Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/Ai07EY_IrLJeSRlVULJ-hyiwIik.roa
File: Ai07EY_IrLJeSRlVULJ-hyiwIik.roa (raw, json)
Hash identifier: SAAKzZyhC7heFcOPxTR1SIf1TFq7lgei6jj4stUF64s=
Subject key identifier: 02:2D:3B:11:8F:C8:AC:B2:5E:49:19:55:50:B2:7E:87:28:B0:22:29
Certificate issuer: /CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Certificate serial: 01965BF16BB2775400030BF99116F23B4E5B
Authority key identifier: 64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/Ai07EY_IrLJeSRlVULJ-hyiwIik.roa
Signing time: Tue 22 Apr 2025 05:21:10 +0000
ROA not before: Tue 22 Apr 2025 05:21:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47962
IP address blocks: 37.122.152.0/22 maxlen: 22
37.122.152.0/23 maxlen: 23
37.122.153.0/24 maxlen: 24
37.122.154.0/23 maxlen: 23
37.122.154.0/24 maxlen: 24
37.122.155.0/24 maxlen: 24
37.122.156.0/23 maxlen: 23
37.122.156.0/24 maxlen: 24
37.122.157.0/24 maxlen: 24
176.106.224.0/22 maxlen: 22
176.106.224.0/23 maxlen: 23
176.106.224.0/24 maxlen: 24
176.106.230.0/23 maxlen: 23
176.106.230.0/24 maxlen: 24
176.106.231.0/24 maxlen: 24
2a0f:6a80::/29 maxlen: 29
2a0f:6a80:1::/48 maxlen: 48
2a0f:6a80:888::/48 maxlen: 48
2a0f:6a80:999::/48 maxlen: 48
2a0f:6a80:1001::/48 maxlen: 48
2a0f:6a80:1002::/48 maxlen: 48
2a0f:6a80:1003::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5b:f1:6b:b2:77:54:00:03:0b:f9:91:16:f2:3b:4e:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Validity
Not Before: Apr 22 05:21:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=022d3b118fc8acb25e49195550b27e8728b02229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a3:7a:60:ef:b7:23:af:33:9b:8d:3d:b2:4e:
c9:a7:e6:e3:24:d8:72:09:37:04:59:fa:3d:fc:70:
fe:49:2c:22:32:ab:7e:e1:d2:8a:25:7d:68:72:11:
71:95:ed:f5:e8:b3:ac:81:f5:48:ee:a4:fa:0e:f8:
08:ad:e5:55:8b:b0:b7:05:1b:3c:da:09:81:c9:9f:
84:9c:f8:67:bf:7a:5b:66:19:a6:6d:56:4d:10:8a:
40:fa:2a:88:52:6c:b6:39:fa:1a:7d:39:2a:8d:9f:
f2:54:cd:f3:d5:52:eb:b0:0e:ff:12:6d:d5:67:e7:
b7:8a:6c:63:8f:e8:24:c2:6c:d9:94:85:03:10:33:
89:da:e4:3c:ba:df:f3:94:7a:53:48:fb:b2:57:33:
08:d2:14:ea:29:2e:1f:a0:15:b2:8a:38:01:e4:49:
24:c6:a9:32:48:7b:95:95:04:0d:d3:a0:cc:5f:f8:
9c:e0:29:60:75:c5:26:21:43:18:c0:6b:dd:48:20:
00:d8:3b:27:f2:5e:24:58:cf:47:7b:80:25:eb:ac:
b8:9d:43:99:e4:89:82:bc:41:61:17:ec:b9:8e:79:
d0:03:ec:21:19:53:69:a7:55:99:12:43:a8:05:41:
17:44:70:cc:64:71:ec:88:ff:ec:83:2a:43:7a:8e:
66:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:2D:3B:11:8F:C8:AC:B2:5E:49:19:55:50:B2:7E:87:28:B0:22:29
X509v3 Authority Key Identifier:
keyid:64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/Ai07EY_IrLJeSRlVULJ-hyiwIik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.152.0-37.122.157.255
176.106.224.0/22
176.106.230.0/23
IPv6:
2a0f:6a80::/29
Signature Algorithm: sha256WithRSAEncryption
57:ba:58:73:d1:e2:2b:fb:21:fc:bb:5b:3c:43:a5:2b:1b:8d:
3d:47:b0:3b:cf:0b:80:64:9d:c3:d1:1b:d4:61:83:0f:34:e5:
c7:77:77:81:37:88:88:7b:f8:dd:e3:b1:7f:5c:43:2f:29:c4:
35:e0:c2:78:c4:bd:ce:d4:28:c3:8f:64:db:f4:a7:50:46:4c:
86:d1:80:bd:ea:1e:ee:16:3b:02:6a:38:e3:11:64:ad:eb:e4:
b1:57:86:05:b8:8f:04:ad:a8:6e:ea:fa:be:55:01:61:af:e9:
c8:04:34:ea:e8:d5:9a:ae:5c:08:1f:2d:8e:2d:b3:1e:d9:f4:
8b:29:1c:67:8e:1f:53:8c:c9:0c:1b:d8:61:c8:2f:a9:07:21:
7b:51:d8:b0:bd:9a:1c:b1:80:3b:b8:b9:1a:3a:20:e1:ff:4c:
60:44:f4:62:73:b3:e3:08:b2:5b:6f:00:57:17:00:b1:59:66:
e2:57:78:a5:0b:49:55:16:89:36:a3:32:c9:1e:b0:67:34:9f:
1c:22:5b:7e:23:b0:98:2a:4f:a3:17:68:b6:f5:be:c0:2e:ea:
80:55:3e:10:4f:f9:92:c7:5d:f5:95:19:ca:4d:35:f0:5b:4f:
9a:fd:e2:f8:0f:fa:a6:f0:ac:dd:ed:01:bf:02:f9:95:31:08:
71:71:a0:61
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZZb8Wuyd1QAAwv5kRbyO05bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDE3MWY5M2NjMWNhNzE2ZmM4MDZlMzZhNTU4NTJjZGY0
ZjFjMWMwHhcNMjUwNDIyMDUyMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjJkM2IxMThmYzhhY2IyNWU0OTE5NTU1MGIyN2U4NzI4YjAyMjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6N6YO+3I68zm409sk7Jp+bjJNhy
CTcEWfo9/HD+SSwiMqt+4dKKJX1ochFxle316LOsgfVI7qT6DvgIreVVi7C3BRs8
2gmByZ+EnPhnv3pbZhmmbVZNEIpA+iqIUmy2OfoafTkqjZ/yVM3z1VLrsA7/Em3V
Z+e3imxjj+gkwmzZlIUDEDOJ2uQ8ut/zlHpTSPuyVzMI0hTqKS4foBWyijgB5Ekk
xqkySHuVlQQN06DMX/ic4ClgdcUmIUMYwGvdSCAA2Dsn8l4kWM9He4Al66y4nUOZ
5ImCvEFhF+y5jnnQA+whGVNpp1WZEkOoBUEXRHDMZHHsiP/sgypDeo5mDwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFAItOxGPyKyyXkkZVVCyfocosCIpMB8GA1UdIwQY
MBaAFGTRcfk8wcpxb8gG42pVhSzfTxwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAt
YTQ2MzVkZjQ3ZDcwLzEvQWkwN0VZX0lyTEplU1JsVlVMSi1oeWl3SWlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAtYTQ2MzVkZjQ3ZDcw
LzEvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAMlepgD
BAElepwDBAKwauADBAGwauYwDQQCAAIwBwMFAyoPaoAwDQYJKoZIhvcNAQELBQAD
ggEBAFe6WHPR4iv7Ify7WzxDpSsbjT1HsDvPC4BkncPRG9Rhgw805cd3d4E3iIh7
+N3jsX9cQy8pxDXgwnjEvc7UKMOPZNv0p1BGTIbRgL3qHu4WOwJqOOMRZK3r5LFX
hgW4jwStqG7q+r5VAWGv6cgENOro1ZquXAgfLY4tsx7Z9IspHGeOH1OMyQwb2GHI
L6kHIXtR2LC9mhyxgDu4uRo6IOH/TGBE9GJzs+MIsltvAFcXALFZZuJXeKULSVUW
iTajMskesGc0nxwiW34jsJgqT6MXaLb1vsAu6oBVPhBP+ZLHXfWVGcpNNfBbT5r9
4vgP+qbwrN3tAb8C+ZUxCHFxoGE=
-----END CERTIFICATE-----
Generated at Tue May 13 06:21:29 2025 by rpki-client