Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/W3qS8ccHplCENHnAWCXalJ4Lxq8.roa
File: W3qS8ccHplCENHnAWCXalJ4Lxq8.roa (raw, json)
Hash identifier: h3ysUJyoiR9Pxj5SMBpAdJdk3U65tHclFMzHCEEhX4k=
Subject key identifier: 5B:7A:92:F1:C7:07:A6:50:84:34:79:C0:58:25:DA:94:9E:0B:C6:AF
Certificate issuer: /CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Certificate serial: 01968BEC235B0973384D7358ABCDF1A4C747
Authority key identifier: 95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/W3qS8ccHplCENHnAWCXalJ4Lxq8.roa
Signing time: Thu 01 May 2025 12:57:10 +0000
ROA not before: Thu 01 May 2025 12:57:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62651
IP address blocks: 185.147.212.0/24 maxlen: 24
185.147.213.0/24 maxlen: 24
185.147.214.0/24 maxlen: 24
185.147.215.0/24 maxlen: 24
2a03:efc0:500::/40 maxlen: 40
2a03:efc0:700::/40 maxlen: 40
2a03:efc0:900::/40 maxlen: 40
2a03:efc0:1100::/40 maxlen: 40
2a03:efc0:1500::/40 maxlen: 40
2a03:efc0:1700::/40 maxlen: 40
2a03:efc0:2300::/40 maxlen: 40
2a03:efc0:2500::/40 maxlen: 40
2a03:efc0:2700::/40 maxlen: 40
2a03:efc0:2900::/40 maxlen: 40
2a03:efc0:3100::/40 maxlen: 40
2a03:efc0:3300::/40 maxlen: 40
2a03:efc0:3500::/40 maxlen: 40
2a03:efc0:3700::/40 maxlen: 40
2a03:efc0:4100::/40 maxlen: 40
2a03:efc0:5400::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 15:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8b:ec:23:5b:09:73:38:4d:73:58:ab:cd:f1:a4:c7:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Validity
Not Before: May 1 12:57:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b7a92f1c707a650843479c05825da949e0bc6af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:35:ac:82:ca:e7:52:e7:66:b2:6d:5e:09:98:
9c:e7:65:2f:9e:bf:ee:ce:f3:75:53:f8:5d:b6:c0:
b8:1f:72:1b:5c:51:a1:89:6e:b7:a8:e9:5a:30:01:
b4:a1:14:de:17:b3:50:ba:c7:33:71:78:30:04:32:
5a:c8:7f:55:bf:8b:bb:e4:99:0a:09:5f:e7:54:94:
e5:70:13:8d:05:02:96:2b:a3:0d:0d:e7:19:99:b1:
b9:0a:4d:aa:11:b6:6d:3c:89:4c:34:c0:ce:4a:6d:
8e:f6:ca:61:52:21:14:09:fc:e9:89:a6:8a:b8:ba:
d1:dd:94:ac:e8:e8:cc:49:42:f9:19:78:74:60:ce:
46:83:b6:ef:b3:d1:c8:dc:20:3a:f3:23:14:a1:8a:
eb:c7:26:e7:ea:0f:74:9a:38:9e:d0:3d:ce:83:73:
f8:fa:0a:ba:db:9c:b7:a4:f5:dc:09:0a:91:a8:80:
5f:70:ce:14:09:98:c2:8f:04:94:a3:79:c4:ff:32:
ff:20:84:31:50:01:29:1c:67:b6:1b:db:eb:c2:0f:
c7:08:a6:1b:e6:47:65:7d:73:fe:d1:cc:3e:22:e2:
7f:62:37:83:f7:b7:f1:82:46:65:68:ac:9b:87:c1:
fc:f8:b1:93:de:0c:4f:ae:f7:46:39:1b:1b:73:c4:
cb:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:7A:92:F1:C7:07:A6:50:84:34:79:C0:58:25:DA:94:9E:0B:C6:AF
X509v3 Authority Key Identifier:
keyid:95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/W3qS8ccHplCENHnAWCXalJ4Lxq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.212.0/22
IPv6:
2a03:efc0:500::/40
2a03:efc0:700::/40
2a03:efc0:900::/40
2a03:efc0:1100::/40
2a03:efc0:1500::/40
2a03:efc0:1700::/40
2a03:efc0:2300::/40
2a03:efc0:2500::/40
2a03:efc0:2700::/40
2a03:efc0:2900::/40
2a03:efc0:3100::/40
2a03:efc0:3300::/40
2a03:efc0:3500::/40
2a03:efc0:3700::/40
2a03:efc0:4100::/40
2a03:efc0:5400::/40
Signature Algorithm: sha256WithRSAEncryption
bc:6e:af:0b:c5:62:cf:7f:53:24:55:d8:1a:9f:90:9e:e3:6a:
f8:0e:31:26:98:aa:b8:48:11:2e:f5:28:1f:82:b1:bb:25:55:
9e:35:ec:cc:29:60:6c:8c:c6:17:3f:8b:b3:63:1b:46:ff:2b:
24:a4:9e:a6:01:c6:76:c9:38:29:be:17:e4:78:79:75:94:4f:
47:45:ab:63:23:f1:af:79:59:a9:9e:7b:ad:9e:e6:24:47:f5:
72:c2:ec:1a:21:ea:ef:c9:4d:4c:1c:86:32:fb:e1:63:25:fc:
24:35:5b:39:b6:3f:02:02:57:ec:7a:d7:fc:24:5a:58:bf:0d:
29:56:3c:96:fe:56:de:bb:82:7a:5d:67:2d:7d:d1:8f:b4:e3:
56:3d:ee:d0:eb:77:47:58:e3:52:b6:22:a7:72:a6:4b:16:9a:
b4:81:a9:8c:70:6d:42:c3:79:e3:9d:11:25:d9:1e:d6:81:3a:
00:c7:dc:5e:6d:32:06:d5:28:da:b7:4b:7c:81:16:2c:99:86:
d4:01:e5:8b:57:f5:62:ab:4e:b8:04:98:b5:ff:4f:2a:25:b9:
49:8a:61:48:d7:ed:13:8a:93:ec:cb:34:71:bf:44:d4:84:c3:
fe:cf:2d:56:9f:99:1e:84:8a:64:35:e4:3e:80:41:16:cc:fb:
47:aa:fa:2c
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAZaL7CNbCXM4TXNYq83xpMdHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDJkOGI4MjY5YzZiMDdmODE0YWNmMGM3ZWQ3MjliM2Y0
YjU5ODQwHhcNMjUwNTAxMTI1NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjdhOTJmMWM3MDdhNjUwODQzNDc5YzA1ODI1ZGE5NDllMGJjNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTWsgsrnUudmsm1eCZic52Uvnr/u
zvN1U/hdtsC4H3IbXFGhiW63qOlaMAG0oRTeF7NQusczcXgwBDJayH9Vv4u75JkK
CV/nVJTlcBONBQKWK6MNDecZmbG5Ck2qEbZtPIlMNMDOSm2O9sphUiEUCfzpiaaK
uLrR3ZSs6OjMSUL5GXh0YM5Gg7bvs9HI3CA68yMUoYrrxybn6g90mjie0D3Og3P4
+gq625y3pPXcCQqRqIBfcM4UCZjCjwSUo3nE/zL/IIQxUAEpHGe2G9vrwg/HCKYb
5kdlfXP+0cw+IuJ/YjeD97fxgkZlaKybh8H8+LGT3gxPrvdGORsbc8TLdQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFFt6kvHHB6ZQhDR5wFgl2pSeC8avMB8GA1UdIwQY
MBaAFJUC2LgmnGsH+BSs8Mftcps/S1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYt
MDFiOGJiNmFkOTBhLzEvVzNxUzhjY0hwbENFTkhuQVdDWGFsSjRMeHE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYtMDFiOGJiNmFkOTBh
LzEvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDAMBAIAATAGAwQCuZPU
MIGHBAIAAjCBgAMGACoD78AFAwYAKgPvwAcDBgAqA+/ACQMGACoD78ARAwYAKgPv
wBUDBgAqA+/AFwMGACoD78AjAwYAKgPvwCUDBgAqA+/AJwMGACoD78ApAwYAKgPv
wDEDBgAqA+/AMwMGACoD78A1AwYAKgPvwDcDBgAqA+/AQQMGACoD78BUMA0GCSqG
SIb3DQEBCwUAA4IBAQC8bq8LxWLPf1MkVdgan5Ce42r4DjEmmKq4SBEu9SgfgrG7
JVWeNezMKWBsjMYXP4uzYxtG/yskpJ6mAcZ2yTgpvhfkeHl1lE9HRatjI/GveVmp
nnutnuYkR/VywuwaIervyU1MHIYy++FjJfwkNVs5tj8CAlfsetf8JFpYvw0pVjyW
/lbeu4J6XWctfdGPtONWPe7Q63dHWONStiKncqZLFpq0gamMcG1Cw3njnREl2R7W
gToAx9xebTIG1Sjat0t8gRYsmYbUAeWLV/Viq064BJi1/08qJblJimFI1+0TipPs
yzRxv0TUhMP+zy1Wn5kehIpkNeQ+gEEWzPtHqvos
-----END CERTIFICATE-----
Generated at Sun May 11 22:31:40 2025 by rpki-client