Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/DLVyMXEFc4HCeGjKSW4Cx2Pnr78.roa
File: DLVyMXEFc4HCeGjKSW4Cx2Pnr78.roa (raw, json)
Hash identifier: ZQmXU2vc4afgIjjUGFHs8aXtb7R/hrU5Q7fUBkSefzs=
Subject key identifier: 0C:B5:72:31:71:05:73:81:C2:78:68:CA:49:6E:02:C7:63:E7:AF:BF
Certificate issuer: /CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Certificate serial: 0196686F5B51680FC7A7826DF5FA415938C2
Authority key identifier: 65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/DLVyMXEFc4HCeGjKSW4Cx2Pnr78.roa
Signing time: Thu 24 Apr 2025 15:34:10 +0000
ROA not before: Thu 24 Apr 2025 15:34:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4637
IP address blocks: 146.101.0.0/16 maxlen: 24
146.101.64.0/24 maxlen: 24
146.101.65.0/24 maxlen: 24
154.8.0.0/19 maxlen: 24
154.8.32.0/20 maxlen: 24
154.32.0.0/16 maxlen: 24
193.82.96.0/19 maxlen: 24
193.82.128.0/19 maxlen: 24
193.82.159.0/24 maxlen: 24
193.82.192.0/19 maxlen: 24
193.117.32.0/19 maxlen: 24
195.152.0.0/15 maxlen: 24
195.153.19.0/24 maxlen: 24
195.153.74.0/24 maxlen: 24
195.153.108.0/22 maxlen: 22
195.153.124.0/24 maxlen: 24
195.153.216.0/24 maxlen: 24
195.153.217.0/24 maxlen: 24
217.151.32.0/20 maxlen: 24
2a02:1620::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 21:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:68:6f:5b:51:68:0f:c7:a7:82:6d:f5:fa:41:59:38:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Validity
Not Before: Apr 24 15:34:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0cb5723171057381c27868ca496e02c763e7afbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:fd:fb:49:f7:df:a3:9c:ec:dc:85:4c:91:5f:
14:57:99:ac:9f:b1:6d:41:55:73:ad:41:44:01:93:
ee:8e:58:da:a3:f5:f6:67:06:0d:70:0e:1f:f2:d9:
4f:89:76:38:b3:b3:8f:6c:c9:df:e8:0e:8c:e4:ee:
d6:75:6b:46:6c:b0:e1:2d:1c:a4:76:72:15:b4:a4:
50:4a:5a:87:88:97:18:e5:44:9d:90:f6:13:00:91:
af:5a:fb:f3:c3:1e:da:f4:46:76:1b:0f:b3:d6:b7:
89:58:be:48:1a:2b:c4:2e:52:90:b0:a6:52:2f:79:
ff:39:1d:c7:37:33:39:37:4b:04:cc:26:07:59:b1:
11:25:0c:c8:a3:ec:3a:a1:a5:6e:9d:b7:13:bd:cf:
e8:06:73:96:7b:31:50:44:54:ba:77:40:8f:75:ca:
1f:4f:11:d7:f8:0e:88:1c:61:ac:ce:65:42:74:a1:
b5:e4:17:18:e3:cd:5e:40:d4:fb:e4:2c:cc:92:27:
6a:5c:6f:af:3c:f7:98:00:e3:a3:dd:7b:eb:2d:d8:
ff:46:c0:64:c9:6d:83:6f:b9:b3:54:4f:2d:ec:c1:
86:e5:4c:3c:52:61:dc:a0:bd:0d:77:c0:02:cb:be:
46:eb:dc:b4:2e:6f:52:33:cb:59:cd:bc:2e:0d:25:
d8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:B5:72:31:71:05:73:81:C2:78:68:CA:49:6E:02:C7:63:E7:AF:BF
X509v3 Authority Key Identifier:
keyid:65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/DLVyMXEFc4HCeGjKSW4Cx2Pnr78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.101.0.0/16
154.8.0.0-154.8.47.255
154.32.0.0/16
193.82.96.0-193.82.159.255
193.82.192.0/19
193.117.32.0/19
195.152.0.0/15
217.151.32.0/20
IPv6:
2a02:1620::/32
Signature Algorithm: sha256WithRSAEncryption
54:89:51:a4:1a:4e:33:17:48:61:4c:1e:0a:29:5e:69:d2:8e:
1a:3a:43:3b:a4:f0:b5:b3:15:76:bb:11:ce:18:8a:f9:9f:33:
40:bc:7f:c3:dd:db:99:f2:ea:3e:6b:54:0b:81:a2:79:38:79:
4b:4b:9e:d0:55:a9:c1:ab:f6:bd:52:13:dc:46:c9:b9:4c:a8:
a6:1b:0a:fc:5a:3b:fa:56:7f:78:98:67:1b:47:23:a8:d1:3c:
b4:5b:77:c3:3e:1b:54:1c:ed:06:d9:8d:1f:6e:91:52:35:4b:
66:72:e6:53:42:88:8a:02:4d:b5:c1:33:f6:4e:61:ce:43:61:
33:44:68:aa:9d:d2:9f:3d:a8:f8:99:37:e9:aa:f9:d5:2b:ea:
0b:ad:07:e1:d4:5d:87:bb:77:e5:ac:6a:f1:3b:88:ba:93:54:
08:1f:7b:c3:98:08:7f:31:7d:50:a4:65:fc:de:fb:91:77:b0:
bf:00:07:24:e6:7c:78:ad:2d:7a:e5:57:c3:b2:4e:09:52:a2:
b9:0a:32:fd:f4:fd:ba:be:66:2f:e0:6c:a7:e4:3f:88:06:6d:
39:ff:4f:d0:14:67:7e:46:ac:71:10:4b:da:96:53:ee:24:8b:
e9:71:6a:a7:96:8b:b8:c5:a7:00:66:25:99:4c:f4:4f:54:90:
33:3b:50:1f
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZZob1tRaA/Hp4Jt9fpBWTjCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2Y1NTYyOTEyMWI2MGZiMTljOTdmOTljNzVkZDZmMDE1
ZGQ2ZTgwHhcNMjUwNDI0MTUzNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2I1NzIzMTcxMDU3MzgxYzI3ODY4Y2E0OTZlMDJjNzYzZTdhZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0v37Sfffo5zs3IVMkV8UV5msn7Ft
QVVzrUFEAZPujljao/X2ZwYNcA4f8tlPiXY4s7OPbMnf6A6M5O7WdWtGbLDhLRyk
dnIVtKRQSlqHiJcY5USdkPYTAJGvWvvzwx7a9EZ2Gw+z1reJWL5IGivELlKQsKZS
L3n/OR3HNzM5N0sEzCYHWbERJQzIo+w6oaVunbcTvc/oBnOWezFQRFS6d0CPdcof
TxHX+A6IHGGszmVCdKG15BcY481eQNT75CzMkidqXG+vPPeYAOOj3XvrLdj/RsBk
yW2Db7mzVE8t7MGG5Uw8UmHcoL0Nd8ACy75G69y0Lm9SM8tZzbwuDSXYQQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFAy1cjFxBXOBwnhoykluAsdj56+/MB8GA1UdIwQY
MBaAFGU/VWKRIbYPsZyX+Zx13W8BXdboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQt
MjkyNmQyODFiNTE0LzEvRExWeU1YRUZjNEhDZUdqS1NXNEN4MlBucjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQtMjkyNmQyODFiNTE0
LzEvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwMAkmUwCwMD
A5oIAwQEmgggAwMAmiAwDAMEBcFSYAMEBcFSgAMEBcFSwAMEBcF1IAMDAcOYAwQE
2ZcgMA0EAgACMAcDBQAqAhYgMA0GCSqGSIb3DQEBCwUAA4IBAQBUiVGkGk4zF0hh
TB4KKV5p0o4aOkM7pPC1sxV2uxHOGIr5nzNAvH/D3duZ8uo+a1QLgaJ5OHlLS57Q
VanBq/a9UhPcRsm5TKimGwr8Wjv6Vn94mGcbRyOo0Ty0W3fDPhtUHO0G2Y0fbpFS
NUtmcuZTQoiKAk21wTP2TmHOQ2EzRGiqndKfPaj4mTfpqvnVK+oLrQfh1F2Hu3fl
rGrxO4i6k1QIH3vDmAh/MX1QpGX83vuRd7C/AAck5nx4rS165VfDsk4JUqK5CjL9
9P26vmYv4Gyn5D+IBm05/0/QFGd+RqxxEEvallPuJIvpcWqnlou4xacAZiWZTPRP
VJAzO1Af
-----END CERTIFICATE-----
Generated at Wed Apr 30 05:33:25 2025 by rpki-client