Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/7vRCdt0mSgyrYgJjlprEKvJmrdA.roa
File: 7vRCdt0mSgyrYgJjlprEKvJmrdA.roa (raw, json)
Hash identifier: XAQ9AIgpF+RjaNi4VF0A5HMoaDgrCYFQn8dsLu9NQwM=
Subject key identifier: EE:F4:42:76:DD:26:4A:0C:AB:62:02:63:96:9A:C4:2A:F2:66:AD:D0
Certificate issuer: /CN=ba31bcf923c5f25cafbdabdfdd46e511f95df0d1
Certificate serial: 0196687C2CDA4BEBA1DEDF7FC8FCBB70E65B
Authority key identifier: BA:31:BC:F9:23:C5:F2:5C:AF:BD:AB:DF:DD:46:E5:11:F9:5D:F0:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/7vRCdt0mSgyrYgJjlprEKvJmrdA.roa
Signing time: Thu 24 Apr 2025 15:48:10 +0000
ROA not before: Thu 24 Apr 2025 15:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20904
IP address blocks: 5.61.94.0/24 maxlen: 24
37.35.80.0/21 maxlen: 24
46.254.208.0/22 maxlen: 22
46.254.208.0/24 maxlen: 24
46.254.210.0/24 maxlen: 24
46.254.211.0/24 maxlen: 24
77.95.242.0/24 maxlen: 24
77.95.245.0/24 maxlen: 24
77.95.246.0/23 maxlen: 23
80.75.96.0/20 maxlen: 20
80.75.106.0/24 maxlen: 24
93.174.192.0/21 maxlen: 22
149.126.176.0/21 maxlen: 21
185.16.168.0/22 maxlen: 22
185.25.76.0/22 maxlen: 22
185.67.80.0/22 maxlen: 22
188.64.0.0/21 maxlen: 21
2a00:1a58::/32 maxlen: 32
2a00:74a0::/32 maxlen: 32
2a04:240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ujG8-SPF8lyvvavf3UblEfld8NE.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ujG8-SPF8lyvvavf3UblEfld8NE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:68:7c:2c:da:4b:eb:a1:de:df:7f:c8:fc:bb:70:e6:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba31bcf923c5f25cafbdabdfdd46e511f95df0d1
Validity
Not Before: Apr 24 15:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eef44276dd264a0cab620263969ac42af266add0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:38:20:fd:1a:d6:f7:4f:98:3a:c0:eb:56:70:
14:be:8a:b3:12:ca:b2:65:57:27:33:6d:9d:14:8c:
41:f0:65:6f:e6:cd:55:5e:b5:3f:59:9a:c7:79:28:
d6:3b:02:9f:d0:b5:8a:b0:fd:21:f1:4e:4a:38:0c:
f6:f0:b2:79:52:1c:f6:ac:9a:72:58:9b:55:b6:59:
83:dd:9c:3e:9c:c1:f7:ab:01:4c:be:ce:47:c4:24:
7b:b0:cf:8b:ff:de:a6:ec:e9:a5:0d:13:f2:a2:98:
4a:ce:2d:24:01:ab:80:bf:fb:30:68:a3:6b:15:be:
e2:7c:dd:03:3f:9e:55:7e:cf:9b:f6:07:ef:96:6c:
26:1f:f6:09:cb:b3:fd:91:97:c4:b0:d3:0d:3d:69:
4d:55:c8:b2:b3:fd:9e:0b:85:7f:e6:32:49:d8:6d:
46:14:8b:3d:0d:9e:0c:3a:52:32:f3:cb:0b:f5:bc:
58:ad:ee:2a:e7:c3:38:ac:c7:72:24:c2:96:91:d5:
3c:fa:50:66:2d:6a:95:55:db:85:59:eb:19:a5:8f:
58:29:0f:c4:4a:26:a2:18:ff:b9:ea:ef:7f:89:fa:
e2:94:dc:27:6c:a8:ef:5e:16:82:cc:90:7f:94:88:
2b:4b:65:ba:35:73:83:6e:af:a1:d6:eb:d7:11:ba:
fb:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:F4:42:76:DD:26:4A:0C:AB:62:02:63:96:9A:C4:2A:F2:66:AD:D0
X509v3 Authority Key Identifier:
keyid:BA:31:BC:F9:23:C5:F2:5C:AF:BD:AB:DF:DD:46:E5:11:F9:5D:F0:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/7vRCdt0mSgyrYgJjlprEKvJmrdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ujG8-SPF8lyvvavf3UblEfld8NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.94.0/24
37.35.80.0/21
46.254.208.0/22
77.95.242.0/24
77.95.245.0-77.95.247.255
80.75.96.0/20
93.174.192.0/21
149.126.176.0/21
185.16.168.0/22
185.25.76.0/22
185.67.80.0/22
188.64.0.0/21
IPv6:
2a00:1a58::/32
2a00:74a0::/32
2a04:240::/29
Signature Algorithm: sha256WithRSAEncryption
4c:0c:05:49:3d:7f:f8:78:b3:46:93:d5:c4:bd:01:3c:cd:74:
b7:56:3d:53:19:6a:9f:38:61:12:d0:54:29:9b:c8:bb:cb:23:
2f:2d:ed:61:10:89:4f:20:4c:72:71:fb:57:aa:84:cb:89:0a:
1f:62:1f:b3:66:fb:a0:07:3b:c5:3c:e7:1d:2c:a7:e3:20:f0:
3c:45:80:c2:fd:cb:45:0e:b8:6d:f1:83:79:fc:38:28:f8:5a:
31:20:ce:6b:c4:2f:68:22:83:3c:1e:62:c8:a8:69:d9:64:bd:
ab:60:8b:de:17:6b:95:11:af:4d:48:69:5a:4e:39:22:a5:6b:
ca:71:93:69:47:26:65:c9:a7:3d:d5:99:07:d8:1a:c2:ba:3c:
94:a8:b5:60:e3:7d:e3:59:37:0b:6d:6a:a8:36:99:8e:21:37:
a6:72:02:a8:f7:7f:86:69:20:a5:9e:5b:0f:d3:25:d9:e1:85:
e6:03:00:b3:aa:f8:fd:a1:5d:23:85:2b:03:67:57:55:6e:f2:
d7:54:46:e7:2f:10:e0:38:81:46:43:7a:b9:53:7a:93:93:24:
24:c3:b0:18:24:19:18:03:aa:24:d8:c0:fe:33:d6:1a:52:27:
b3:29:4f:f0:84:a0:b4:9f:a1:9b:e2:8e:7c:13:57:7e:5c:31:
b5:5b:19:92
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAZZofCzaS+uh3t9/yPy7cOZbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMzFiY2Y5MjNjNWYyNWNhZmJkYWJkZmRkNDZlNTExZjk1
ZGYwZDEwHhcNMjUwNDI0MTU0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWY0NDI3NmRkMjY0YTBjYWI2MjAyNjM5NjlhYzQyYWYyNjZhZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Tgg/RrW90+YOsDrVnAUvoqzEsqy
ZVcnM22dFIxB8GVv5s1VXrU/WZrHeSjWOwKf0LWKsP0h8U5KOAz28LJ5Uhz2rJpy
WJtVtlmD3Zw+nMH3qwFMvs5HxCR7sM+L/96m7OmlDRPyophKzi0kAauAv/swaKNr
Fb7ifN0DP55Vfs+b9gfvlmwmH/YJy7P9kZfEsNMNPWlNVciys/2eC4V/5jJJ2G1G
FIs9DZ4MOlIy88sL9bxYre4q58M4rMdyJMKWkdU8+lBmLWqVVduFWesZpY9YKQ/E
SiaiGP+56u9/ifrilNwnbKjvXhaCzJB/lIgrS2W6NXODbq+h1uvXEbr7KwIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFO70QnbdJkoMq2ICY5aaxCryZq3QMB8GA1UdIwQY
MBaAFLoxvPkjxfJcr72r391G5RH5XfDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWpHOC1TUEY4bHl2dmF2ZjNVYmxFZmxkOE5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83NmE3ZjEtNzQ4ZC00MDZjLWE1MWYt
MWJhMzQzZjE3ZWMyLzEvN3ZSQ2R0MG1TZ3lyWWdKamxwckVLdkptcmRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83NmE3ZjEtNzQ4ZC00MDZjLWE1MWYtMWJhMzQzZjE3ZWMy
LzEvdWpHOC1TUEY4bHl2dmF2ZjNVYmxFZmxkOE5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwVgQCAAEwUAMEAAU9XgME
AyUjUAMEAi7+0AMEAE1f8jAMAwQATV/1AwQDTV/wAwQEUEtgAwQDXa7AAwQDlX6w
AwQCuRCoAwQCuRlMAwQCuUNQAwQDvEAAMBsEAgACMBUDBQAqABpYAwUAKgB0oAMF
AyoEAkAwDQYJKoZIhvcNAQELBQADggEBAEwMBUk9f/h4s0aT1cS9ATzNdLdWPVMZ
ap84YRLQVCmbyLvLIy8t7WEQiU8gTHJx+1eqhMuJCh9iH7Nm+6AHO8U85x0sp+Mg
8DxFgML9y0UOuG3xg3n8OCj4WjEgzmvEL2gigzweYsioadlkvatgi94Xa5URr01I
aVpOOSKla8pxk2lHJmXJpz3VmQfYGsK6PJSotWDjfeNZNwttaqg2mY4hN6ZyAqj3
f4ZpIKWeWw/TJdnhheYDALOq+P2hXSOFKwNnV1Vu8tdURucvEOA4gUZDerlTepOT
JCTDsBgkGRgDqiTYwP4z1hpSJ7MpT/CEoLSfoZvijnwTV35cMbVbGZI=
-----END CERTIFICATE-----
Generated at Tue Apr 29 05:53:53 2025 by rpki-client