Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/4bd661-9b0c-4560-b1d1-2cea8e153632/1/N7u45HLIPi8VbSrWqbF-D_zaDHU.roa
File: N7u45HLIPi8VbSrWqbF-D_zaDHU.roa (raw, json)
Hash identifier: z/94ODpbSObkF9ntbta3SuHsuUOHDHZTonhHShc7nzU=
Subject key identifier: 37:BB:B8:E4:72:C8:3E:2F:15:6D:2A:D6:A9:B1:7E:0F:FC:DA:0C:75
Certificate issuer: /CN=3a5d4a329702e2c9831cd36262bbb7fa7b97de37
Certificate serial: 01968C18FE9792B7F570003EA6B5FB949F4F
Authority key identifier: 3A:5D:4A:32:97:02:E2:C9:83:1C:D3:62:62:BB:B7:FA:7B:97:DE:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ol1KMpcC4smDHNNiYru3-nuX3jc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/4bd661-9b0c-4560-b1d1-2cea8e153632/1/N7u45HLIPi8VbSrWqbF-D_zaDHU.roa
Signing time: Thu 01 May 2025 13:46:10 +0000
ROA not before: Thu 01 May 2025 13:46:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47191
IP address blocks: 37.77.80.0/21 maxlen: 24
74.113.236.0/23 maxlen: 24
103.143.178.0/23 maxlen: 24
172.96.38.0/23 maxlen: 24
192.198.184.0/23 maxlen: 24
195.246.194.0/24 maxlen: 24
199.36.102.0/23 maxlen: 24
216.180.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/4bd661-9b0c-4560-b1d1-2cea8e153632/1/Ol1KMpcC4smDHNNiYru3-nuX3jc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/4bd661-9b0c-4560-b1d1-2cea8e153632/1/Ol1KMpcC4smDHNNiYru3-nuX3jc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ol1KMpcC4smDHNNiYru3-nuX3jc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8c:18:fe:97:92:b7:f5:70:00:3e:a6:b5:fb:94:9f:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a5d4a329702e2c9831cd36262bbb7fa7b97de37
Validity
Not Before: May 1 13:46:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37bbb8e472c83e2f156d2ad6a9b17e0ffcda0c75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:bc:d3:c1:34:d2:f4:80:52:26:c1:7f:73:66:
0b:bd:fa:25:d4:62:c0:01:6f:f4:73:8f:58:aa:56:
b3:fd:24:3e:fd:10:9d:45:98:0c:55:17:33:f5:c3:
6a:3e:9e:8f:a7:88:d1:57:55:44:f8:e3:f9:33:02:
4f:86:4f:93:56:b7:9c:33:e1:27:8b:3f:74:c8:a9:
51:36:cc:d9:c7:e9:88:ea:18:75:ab:a2:06:e5:10:
67:7e:f8:16:30:d8:7d:2c:29:21:33:ae:5d:e7:54:
5f:34:59:8c:7c:d3:53:8c:15:8d:82:78:0b:ee:57:
da:dd:80:a2:79:a5:49:5b:5e:4f:3e:3d:f5:a0:31:
37:40:89:2d:2e:c6:ab:af:f1:bc:3f:7d:ff:e4:30:
02:3e:a5:9d:ca:e4:a2:86:ef:1f:36:34:51:bf:52:
45:da:b7:d2:32:f3:7b:f5:9a:5c:d3:24:5e:5c:f2:
3d:2f:8d:49:0e:b7:53:b1:56:73:0b:94:ed:28:3b:
97:e0:69:f8:3e:73:a2:9e:b2:d8:a5:6e:d9:bb:f5:
39:3e:67:f9:fd:1d:30:ba:8c:d0:bd:e3:bc:13:49:
8d:68:32:de:fc:0a:be:1f:d5:f4:e5:56:7d:57:f2:
cb:2d:83:ab:44:4c:8c:02:cc:50:69:e6:9a:c3:7b:
79:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:BB:B8:E4:72:C8:3E:2F:15:6D:2A:D6:A9:B1:7E:0F:FC:DA:0C:75
X509v3 Authority Key Identifier:
keyid:3A:5D:4A:32:97:02:E2:C9:83:1C:D3:62:62:BB:B7:FA:7B:97:DE:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ol1KMpcC4smDHNNiYru3-nuX3jc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4bd661-9b0c-4560-b1d1-2cea8e153632/1/N7u45HLIPi8VbSrWqbF-D_zaDHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4bd661-9b0c-4560-b1d1-2cea8e153632/1/Ol1KMpcC4smDHNNiYru3-nuX3jc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.80.0/21
74.113.236.0/23
103.143.178.0/23
172.96.38.0/23
192.198.184.0/23
195.246.194.0/24
199.36.102.0/23
216.180.224.0/20
Signature Algorithm: sha256WithRSAEncryption
0b:b0:bc:2f:01:e1:37:0f:75:c5:da:91:5c:b5:f7:34:41:01:
f5:6e:c2:93:03:36:3e:ea:12:d0:0d:43:fe:90:29:da:7e:07:
c9:c8:0f:9c:33:6f:b3:62:dc:e7:e3:fd:d7:60:ad:19:54:2e:
d0:2a:f3:fd:a9:a4:e7:cb:24:bc:dd:00:ad:3d:35:58:0b:d8:
7f:f3:93:7e:d1:3f:ef:3b:c9:94:9d:95:80:2f:22:1d:ae:78:
89:56:be:d8:66:a0:ed:b2:90:cd:19:51:cb:40:8d:5d:b5:52:
f3:c8:35:08:7e:3d:6b:b6:09:61:2b:45:6d:26:87:44:e5:53:
9a:33:13:ce:39:c0:0f:08:04:86:35:de:46:62:12:01:35:93:
dc:dd:5b:ae:85:2e:81:7a:d0:ab:22:72:64:bc:a3:21:5a:6e:
67:9c:fc:d4:b3:06:ae:22:9c:dc:bb:31:b9:42:c4:2f:c1:85:
58:93:6d:6e:d6:23:c1:a9:dd:6a:13:58:da:11:dd:7e:e8:8d:
06:20:46:47:37:97:b0:90:39:ad:3a:3e:5e:c6:16:0f:ae:b1:
19:00:e3:24:7c:d4:d9:24:4f:fc:8a:f6:fa:b2:20:e1:65:6f:
fa:9b:d6:a3:1f:85:e3:b8:4b:0a:aa:c6:f4:20:b4:3f:4a:cc:
b1:49:d2:ac
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZaMGP6Xkrf1cAA+prX7lJ9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNWQ0YTMyOTcwMmUyYzk4MzFjZDM2MjYyYmJiN2ZhN2I5
N2RlMzcwHhcNMjUwNTAxMTM0NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2JiYjhlNDcyYzgzZTJmMTU2ZDJhZDZhOWIxN2UwZmZjZGEwYzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA47zTwTTS9IBSJsF/c2YLvfol1GLA
AW/0c49Yqlaz/SQ+/RCdRZgMVRcz9cNqPp6Pp4jRV1VE+OP5MwJPhk+TVrecM+En
iz90yKlRNszZx+mI6hh1q6IG5RBnfvgWMNh9LCkhM65d51RfNFmMfNNTjBWNgngL
7lfa3YCieaVJW15PPj31oDE3QIktLsarr/G8P33/5DACPqWdyuSihu8fNjRRv1JF
2rfSMvN79Zpc0yReXPI9L41JDrdTsVZzC5TtKDuX4Gn4PnOinrLYpW7Zu/U5Pmf5
/R0wuozQveO8E0mNaDLe/Aq+H9X05VZ9V/LLLYOrREyMAsxQaeaaw3t5tQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDe7uORyyD4vFW0q1qmxfg/82gx1MB8GA1UdIwQY
MBaAFDpdSjKXAuLJgxzTYmK7t/p7l943MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2wxS01wY0M0c21ESE5OaVlydTMtbnVYM2pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS80YmQ2NjEtOWIwYy00NTYwLWIxZDEt
MmNlYThlMTUzNjMyLzEvTjd1NDVITElQaThWYlNyV3FiRi1EX3phREhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS80YmQ2NjEtOWIwYy00NTYwLWIxZDEtMmNlYThlMTUzNjMy
LzEvT2wxS01wY0M0c21ESE5OaVlydTMtbnVYM2pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDJU1QAwQB
SnHsAwQBZ4+yAwQBrGAmAwQBwMa4AwQAw/bCAwQBxyRmAwQE2LTgMA0GCSqGSIb3
DQEBCwUAA4IBAQALsLwvAeE3D3XF2pFctfc0QQH1bsKTAzY+6hLQDUP+kCnafgfJ
yA+cM2+zYtzn4/3XYK0ZVC7QKvP9qaTnyyS83QCtPTVYC9h/85N+0T/vO8mUnZWA
LyIdrniJVr7YZqDtspDNGVHLQI1dtVLzyDUIfj1rtglhK0VtJodE5VOaMxPOOcAP
CASGNd5GYhIBNZPc3VuuhS6BetCrInJkvKMhWm5nnPzUswauIpzcuzG5QsQvwYVY
k21u1iPBqd1qE1jaEd1+6I0GIEZHN5ewkDmtOj5exhYPrrEZAOMkfNTZJE/8ivb6
siDhZW/6m9ajH4XjuEsKqsb0ILQ/SsyxSdKs
-----END CERTIFICATE-----
Generated at Thu May 8 14:13:02 2025 by rpki-client