Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/OnZ1oDUkGHXt8p5LFZr7iXHIj2U.roa
File: OnZ1oDUkGHXt8p5LFZr7iXHIj2U.roa (raw, json)
Hash identifier: /DcdW9UyVs0Pozfbw9Y31s/RNRP7VGPFkHtsuWsMDGA=
Subject key identifier: 3A:76:75:A0:35:24:18:75:ED:F2:9E:4B:15:9A:FB:89:71:C8:8F:65
Certificate issuer: /CN=f0f14ed124f9a2f3deab1006f184cf4fb80a3aec
Certificate serial: 019519329E485494530E59DA251C49AE431C
Authority key identifier: F0:F1:4E:D1:24:F9:A2:F3:DE:AB:10:06:F1:84:CF:4F:B8:0A:3A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8PFO0ST5ovPeqxAG8YTPT7gKOuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/OnZ1oDUkGHXt8p5LFZr7iXHIj2U.roa
Signing time: Tue 18 Feb 2025 13:15:02 +0000
ROA not before: Tue 18 Feb 2025 13:15:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200924
IP address blocks: 5.182.107.0/24 maxlen: 24
31.14.29.0/24 maxlen: 24
31.14.30.0/24 maxlen: 24
46.102.102.0/24 maxlen: 24
80.208.255.0/24 maxlen: 24
85.204.37.0/24 maxlen: 24
94.177.133.0/24 maxlen: 24
103.197.8.0/22 maxlen: 22
178.157.95.0/24 maxlen: 24
185.11.16.0/22 maxlen: 22
185.11.16.0/23 maxlen: 23
185.11.18.0/23 maxlen: 23
185.36.112.0/22 maxlen: 22
185.186.116.0/22 maxlen: 22
185.207.240.0/22 maxlen: 22
195.5.96.0/23 maxlen: 23
195.181.254.0/24 maxlen: 24
195.192.252.0/24 maxlen: 24
212.103.52.0/22 maxlen: 22
212.237.254.0/24 maxlen: 24
217.61.255.0/24 maxlen: 24
2a03:4f40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/8PFO0ST5ovPeqxAG8YTPT7gKOuw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/8PFO0ST5ovPeqxAG8YTPT7gKOuw.mft
rsync://rpki.ripe.net/repository/DEFAULT/8PFO0ST5ovPeqxAG8YTPT7gKOuw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 18:31:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:19:32:9e:48:54:94:53:0e:59:da:25:1c:49:ae:43:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0f14ed124f9a2f3deab1006f184cf4fb80a3aec
Validity
Not Before: Feb 18 13:15:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a7675a035241875edf29e4b159afb8971c88f65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:98:7f:2b:d7:db:af:80:9f:eb:e2:b0:33:10:
63:1b:e5:c8:e5:33:6c:95:b0:3d:20:76:a3:e1:0e:
02:39:7b:e6:f6:cb:de:78:d7:1d:46:f7:6b:63:a5:
80:c6:21:32:5d:61:b8:bd:fd:27:8d:f6:90:b9:2b:
07:4d:6f:fd:b4:0d:7d:5c:ac:a9:a2:1f:4c:98:10:
76:98:1d:a3:20:45:f9:a1:80:15:93:41:7c:e0:c5:
62:51:6d:26:33:bd:d6:c9:b4:3c:eb:fa:f0:d3:39:
16:09:d9:5e:6b:b8:6b:67:11:5b:a7:23:44:15:d0:
ef:b3:4c:97:a5:20:1e:f9:86:45:19:43:dc:06:40:
fe:63:f4:6c:5e:77:ab:93:1a:d8:40:b7:df:63:cd:
a3:0c:d2:7b:05:94:7a:3c:a8:24:e0:c6:7b:5b:91:
78:e2:e6:60:84:7b:9a:9e:af:17:ec:b4:69:4e:63:
20:83:0f:4f:64:fc:24:3e:03:99:50:21:4b:a8:fd:
d8:34:ad:e2:a8:7e:d0:11:5f:19:3a:0f:13:a3:9e:
99:25:07:64:de:db:30:78:1d:a8:52:01:3f:dc:3c:
eb:c9:a6:29:2d:97:5b:3c:81:c6:f9:59:38:91:4e:
18:fd:53:e1:be:20:d8:99:14:58:77:27:ac:21:ba:
7b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:76:75:A0:35:24:18:75:ED:F2:9E:4B:15:9A:FB:89:71:C8:8F:65
X509v3 Authority Key Identifier:
keyid:F0:F1:4E:D1:24:F9:A2:F3:DE:AB:10:06:F1:84:CF:4F:B8:0A:3A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8PFO0ST5ovPeqxAG8YTPT7gKOuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/OnZ1oDUkGHXt8p5LFZr7iXHIj2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/8PFO0ST5ovPeqxAG8YTPT7gKOuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.107.0/24
31.14.29.0-31.14.30.255
46.102.102.0/24
80.208.255.0/24
85.204.37.0/24
94.177.133.0/24
103.197.8.0/22
178.157.95.0/24
185.11.16.0/22
185.36.112.0/22
185.186.116.0/22
185.207.240.0/22
195.5.96.0/23
195.181.254.0/24
195.192.252.0/24
212.103.52.0/22
212.237.254.0/24
217.61.255.0/24
IPv6:
2a03:4f40::/32
Signature Algorithm: sha256WithRSAEncryption
41:15:e4:fb:0c:75:67:31:53:45:f4:1d:99:f8:0e:00:1f:01:
56:d0:71:78:7b:ad:1b:96:79:30:24:31:f2:fb:36:80:36:b1:
fb:46:ed:a6:f7:bb:fe:39:5c:02:b5:77:e4:3d:2a:65:71:f6:
9a:7a:42:e2:da:3b:6d:75:b2:40:11:6e:8d:94:97:09:05:20:
45:1e:be:c7:f6:4e:15:d8:47:66:f2:2c:39:eb:34:ea:5f:bb:
7b:51:f6:51:00:63:ca:ad:c4:46:b4:10:42:9e:63:ea:41:8e:
8f:fd:0c:90:7e:2b:89:c3:cb:1e:9a:7f:03:97:07:5d:2f:5c:
24:2b:67:e2:a3:f2:4e:6c:8c:fe:ac:16:65:4f:d5:fb:15:8f:
e9:5a:4c:b9:0a:72:5c:fc:45:40:6e:17:a1:c1:b0:e9:c6:cd:
1a:52:9f:82:b8:56:a0:74:dc:b9:98:0d:19:11:eb:17:5f:80:
3f:4f:1c:f6:3f:86:bf:a4:89:d5:e6:0d:ec:aa:0a:63:d1:dc:
66:db:4f:f4:ea:bf:9b:50:a0:d7:6e:ae:e7:d3:d0:0f:21:5b:
09:87:82:56:29:f7:f7:a7:9c:5f:df:b9:bc:9a:87:10:8a:d4:
fb:ad:71:84:3f:4d:c1:0d:6f:52:3c:cd:1e:21:61:ad:eb:eb:
37:60:2b:e7
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAZUZMp5IVJRTDlnaJRxJrkMcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZjE0ZWQxMjRmOWEyZjNkZWFiMTAwNmYxODRjZjRmYjgw
YTNhZWMwHhcNMjUwMjE4MTMxNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTc2NzVhMDM1MjQxODc1ZWRmMjllNGIxNTlhZmI4OTcxYzg4ZjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Jh/K9fbr4Cf6+KwMxBjG+XI5TNs
lbA9IHaj4Q4COXvm9sveeNcdRvdrY6WAxiEyXWG4vf0njfaQuSsHTW/9tA19XKyp
oh9MmBB2mB2jIEX5oYAVk0F84MViUW0mM73WybQ86/rw0zkWCdlea7hrZxFbpyNE
FdDvs0yXpSAe+YZFGUPcBkD+Y/RsXnerkxrYQLffY82jDNJ7BZR6PKgk4MZ7W5F4
4uZghHuanq8X7LRpTmMggw9PZPwkPgOZUCFLqP3YNK3iqH7QEV8ZOg8To56ZJQdk
3tsweB2oUgE/3DzryaYpLZdbPIHG+Vk4kU4Y/VPhviDYmRRYdyesIbp7NQIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFDp2daA1JBh17fKeSxWa+4lxyI9lMB8GA1UdIwQY
MBaAFPDxTtEk+aLz3qsQBvGEz0+4CjrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFBGTzBTVDVvdlBlcXhBRzhZVFBUN2dLT3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jNzljZjMtYTA3MC00ZDViLTllZTQt
NDM2MTJlN2Q5Y2MxLzEvT25aMW9EVWtHSFh0OHA1TEZacjdpWEhJajJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jNzljZjMtYTA3MC00ZDViLTllZTQtNDM2MTJlN2Q5Y2Mx
LzEvOFBGTzBTVDVvdlBlcXhBRzhZVFBUN2dLT3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizB6BAIAATB0AwQABbZr
MAwDBAAfDh0DBAAfDh4DBAAuZmYDBABQ0P8DBABVzCUDBABesYUDBAJnxQgDBACy
nV8DBAK5CxADBAK5JHADBAK5unQDBAK5z/ADBAHDBWADBADDtf4DBADDwPwDBALU
ZzQDBADU7f4DBADZPf8wDQQCAAIwBwMFACoDT0AwDQYJKoZIhvcNAQELBQADggEB
AEEV5PsMdWcxU0X0HZn4DgAfAVbQcXh7rRuWeTAkMfL7NoA2sftG7ab3u/45XAK1
d+Q9KmVx9pp6QuLaO211skARbo2UlwkFIEUevsf2ThXYR2byLDnrNOpfu3tR9lEA
Y8qtxEa0EEKeY+pBjo/9DJB+K4nDyx6afwOXB10vXCQrZ+Kj8k5sjP6sFmVP1fsV
j+laTLkKclz8RUBuF6HBsOnGzRpSn4K4VqB03LmYDRkR6xdfgD9PHPY/hr+kidXm
DeyqCmPR3GbbT/Tqv5tQoNdurufT0A8hWwmHglYp9/ennF/fubyahxCK1PutcYQ/
TcENb1I8zR4hYa3r6zdgK+c=
-----END CERTIFICATE-----
Generated at Mon Apr 14 03:32:55 2025 by rpki-client