Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Gr7zJMS6gp3Jd_3ynZHkdVMj5Mc.roa
File: Gr7zJMS6gp3Jd_3ynZHkdVMj5Mc.roa (raw, json)
Hash identifier: wrqmphWmaIWTTqjMl/+FdWYUkmmsYJLYFEsi+s8H0ZM=
Subject key identifier: 1A:BE:F3:24:C4:BA:82:9D:C9:77:FD:F2:9D:91:E4:75:53:23:E4:C7
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01969F225C5A5FA000A3C701DBB391BF1C21
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Gr7zJMS6gp3Jd_3ynZHkdVMj5Mc.roa
Signing time: Mon 05 May 2025 06:29:11 +0000
ROA not before: Mon 05 May 2025 06:29:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58057
IP address blocks: 45.131.186.0/24 maxlen: 24
45.136.136.0/24 maxlen: 24
45.136.137.0/24 maxlen: 24
45.136.139.0/24 maxlen: 24
185.102.84.0/24 maxlen: 24
185.232.117.0/24 maxlen: 24
193.33.94.0/23 maxlen: 24
193.163.86.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
2a04:ccc0:ffff::/48 maxlen: 48
2a04:ccc1::/32 maxlen: 48
2a04:ccc3::/32 maxlen: 48
2a04:ccc4::/32 maxlen: 48
2a04:ccc5::/32 maxlen: 48
2a04:ccc6::/32 maxlen: 48
2a04:ccc7::/32 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0c:3b80::/32 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a0c:3b83::/32 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:97c0:260::/44 maxlen: 44
2a0e:97c1:200::/40 maxlen: 48
2a0e:97c3:110::/44 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0e:b107:1165::/48 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:b107:21c0::/45 maxlen: 48
2a0e:b107:2220::/45 maxlen: 48
2a0e:b107:2228::/45 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a10:2f00:193::/48 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a10:cc45:130::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 17:53:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9f:22:5c:5a:5f:a0:00:a3:c7:01:db:b3:91:bf:1c:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 5 06:29:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1abef324c4ba829dc977fdf29d91e4755323e4c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b2:39:e2:ec:51:fa:c0:8d:7e:ad:6c:84:8e:
f8:02:a9:8f:83:c3:95:34:44:4a:14:46:84:f9:46:
63:19:35:be:b4:19:35:d6:2d:d1:90:9b:f0:30:3e:
3d:97:be:4b:d1:61:92:a4:60:55:92:9b:ce:7f:a3:
24:df:ed:75:65:0e:14:e5:a3:b2:24:4c:b1:a9:bb:
39:f7:d6:1d:20:a6:19:e2:05:8e:07:b5:70:5d:76:
34:0c:37:c4:29:5f:6c:5a:72:3d:8d:fc:b1:90:90:
b6:21:34:f4:a4:64:29:17:73:1c:8d:eb:26:39:a8:
9a:e9:03:2c:fb:42:80:2b:b8:b8:3f:e4:72:64:21:
a1:64:1c:13:e0:0c:52:8f:5f:24:ef:6b:6d:e6:47:
bc:04:88:35:63:f5:0e:5f:3c:5c:81:01:b9:57:7f:
c0:f8:5b:51:72:62:08:70:2d:4c:55:6f:e7:94:d3:
8a:93:e5:f2:31:35:6e:93:68:54:a6:78:85:97:1c:
11:b5:44:d8:9c:3b:fa:8d:9b:8f:a8:88:f7:5d:9c:
2f:74:8a:b7:35:43:76:c8:7e:e7:e1:88:b7:cd:ca:
83:2f:b2:fa:07:dc:be:af:d8:a6:a7:b9:f7:cc:28:
8d:90:36:7e:58:88:98:1d:39:64:c3:d5:84:9e:f0:
8c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:BE:F3:24:C4:BA:82:9D:C9:77:FD:F2:9D:91:E4:75:53:23:E4:C7
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Gr7zJMS6gp3Jd_3ynZHkdVMj5Mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.186.0/24
45.136.136.0/23
45.136.139.0/24
185.102.84.0/24
185.232.117.0/24
193.33.94.0/23
193.163.86.0/24
194.50.92.0/24
IPv6:
2a04:ccc0:ffff::-2a04:ccc1:ffff:ffff:ffff:ffff:ffff:ffff
2a04:ccc3::-2a04:ccc7:ffff:ffff:ffff:ffff:ffff:ffff
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:21c0::/45
2a0e:b107:2220::/44
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:2f00:193::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
Signature Algorithm: sha256WithRSAEncryption
5b:b3:56:88:4e:10:81:c7:15:62:96:af:eb:17:6d:bd:03:bf:
7d:95:39:bd:4d:59:68:d7:56:51:00:6a:b0:c3:6e:56:32:d1:
a5:aa:c5:57:04:1f:a2:fe:a9:8f:e8:5c:95:3a:21:c9:ce:be:
2e:7f:f1:fa:b1:bb:3f:a7:fa:86:7d:50:6a:68:60:60:2d:a9:
6e:61:63:41:b8:0d:2d:d4:07:eb:89:73:9e:9f:dc:e4:20:30:
ff:11:3b:a0:0e:3f:fc:b4:31:f8:36:3c:bf:f7:2e:04:be:67:
55:db:f2:7c:db:53:83:23:48:c8:2e:21:63:58:f7:66:08:9d:
ac:eb:bf:b0:63:cc:0a:0f:f1:2e:57:2a:96:e7:c8:ec:e3:79:
f2:fa:9f:6e:70:5e:70:79:32:cb:24:17:5c:41:05:85:26:4b:
8f:7c:05:94:65:16:ea:cd:a9:f7:3a:e9:4c:46:8b:37:77:97:
73:b3:d0:47:3e:97:d7:df:ec:94:93:af:b2:3c:a8:2a:67:0f:
83:0e:0c:ba:33:b5:42:c8:ef:5c:ad:c5:85:c2:91:79:9a:7c:
d0:d3:d6:05:06:c3:e6:68:15:78:8d:27:95:c9:41:d1:f4:9f:
5d:1c:f2:15:ac:e7:60:cb:ed:e8:bb:74:92:9b:1f:0a:fb:4c:
43:35:c2:83
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgISAZafIlxaX6AAo8cB27ORvxwhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwNTA1MDYyOTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWJlZjMyNGM0YmE4MjlkYzk3N2ZkZjI5ZDkxZTQ3NTUzMjNlNGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7I54uxR+sCNfq1shI74AqmPg8OV
NERKFEaE+UZjGTW+tBk11i3RkJvwMD49l75L0WGSpGBVkpvOf6Mk3+11ZQ4U5aOy
JEyxqbs599YdIKYZ4gWOB7VwXXY0DDfEKV9sWnI9jfyxkJC2ITT0pGQpF3Mcjesm
Oaia6QMs+0KAK7i4P+RyZCGhZBwT4AxSj18k72tt5ke8BIg1Y/UOXzxcgQG5V3/A
+FtRcmIIcC1MVW/nlNOKk+XyMTVuk2hUpniFlxwRtUTYnDv6jZuPqIj3XZwvdIq3
NUN2yH7n4Yi3zcqDL7L6B9y+r9imp7n3zCiNkDZ+WIiYHTlkw9WEnvCM3QIDAQAB
o4IDCzCCAwcwHQYDVR0OBBYEFBq+8yTEuoKdyXf98p2R5HVTI+THMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvR3I3ekpNUzZncDNKZF8zeW5aSGtkVk1qNU1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHwYIKwYBBQUHAQcBAf8EggEOMIIBCjA2BAIAATAwAwQA
LYO6AwQBLYiIAwQALYiLAwQAuWZUAwQAueh1AwQBwSFeAwQAwaNWAwQAwjJcMIHP
BAIAAjCByDAQAwcAKgTMwP//AwUBKgTMwDAOAwUAKgTMwwMFAyoEzMADBQMqCQTA
MA4DBQcqDDuAAwUAKgw7hgMHBCoOl8AB0AMHBCoOl8ACYAMGACoOl8ECAwcEKg6X
wwEQAwcEKg6XxAEgAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcDKg6xByHA
AwcEKg6xByIgAwcAKg/kBAECAwcAKhAvAAGNAwcAKhAvAAGPAwcAKhAvAAGTAwcE
KhDMQAJQAwcEKhDMRQEwMA0GCSqGSIb3DQEBCwUAA4IBAQBbs1aIThCBxxVilq/r
F229A799lTm9TVlo11ZRAGqww25WMtGlqsVXBB+i/qmP6FyVOiHJzr4uf/H6sbs/
p/qGfVBqaGBgLaluYWNBuA0t1AfriXOen9zkIDD/ETugDj/8tDH4Njy/9y4EvmdV
2/J821ODI0jILiFjWPdmCJ2s67+wY8wKD/EuVyqW58js43ny+p9ucF5weTLLJBdc
QQWFJkuPfAWUZRbqzan3OulMRos3d5dzs9BHPpfX3+yUk6+yPKgqZw+DDgy6M7VC
yO9crcWFwpF5mnzQ09YFBsPmaBV4jSeVyUHR9J9dHPIVrOdgy+3ou3SSmx8K+0xD
NcKD
-----END CERTIFICATE-----
Generated at Sat May 10 02:18:11 2025 by rpki-client