Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/A-wYO1V25BmLo0MsHi5nmxFBtNs.roa
File: A-wYO1V25BmLo0MsHi5nmxFBtNs.roa (raw, json)
Hash identifier: 5u6QBAUHLc9J4zz+xTjRrOjjBGudY0Jw5svecWsktYk=
Subject key identifier: 03:EC:18:3B:55:76:E4:19:8B:A3:43:2C:1E:2E:67:9B:11:41:B4:DB
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0196837F26CEC9CDEDA5B5014FE7FB2E4E01
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/A-wYO1V25BmLo0MsHi5nmxFBtNs.roa
Signing time: Tue 29 Apr 2025 21:41:10 +0000
ROA not before: Tue 29 Apr 2025 21:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50835
IP address blocks: 37.97.120.0/24 maxlen: 24
37.97.121.0/24 maxlen: 24
46.173.248.0/22 maxlen: 24
46.173.254.0/23 maxlen: 23
77.36.58.0/24 maxlen: 24
77.36.66.0/23 maxlen: 23
81.161.8.0/22 maxlen: 22
81.161.48.0/22 maxlen: 22
91.193.30.0/23 maxlen: 23
91.224.212.0/24 maxlen: 24
91.232.19.0/24 maxlen: 24
91.232.56.0/23 maxlen: 23
91.232.226.0/24 maxlen: 24
91.233.200.0/24 maxlen: 24
91.236.76.0/24 maxlen: 24
91.238.39.0/24 maxlen: 24
91.239.226.0/24 maxlen: 24
91.246.192.0/22 maxlen: 24
91.246.203.0/24 maxlen: 24
93.120.34.0/23 maxlen: 23
93.120.40.0/23 maxlen: 23
109.207.128.0/24 maxlen: 24
109.207.130.0/24 maxlen: 24
109.207.132.0/24 maxlen: 24
176.96.94.0/24 maxlen: 24
176.113.180.0/22 maxlen: 22
176.115.236.0/22 maxlen: 24
176.116.228.0/24 maxlen: 24
176.116.236.0/24 maxlen: 24
176.121.108.0/23 maxlen: 24
176.121.110.0/23 maxlen: 24
194.33.66.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 14:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:83:7f:26:ce:c9:cd:ed:a5:b5:01:4f:e7:fb:2e:4e:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Apr 29 21:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03ec183b5576e4198ba3432c1e2e679b1141b4db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:0d:7a:ca:cb:d3:e2:88:e1:0a:da:82:2a:9e:
e3:e4:9b:b8:24:31:78:48:a6:05:dc:43:91:17:2a:
7b:af:8d:8d:c4:ee:10:9d:d9:3d:e0:69:36:cb:dd:
e4:dc:70:d6:af:69:b8:5d:e7:37:62:51:b6:e9:b3:
ae:66:37:16:76:08:14:9e:23:0c:71:99:bc:10:92:
38:b4:90:10:f6:0a:d1:60:5f:13:3e:16:dd:fb:c7:
75:2e:10:59:a6:c9:72:c7:88:0f:c7:95:87:43:e4:
90:08:75:c3:a9:cf:d6:64:3e:32:fb:72:1f:11:f9:
44:3f:f1:7c:b2:a6:b1:0e:6f:08:93:90:92:8e:5e:
58:2e:d2:11:af:eb:00:9b:1a:b8:91:0e:aa:a9:a0:
28:37:62:b3:99:8d:79:6e:2e:da:c1:9b:3e:80:2a:
12:1c:4e:f4:ea:a3:76:2d:b6:2d:84:db:ba:19:cb:
61:d7:f2:b1:71:f7:90:3c:4c:22:59:31:a5:fe:a3:
4e:24:72:0e:58:fb:5c:3f:ee:52:0e:e8:13:f6:1e:
7a:ff:ee:28:9b:8d:65:42:75:65:55:d1:87:c0:d2:
f0:c8:d7:27:ed:52:c1:e7:d5:7e:f5:9a:37:e8:16:
23:51:d0:a6:8e:b7:22:fa:e4:32:09:8b:97:d9:bb:
35:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:EC:18:3B:55:76:E4:19:8B:A3:43:2C:1E:2E:67:9B:11:41:B4:DB
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/A-wYO1V25BmLo0MsHi5nmxFBtNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.120.0/23
46.173.248.0/22
46.173.254.0/23
77.36.58.0/24
77.36.66.0/23
81.161.8.0/22
81.161.48.0/22
91.193.30.0/23
91.224.212.0/24
91.232.19.0/24
91.232.56.0/23
91.232.226.0/24
91.233.200.0/24
91.236.76.0/24
91.238.39.0/24
91.239.226.0/24
91.246.192.0/22
91.246.203.0/24
93.120.34.0/23
93.120.40.0/23
109.207.128.0/24
109.207.130.0/24
109.207.132.0/24
176.96.94.0/24
176.113.180.0/22
176.115.236.0/22
176.116.228.0/24
176.116.236.0/24
176.121.108.0/22
194.33.66.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:e4:e0:15:0d:23:c8:a7:dc:70:a5:97:f7:cc:2a:19:9d:15:
e9:1d:f5:8c:72:30:58:a1:d9:60:d7:0f:eb:ab:44:aa:9e:67:
b7:25:95:3b:39:be:fe:10:4d:c1:68:36:fd:7f:0a:d8:0e:0e:
07:54:58:22:4a:4b:bc:2e:75:64:50:74:73:a6:03:02:c1:87:
3c:09:86:2a:c8:c2:1c:ba:54:75:98:f7:3c:84:e3:7e:6e:05:
7e:36:94:f4:a0:4e:ab:aa:eb:54:e4:b0:45:f1:57:b2:47:c2:
69:17:c6:ea:a3:5d:b2:83:33:f6:ef:df:c1:48:5d:01:dc:4f:
be:7b:4a:e7:b4:08:14:57:44:fe:25:42:6a:a6:12:30:ad:59:
c9:72:33:f4:5d:af:d8:9f:e6:f0:7a:a7:30:83:9a:b3:a3:cb:
89:6e:2e:36:39:b0:95:ad:15:6f:5f:b2:b3:67:f6:c4:b2:66:
9c:0b:83:8f:10:a8:84:bf:76:6e:51:f2:96:50:36:d2:98:2f:
60:ca:81:73:aa:0b:d5:91:d5:f3:93:d5:ce:8c:71:d7:9d:a3:
1f:2f:4e:42:b9:49:78:85:f2:db:f5:92:7d:1c:d2:8c:42:0d:
0b:e2:26:7c:0d:9c:df:bc:91:13:9f:a4:72:43:53:fa:d2:00:
cc:fa:b3:46
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAZaDfybOyc3tpbUBT+f7Lk4BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwNDI5MjE0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2VjMTgzYjU1NzZlNDE5OGJhMzQzMmMxZTJlNjc5YjExNDFiNGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4w16ysvT4ojhCtqCKp7j5Ju4JDF4
SKYF3EORFyp7r42NxO4Qndk94Gk2y93k3HDWr2m4Xec3YlG26bOuZjcWdggUniMM
cZm8EJI4tJAQ9grRYF8TPhbd+8d1LhBZpslyx4gPx5WHQ+SQCHXDqc/WZD4y+3If
EflEP/F8sqaxDm8Ik5CSjl5YLtIRr+sAmxq4kQ6qqaAoN2KzmY15bi7awZs+gCoS
HE706qN2LbYthNu6Gcth1/KxcfeQPEwiWTGl/qNOJHIOWPtcP+5SDugT9h56/+4o
m41lQnVlVdGHwNLwyNcn7VLB59V+9Zo36BYjUdCmjrci+uQyCYuX2bs16wIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFAPsGDtVduQZi6NDLB4uZ5sRQbTbMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvQS13WU8xVjI1Qm1MbzBNc0hpNW5teEZCdE5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBAEl
YXgDBAIurfgDBAEurf4DBABNJDoDBAFNJEIDBAJRoQgDBAJRoTADBAFbwR4DBABb
4NQDBABb6BMDBAFb6DgDBABb6OIDBABb6cgDBABb7EwDBABb7icDBABb7+IDBAJb
9sADBABb9ssDBAFdeCIDBAFdeCgDBABtz4ADBABtz4IDBABtz4QDBACwYF4DBAKw
cbQDBAKwc+wDBACwdOQDBACwdOwDBAKweWwDBAHCIUIwDQYJKoZIhvcNAQELBQAD
ggEBADzk4BUNI8in3HCll/fMKhmdFekd9YxyMFih2WDXD+urRKqeZ7cllTs5vv4Q
TcFoNv1/CtgODgdUWCJKS7wudWRQdHOmAwLBhzwJhirIwhy6VHWY9zyE435uBX42
lPSgTquq61TksEXxV7JHwmkXxuqjXbKDM/bv38FIXQHcT757Sue0CBRXRP4lQmqm
EjCtWclyM/Rdr9if5vB6pzCDmrOjy4luLjY5sJWtFW9fsrNn9sSyZpwLg48QqIS/
dm5R8pZQNtKYL2DKgXOqC9WR1fOT1c6Mcdedox8vTkK5SXiF8tv1kn0c0oxCDQvi
JnwNnN+8kROfpHJDU/rSAMz6s0Y=
-----END CERTIFICATE-----
Generated at Tue May 6 20:28:50 2025 by rpki-client