Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/42W7eeRN7Lof0xxxWQohUF_oSsg.roa
File: 42W7eeRN7Lof0xxxWQohUF_oSsg.roa (raw, json)
Hash identifier: 06FlekORrzXXAU3dPfIQlrH7/LGYHuOinkMHCPksNCw=
Subject key identifier: E3:65:BB:79:E4:4D:EC:BA:1F:D3:1C:71:59:0A:21:50:5F:E8:4A:C8
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01967164C2133B10318D68AD4044FF43B1A8
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/42W7eeRN7Lof0xxxWQohUF_oSsg.roa
Signing time: Sat 26 Apr 2025 09:19:10 +0000
ROA not before: Sat 26 Apr 2025 09:19:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48031
IP address blocks: 45.140.7.0/24 maxlen: 24
45.152.139.0/24 maxlen: 24
77.83.20.0/24 maxlen: 24
77.83.21.0/24 maxlen: 24
77.83.22.0/24 maxlen: 24
77.83.23.0/24 maxlen: 24
80.243.228.0/24 maxlen: 24
84.252.66.0/24 maxlen: 24
84.252.67.0/24 maxlen: 24
88.218.239.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
95.214.80.0/24 maxlen: 24
95.214.81.0/24 maxlen: 24
95.214.82.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
176.118.188.0/24 maxlen: 24
176.118.189.0/24 maxlen: 24
185.177.76.0/24 maxlen: 24
185.177.77.0/24 maxlen: 24
193.160.73.0/24 maxlen: 24
194.28.156.0/24 maxlen: 24
194.28.158.0/24 maxlen: 24
194.28.159.0/24 maxlen: 24
194.104.5.0/24 maxlen: 24
194.104.6.0/24 maxlen: 24
212.69.132.0/24 maxlen: 24
212.69.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 14:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:71:64:c2:13:3b:10:31:8d:68:ad:40:44:ff:43:b1:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Apr 26 09:19:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e365bb79e44decba1fd31c71590a21505fe84ac8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a0:d7:6f:28:72:b9:74:bf:2a:2e:41:26:50:
8f:75:fc:78:3a:30:6b:b5:ba:31:17:5f:d8:84:2d:
52:c5:28:af:48:cc:91:e9:81:8b:64:5a:ee:68:4e:
d0:39:3f:93:14:9e:be:db:a9:20:ab:38:30:95:92:
ad:e4:5c:09:72:6f:a9:21:f6:ae:ee:08:f7:f5:b0:
bd:29:95:18:d5:13:75:e0:68:4f:b6:75:6d:2e:2f:
09:41:27:91:b8:80:3d:93:12:46:ea:78:e1:4c:6d:
6c:38:d9:93:a8:44:ab:a4:c7:db:31:5c:48:49:0d:
6e:b2:10:35:4b:1c:1a:e9:58:bf:60:bf:d5:f0:1a:
e1:ee:ad:9b:cf:3b:2c:44:f0:0a:f8:02:68:50:bf:
04:2d:64:e5:6c:06:d6:68:22:43:1c:31:14:15:96:
5c:c3:f3:fb:31:66:57:d3:af:ae:21:3f:06:c6:24:
2c:b3:23:23:f6:8a:de:da:93:dc:79:e0:7b:18:fd:
df:50:73:fa:67:24:64:a4:12:d8:88:74:62:60:dd:
48:c5:46:35:c2:c5:a7:eb:ff:45:a9:25:75:82:50:
f6:3c:b3:93:10:18:b0:61:02:cd:fa:7a:8e:b6:f5:
32:0c:0d:fe:a0:e8:3c:87:54:fc:40:62:23:c5:d0:
04:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:65:BB:79:E4:4D:EC:BA:1F:D3:1C:71:59:0A:21:50:5F:E8:4A:C8
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/42W7eeRN7Lof0xxxWQohUF_oSsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.7.0/24
45.152.139.0/24
77.83.20.0/22
80.243.228.0/24
84.252.66.0/23
88.218.239.0/24
91.245.239.0/24
95.214.80.0-95.214.82.255
95.214.92.0/24
176.118.188.0/23
185.177.76.0/23
193.160.73.0/24
194.28.156.0/24
194.28.158.0/23
194.104.5.0-194.104.6.255
212.69.132.0/24
212.69.134.0/24
Signature Algorithm: sha256WithRSAEncryption
77:f3:7e:68:d6:49:29:70:e6:c7:f5:2b:c4:f7:27:97:4f:2b:
35:11:c9:3c:10:ad:81:c9:3c:8d:7d:81:2c:fd:d9:8e:a1:25:
ae:53:33:38:d2:3d:76:6d:7a:17:b1:27:74:82:ef:36:3e:94:
db:20:c4:86:33:fe:b5:f3:b7:f2:24:ce:99:d1:8f:93:49:45:
f9:0a:d7:98:2a:f9:c4:b7:df:27:03:07:35:f3:32:22:3e:95:
35:dc:ce:77:e0:18:03:52:3b:72:10:1c:a0:6e:f2:4c:76:a6:
97:5b:e1:31:ce:9e:04:bb:d1:2a:cc:5a:97:5a:35:41:52:b3:
17:ad:4d:c0:9b:ba:2e:db:89:f1:2f:0e:46:59:78:24:89:0e:
87:e5:a8:58:3e:90:da:f3:7a:55:7a:85:a3:dd:4b:f9:0a:7c:
6a:d7:d7:fd:7f:81:5a:1c:2e:ee:bf:94:d9:6f:4b:36:fb:20:
29:9e:c7:0a:c2:a4:89:57:97:dd:49:50:9b:81:7a:30:da:27:
28:c6:9f:f3:03:10:bf:88:06:5b:02:64:ab:a1:33:50:57:ab:
18:03:27:01:72:9c:95:a9:c2:20:29:0c:09:7a:1e:bc:5d:1b:
07:6a:35:54:bb:ab:16:b0:90:02:49:6d:6c:d2:59:bd:2f:1f:
28:c2:8f:a3
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZZxZMITOxAxjWitQET/Q7GoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjUwNDI2MDkxOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzY1YmI3OWU0NGRlY2JhMWZkMzFjNzE1OTBhMjE1MDVmZTg0YWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6DXbyhyuXS/Ki5BJlCPdfx4OjBr
tboxF1/YhC1SxSivSMyR6YGLZFruaE7QOT+TFJ6+26kgqzgwlZKt5FwJcm+pIfau
7gj39bC9KZUY1RN14GhPtnVtLi8JQSeRuIA9kxJG6njhTG1sONmTqESrpMfbMVxI
SQ1ushA1Sxwa6Vi/YL/V8Brh7q2bzzssRPAK+AJoUL8ELWTlbAbWaCJDHDEUFZZc
w/P7MWZX06+uIT8GxiQssyMj9ore2pPceeB7GP3fUHP6ZyRkpBLYiHRiYN1IxUY1
wsWn6/9FqSV1glD2PLOTEBiwYQLN+nqOtvUyDA3+oOg8h1T8QGIjxdAEAwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFONlu3nkTey6H9MccVkKIVBf6ErIMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvNDJXN2VlUk43TG9mMHh4eFdRb2hVRl9vU3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAAtjAcD
BAAtmIsDBAJNUxQDBABQ8+QDBAFU/EIDBABY2u8DBABb9e8wDAMEBF/WUAMEAF/W
UgMEAF/WXAMEAbB2vAMEAbmxTAMEAMGgSQMEAMIcnAMEAcIcnjAMAwQAwmgFAwQA
wmgGAwQA1EWEAwQA1EWGMA0GCSqGSIb3DQEBCwUAA4IBAQB3835o1kkpcObH9SvE
9yeXTys1Eck8EK2ByTyNfYEs/dmOoSWuUzM40j12bXoXsSd0gu82PpTbIMSGM/61
87fyJM6Z0Y+TSUX5CteYKvnEt98nAwc18zIiPpU13M534BgDUjtyEBygbvJMdqaX
W+Exzp4Eu9EqzFqXWjVBUrMXrU3Am7ou24nxLw5GWXgkiQ6H5ahYPpDa83pVeoWj
3Uv5Cnxq19f9f4FaHC7uv5TZb0s2+yApnscKwqSJV5fdSVCbgXow2icoxp/zAxC/
iAZbAmSroTNQV6sYAycBcpyVqcIgKQwJeh68XRsHajVUu6sWsJACSW1s0lm9Lx8o
wo+j
-----END CERTIFICATE-----
Generated at Mon May 12 18:56:28 2025 by rpki-client