Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/pg2Uo1mGaRZ4g8oAbIXuXT68ouw.roa
File: pg2Uo1mGaRZ4g8oAbIXuXT68ouw.roa (raw, json)
Hash identifier: dY7d7wlBY9scutfRZI+Jc0/ht66poZjZN1QodpAABEg=
Subject key identifier: A6:0D:94:A3:59:86:69:16:78:83:CA:00:6C:85:EE:5D:3E:BC:A2:EC
Certificate issuer: /CN=037862b4608c79f450295ec5c80c7c7ad6dfe2a2
Certificate serial: 01965C86A6B9414E6D5F18A9295B884D9C61
Authority key identifier: 03:78:62:B4:60:8C:79:F4:50:29:5E:C5:C8:0C:7C:7A:D6:DF:E2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/pg2Uo1mGaRZ4g8oAbIXuXT68ouw.roa
Signing time: Tue 22 Apr 2025 08:04:10 +0000
ROA not before: Tue 22 Apr 2025 08:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60609
IP address blocks: 185.37.212.0/24 maxlen: 24
185.37.213.0/24 maxlen: 24
185.37.214.0/24 maxlen: 24
185.37.215.0/24 maxlen: 24
185.77.156.0/24 maxlen: 24
185.77.157.0/24 maxlen: 24
185.77.159.0/24 maxlen: 24
185.86.11.0/24 maxlen: 24
185.158.168.0/23 maxlen: 23
185.158.168.0/24 maxlen: 24
185.158.169.0/24 maxlen: 24
185.158.170.0/23 maxlen: 23
185.158.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/A3hitGCMefRQKV7FyAx8etbf4qI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/A3hitGCMefRQKV7FyAx8etbf4qI.mft
rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 15:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5c:86:a6:b9:41:4e:6d:5f:18:a9:29:5b:88:4d:9c:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=037862b4608c79f450295ec5c80c7c7ad6dfe2a2
Validity
Not Before: Apr 22 08:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a60d94a3598669167883ca006c85ee5d3ebca2ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:05:53:08:93:00:ae:24:2b:6d:2d:7e:7f:38:
2a:21:42:47:8d:07:2a:44:fe:58:b4:f8:21:8f:be:
27:4b:fd:c3:5c:e4:59:67:87:ef:df:7b:c2:81:24:
e5:68:4a:d1:c9:83:88:1d:01:45:02:23:0c:0b:77:
4e:32:93:43:12:d5:3c:63:78:3e:ab:54:d8:c2:ed:
84:b4:74:ca:00:fb:70:5f:c7:f8:63:e3:43:01:56:
bf:bf:e1:4d:55:dd:6b:74:84:13:71:3d:95:62:4d:
91:85:ce:c1:49:01:65:93:a4:aa:cb:d1:8f:d1:2d:
d7:68:e8:2e:1d:2b:52:d7:b5:5f:34:9d:bf:b8:b2:
96:a8:cf:ef:0a:ac:0c:cd:07:ed:e2:4b:f3:97:98:
e8:26:75:a1:77:a4:43:b2:a8:db:f9:3e:1f:f6:af:
30:76:6f:1d:a7:56:ff:89:b9:d2:b8:4e:69:48:e6:
a1:9a:32:25:a8:2d:ab:2e:6b:69:24:25:fb:3f:1c:
bc:5a:b8:0f:19:0b:d6:75:1d:65:72:6d:5f:e4:90:
46:cb:fc:6c:a0:b7:4a:ad:f7:cc:7a:17:2d:4a:8b:
6e:e9:16:b7:04:3b:d6:9f:d5:a3:cf:1e:e6:cc:c6:
5e:f3:c7:16:d4:f5:3c:f6:a5:3a:7b:56:13:32:79:
91:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:0D:94:A3:59:86:69:16:78:83:CA:00:6C:85:EE:5D:3E:BC:A2:EC
X509v3 Authority Key Identifier:
keyid:03:78:62:B4:60:8C:79:F4:50:29:5E:C5:C8:0C:7C:7A:D6:DF:E2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/pg2Uo1mGaRZ4g8oAbIXuXT68ouw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/A3hitGCMefRQKV7FyAx8etbf4qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.212.0/22
185.77.156.0/23
185.77.159.0/24
185.86.11.0/24
185.158.168.0/22
Signature Algorithm: sha256WithRSAEncryption
43:0c:99:08:43:1b:86:bb:9b:79:f6:b5:63:e2:69:23:67:cd:
a1:93:d8:d8:f3:af:55:c4:f8:6e:51:83:90:ea:5a:1e:2e:99:
5d:ce:15:8b:5e:89:3d:c6:3c:fe:21:0e:b4:dd:e6:6d:9c:8a:
0a:38:1e:07:a0:85:23:d7:12:24:73:0c:22:a7:51:78:05:ee:
98:cb:d3:85:1a:a2:31:53:2d:e2:37:27:23:84:05:92:ef:0d:
d8:f0:b0:e5:67:77:77:51:c3:58:22:b4:ba:dc:64:3f:6a:72:
35:31:18:c4:5e:86:f7:b2:de:86:7e:26:02:fc:29:8e:c3:f1:
ba:e1:70:13:98:b7:d1:e2:a7:d5:79:95:29:76:0e:c0:ec:37:
e2:1d:64:c4:b4:c5:06:45:d3:c7:4b:79:1c:b9:66:d4:de:50:
29:7d:1f:f4:40:96:9b:2e:bb:aa:3f:77:88:6e:00:85:4d:dc:
8d:1e:a3:9a:79:b2:46:52:ad:7f:ca:c7:73:fe:ab:49:be:78:
80:b4:6a:da:20:f4:25:3e:76:10:c7:58:cd:af:fe:c0:60:45:
a1:e1:e6:77:b1:b8:1d:10:88:5c:70:a6:56:e7:72:82:44:93:
59:13:95:9c:54:aa:b9:fd:ff:3f:3b:cc:f1:8b:a5:11:b1:6d:
a3:2d:48:ac
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZZchqa5QU5tXxipKVuITZxhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNzg2MmI0NjA4Yzc5ZjQ1MDI5NWVjNWM4MGM3YzdhZDZk
ZmUyYTIwHhcNMjUwNDIyMDgwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjBkOTRhMzU5ODY2OTE2Nzg4M2NhMDA2Yzg1ZWU1ZDNlYmNhMmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAVTCJMAriQrbS1+fzgqIUJHjQcq
RP5YtPghj74nS/3DXORZZ4fv33vCgSTlaErRyYOIHQFFAiMMC3dOMpNDEtU8Y3g+
q1TYwu2EtHTKAPtwX8f4Y+NDAVa/v+FNVd1rdIQTcT2VYk2Rhc7BSQFlk6Sqy9GP
0S3XaOguHStS17VfNJ2/uLKWqM/vCqwMzQft4kvzl5joJnWhd6RDsqjb+T4f9q8w
dm8dp1b/ibnSuE5pSOahmjIlqC2rLmtpJCX7Pxy8WrgPGQvWdR1lcm1f5JBGy/xs
oLdKrffMehctSotu6Ra3BDvWn9Wjzx7mzMZe88cW1PU89qU6e1YTMnmRswIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKYNlKNZhmkWeIPKAGyF7l0+vKLsMB8GA1UdIwQY
MBaAFAN4YrRgjHn0UClexcgMfHrW3+KiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTNoaXRHQ01lZlJRS1Y3RnlBeDhldGJmNHFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xYWZlNTMtZjFiOC00MzE1LWFiMWMt
ZjQ3NGY3YmQzNTMxLzEvcGcyVW8xbUdhUlo0ZzhvQWJJWHVYVDY4b3V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8xYWZlNTMtZjFiOC00MzE1LWFiMWMtZjQ3NGY3YmQzNTMx
LzEvQTNoaXRHQ01lZlJRS1Y3RnlBeDhldGJmNHFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCuSXUAwQB
uU2cAwQAuU2fAwQAuVYLAwQCuZ6oMA0GCSqGSIb3DQEBCwUAA4IBAQBDDJkIQxuG
u5t59rVj4mkjZ82hk9jY869VxPhuUYOQ6loeLpldzhWLXok9xjz+IQ603eZtnIoK
OB4HoIUj1xIkcwwip1F4Be6Yy9OFGqIxUy3iNycjhAWS7w3Y8LDlZ3d3UcNYIrS6
3GQ/anI1MRjEXob3st6GfiYC/CmOw/G64XATmLfR4qfVeZUpdg7A7DfiHWTEtMUG
RdPHS3kcuWbU3lApfR/0QJabLruqP3eIbgCFTdyNHqOaebJGUq1/ysdz/qtJvniA
tGraIPQlPnYQx1jNr/7AYEWh4eZ3sbgdEIhccKZW53KCRJNZE5WcVKq5/f8/O8zx
i6URsW2jLUis
-----END CERTIFICATE-----
Generated at Mon Apr 28 23:27:45 2025 by rpki-client