Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/f17g18QFfdvHYwpt8j5c-Ut0KIg.roa
File: f17g18QFfdvHYwpt8j5c-Ut0KIg.roa (raw, json)
Hash identifier: tbPWxLgOnzeuUddm3+/kPda4AB0ACHo9QXxycRR4QlM=
Subject key identifier: 7F:5E:E0:D7:C4:05:7D:DB:C7:63:0A:6D:F2:3E:5C:F9:4B:74:28:88
Certificate issuer: /CN=63082d6d3a1dc501795737537ca74d27a80265a2
Certificate serial: 01969F9035341DF51167BC09E8AD15DA58BB
Authority key identifier: 63:08:2D:6D:3A:1D:C5:01:79:57:37:53:7C:A7:4D:27:A8:02:65:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YwgtbTodxQF5VzdTfKdNJ6gCZaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/f17g18QFfdvHYwpt8j5c-Ut0KIg.roa
Signing time: Mon 05 May 2025 08:29:10 +0000
ROA not before: Mon 05 May 2025 08:29:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62205
IP address blocks: 79.174.184.0/21 maxlen: 21
79.174.184.0/23 maxlen: 24
79.174.186.0/23 maxlen: 24
79.174.188.0/23 maxlen: 24
79.174.190.0/24 maxlen: 24
91.209.128.0/23 maxlen: 23
91.209.130.0/24 maxlen: 24
139.28.180.0/22 maxlen: 22
139.28.180.0/23 maxlen: 23
139.28.182.0/23 maxlen: 23
178.213.80.0/21 maxlen: 21
178.213.80.0/22 maxlen: 24
178.213.84.0/23 maxlen: 24
178.213.86.0/24 maxlen: 24
185.44.164.0/22 maxlen: 22
185.44.164.0/23 maxlen: 24
185.44.166.0/24 maxlen: 24
185.44.167.0/24 maxlen: 24
185.77.228.0/22 maxlen: 22
185.77.228.0/23 maxlen: 24
185.77.230.0/24 maxlen: 24
185.77.240.0/22 maxlen: 24
185.77.240.0/23 maxlen: 24
185.77.242.0/23 maxlen: 24
2a01:72a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/YwgtbTodxQF5VzdTfKdNJ6gCZaI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/YwgtbTodxQF5VzdTfKdNJ6gCZaI.mft
rsync://rpki.ripe.net/repository/DEFAULT/YwgtbTodxQF5VzdTfKdNJ6gCZaI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 15 May 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9f:90:35:34:1d:f5:11:67:bc:09:e8:ad:15:da:58:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63082d6d3a1dc501795737537ca74d27a80265a2
Validity
Not Before: May 5 08:29:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f5ee0d7c4057ddbc7630a6df23e5cf94b742888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:15:3b:bf:4a:f4:3b:c7:c3:e0:f2:f2:5d:b9:
4e:e8:83:20:55:2d:ae:ad:62:51:86:31:0c:99:d6:
68:33:88:d0:ca:76:7a:69:15:49:6a:3e:29:e4:21:
6f:87:79:34:4a:f3:ba:da:c7:f4:35:44:b8:93:e2:
de:1c:a1:16:2b:68:d9:18:0a:5b:d4:45:f9:3e:26:
97:d2:9c:93:dd:5a:23:cb:9b:ea:7e:c2:a9:a7:1d:
19:aa:0c:7a:ea:53:d2:05:06:da:66:88:2e:56:23:
e0:ea:3a:71:04:3c:61:fc:a6:79:b0:3c:23:22:0d:
cc:02:fc:aa:91:50:95:ce:bf:ac:a5:17:91:c5:f8:
22:c5:c6:70:bb:b9:2c:1d:67:84:50:3e:77:11:35:
70:12:9a:0b:28:80:51:4c:dd:62:87:f9:da:87:45:
ed:6f:08:d5:57:31:a7:f8:8d:26:f2:a2:8c:99:a0:
16:53:6a:b9:4c:8d:5b:c4:31:90:55:fc:3c:4e:4f:
6e:08:39:76:90:28:e9:76:46:98:30:e8:61:bc:08:
39:8a:b5:ca:3a:bf:a2:22:06:14:d5:b3:7a:91:c2:
4a:80:90:4c:d3:e0:2a:f8:41:50:f2:c6:5c:d5:0f:
42:84:e5:60:d5:39:71:4d:3b:b9:13:d2:23:70:d1:
31:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:5E:E0:D7:C4:05:7D:DB:C7:63:0A:6D:F2:3E:5C:F9:4B:74:28:88
X509v3 Authority Key Identifier:
keyid:63:08:2D:6D:3A:1D:C5:01:79:57:37:53:7C:A7:4D:27:A8:02:65:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YwgtbTodxQF5VzdTfKdNJ6gCZaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/f17g18QFfdvHYwpt8j5c-Ut0KIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/YwgtbTodxQF5VzdTfKdNJ6gCZaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.184.0/21
91.209.128.0-91.209.130.255
139.28.180.0/22
178.213.80.0/21
185.44.164.0/22
185.77.228.0/22
185.77.240.0/22
IPv6:
2a01:72a0::/32
Signature Algorithm: sha256WithRSAEncryption
3c:df:57:2d:07:f4:17:4f:28:93:65:43:22:ff:3e:03:87:0f:
99:d0:b9:a0:37:0c:d9:8f:60:19:38:44:8a:f0:ad:ae:07:30:
cb:82:d8:06:4d:3b:81:3d:69:98:f6:77:9f:5b:2f:e6:fc:79:
cc:fe:b9:c6:33:c1:e9:dc:0e:f4:b3:a3:be:9d:e6:e8:81:09:
f3:76:4b:a7:fe:79:a3:10:6c:d7:c8:9c:69:63:85:e5:a6:25:
c1:0f:d5:28:b6:a7:0f:cb:e5:36:29:59:59:06:b2:c8:d3:73:
da:6a:8e:de:2c:cb:43:96:67:17:57:ad:0d:a2:96:8f:41:4b:
eb:e5:c5:41:19:04:1c:c5:18:f5:99:77:ba:a9:18:e6:29:f8:
25:64:77:e0:e3:a3:fe:d4:76:82:cf:77:24:76:79:04:19:c3:
bc:b2:31:8d:65:d6:b2:be:09:3d:b4:17:f4:80:32:11:f4:7e:
1e:e7:1c:79:09:1d:c6:a8:c6:63:7c:d9:0a:b9:cd:18:4f:c6:
cd:5e:b3:10:fc:b7:ea:0a:4a:54:79:9f:db:92:c5:d5:ac:a1:
70:07:97:73:b5:07:92:dc:4b:52:16:24:4a:ae:54:cc:20:3a:
82:4c:5f:c8:40:2e:da:1d:ff:3f:02:05:85:10:02:76:63:d0:
07:d7:8d:9c
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZafkDU0HfURZ7wJ6K0V2li7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMDgyZDZkM2ExZGM1MDE3OTU3Mzc1MzdjYTc0ZDI3YTgw
MjY1YTIwHhcNMjUwNTA1MDgyOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjVlZTBkN2M0MDU3ZGRiYzc2MzBhNmRmMjNlNWNmOTRiNzQyODg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRU7v0r0O8fD4PLyXblO6IMgVS2u
rWJRhjEMmdZoM4jQynZ6aRVJaj4p5CFvh3k0SvO62sf0NUS4k+LeHKEWK2jZGApb
1EX5PiaX0pyT3Vojy5vqfsKppx0Zqgx66lPSBQbaZoguViPg6jpxBDxh/KZ5sDwj
Ig3MAvyqkVCVzr+spReRxfgixcZwu7ksHWeEUD53ETVwEpoLKIBRTN1ih/nah0Xt
bwjVVzGn+I0m8qKMmaAWU2q5TI1bxDGQVfw8Tk9uCDl2kCjpdkaYMOhhvAg5irXK
Or+iIgYU1bN6kcJKgJBM0+Aq+EFQ8sZc1Q9ChOVg1TlxTTu5E9IjcNExnwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFH9e4NfEBX3bx2MKbfI+XPlLdCiIMB8GA1UdIwQY
MBaAFGMILW06HcUBeVc3U3ynTSeoAmWiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXdndGJUb2R4UUY1VnpkVGZLZE5KNmdDWmFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85N2UxZTItNTY3Zi00MTRlLTliMDMt
YzE4YWQzNmE3YjMwLzEvZjE3ZzE4UUZmZHZIWXdwdDhqNWMtVXQwS0lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85N2UxZTItNTY3Zi00MTRlLTliMDMtYzE4YWQzNmE3YjMw
LzEvWXdndGJUb2R4UUY1VnpkVGZLZE5KNmdDWmFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQDT664MAwD
BAdb0YADBABb0YIDBAKLHLQDBAOy1VADBAK5LKQDBAK5TeQDBAK5TfAwDQQCAAIw
BwMFACoBcqAwDQYJKoZIhvcNAQELBQADggEBADzfVy0H9BdPKJNlQyL/PgOHD5nQ
uaA3DNmPYBk4RIrwra4HMMuC2AZNO4E9aZj2d59bL+b8ecz+ucYzwencDvSzo76d
5uiBCfN2S6f+eaMQbNfInGljheWmJcEP1Si2pw/L5TYpWVkGssjTc9pqjt4sy0OW
ZxdXrQ2ilo9BS+vlxUEZBBzFGPWZd7qpGOYp+CVkd+Djo/7UdoLPdyR2eQQZw7yy
MY1l1rK+CT20F/SAMhH0fh7nHHkJHcaoxmN82Qq5zRhPxs1esxD8t+oKSlR5n9uS
xdWsoXAHl3O1B5LcS1IWJEquVMwgOoJMX8hALtod/z8CBYUQAnZj0AfXjZw=
-----END CERTIFICATE-----
Generated at Wed May 14 12:08:05 2025 by rpki-client