Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/ujnhV8Opl7rPc_VLJe9oWdnsfZo.roa
File: ujnhV8Opl7rPc_VLJe9oWdnsfZo.roa (raw, json)
Hash identifier: nAwtKj7g3ynj1in/AG8n1Nua6ASmEjUSoAVAQeOJNow=
Subject key identifier: BA:39:E1:57:C3:A9:97:BA:CF:73:F5:4B:25:EF:68:59:D9:EC:7D:9A
Certificate issuer: /CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Certificate serial: 0196922D63D063B629687DFA71DDB9CC070F
Authority key identifier: 18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/ujnhV8Opl7rPc_VLJe9oWdnsfZo.roa
Signing time: Fri 02 May 2025 18:06:10 +0000
ROA not before: Fri 02 May 2025 18:06:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48716
IP address blocks: 77.240.38.0/23 maxlen: 24
77.243.80.0/23 maxlen: 24
78.40.108.0/23 maxlen: 24
82.115.40.0/22 maxlen: 24
82.115.50.0/23 maxlen: 24
85.202.194.0/23 maxlen: 24
89.219.32.0/22 maxlen: 24
91.147.92.0/22 maxlen: 22
91.147.92.0/24 maxlen: 24
91.147.93.0/24 maxlen: 24
91.147.94.0/24 maxlen: 24
91.147.95.0/24 maxlen: 24
91.147.104.0/22 maxlen: 24
91.201.214.0/23 maxlen: 24
91.215.136.0/22 maxlen: 24
91.215.136.0/24 maxlen: 24
91.215.137.0/24 maxlen: 32
91.215.139.0/24 maxlen: 32
94.247.128.0/21 maxlen: 24
109.233.108.0/22 maxlen: 32
185.4.180.0/22 maxlen: 24
185.22.64.0/22 maxlen: 24
185.35.222.0/23 maxlen: 24
185.102.72.0/22 maxlen: 24
185.146.0.0/22 maxlen: 24
194.32.140.0/22 maxlen: 24
194.39.64.0/22 maxlen: 24
194.39.64.0/23 maxlen: 24
194.39.66.0/24 maxlen: 24
194.39.67.0/24 maxlen: 24
194.110.54.0/23 maxlen: 24
195.49.208.0/21 maxlen: 21
195.49.209.0/24 maxlen: 24
195.49.210.0/23 maxlen: 23
195.49.210.0/24 maxlen: 24
195.49.211.0/24 maxlen: 24
195.49.212.0/22 maxlen: 22
195.49.212.0/24 maxlen: 24
195.49.213.0/24 maxlen: 24
195.49.214.0/24 maxlen: 24
195.49.215.0/24 maxlen: 24
195.93.152.0/23 maxlen: 24
195.210.46.0/23 maxlen: 24
2a00:5da0::/36 maxlen: 48
2a00:5da0:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.mft
rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:92:2d:63:d0:63:b6:29:68:7d:fa:71:dd:b9:cc:07:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Validity
Not Before: May 2 18:06:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba39e157c3a997bacf73f54b25ef6859d9ec7d9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ea:0a:dc:e0:b8:6a:71:8e:9f:f3:ad:b0:02:
5a:c0:12:9b:d7:61:30:8b:70:95:53:ce:a5:ed:8f:
92:ab:28:62:cf:a2:7a:f6:fc:8e:86:ec:82:58:80:
e4:53:8a:6e:38:84:26:e4:55:ee:67:95:a5:fe:c3:
33:2e:ff:41:86:54:2c:7b:d1:5f:0e:a8:5c:61:93:
0e:3d:9a:0c:ed:b4:d4:7f:ce:2d:a8:21:ac:a9:80:
4a:30:26:3e:a9:ad:24:5d:8c:8e:0e:dc:4d:74:f7:
54:b4:48:2d:c6:30:c5:5c:44:24:b7:d9:6a:d5:9e:
9a:3c:0d:5e:fe:48:c3:69:bc:82:37:3b:02:78:5d:
b9:45:8b:48:20:ca:79:5f:78:f3:f1:af:ef:51:f9:
4a:ac:36:ff:29:4b:f2:a4:de:21:1b:d4:94:2f:3d:
80:64:15:20:18:89:14:76:47:12:6a:7e:6f:95:e7:
21:49:75:a2:5f:36:78:35:16:f6:35:96:68:bb:66:
31:02:c0:56:4e:9f:12:a0:47:b5:b2:1d:9e:75:3c:
aa:4e:26:d7:50:47:c4:93:29:9d:1b:d9:6f:6d:4d:
c5:00:56:88:82:f6:eb:1c:78:e0:62:d9:54:65:8c:
a7:56:5c:4d:dd:03:82:a6:3f:3b:b9:90:ca:5b:3f:
54:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:39:E1:57:C3:A9:97:BA:CF:73:F5:4B:25:EF:68:59:D9:EC:7D:9A
X509v3 Authority Key Identifier:
keyid:18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/ujnhV8Opl7rPc_VLJe9oWdnsfZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.38.0/23
77.243.80.0/23
78.40.108.0/23
82.115.40.0/22
82.115.50.0/23
85.202.194.0/23
89.219.32.0/22
91.147.92.0/22
91.147.104.0/22
91.201.214.0/23
91.215.136.0/22
94.247.128.0/21
109.233.108.0/22
185.4.180.0/22
185.22.64.0/22
185.35.222.0/23
185.102.72.0/22
185.146.0.0/22
194.32.140.0/22
194.39.64.0/22
194.110.54.0/23
195.49.208.0/21
195.93.152.0/23
195.210.46.0/23
IPv6:
2a00:5da0::/35
Signature Algorithm: sha256WithRSAEncryption
13:13:c7:53:c5:0f:c7:bc:f4:f9:ff:4c:c0:90:93:63:d5:73:
86:4b:75:08:58:8c:5f:fd:3b:e9:73:42:36:cb:ae:24:6e:b6:
4a:5b:4a:3a:f7:5b:7d:aa:10:dc:cf:4c:77:2f:00:e3:38:64:
e9:1c:3d:64:6b:79:29:ef:ab:d8:aa:ca:1e:78:34:89:05:42:
1c:92:77:be:75:9c:4c:2d:9b:d7:af:d3:c4:e3:11:d6:ae:2e:
58:af:57:ea:3f:74:72:94:8e:f5:14:b7:17:de:b9:0b:e0:d7:
d5:a6:67:c0:26:3a:c4:1c:e1:a1:d2:ad:f0:b1:0c:06:b0:c5:
98:6b:68:b5:53:e7:1a:f0:22:68:a8:62:8a:17:55:b3:e3:51:
95:20:e5:00:db:7f:ae:2c:99:50:47:41:6c:13:a0:22:25:e8:
b1:b2:7c:c4:0c:27:b0:a4:fc:9e:81:a6:d4:78:c7:6d:bd:98:
d0:e5:0a:0e:96:33:0b:c9:b5:35:2d:b4:ab:16:5b:6a:b2:b7:
63:24:95:eb:88:88:cd:f5:e5:36:64:1c:8f:99:3c:c7:ca:cd:
60:bd:0d:df:13:47:39:eb:a2:a2:1c:6c:7b:fe:83:4e:4a:53:
60:e2:6b:52:ef:a5:98:96:d9:64:3d:26:42:51:88:ba:84:27:
f0:64:d6:16
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAZaSLWPQY7YpaH36cd25zAcPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDdiNTlkMjFlYTM2YjMwNjJmY2E4MGNlNzVjMTYxNmFm
NTExOWEwHhcNMjUwNTAyMTgwNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTM5ZTE1N2MzYTk5N2JhY2Y3M2Y1NGIyNWVmNjg1OWQ5ZWM3ZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOoK3OC4anGOn/OtsAJawBKb12Ew
i3CVU86l7Y+Sqyhiz6J69vyOhuyCWIDkU4puOIQm5FXuZ5Wl/sMzLv9BhlQse9Ff
DqhcYZMOPZoM7bTUf84tqCGsqYBKMCY+qa0kXYyODtxNdPdUtEgtxjDFXEQkt9lq
1Z6aPA1e/kjDabyCNzsCeF25RYtIIMp5X3jz8a/vUflKrDb/KUvypN4hG9SULz2A
ZBUgGIkUdkcSan5vlechSXWiXzZ4NRb2NZZou2YxAsBWTp8SoEe1sh2edTyqTibX
UEfEkymdG9lvbU3FAFaIgvbrHHjgYtlUZYynVlxN3QOCpj87uZDKWz9UsQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFLo54VfDqZe6z3P1SyXvaFnZ7H2aMB8GA1UdIwQY
MBaAFBhHtZ0h6jazBi/KgM51wWFq9RGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTIt
ZjkxYmI1MTc5MjE3LzEvdWpuaFY4T3BsN3JQY19WTEplOW9XZG5zZlpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTItZjkxYmI1MTc5MjE3
LzEvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBlwQCAAEwgZADBAFN
8CYDBAFN81ADBAFOKGwDBAJScygDBAFSczIDBAFVysIDBAJZ2yADBAJbk1wDBAJb
k2gDBAFbydYDBAJb14gDBANe94ADBAJt6WwDBAK5BLQDBAK5FkADBAG5I94DBAK5
ZkgDBAK5kgADBALCIIwDBALCJ0ADBAHCbjYDBAPDMdADBAHDXZgDBAHD0i4wDgQC
AAIwCAMGBSoAXaAAMA0GCSqGSIb3DQEBCwUAA4IBAQATE8dTxQ/HvPT5/0zAkJNj
1XOGS3UIWIxf/Tvpc0I2y64kbrZKW0o691t9qhDcz0x3LwDjOGTpHD1ka3kp76vY
qsoeeDSJBUIckne+dZxMLZvXr9PE4xHWri5Yr1fqP3RylI71FLcX3rkL4NfVpmfA
JjrEHOGh0q3wsQwGsMWYa2i1U+ca8CJoqGKKF1Wz41GVIOUA23+uLJlQR0FsE6Ai
JeixsnzEDCewpPyegabUeMdtvZjQ5QoOljMLybU1LbSrFltqsrdjJJXriIjN9eU2
ZByPmTzHys1gvQ3fE0c566KiHGx7/oNOSlNg4mtS76WYltlkPSZCUYi6hCfwZNYW
-----END CERTIFICATE-----
Generated at Tue May 6 05:39:56 2025 by rpki-client