Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/7M-OD2BZKTGFt1pigwcJKxVnusA.roa
File: 7M-OD2BZKTGFt1pigwcJKxVnusA.roa (raw, json)
Hash identifier: 75qUp+vt+nvqE7SylHu29lyZut/MWc3ge7gcStv53+s=
Subject key identifier: EC:CF:8E:0F:60:59:29:31:85:B7:5A:62:83:07:09:2B:15:67:BA:C0
Certificate issuer: /CN=69042c1f27a7d7862475087023dc97c3330f73c6
Certificate serial: 01967DBD2703808EC451BFE8C741D04BA45D
Authority key identifier: 69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/7M-OD2BZKTGFt1pigwcJKxVnusA.roa
Signing time: Mon 28 Apr 2025 18:51:10 +0000
ROA not before: Mon 28 Apr 2025 18:51:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48847
IP address blocks: 185.104.68.0/22 maxlen: 22
185.104.68.0/24 maxlen: 24
185.104.68.0/26 maxlen: 26
185.104.68.64/26 maxlen: 26
185.104.68.144/28 maxlen: 28
185.104.68.240/29 maxlen: 29
185.104.70.0/24 maxlen: 24
185.104.70.0/28 maxlen: 28
185.104.70.32/30 maxlen: 30
185.104.70.220/30 maxlen: 30
185.104.71.0/24 maxlen: 24
185.104.71.0/28 maxlen: 28
185.104.71.16/30 maxlen: 30
185.104.71.20/30 maxlen: 30
185.104.71.24/30 maxlen: 30
185.104.71.28/30 maxlen: 30
185.104.71.32/28 maxlen: 28
185.104.71.160/29 maxlen: 29
185.104.71.176/29 maxlen: 29
185.104.71.200/29 maxlen: 29
185.104.71.224/28 maxlen: 28
2a06:3480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/aQQsHyen14YkdQhwI9yXwzMPc8Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/aQQsHyen14YkdQhwI9yXwzMPc8Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 15:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7d:bd:27:03:80:8e:c4:51:bf:e8:c7:41:d0:4b:a4:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69042c1f27a7d7862475087023dc97c3330f73c6
Validity
Not Before: Apr 28 18:51:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eccf8e0f6059293185b75a628307092b1567bac0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:31:76:92:f0:29:f1:55:2b:80:21:1a:c2:5f:
7e:55:f2:72:37:7a:a7:84:a5:cf:60:32:a4:05:b7:
35:18:a2:da:1d:84:7e:0e:22:7c:d5:0e:67:d0:63:
45:05:05:9e:f0:70:e9:b7:20:cb:89:23:e3:88:44:
0b:4a:13:c4:c1:cf:9c:e1:ff:67:cc:1e:9d:16:db:
ca:21:0e:60:73:aa:f0:dc:07:bb:6c:36:c4:1e:6b:
e5:d9:34:84:85:ec:92:34:f8:53:43:2c:d7:14:0b:
44:ce:6d:28:69:1e:bc:7e:63:58:a3:2c:a5:ed:bd:
b7:11:52:e3:d6:1a:ea:bd:90:9a:98:d3:bc:5c:cf:
9e:95:ed:45:56:56:f7:19:c0:5f:1c:70:c1:8e:35:
5f:93:4b:b8:0e:0a:fd:c6:8b:2a:f1:2a:45:4d:ad:
3c:99:c6:cb:8b:47:73:77:c3:0b:3b:19:91:b1:f4:
66:91:95:8c:1a:cf:7b:27:9d:05:8d:cb:36:65:e4:
0b:d3:e6:f1:5d:b4:0f:de:8e:ef:b3:2e:b9:70:74:
c7:99:98:4b:bc:41:39:24:d1:56:77:8e:ca:54:6e:
6c:16:a8:ed:12:83:29:62:9d:3d:a3:9c:bf:88:50:
b0:b8:4b:c1:9b:82:9e:91:36:cb:5a:2a:b1:9c:1c:
34:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:CF:8E:0F:60:59:29:31:85:B7:5A:62:83:07:09:2B:15:67:BA:C0
X509v3 Authority Key Identifier:
keyid:69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/7M-OD2BZKTGFt1pigwcJKxVnusA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/aQQsHyen14YkdQhwI9yXwzMPc8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.68.0/22
IPv6:
2a06:3480::/29
Signature Algorithm: sha256WithRSAEncryption
7f:79:e4:d2:7d:3f:e3:4b:65:1f:8d:37:a8:39:1b:f7:74:cd:
a2:3d:1e:75:d5:f9:e1:30:c2:98:aa:a7:4a:ce:f8:f7:0d:cd:
8a:38:89:20:1f:85:1b:a1:3a:87:fd:f9:86:8d:35:50:d5:9f:
a8:b7:d5:72:ce:86:0b:0e:49:a2:72:33:a0:af:14:22:51:bb:
d2:e1:d2:90:84:0e:f5:f1:18:95:64:60:1f:a2:51:c2:bc:1f:
5b:9b:79:c0:2d:b0:00:10:09:1d:13:92:93:dd:eb:d7:25:c7:
c4:84:ce:9e:d5:3f:29:0b:79:a4:d4:78:77:7d:6c:c9:a1:92:
db:44:ab:a3:2d:43:61:96:eb:5e:7a:15:e3:6c:81:19:86:c0:
69:5e:19:7b:46:bb:a7:3a:be:0c:6d:31:cc:56:fe:26:d5:4c:
ed:05:92:d8:1f:e1:e2:9a:9b:9d:01:47:ff:4a:99:63:a5:ac:
5f:4c:30:b8:70:e0:dd:c3:ae:e9:5d:14:94:c9:04:0b:60:a3:
fe:93:02:3a:f3:77:6c:3c:18:70:35:bd:c5:aa:57:06:57:e3:
cd:f5:67:27:70:1a:95:f9:fc:b3:35:ae:cc:16:70:a4:e3:b0:
fe:05:ff:11:77:7f:83:95:46:1d:ea:ed:56:b0:14:34:f9:c5:
eb:c2:62:91
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZZ9vScDgI7EUb/ox0HQS6RdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MDQyYzFmMjdhN2Q3ODYyNDc1MDg3MDIzZGM5N2MzMzMw
ZjczYzYwHhcNMjUwNDI4MTg1MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2NmOGUwZjYwNTkyOTMxODViNzVhNjI4MzA3MDkyYjE1NjdiYWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjF2kvAp8VUrgCEawl9+VfJyN3qn
hKXPYDKkBbc1GKLaHYR+DiJ81Q5n0GNFBQWe8HDptyDLiSPjiEQLShPEwc+c4f9n
zB6dFtvKIQ5gc6rw3Ae7bDbEHmvl2TSEheySNPhTQyzXFAtEzm0oaR68fmNYoyyl
7b23EVLj1hrqvZCamNO8XM+ele1FVlb3GcBfHHDBjjVfk0u4Dgr9xosq8SpFTa08
mcbLi0dzd8MLOxmRsfRmkZWMGs97J50Fjcs2ZeQL0+bxXbQP3o7vsy65cHTHmZhL
vEE5JNFWd47KVG5sFqjtEoMpYp09o5y/iFCwuEvBm4KekTbLWiqxnBw0SwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOzPjg9gWSkxhbdaYoMHCSsVZ7rAMB8GA1UdIwQY
MBaAFGkELB8np9eGJHUIcCPcl8MzD3PGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgt
Y2JiM2Q2MzVkODJmLzEvN00tT0QyQlpLVEdGdDFwaWd3Y0pLeFZudXNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgtY2JiM2Q2MzVkODJm
LzEvYVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWhEMA0E
AgACMAcDBQMqBjSAMA0GCSqGSIb3DQEBCwUAA4IBAQB/eeTSfT/jS2UfjTeoORv3
dM2iPR511fnhMMKYqqdKzvj3Dc2KOIkgH4UboTqH/fmGjTVQ1Z+ot9VyzoYLDkmi
cjOgrxQiUbvS4dKQhA718RiVZGAfolHCvB9bm3nALbAAEAkdE5KT3evXJcfEhM6e
1T8pC3mk1Hh3fWzJoZLbRKujLUNhluteehXjbIEZhsBpXhl7RrunOr4MbTHMVv4m
1UztBZLYH+HimpudAUf/SpljpaxfTDC4cODdw67pXRSUyQQLYKP+kwI683dsPBhw
Nb3FqlcGV+PN9WcncBqV+fyzNa7MFnCk47D+Bf8Rd3+DlUYd6u1WsBQ0+cXrwmKR
-----END CERTIFICATE-----
Generated at Wed May 7 00:53:37 2025 by rpki-client