Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/1-9AP2m6e3Yu4skuF6PnUZU7ynjw.roa
File: 1-9AP2m6e3Yu4skuF6PnUZU7ynjw.roa (raw, json)
Hash identifier: SxUOeSb5IZbPcr5PULvmHmKXVLJgmiMvzroaF4Tx6vM=
Subject key identifier: FB:D0:0F:DA:6E:9E:DD:8B:B8:B2:4B:85:E8:F9:D4:65:4E:F2:9E:3C
Certificate issuer: /CN=d66738a8dadac2d0d3aeddb934f820066b9f5feb
Certificate serial: 019638B1FB63A631EA86BD12769F08AC304E
Authority key identifier: D6:67:38:A8:DA:DA:C2:D0:D3:AE:DD:B9:34:F8:20:06:6B:9F:5F:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1mc4qNrawtDTrt25NPggBmufX-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/1-9AP2m6e3Yu4skuF6PnUZU7ynjw.roa
Signing time: Tue 15 Apr 2025 09:05:10 +0000
ROA not before: Tue 15 Apr 2025 09:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20771
IP address blocks: 37.233.128.0/17 maxlen: 17
78.139.128.0/18 maxlen: 18
80.241.184.0/24 maxlen: 24
80.241.244.0/22 maxlen: 22
80.241.252.0/24 maxlen: 24
85.117.32.0/19 maxlen: 19
85.117.32.0/20 maxlen: 20
85.117.48.0/20 maxlen: 20
88.210.192.0/18 maxlen: 18
89.232.0.0/19 maxlen: 19
89.232.2.0/24 maxlen: 24
134.90.0.0/17 maxlen: 17
176.73.0.0/16 maxlen: 16
185.19.96.0/22 maxlen: 22
185.19.96.0/23 maxlen: 23
185.19.98.0/23 maxlen: 23
212.72.130.0/24 maxlen: 24
2a02:23f0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/1mc4qNrawtDTrt25NPggBmufX-s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/1mc4qNrawtDTrt25NPggBmufX-s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1mc4qNrawtDTrt25NPggBmufX-s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:38:b1:fb:63:a6:31:ea:86:bd:12:76:9f:08:ac:30:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d66738a8dadac2d0d3aeddb934f820066b9f5feb
Validity
Not Before: Apr 15 09:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fbd00fda6e9edd8bb8b24b85e8f9d4654ef29e3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:96:b8:c1:be:92:5b:76:68:a8:d5:9d:b7:e7:
07:3d:94:a3:0e:fa:d1:87:bb:3e:eb:c8:7c:6a:a9:
73:7f:c0:4c:08:64:78:43:98:d6:5f:70:46:7e:7b:
70:47:ed:81:88:e4:5b:c8:b3:b9:45:04:ff:1a:86:
44:46:51:fa:2c:9e:00:bc:1e:44:02:17:fd:eb:2f:
5b:e3:bb:36:05:2c:97:9e:09:ed:dd:2a:8e:de:75:
ef:66:7c:1d:fa:81:68:48:30:88:57:1f:94:5b:3e:
21:01:1a:4d:2d:da:8b:1a:cf:31:d0:ad:9b:11:e2:
e2:c7:5a:dc:32:28:85:57:d2:4b:1a:e1:31:62:85:
69:15:d9:2e:97:c3:90:d5:ae:ef:ad:ae:26:45:6c:
f1:ca:42:da:ae:15:20:47:c0:76:b5:c5:e2:35:0a:
a2:e5:ee:31:b2:c9:8e:8b:a3:39:0e:90:93:cf:33:
58:76:66:32:b0:f8:3b:78:4f:0b:f7:00:51:96:4a:
c4:17:b7:50:82:3e:00:ff:ff:71:e6:bd:4a:d8:90:
5b:9a:5c:fd:d0:5e:30:f6:5e:d7:46:1b:5e:24:82:
4a:4e:ca:72:ab:0c:63:85:c4:7d:11:db:7c:8f:64:
6c:de:8b:89:ce:ef:5c:1c:d0:70:c9:a1:b2:3a:a9:
23:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:D0:0F:DA:6E:9E:DD:8B:B8:B2:4B:85:E8:F9:D4:65:4E:F2:9E:3C
X509v3 Authority Key Identifier:
keyid:D6:67:38:A8:DA:DA:C2:D0:D3:AE:DD:B9:34:F8:20:06:6B:9F:5F:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1mc4qNrawtDTrt25NPggBmufX-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/1-9AP2m6e3Yu4skuF6PnUZU7ynjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/1mc4qNrawtDTrt25NPggBmufX-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.233.128.0/17
78.139.128.0/18
80.241.184.0/24
80.241.244.0/22
80.241.252.0/24
85.117.32.0/19
88.210.192.0/18
89.232.0.0/19
134.90.0.0/17
176.73.0.0/16
185.19.96.0/22
212.72.130.0/24
IPv6:
2a02:23f0::/32
Signature Algorithm: sha256WithRSAEncryption
15:65:e9:66:fd:a4:17:2a:0d:b8:ac:9a:59:29:6f:b1:e0:58:
67:67:e1:0f:6f:46:0b:66:5d:c7:04:61:ee:56:52:25:f8:95:
15:d6:fd:98:be:ac:02:49:94:37:0b:3d:10:d3:ac:2a:57:44:
0d:f5:34:82:49:85:bf:31:75:35:31:89:34:60:65:49:ae:51:
3a:75:88:57:a6:ca:04:5b:a0:08:b9:de:24:0c:1c:b9:a6:3b:
6d:6b:98:81:e3:d1:1b:47:6e:41:ca:a0:19:8c:4a:62:eb:3a:
13:b3:b6:78:24:d0:a5:5d:e0:82:19:86:19:8e:37:6f:52:e6:
91:ec:69:87:ef:35:16:b0:1f:79:c2:4c:d5:98:27:34:ba:77:
8e:c3:ed:cd:7b:c6:98:1a:dc:9f:c5:6f:66:1a:52:40:da:36:
fd:39:b0:dc:8f:d7:19:8f:c7:92:f4:1d:df:c1:9b:a7:c4:dd:
03:7d:3d:d5:1e:8c:1d:d5:23:da:f7:e2:60:b3:cc:cf:0f:fd:
3b:2c:ad:a8:32:3b:28:5f:f8:f4:9f:77:b7:f3:c0:b8:ed:c3:
6d:66:2a:45:2f:49:5c:c5:67:3e:23:b1:98:02:a3:54:9b:0f:
98:7a:55:2c:d1:62:61:94:2d:8c:1b:63:b8:46:34:43:f0:80:
7b:c3:e2:66
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZY4sftjpjHqhr0Sdp8IrDBOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NjczOGE4ZGFkYWMyZDBkM2FlZGRiOTM0ZjgyMDA2NmI5
ZjVmZWIwHhcNMjUwNDE1MDkwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmQwMGZkYTZlOWVkZDhiYjhiMjRiODVlOGY5ZDQ2NTRlZjI5ZTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5a4wb6SW3ZoqNWdt+cHPZSjDvrR
h7s+68h8aqlzf8BMCGR4Q5jWX3BGfntwR+2BiORbyLO5RQT/GoZERlH6LJ4AvB5E
Ahf96y9b47s2BSyXngnt3SqO3nXvZnwd+oFoSDCIVx+UWz4hARpNLdqLGs8x0K2b
EeLix1rcMiiFV9JLGuExYoVpFdkul8OQ1a7vra4mRWzxykLarhUgR8B2tcXiNQqi
5e4xssmOi6M5DpCTzzNYdmYysPg7eE8L9wBRlkrEF7dQgj4A//9x5r1K2JBbmlz9
0F4w9l7XRhteJIJKTspyqwxjhcR9Edt8j2Rs3ouJzu9cHNBwyaGyOqkjTwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFPvQD9punt2LuLJLhej51GVO8p48MB8GA1UdIwQY
MBaAFNZnOKja2sLQ067duTT4IAZrn1/rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW1jNHFOcmF3dERUcnQyNU5QZ2dCbXVmWC1zLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jNTc3MjctOTM5Ni00YmY4LWIyNWQt
NmExZTBlYzcxZGE4LzEvMS05QVAybTZlM1l1NHNrdUY2UG5VWlU3eW5qdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmIvYzU3NzI3LTkzOTYtNGJmOC1iMjVkLTZhMWUwZWM3MWRh
OC8xLzFtYzRxTnJhd3REVHJ0MjVOUGdnQm11Zlgtcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBvBggrBgEFBQcBBwEB/wRgMF4wTQQCAAEwRwMEByXpgAME
Bk6LgAMEAFDxuAMEAlDx9AMEAFDx/AMEBVV1IAMEBljSwAMEBVnoAAMEB4ZaAAMD
ALBJAwQCuRNgAwQA1EiCMA0EAgACMAcDBQAqAiPwMA0GCSqGSIb3DQEBCwUAA4IB
AQAVZelm/aQXKg24rJpZKW+x4FhnZ+EPb0YLZl3HBGHuVlIl+JUV1v2YvqwCSZQ3
Cz0Q06wqV0QN9TSCSYW/MXU1MYk0YGVJrlE6dYhXpsoEW6AIud4kDBy5pjtta5iB
49EbR25ByqAZjEpi6zoTs7Z4JNClXeCCGYYZjjdvUuaR7GmH7zUWsB95wkzVmCc0
uneOw+3Ne8aYGtyfxW9mGlJA2jb9ObDcj9cZj8eS9B3fwZunxN0DfT3VHowd1SPa
9+Jgs8zPD/07LK2oMjsoX/j0n3e388C47cNtZipFL0lcxWc+I7GYAqNUmw+YelUs
0WJhlC2MG2O4RjRD8IB7w+Jm
-----END CERTIFICATE-----
Generated at Tue May 13 06:32:08 2025 by rpki-client