Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/cTcEU6BZVDHzKsGmYrYFuehVnmw.roa
File: cTcEU6BZVDHzKsGmYrYFuehVnmw.roa (raw, json)
Hash identifier: Wt8W9AEoHsxpxFYj5Y9GGKvIgV+LkMQs3tuB0PH0H4Q=
Subject key identifier: 71:37:04:53:A0:59:54:31:F3:2A:C1:A6:62:B6:05:B9:E8:55:9E:6C
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 01942747A2253819AF1C04E6A769D8677AB7
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/cTcEU6BZVDHzKsGmYrYFuehVnmw.roa
Signing time: Thu 02 Jan 2025 13:49:53 +0000
ROA not before: Thu 02 Jan 2025 13:49:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209854
IP address blocks: 185.200.204.0/23 maxlen: 23
185.200.204.0/24 maxlen: 24
185.200.205.0/24 maxlen: 24
185.200.206.0/23 maxlen: 23
185.200.206.0/24 maxlen: 24
185.200.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 03:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:a2:25:38:19:af:1c:04:e6:a7:69:d8:67:7a:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: Jan 2 13:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71370453a0595431f32ac1a662b605b9e8559e6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ed:30:88:cc:a8:bb:e3:3e:b8:72:80:e4:4a:
17:20:4f:f6:c1:26:3a:e4:57:aa:0f:a8:43:b4:1c:
60:4b:e2:6a:ca:09:25:d4:2b:ab:d1:31:0e:51:8a:
83:fe:00:44:cf:f7:50:3a:84:35:b2:f7:77:87:00:
7a:fe:da:aa:e2:c8:45:49:6f:b5:fb:84:44:cd:d3:
47:3d:14:45:69:b0:9c:f5:b8:3b:80:6c:15:c5:cc:
82:d2:21:f7:1c:46:7e:bb:a8:c0:24:e2:8c:9a:bf:
75:1b:83:58:f8:54:f0:62:63:25:cc:3d:71:99:1a:
9c:5e:e3:05:fc:55:fe:6e:fb:97:4c:8d:d1:62:87:
12:99:a7:b6:db:7e:b2:8a:11:86:44:d9:12:90:01:
9c:3d:01:15:00:8d:ab:cd:54:bb:ca:8c:33:dc:5d:
4f:3a:66:05:55:f7:a4:b8:a7:01:b7:3e:3d:30:f4:
4f:bd:cd:5e:ec:72:35:a7:7a:79:ef:27:c8:e3:16:
2f:e9:44:5a:89:86:75:9d:64:f5:8b:d5:c0:47:8a:
5e:62:23:71:92:6b:d6:81:85:2e:e3:86:16:b3:23:
9a:ce:ac:7a:bc:08:0c:b0:28:92:ee:8b:2f:01:c8:
cc:79:d9:4a:4d:22:29:d2:2e:29:11:56:f0:11:c3:
77:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:37:04:53:A0:59:54:31:F3:2A:C1:A6:62:B6:05:B9:E8:55:9E:6C
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/cTcEU6BZVDHzKsGmYrYFuehVnmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.204.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:62:e4:95:a0:2c:96:44:41:1a:4f:2d:ef:53:c0:b4:2c:26:
8d:1c:4c:4e:18:23:b1:14:ec:d5:9f:af:25:d9:d2:a5:4d:a6:
a1:95:5d:ee:f2:20:5c:54:d3:47:4a:27:97:ab:d5:a8:80:a7:
5d:b3:9d:5d:b6:71:d0:0b:64:6a:33:fa:fd:c0:32:b4:a1:68:
3a:53:0b:7d:e7:77:74:70:0f:5a:e7:0b:7f:5e:fc:a7:a7:59:
d2:42:c7:a5:99:75:de:29:cc:bb:ee:24:03:ec:c1:4d:cf:56:
f9:31:02:ca:b3:23:80:d3:a1:c7:01:74:06:05:9b:b1:2d:c9:
62:ca:87:b1:0f:c8:ef:b0:00:98:12:ac:b1:ae:b5:3c:9d:92:
42:67:f3:53:5c:b7:f9:b0:df:2e:fd:fb:42:15:44:a3:bc:20:
82:15:18:15:e3:d9:b0:23:15:02:d4:57:18:ad:09:15:ba:34:
6b:31:d9:61:00:da:4a:31:a1:6c:95:25:41:d4:46:af:a4:15:
ee:6f:f5:5b:02:d4:40:e7:8a:c4:54:62:99:1a:94:c7:28:a1:
de:cf:b4:22:48:7e:3a:28:34:4e:4f:2c:13:4c:d2:ce:5b:4e:
c8:5d:3c:0c:22:1c:8f:41:47:d6:24:ba:3e:35:cd:c1:fb:b9:
35:3b:0b:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR6IlOBmvHATmp2nYZ3q3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzdjYzhmMTZiM2M2Y2JkMzM0NmFhM2VkNjE3NzFmM2U4
M2FjOTcwHhcNMjUwMTAyMTM0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTM3MDQ1M2EwNTk1NDMxZjMyYWMxYTY2MmI2MDViOWU4NTU5ZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+0wiMyou+M+uHKA5EoXIE/2wSY6
5FeqD6hDtBxgS+Jqygkl1Cur0TEOUYqD/gBEz/dQOoQ1svd3hwB6/tqq4shFSW+1
+4REzdNHPRRFabCc9bg7gGwVxcyC0iH3HEZ+u6jAJOKMmr91G4NY+FTwYmMlzD1x
mRqcXuMF/FX+bvuXTI3RYocSmae2236yihGGRNkSkAGcPQEVAI2rzVS7yowz3F1P
OmYFVfekuKcBtz49MPRPvc1e7HI1p3p57yfI4xYv6URaiYZ1nWT1i9XAR4peYiNx
kmvWgYUu44YWsyOazqx6vAgMsCiS7osvAcjMedlKTSIp0i4pEVbwEcN33wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHE3BFOgWVQx8yrBpmK2BbnoVZ5sMB8GA1UdIwQY
MBaAFP03zI8Ws8bL0zRqo+1hdx8+g6yXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMt
N2UwNWFiNDFiNmU0LzEvY1RjRVU2QlpWREh6S3NHbVlyWUZ1ZWhWbm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMtN2UwNWFiNDFiNmU0
LzEvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucjMMA0G
CSqGSIb3DQEBCwUAA4IBAQA8YuSVoCyWREEaTy3vU8C0LCaNHExOGCOxFOzVn68l
2dKlTaahlV3u8iBcVNNHSieXq9WogKdds51dtnHQC2RqM/r9wDK0oWg6Uwt953d0
cA9a5wt/Xvynp1nSQselmXXeKcy77iQD7MFNz1b5MQLKsyOA06HHAXQGBZuxLcli
yoexD8jvsACYEqyxrrU8nZJCZ/NTXLf5sN8u/ftCFUSjvCCCFRgV49mwIxUC1FcY
rQkVujRrMdlhANpKMaFslSVB1EavpBXub/VbAtRA54rEVGKZGpTHKKHez7QiSH46
KDROTywTTNLOW07IXTwMIhyPQUfWJLo+Nc3B+7k1Owvu
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:08:51 2025 by rpki-client