Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/jbUG9pTk9em_fTHbjoEIhua3pK0.roa
File: jbUG9pTk9em_fTHbjoEIhua3pK0.roa (raw, json)
Hash identifier: 4tGn3tkK46T9dFOLGdw2zw9ukjnxUtA/PXFwlS5np88=
Subject key identifier: 8D:B5:06:F6:94:E4:F5:E9:BF:7D:31:DB:8E:81:08:86:E6:B7:A4:AD
Certificate issuer: /CN=7d149f62447853689c12fb288afeb6b681cfebc1
Certificate serial: 01967D9134BCB08855609D436D7FA916568E
Authority key identifier: 7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/jbUG9pTk9em_fTHbjoEIhua3pK0.roa
Signing time: Mon 28 Apr 2025 18:03:10 +0000
ROA not before: Mon 28 Apr 2025 18:03:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56740
IP address blocks: 87.252.234.0/24 maxlen: 24
87.252.237.0/24 maxlen: 24
87.252.238.0/24 maxlen: 24
91.149.155.0/24 maxlen: 24
91.149.159.0/24 maxlen: 24
91.149.167.0/24 maxlen: 24
91.149.178.0/24 maxlen: 24
93.125.18.0/24 maxlen: 24
93.125.60.0/23 maxlen: 23
93.125.114.0/24 maxlen: 24
178.172.164.0/24 maxlen: 24
178.172.165.0/24 maxlen: 24
178.172.212.0/24 maxlen: 24
178.172.220.0/24 maxlen: 24
178.172.247.0/24 maxlen: 24
178.172.251.0/24 maxlen: 24
178.172.252.0/24 maxlen: 24
178.172.255.0/24 maxlen: 24
213.184.236.0/24 maxlen: 24
213.184.240.0/24 maxlen: 24
217.21.37.0/24 maxlen: 24
217.21.44.0/24 maxlen: 24
217.21.52.0/24 maxlen: 24
217.21.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.mft
rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 00:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7d:91:34:bc:b0:88:55:60:9d:43:6d:7f:a9:16:56:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d149f62447853689c12fb288afeb6b681cfebc1
Validity
Not Before: Apr 28 18:03:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8db506f694e4f5e9bf7d31db8e810886e6b7a4ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e4:5e:5d:70:91:28:9f:f6:f0:a8:8c:ab:f2:
14:8d:a0:50:75:6f:cb:0b:d6:80:1c:48:0f:07:cf:
a0:4a:bd:0e:d2:ac:a1:c2:1c:3f:a2:ba:14:39:83:
a9:e9:f1:6d:d2:39:8a:27:47:ef:a0:c4:0d:e1:dc:
0a:93:ca:eb:0d:a5:84:ca:a8:88:7a:84:99:00:3d:
6d:e0:2f:a5:40:9d:48:34:c3:5b:7e:90:6f:0e:c1:
6f:24:7f:61:02:fe:84:42:f0:b5:04:c6:f5:6c:ae:
cd:90:7b:ca:3b:11:fe:4a:44:9a:86:d9:f4:70:6d:
bb:0d:c1:06:ef:bb:d6:9d:8e:17:8f:da:72:64:b0:
04:5a:b3:03:ad:62:27:23:20:a4:04:4e:34:51:52:
2e:56:1e:51:54:8e:a1:16:be:a6:ca:4f:af:21:bc:
48:8d:42:e0:ff:94:fa:59:eb:a5:0f:e9:e9:30:97:
2d:96:91:a2:1f:52:ba:b5:74:f0:39:5d:14:cc:17:
c8:92:f6:55:ac:a9:6a:40:2f:58:16:2c:f2:09:92:
3d:13:9e:f7:71:c6:3e:9a:0f:9f:31:dd:2b:e2:9e:
70:16:6c:5c:5b:64:b6:96:b7:4f:e7:af:aa:14:dc:
20:38:fb:1b:d8:b8:9a:23:38:ca:67:9d:ab:77:b3:
b7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:B5:06:F6:94:E4:F5:E9:BF:7D:31:DB:8E:81:08:86:E6:B7:A4:AD
X509v3 Authority Key Identifier:
keyid:7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/jbUG9pTk9em_fTHbjoEIhua3pK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.252.234.0/24
87.252.237.0-87.252.238.255
91.149.155.0/24
91.149.159.0/24
91.149.167.0/24
91.149.178.0/24
93.125.18.0/24
93.125.60.0/23
93.125.114.0/24
178.172.164.0/23
178.172.212.0/24
178.172.220.0/24
178.172.247.0/24
178.172.251.0-178.172.252.255
178.172.255.0/24
213.184.236.0/24
213.184.240.0/24
217.21.37.0/24
217.21.44.0/24
217.21.52.0/23
Signature Algorithm: sha256WithRSAEncryption
17:71:ea:f7:f9:d7:25:52:a2:90:8f:b1:da:2b:fa:51:88:67:
79:03:35:6f:38:f6:5e:a7:17:b0:7f:0c:77:6a:16:6c:e6:81:
67:ef:eb:fb:f6:3a:ac:fc:b0:22:5f:da:9e:73:5f:95:a7:c9:
63:0e:16:2c:7e:c8:03:a0:55:bc:bf:c3:2b:d5:78:0f:7d:88:
22:f1:ba:37:ac:48:e2:20:88:38:52:3d:ea:aa:10:25:da:ab:
31:4c:c0:82:10:a1:87:f6:3c:a0:c7:bd:79:aa:1f:91:ae:b1:
73:76:1a:8a:77:af:8c:4b:ed:7a:98:fc:21:77:9b:00:d2:56:
e9:cb:e4:42:c1:fe:88:32:3d:3c:69:8e:d1:de:08:f2:71:5a:
a9:df:9b:2b:c5:93:1d:1a:46:25:51:2f:55:d3:43:cb:3c:86:
26:33:1c:87:09:dd:aa:0b:d1:03:de:70:86:ab:d5:b9:20:e6:
ff:9f:26:bf:08:79:3e:1b:3d:3f:2f:36:e4:08:f3:e3:82:7e:
b8:ef:55:a9:8a:20:2d:19:64:51:79:6b:ed:3c:3b:c1:b2:ea:
5c:9e:9d:60:db:64:86:de:2c:11:3a:08:7a:86:7f:d3:85:27:
22:b3:ac:48:d2:74:e1:c9:b4:d7:7f:1f:1f:87:d2:9c:65:45:
44:78:87:4c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZZ9kTS8sIhVYJ1DbX+pFlaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMTQ5ZjYyNDQ3ODUzNjg5YzEyZmIyODhhZmViNmI2ODFj
ZmViYzEwHhcNMjUwNDI4MTgwMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGI1MDZmNjk0ZTRmNWU5YmY3ZDMxZGI4ZTgxMDg4NmU2YjdhNGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteReXXCRKJ/28KiMq/IUjaBQdW/L
C9aAHEgPB8+gSr0O0qyhwhw/oroUOYOp6fFt0jmKJ0fvoMQN4dwKk8rrDaWEyqiI
eoSZAD1t4C+lQJ1INMNbfpBvDsFvJH9hAv6EQvC1BMb1bK7NkHvKOxH+SkSahtn0
cG27DcEG77vWnY4Xj9pyZLAEWrMDrWInIyCkBE40UVIuVh5RVI6hFr6myk+vIbxI
jULg/5T6WeulD+npMJctlpGiH1K6tXTwOV0UzBfIkvZVrKlqQC9YFizyCZI9E573
ccY+mg+fMd0r4p5wFmxcW2S2lrdP56+qFNwgOPsb2LiaIzjKZ52rd7O3BwIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFI21BvaU5PXpv30x246BCIbmt6StMB8GA1UdIwQY
MBaAFH0Un2JEeFNonBL7KIr+traBz+vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTct
YWFiMGU0MTRjYzYzLzEvamJVRzlwVGs5ZW1fZlRIYmpvRUlodWEzcEswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTctYWFiMGU0MTRjYzYz
LzEvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBABX
/OowDAMEAFf87QMEAFf87gMEAFuVmwMEAFuVnwMEAFuVpwMEAFuVsgMEAF19EgME
AV19PAMEAF19cgMEAbKspAMEALKs1AMEALKs3AMEALKs9zAMAwQAsqz7AwQAsqz8
AwQAsqz/AwQA1bjsAwQA1bjwAwQA2RUlAwQA2RUsAwQB2RU0MA0GCSqGSIb3DQEB
CwUAA4IBAQAXcer3+dclUqKQj7HaK/pRiGd5AzVvOPZepxewfwx3ahZs5oFn7+v7
9jqs/LAiX9qec1+Vp8ljDhYsfsgDoFW8v8Mr1XgPfYgi8bo3rEjiIIg4Uj3qqhAl
2qsxTMCCEKGH9jygx715qh+RrrFzdhqKd6+MS+16mPwhd5sA0lbpy+RCwf6IMj08
aY7R3gjycVqp35srxZMdGkYlUS9V00PLPIYmMxyHCd2qC9ED3nCGq9W5IOb/nya/
CHk+Gz0/LzbkCPPjgn6471WpiiAtGWRReWvtPDvBsupcnp1g22SG3iwROgh6hn/T
hScis6xI0nThybTXfx8fh9KcZUVEeIdM
-----END CERTIFICATE-----
Generated at Sat May 10 10:15:29 2025 by rpki-client