Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/ANPP4Ri3K1e-3EB_llD87ewAVpI.roa
File: ANPP4Ri3K1e-3EB_llD87ewAVpI.roa (raw, json)
Hash identifier: BqjlpSKTmEfFLg6w0nu9ozK/+m//fsc6fhYWNto/nfI=
Subject key identifier: 00:D3:CF:E1:18:B7:2B:57:BE:DC:40:7F:96:50:FC:ED:EC:00:56:92
Certificate issuer: /CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Certificate serial: 01966BE1EC8290969CECE42A62092F9A3E91
Authority key identifier: B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/ANPP4Ri3K1e-3EB_llD87ewAVpI.roa
Signing time: Fri 25 Apr 2025 07:38:10 +0000
ROA not before: Fri 25 Apr 2025 07:38:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60175
IP address blocks: 89.63.0.0/20 maxlen: 20
89.63.16.0/20 maxlen: 20
89.63.20.0/24 maxlen: 24
89.63.240.0/20 maxlen: 20
185.35.12.0/22 maxlen: 22
195.4.128.0/19 maxlen: 19
195.4.145.0/24 maxlen: 24
195.4.160.0/20 maxlen: 20
195.4.184.0/21 maxlen: 21
195.4.192.0/20 maxlen: 20
195.4.199.0/24 maxlen: 24
195.4.208.0/21 maxlen: 21
2a00:dca0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.mft
rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 22:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6b:e1:ec:82:90:96:9c:ec:e4:2a:62:09:2f:9a:3e:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Validity
Not Before: Apr 25 07:38:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00d3cfe118b72b57bedc407f9650fcedec005692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:12:fa:61:36:6d:15:d1:5c:9f:f0:5b:ac:64:
7b:cd:5e:51:52:70:7d:85:fb:2e:7c:c0:20:77:03:
e4:9e:0a:bc:ff:a4:87:93:e5:8d:3d:91:24:39:80:
3d:fe:3e:67:2d:ed:e8:79:4d:ec:d5:a0:b8:bd:41:
ce:7f:70:9f:99:f6:df:3b:3e:7e:9e:95:9a:cc:51:
4e:5c:38:62:04:8e:bc:bf:f5:fa:d3:3b:23:82:2e:
e8:1a:d7:80:b1:e2:f5:95:2f:94:3b:3a:f0:94:3e:
ac:00:45:a5:b6:47:48:b4:57:6f:64:1f:b0:19:69:
f0:70:5e:ef:a6:a4:0d:e5:d2:09:e8:d3:45:c8:a9:
ec:b6:92:99:9f:10:59:e9:44:9c:26:bd:c1:2c:69:
2c:de:23:ba:b2:90:c9:4a:6d:c3:13:b2:69:76:b0:
c2:42:bf:2e:79:f9:3f:aa:36:68:a8:35:0b:9b:5a:
cc:d0:38:23:4e:74:85:49:fb:5a:d0:4d:cb:25:0c:
11:5e:f2:4b:6b:4c:21:95:9f:fc:f3:0e:ad:82:6b:
04:13:e6:b4:f2:87:3c:51:ae:63:ce:1d:5a:78:ff:
37:95:4b:3d:69:3b:32:bf:79:8e:de:5d:74:d0:86:
54:1a:99:fd:ad:9a:f0:da:8b:e2:5e:fc:ac:ee:2f:
63:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:D3:CF:E1:18:B7:2B:57:BE:DC:40:7F:96:50:FC:ED:EC:00:56:92
X509v3 Authority Key Identifier:
keyid:B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/ANPP4Ri3K1e-3EB_llD87ewAVpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.63.0.0/19
89.63.240.0/20
185.35.12.0/22
195.4.128.0-195.4.175.255
195.4.184.0-195.4.215.255
IPv6:
2a00:dca0::/29
Signature Algorithm: sha256WithRSAEncryption
ac:3e:65:8a:1b:ab:ab:75:5c:0d:9a:0d:93:b9:c9:b9:92:be:
42:1e:36:c6:ee:ab:e5:09:7e:73:a6:7b:ca:2e:85:c1:70:b0:
b9:e0:9c:34:29:25:05:b0:6f:8c:e0:b7:9d:04:cc:fe:a1:1d:
9a:85:61:f9:ca:75:c0:9d:83:1d:2c:70:02:c6:92:94:41:a3:
8e:91:b2:66:d5:b9:b2:43:ea:99:f5:5e:d2:28:73:4f:6f:28:
62:1a:6f:ca:46:f4:c6:7b:87:01:8b:b9:82:92:37:1e:33:f1:
dc:ef:66:58:ac:ce:76:d5:11:44:1c:7a:c2:82:a2:aa:4f:fb:
3c:54:f6:a7:26:f8:36:92:15:b2:c0:94:28:51:ca:95:45:21:
c3:2e:f1:88:8b:8a:a2:c8:c5:95:f3:05:2b:1c:1b:df:3c:86:
51:92:07:f0:db:e6:6b:8c:ff:c0:0c:be:78:3b:61:f7:2f:2e:
bd:92:18:ea:dd:49:e4:9f:98:40:9a:8c:94:aa:e2:d4:29:72:
29:3a:61:2c:b7:b9:6d:e7:b1:6f:94:e6:e4:a8:25:7a:41:ba:
a2:d5:52:5f:9a:a3:b7:0b:8a:aa:42:ba:bb:54:af:90:b3:2c:
8c:20:2d:a2:1a:f3:df:aa:a8:cd:21:61:15:95:72:ef:8f:ae:
cc:87:bf:31
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZZr4eyCkJac7OQqYgkvmj6RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmVlMmIzOTcxMjM3N2I0YmZlYzllNjZhYzdlNmU5MDhl
ZmNlZWMwHhcNMjUwNDI1MDczODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGQzY2ZlMTE4YjcyYjU3YmVkYzQwN2Y5NjUwZmNlZGVjMDA1NjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhL6YTZtFdFcn/BbrGR7zV5RUnB9
hfsufMAgdwPkngq8/6SHk+WNPZEkOYA9/j5nLe3oeU3s1aC4vUHOf3CfmfbfOz5+
npWazFFOXDhiBI68v/X60zsjgi7oGteAseL1lS+UOzrwlD6sAEWltkdItFdvZB+w
GWnwcF7vpqQN5dIJ6NNFyKnstpKZnxBZ6UScJr3BLGks3iO6spDJSm3DE7JpdrDC
Qr8uefk/qjZoqDULm1rM0DgjTnSFSfta0E3LJQwRXvJLa0whlZ/88w6tgmsEE+a0
8oc8Ua5jzh1aeP83lUs9aTsyv3mO3l100IZUGpn9rZrw2oviXvys7i9j3QIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFADTz+EYtytXvtxAf5ZQ/O3sAFaSMB8GA1UdIwQY
MBaAFLMu4rOXEjd7S/7J5mrH5ukI787sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMt
ZjAxNmNhNWRhMjE5LzEvQU5QUDRSaTNLMWUtM0VCX2xsRDg3ZXdBVnBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMtZjAxNmNhNWRhMjE5
LzEvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTA0BAIAATAuAwQFWT8AAwQE
WT/wAwQCuSMMMAwDBAfDBIADBATDBKAwDAMEA8MEuAMEA8ME0DANBAIAAjAHAwUD
KgDcoDANBgkqhkiG9w0BAQsFAAOCAQEArD5lihurq3VcDZoNk7nJuZK+Qh42xu6r
5Ql+c6Z7yi6FwXCwueCcNCklBbBvjOC3nQTM/qEdmoVh+cp1wJ2DHSxwAsaSlEGj
jpGyZtW5skPqmfVe0ihzT28oYhpvykb0xnuHAYu5gpI3HjPx3O9mWKzOdtURRBx6
woKiqk/7PFT2pyb4NpIVssCUKFHKlUUhwy7xiIuKosjFlfMFKxwb3zyGUZIH8Nvm
a4z/wAy+eDth9y8uvZIY6t1J5J+YQJqMlKri1ClyKTphLLe5beexb5Tm5KglekG6
otVSX5qjtwuKqkK6u1SvkLMsjCAtohrz36qozSFhFZVy74+uzIe/MQ==
-----END CERTIFICATE-----
Generated at Sat May 10 07:09:29 2025 by rpki-client