Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/gMOpcDS-6D1urv95yBoSh6fps-8.roa
File: gMOpcDS-6D1urv95yBoSh6fps-8.roa (raw, json)
Hash identifier: VpLhKxWrQpWJozlsoXPLspaPhxOAcGZXnMRF3JTuudw=
Subject key identifier: 80:C3:A9:70:34:BE:E8:3D:6E:AE:FF:79:C8:1A:12:87:A7:E9:B3:EF
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019666D274DC59B0D5D0205C19F236110B33
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/gMOpcDS-6D1urv95yBoSh6fps-8.roa
Signing time: Thu 24 Apr 2025 08:03:10 +0000
ROA not before: Thu 24 Apr 2025 08:03:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29262
IP address blocks: 46.29.26.0/24 maxlen: 24
46.29.27.0/24 maxlen: 24
93.190.12.0/24 maxlen: 24
93.190.13.0/24 maxlen: 24
160.20.108.0/24 maxlen: 24
160.20.109.0/24 maxlen: 24
185.85.189.0/24 maxlen: 24
185.85.190.0/24 maxlen: 24
185.85.191.0/24 maxlen: 24
185.85.237.0/24 maxlen: 24
185.85.238.0/24 maxlen: 24
185.85.239.0/24 maxlen: 24
185.86.5.0/24 maxlen: 24
185.86.13.0/24 maxlen: 24
185.86.153.0/24 maxlen: 24
185.86.154.0/24 maxlen: 24
185.86.164.0/24 maxlen: 24
185.86.165.0/24 maxlen: 24
185.86.166.0/24 maxlen: 24
185.86.167.0/24 maxlen: 24
185.87.24.0/24 maxlen: 24
185.87.26.0/24 maxlen: 24
185.87.27.0/24 maxlen: 24
185.87.121.0/24 maxlen: 24
185.87.122.0/24 maxlen: 24
185.87.123.0/24 maxlen: 24
185.98.60.0/24 maxlen: 24
185.119.80.0/24 maxlen: 24
185.119.81.0/24 maxlen: 24
185.119.82.0/24 maxlen: 24
185.119.83.0/24 maxlen: 24
185.141.32.0/24 maxlen: 24
2a0b:6780::/29 maxlen: 29
2a0c:67c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 17:53:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:66:d2:74:dc:59:b0:d5:d0:20:5c:19:f2:36:11:0b:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Apr 24 08:03:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80c3a97034bee83d6eaeff79c81a1287a7e9b3ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:79:87:a6:20:39:ca:f0:33:00:0d:88:a7:aa:
55:da:ea:21:8b:05:64:1a:70:f2:fd:61:0b:64:71:
2d:ae:03:af:38:a1:d1:08:56:2e:d6:f1:86:ce:7f:
3a:2c:bb:f7:8f:24:63:c5:ad:ac:db:d0:80:48:67:
e3:b9:e2:10:d8:ba:0c:1c:a2:db:44:b9:b4:ab:55:
de:8d:38:b9:ff:6b:b5:a6:5c:23:a4:02:dd:1f:34:
30:2c:e6:9a:ec:5d:c0:82:59:af:bb:3d:18:4f:9d:
13:fe:97:e4:7d:6f:9c:f6:9c:c8:79:db:1c:2d:e3:
65:e8:8f:b5:3b:11:00:07:99:24:2a:1f:7b:d2:8f:
9e:ed:d4:f8:f8:21:2a:64:09:42:ac:02:f1:d9:b4:
c8:7a:68:ce:58:77:ae:93:8b:54:92:cf:58:9e:16:
21:60:5a:97:00:49:bb:1e:6f:e5:61:57:a5:5f:c0:
5a:97:26:a0:38:ce:47:e4:e2:7a:0a:5c:5c:ed:5b:
8d:82:af:9a:f2:84:75:b6:93:03:93:36:b5:00:55:
c7:60:e3:3a:60:e7:60:4d:5f:73:b0:a7:15:db:6d:
65:16:2d:d5:08:48:db:d6:3a:1e:b9:09:07:cc:ac:
8c:a2:d7:1e:da:6c:49:23:b5:39:45:e3:fa:c0:68:
52:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:C3:A9:70:34:BE:E8:3D:6E:AE:FF:79:C8:1A:12:87:A7:E9:B3:EF
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/gMOpcDS-6D1urv95yBoSh6fps-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.26.0/23
93.190.12.0/23
160.20.108.0/23
185.85.189.0-185.85.191.255
185.85.237.0-185.85.239.255
185.86.5.0/24
185.86.13.0/24
185.86.153.0-185.86.154.255
185.86.164.0/22
185.87.24.0/24
185.87.26.0/23
185.87.121.0-185.87.123.255
185.98.60.0/24
185.119.80.0/22
185.141.32.0/24
IPv6:
2a0b:6780::/29
2a0c:67c0::/29
Signature Algorithm: sha256WithRSAEncryption
0e:7d:47:e1:60:cb:aa:70:69:1f:6b:ca:e8:35:0f:e1:a3:e8:
6b:8c:fa:e5:7a:64:5a:c8:67:ce:ce:b0:c5:15:67:ee:01:25:
fe:70:ef:b4:96:28:8e:d3:cc:51:b1:64:02:7b:ac:2b:63:ba:
e8:21:82:4a:70:a4:17:85:ff:f4:c5:c1:e1:05:a5:71:aa:1e:
48:b9:7b:ac:2d:b9:05:cb:f7:3f:35:0d:7c:77:70:62:92:e3:
82:00:fe:84:7f:2d:93:80:8a:c4:22:c5:3c:ad:8d:c3:b4:d9:
11:97:b8:64:79:90:6e:85:15:18:f7:2c:08:8f:43:56:a6:5e:
2a:f4:ae:51:7a:07:e3:8b:05:e2:ea:f1:12:e0:88:80:77:88:
b8:69:93:61:27:a5:10:53:5c:16:59:bd:e1:b6:0d:bc:c3:4a:
08:5f:b7:d6:9b:86:db:1e:d1:ea:a1:b1:13:a3:2b:46:f5:9b:
9b:3e:87:08:b4:c9:9f:84:41:dc:91:5c:f1:0e:6d:88:32:0b:
9c:54:a7:c4:ee:4d:5a:66:36:92:72:c4:d2:59:ad:65:5e:d5:
26:2a:94:a8:d5:43:c6:78:28:f5:6b:69:a4:8a:fe:c2:6f:5e:
3f:ab:b6:78:a2:7f:ad:8f:6d:ea:d6:ad:37:9c:e3:13:bb:48:
9b:f1:1f:a9
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAZZm0nTcWbDV0CBcGfI2EQszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwNDI0MDgwMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGMzYTk3MDM0YmVlODNkNmVhZWZmNzljODFhMTI4N2E3ZTliM2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnmHpiA5yvAzAA2Ip6pV2uohiwVk
GnDy/WELZHEtrgOvOKHRCFYu1vGGzn86LLv3jyRjxa2s29CASGfjueIQ2LoMHKLb
RLm0q1XejTi5/2u1plwjpALdHzQwLOaa7F3Aglmvuz0YT50T/pfkfW+c9pzIedsc
LeNl6I+1OxEAB5kkKh970o+e7dT4+CEqZAlCrALx2bTIemjOWHeuk4tUks9YnhYh
YFqXAEm7Hm/lYVelX8BalyagOM5H5OJ6Clxc7VuNgq+a8oR1tpMDkza1AFXHYOM6
YOdgTV9zsKcV221lFi3VCEjb1joeuQkHzKyMotce2mxJI7U5ReP6wGhSnQIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFIDDqXA0vug9bq7/ecgaEoen6bPvMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvZ01PcGNEUy02RDF1cnY5NXlCb1NoNmZwcy04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBgAQCAAEwegMEAS4d
GgMEAV2+DAMEAaAUbDAMAwQAuVW9AwQGuVWAMAwDBAC5Ve0DBAS5VeADBAC5VgUD
BAC5Vg0wDAMEALlWmQMEALlWmgMEArlWpAMEALlXGAMEAblXGjAMAwQAuVd5AwQC
uVd4AwQAuWI8AwQCuXdQAwQAuY0gMBQEAgACMA4DBQMqC2eAAwUDKgxnwDANBgkq
hkiG9w0BAQsFAAOCAQEADn1H4WDLqnBpH2vK6DUP4aPoa4z65XpkWshnzs6wxRVn
7gEl/nDvtJYojtPMUbFkAnusK2O66CGCSnCkF4X/9MXB4QWlcaoeSLl7rC25Bcv3
PzUNfHdwYpLjggD+hH8tk4CKxCLFPK2Nw7TZEZe4ZHmQboUVGPcsCI9DVqZeKvSu
UXoH44sF4urxEuCIgHeIuGmTYSelEFNcFlm94bYNvMNKCF+31puG2x7R6qGxE6Mr
RvWbmz6HCLTJn4RB3JFc8Q5tiDILnFSnxO5NWmY2knLE0lmtZV7VJiqUqNVDxngo
9WtppIr+wm9eP6u2eKJ/rY9t6tatN5zjE7tIm/EfqQ==
-----END CERTIFICATE-----
Generated at Sat May 10 02:15:59 2025 by rpki-client