Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/W7lOM_3sfroEtsFgpeqIrrnM5Ps.roa
File: W7lOM_3sfroEtsFgpeqIrrnM5Ps.roa (raw, json)
Hash identifier: QfLKh/GJx3Yr29Va2XB5GRYNL5uiPm48c7iOOEmZEgc=
Subject key identifier: 5B:B9:4E:33:FD:EC:7E:BA:04:B6:C1:60:A5:EA:88:AE:B9:CC:E4:FB
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019633A9AC1A3045D73FD459DF0B7C365486
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/W7lOM_3sfroEtsFgpeqIrrnM5Ps.roa
Signing time: Mon 14 Apr 2025 09:37:59 +0000
ROA not before: Mon 14 Apr 2025 09:37:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33947
IP address blocks: 79.172.232.0/22 maxlen: 22
84.21.0.0/22 maxlen: 22
84.21.9.0/24 maxlen: 24
84.21.14.0/24 maxlen: 24
84.21.17.0/24 maxlen: 24
84.21.20.0/24 maxlen: 24
84.21.21.0/24 maxlen: 24
84.21.22.0/24 maxlen: 24
84.21.23.0/24 maxlen: 24
84.21.24.0/24 maxlen: 24
84.21.25.0/24 maxlen: 24
84.21.26.0/24 maxlen: 24
84.21.27.0/24 maxlen: 24
84.21.28.0/24 maxlen: 24
84.21.29.0/24 maxlen: 24
84.21.30.0/24 maxlen: 24
87.229.1.0/24 maxlen: 24
87.229.2.0/24 maxlen: 24
87.229.3.0/24 maxlen: 24
87.229.4.0/24 maxlen: 24
87.229.5.0/24 maxlen: 24
87.229.13.0/24 maxlen: 24
87.229.27.0/24 maxlen: 24
87.229.28.0/24 maxlen: 24
87.229.29.0/24 maxlen: 24
87.229.30.0/24 maxlen: 24
87.229.46.0/23 maxlen: 23
87.229.49.0/24 maxlen: 24
87.229.109.0/24 maxlen: 24
178.238.214.0/24 maxlen: 24
178.238.219.0/24 maxlen: 24
2a02:730:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 17:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:33:a9:ac:1a:30:45:d7:3f:d4:59:df:0b:7c:36:54:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Apr 14 09:37:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5bb94e33fdec7eba04b6c160a5ea88aeb9cce4fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2a:37:77:0b:15:ce:9a:c1:6d:8e:58:8a:0d:
9e:dd:e8:4f:d1:d2:7d:f2:44:6a:c1:bc:6b:8e:c5:
aa:bb:bb:ea:a4:17:b1:b7:7e:c0:77:5f:c0:87:87:
f5:5f:f7:e9:2f:07:1f:6d:d1:52:00:75:df:f2:6c:
43:12:d3:b0:ed:81:af:20:9d:a4:54:6e:c4:23:30:
14:6b:f6:37:60:fc:45:b8:ef:d1:2f:09:23:bc:d8:
40:08:f1:04:52:5e:02:f8:f1:94:a4:53:09:40:26:
9b:a4:46:d5:46:a7:68:b2:a8:b4:a3:85:b3:0f:81:
c4:e4:d4:cb:4e:e7:ee:44:ce:3c:45:76:b3:c2:d7:
25:3e:51:e1:b6:82:76:48:dc:02:9b:a1:84:3c:10:
c6:55:f4:2e:f1:53:04:96:e9:27:de:87:b4:4b:ee:
95:11:39:17:49:c3:5a:3d:f5:5c:32:de:a8:db:62:
b3:07:0c:b4:c5:3f:11:9c:a8:1a:96:55:bb:8a:46:
b7:74:06:c5:b2:75:3d:01:70:cc:0a:72:2b:e6:84:
08:2b:bc:0e:87:33:9f:e5:6f:dd:60:d1:c4:b2:b7:
78:6e:11:ce:ba:28:bf:fb:c2:c4:cf:22:78:a8:9b:
31:4c:d3:40:ea:8e:a3:0e:d5:c7:c2:5d:7b:25:72:
bb:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:B9:4E:33:FD:EC:7E:BA:04:B6:C1:60:A5:EA:88:AE:B9:CC:E4:FB
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/W7lOM_3sfroEtsFgpeqIrrnM5Ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.232.0/22
84.21.0.0/22
84.21.9.0/24
84.21.14.0/24
84.21.17.0/24
84.21.20.0-84.21.30.255
87.229.1.0-87.229.5.255
87.229.13.0/24
87.229.27.0-87.229.30.255
87.229.46.0/23
87.229.49.0/24
87.229.109.0/24
178.238.214.0/24
178.238.219.0/24
IPv6:
2a02:730:2000::/48
Signature Algorithm: sha256WithRSAEncryption
14:61:18:b0:f6:c3:54:27:71:51:9f:0a:05:ce:9b:f8:1e:9d:
e8:5f:f8:07:12:17:46:25:de:38:6b:44:f4:94:d4:a5:51:be:
3f:c8:e9:d3:3b:14:a1:cf:5c:d3:55:df:3c:90:b3:a5:63:aa:
7a:1f:32:09:1d:cc:be:8d:8f:78:08:ed:b4:f9:b8:c3:63:42:
e4:9c:69:89:cd:71:0e:8c:d1:2c:d7:d7:b9:59:26:31:55:50:
b3:45:e2:9c:78:a0:f7:78:be:4c:02:3a:99:5d:46:37:a0:b4:
1c:3e:f8:c1:f8:0b:ee:92:14:5a:fd:1f:73:01:5f:84:37:08:
ab:fc:24:da:7c:95:cd:09:97:7a:ed:d4:eb:1f:1a:1f:69:7d:
e0:08:87:08:3f:c8:ca:a2:3a:26:08:9e:7d:a2:2d:45:b4:c7:
2e:c7:04:51:d5:75:46:ee:01:5a:82:f1:93:3f:96:90:f3:03:
c1:87:c9:97:cd:26:95:ad:ae:ee:6e:27:9d:56:c2:cb:b5:88:
c9:ce:6c:c8:e1:6e:08:1d:95:42:d4:b8:6f:9c:cb:75:1b:51:
7e:e1:2f:87:4f:68:73:1f:b4:11:6d:ca:e3:75:51:46:ee:e1:
6f:c1:20:c2:0f:a0:35:d9:ed:cb:2e:a1:a4:8d:48:01:7d:bf:
9a:70:bc:fe
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZYzqawaMEXXP9RZ3wt8NlSGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNDE0MDkzNzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmI5NGUzM2ZkZWM3ZWJhMDRiNmMxNjBhNWVhODhhZWI5Y2NlNGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyo3dwsVzprBbY5Yig2e3ehP0dJ9
8kRqwbxrjsWqu7vqpBext37Ad1/Ah4f1X/fpLwcfbdFSAHXf8mxDEtOw7YGvIJ2k
VG7EIzAUa/Y3YPxFuO/RLwkjvNhACPEEUl4C+PGUpFMJQCabpEbVRqdosqi0o4Wz
D4HE5NTLTufuRM48RXazwtclPlHhtoJ2SNwCm6GEPBDGVfQu8VMElukn3oe0S+6V
ETkXScNaPfVcMt6o22KzBwy0xT8RnKgallW7ika3dAbFsnU9AXDMCnIr5oQIK7wO
hzOf5W/dYNHEsrd4bhHOuii/+8LEzyJ4qJsxTNNA6o6jDtXHwl17JXK78QIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFFu5TjP97H66BLbBYKXqiK65zOT7MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvVzdsT01fM3Nmcm9FdHNGZ3BlcUlycm5NNVBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTByBAIAATBsAwQCT6zo
AwQCVBUAAwQAVBUJAwQAVBUOAwQAVBURMAwDBAJUFRQDBABUFR4wDAMEAFflAQME
AVflBAMEAFflDTAMAwQAV+UbAwQAV+UeAwQBV+UuAwQAV+UxAwQAV+VtAwQAsu7W
AwQAsu7bMA8EAgACMAkDBwAqAgcwIAAwDQYJKoZIhvcNAQELBQADggEBABRhGLD2
w1QncVGfCgXOm/genehf+AcSF0Yl3jhrRPSU1KVRvj/I6dM7FKHPXNNV3zyQs6Vj
qnofMgkdzL6Nj3gI7bT5uMNjQuScaYnNcQ6M0SzX17lZJjFVULNF4px4oPd4vkwC
OpldRjegtBw++MH4C+6SFFr9H3MBX4Q3CKv8JNp8lc0Jl3rt1OsfGh9pfeAIhwg/
yMqiOiYInn2iLUW0xy7HBFHVdUbuAVqC8ZM/lpDzA8GHyZfNJpWtru5uJ51Wwsu1
iMnObMjhbggdlULUuG+cy3UbUX7hL4dPaHMftBFtyuN1UUbu4W/BIMIPoDXZ7csu
oaSNSAF9v5pwvP4=
-----END CERTIFICATE-----
Generated at Sun Apr 27 00:14:43 2025 by rpki-client