24 maxlen: 24
2a02:6c8:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/B-XE5L47jL3g6ulGChEDLWpkq3E.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/B-XE5L47jL3g6ulGChEDLWpkq3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/B-XE5L47jL3g6ulGChEDLWpkq3E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:80:d3:3b:19:fd:48:81:93:1d:07:cb:07:b8:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07e5c4e4be3b8cbde0eae9460a11032d6a64ab71
Validity
Not Before: Jan 2 01:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=370bb0010f325be792ee20c7b3ea21e1ced5035a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d5:5c:b5:96:06:3c:ba:b8:3c:08:b1:41:5c:
5b:14:b1:19:c0:0b:8b:f3:18:67:d2:88:3b:2b:22:
67:66:ce:5a:1a:b8:5a:58:bb:b0:da:e7:d9:c1:a3:
f8:41:9a:8d:76:2b:8c:81:23:5d:90:ba:4d:6d:94:
c2:a3:fb:2f:3f:a2:27:8c:5e:20:10:a3:6b:cb:88:
a1:05:79:51:c4:41:be:bc:57:86:9f:14:fc:38:e1:
b5:44:d5:af:a5:59:2f:f2:ca:e7:64:75:6c:04:3f:
16:77:9c:5e:da:99:c4:88:d4:73:e1:e5:7f:b9:90:
b0:06:37:91:0b:8e:48:07:9f:2e:98:6d:bd:42:9e:
cb:12:da:76:53:5d:ea:c1:a8:97:98:85:09:dd:ab:
a3:16:75:b5:86:17:27:bd:7d:7a:63:0d:12:72:48:
b2:dd:04:ce:e8:00:49:d0:a5:e0:b2:d6:a0:4e:8b:
21:25:f1:40:b4:5c:9c:7d:74:c1:9d:fb:22:03:21:
d8:40:9a:82:5e:4f:de:a7:60:31:69:56:2d:fd:c6:
a9:ae:a4:32:6f:e3:c3:a5:04:af:4b:e2:a1:cd:ff:
4a:67:fd:3c:a0:aa:ec:86:9d:3b:0a:8b:27:64:82:
99:55:a4:b9:40:62:d7:ef:2a:3e:b5:b8:dc:eb:4f:
07:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:0B:B0:01:0F:32:5B:E7:92:EE:20:C7:B3:EA:21:E1:CE:D5:03:5A
X509v3 Authority Key Identifier:
keyid:07:E5:C4:E4:BE:3B:8C:BD:E0:EA:E9:46:0A:11:03:2D:6A:64:AB:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B-XE5L47jL3g6ulGChEDLWpkq3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/NwuwAQ8yW-eS7iDHs-oh4c7VA1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/B-XE5L47jL3g6ulGChEDLWpkq3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.82.64.0-80.82.70.255
80.82.76.0/22
89.248.160.0-89.248.174.255
93.174.88.0/21
94.102.48.0-94.102.50.255
IPv6:
2a02:6c8:8000::/33
Signature Algorithm: sha256WithRSAEncryption
50:7b:db:8f:c6:88:93:0b:6d:7a:19:26:c0:29:27:25:bb:b0:
8b:0a:b1:f5:05:a3:1b:c0:13:bd:92:d7:dc:83:d2:65:96:9a:
24:57:44:f5:b7:59:e5:24:5e:91:08:6b:ad:95:ba:d1:ea:1c:
cd:d4:67:18:50:98:8c:2f:c6:6e:e1:cb:f0:b1:6a:4c:12:30:
1c:52:be:54:ab:39:27:db:33:c6:d9:2f:9e:82:eb:44:1f:55:
55:19:33:5f:ae:10:6c:b3:08:51:cf:3d:73:ec:eb:99:e9:29:
9a:96:b5:7b:6b:94:12:b5:d0:f7:c3:a0:53:dd:f7:4e:4c:2e:
67:56:9d:6d:37:14:8e:ca:52:a7:1a:45:84:5c:ce:28:2d:a0:
38:81:22:74:55:d6:88:ac:20:4f:ad:b2:b8:cd:ee:88:01:00:
01:30:fd:09:c6:53:e9:4b:67:eb:49:a6:04:06:24:63:c4:a6:
0e:42:f4:53:fa:fb:d9:d0:5a:10:28:e5:1d:18:6b:f5:6c:db:
27:b4:ef:7e:a9:c6:4f:99:ed:6d:f5:53:e5:3f:3b:32:fa:f9:
08:60:2d:d6:a3:fe:ed:a1:0c:39:5c:d1:6e:19:98:4d:87:67:
28:92:7e:06:ee:8a:db:5a:64:72:f7:2c:17:43:1c:db:34:66:
be:1a:e0:87
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZQksoDTOxn9SIGTHQfLB7iuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZTVjNGU0YmUzYjhjYmRlMGVhZTk0NjBhMTEwMzJkNmE2
NGFiNzEwHhcNMjUwMTAyMDE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzBiYjAwMTBmMzI1YmU3OTJlZTIwYzdiM2VhMjFlMWNlZDUwMzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NVctZYGPLq4PAixQVxbFLEZwAuL
8xhn0og7KyJnZs5aGrhaWLuw2ufZwaP4QZqNdiuMgSNdkLpNbZTCo/svP6InjF4g
EKNry4ihBXlRxEG+vFeGnxT8OOG1RNWvpVkv8srnZHVsBD8Wd5xe2pnEiNRz4eV/
uZCwBjeRC45IB58umG29Qp7LEtp2U13qwaiXmIUJ3aujFnW1hhcnvX16Yw0Sckiy
3QTO6ABJ0KXgstagToshJfFAtFycfXTBnfsiAyHYQJqCXk/ep2AxaVYt/caprqQy
b+PDpQSvS+Khzf9KZ/08oKrshp07CosnZIKZVaS5QGLX7yo+tbjc608HiQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFDcLsAEPMlvnku4gx7PqIeHO1QNaMB8GA1UdIwQY
MBaAFAflxOS+O4y94OrpRgoRAy1qZKtxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQi1YRTVMNDdqTDNnNnVsR0NoRURMV3BrcTNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9mNmIxNzMtOTEyYy00MTUxLWJhYzUt
NGM4ODgzMzI3YTJhLzEvTnd1d0FROHlXLWVTN2lESHMtb2g0YzdWQTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9mNmIxNzMtOTEyYy00MTUxLWJhYzUtNGM4ODgzMzI3YTJh
LzEvQi1YRTVMNDdqTDNnNnVsR0NoRURMV3BrcTNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA8BAIAATA2MAwDBAZQUkAD
BABQUkYDBAJQUkwwDAMEBVn4oAMEAFn4rgMEA12uWDAMAwQEXmYwAwQAXmYyMA4E
AgACMAgDBgcqAgbIgDANBgkqhkiG9w0BAQsFAAOCAQEAUHvbj8aIkwttehkmwCkn
Jbuwiwqx9QWjG8ATvZLX3IPSZZaaJFdE9bdZ5SRekQhrrZW60eoczdRnGFCYjC/G
buHL8LFqTBIwHFK+VKs5J9szxtkvnoLrRB9VVRkzX64QbLMIUc89c+zrmekpmpa1
e2uUErXQ98OgU933TkwuZ1adbTcUjspSpxpFhFzOKC2gOIEidFXWiKwgT62yuM3u
iAEAATD9CcZT6Utn60mmBAYkY8SmDkL0U/r72dBaECjlHRhr9WzbJ7TvfqnGT5nt
bfVT5T87Mvr5CGAt1qP+7aEMOVzRbhmYTYdnKJJ+Bu6K21pkcvcsF0Mc2zRmvhrg
hw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:23:41 2025 by rpki-client