Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/e792b0-0f79-4fa2-a5cb-94dbf3fd0e2d/1/yZFI1jyAbYGjSENB6hUDCl2gHYc.roa
File: yZFI1jyAbYGjSENB6hUDCl2gHYc.roa (raw, json)
Hash identifier: o5YM8CJqE4i9ckicmaW3HRH+ncpAlffTwVokUmcC09w=
Subject key identifier: C9:91:48:D6:3C:80:6D:81:A3:48:43:41:EA:15:03:0A:5D:A0:1D:87
Certificate issuer: /CN=0a4a861d7c14b4ca5e6d1c7d60aaeeb32ea8ef61
Certificate serial: 01967DBB527081EB5B973B3353198C227AFD
Authority key identifier: 0A:4A:86:1D:7C:14:B4:CA:5E:6D:1C:7D:60:AA:EE:B3:2E:A8:EF:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkqGHXwUtMpebRx9YKrusy6o72E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/e792b0-0f79-4fa2-a5cb-94dbf3fd0e2d/1/yZFI1jyAbYGjSENB6hUDCl2gHYc.roa
Signing time: Mon 28 Apr 2025 18:49:10 +0000
ROA not before: Mon 28 Apr 2025 18:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12540
IP address blocks: 212.64.160.0/19 maxlen: 19
212.64.160.0/24 maxlen: 24
212.64.161.0/24 maxlen: 24
212.64.162.0/24 maxlen: 24
212.64.164.0/24 maxlen: 24
212.64.165.0/24 maxlen: 24
212.64.168.0/24 maxlen: 24
212.64.170.0/24 maxlen: 24
212.64.172.0/24 maxlen: 24
212.64.173.0/24 maxlen: 24
212.64.174.0/24 maxlen: 24
212.64.175.0/24 maxlen: 24
212.64.176.0/24 maxlen: 24
212.64.177.0/24 maxlen: 24
212.64.178.0/24 maxlen: 24
212.64.179.0/24 maxlen: 24
212.64.180.0/24 maxlen: 24
212.64.184.0/24 maxlen: 24
212.64.186.0/24 maxlen: 24
2a0d:fc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/e792b0-0f79-4fa2-a5cb-94dbf3fd0e2d/1/CkqGHXwUtMpebRx9YKrusy6o72E.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/e792b0-0f79-4fa2-a5cb-94dbf3fd0e2d/1/CkqGHXwUtMpebRx9YKrusy6o72E.mft
rsync://rpki.ripe.net/repository/DEFAULT/CkqGHXwUtMpebRx9YKrusy6o72E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7d:bb:52:70:81:eb:5b:97:3b:33:53:19:8c:22:7a:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a4a861d7c14b4ca5e6d1c7d60aaeeb32ea8ef61
Validity
Not Before: Apr 28 18:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c99148d63c806d81a3484341ea15030a5da01d87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:13:78:8c:9d:66:dd:c5:c5:9b:8f:72:0f:fa:
45:4c:62:71:7b:77:61:80:55:03:42:09:1b:e5:78:
c4:36:9c:fc:f4:a2:29:10:c0:9b:fa:cc:23:27:2e:
57:98:fa:73:66:31:60:f1:85:70:d1:b5:3b:ac:37:
ef:77:4e:08:30:76:08:d5:ed:c0:79:e8:60:36:15:
a8:63:3a:ae:9f:ca:b9:02:6d:d8:f1:7f:7a:fa:62:
ca:69:12:60:ac:34:73:54:2c:8b:ea:99:ab:34:4d:
67:9e:a2:c2:cb:30:bd:b4:16:63:1c:e5:6c:63:94:
03:a4:9c:22:ff:7e:0c:69:15:3f:f7:dc:d2:1e:35:
ba:68:c4:6b:78:e6:e5:ce:52:f3:3b:56:0f:8e:4b:
1b:9c:6c:dd:4a:98:7c:b7:f0:c9:29:3e:4e:65:26:
3c:36:4a:96:53:5e:a3:2d:c4:67:62:dd:42:01:8f:
fb:47:8a:14:eb:c7:92:34:f5:63:e4:e9:0d:14:38:
5b:6d:b7:71:d8:d3:8f:b0:6f:3e:f0:6d:76:30:ad:
6f:40:c4:74:44:be:16:71:29:12:b3:ec:e1:2c:30:
c7:a2:a3:98:09:a3:1e:14:67:fd:61:5a:b9:21:4e:
18:1b:e0:5c:98:fc:d7:a6:05:63:1c:e6:8a:84:ff:
cf:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:91:48:D6:3C:80:6D:81:A3:48:43:41:EA:15:03:0A:5D:A0:1D:87
X509v3 Authority Key Identifier:
keyid:0A:4A:86:1D:7C:14:B4:CA:5E:6D:1C:7D:60:AA:EE:B3:2E:A8:EF:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkqGHXwUtMpebRx9YKrusy6o72E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/e792b0-0f79-4fa2-a5cb-94dbf3fd0e2d/1/yZFI1jyAbYGjSENB6hUDCl2gHYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/e792b0-0f79-4fa2-a5cb-94dbf3fd0e2d/1/CkqGHXwUtMpebRx9YKrusy6o72E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.64.160.0/19
IPv6:
2a0d:fc0::/29
Signature Algorithm: sha256WithRSAEncryption
37:f9:3b:4a:35:d1:c9:75:7b:25:54:70:7c:70:f1:95:4d:2d:
8e:db:22:fe:89:99:20:14:c0:ba:3b:1f:1c:51:4d:b6:a7:84:
f5:e2:e0:cf:60:39:23:08:3b:ac:fa:5a:a5:90:8d:db:87:8f:
41:72:3c:32:52:c5:f9:46:da:46:ad:f7:99:91:29:ab:ac:4e:
93:45:61:3f:32:ad:a0:90:6a:71:12:76:d8:6e:72:dd:c1:78:
a7:22:35:0e:1f:a7:c8:99:e5:c3:36:5b:e3:ee:a8:95:30:6c:
f9:07:c7:de:62:3e:b0:f5:8b:3a:01:34:b5:41:1b:90:bf:aa:
eb:df:93:74:24:85:1e:d7:98:cf:3f:d4:ab:96:ba:8e:35:fd:
ea:16:cd:15:4b:fb:49:e5:a8:f1:56:68:64:f1:1b:ed:4a:1c:
81:c9:0b:49:00:20:93:19:8b:dd:a7:69:9b:6c:e9:00:1b:5d:
a5:45:d7:47:55:c2:5e:ad:40:df:a2:1a:59:b4:65:50:f9:b1:
90:1e:7a:72:77:4b:a0:38:fb:2c:69:93:6f:c4:66:3b:dd:cf:
df:8e:50:6e:a0:f0:8a:f1:ec:23:e8:54:9a:c6:8e:5a:75:28:
0a:a1:49:36:be:02:06:73:b0:94:30:e1:2b:b8:5a:d2:39:3c:
30:0c:9b:68
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZZ9u1JwgetblzszUxmMInr9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNGE4NjFkN2MxNGI0Y2E1ZTZkMWM3ZDYwYWFlZWIzMmVh
OGVmNjEwHhcNMjUwNDI4MTg0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTkxNDhkNjNjODA2ZDgxYTM0ODQzNDFlYTE1MDMwYTVkYTAxZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRN4jJ1m3cXFm49yD/pFTGJxe3dh
gFUDQgkb5XjENpz89KIpEMCb+swjJy5XmPpzZjFg8YVw0bU7rDfvd04IMHYI1e3A
eehgNhWoYzqun8q5Am3Y8X96+mLKaRJgrDRzVCyL6pmrNE1nnqLCyzC9tBZjHOVs
Y5QDpJwi/34MaRU/99zSHjW6aMRreOblzlLzO1YPjksbnGzdSph8t/DJKT5OZSY8
NkqWU16jLcRnYt1CAY/7R4oU68eSNPVj5OkNFDhbbbdx2NOPsG8+8G12MK1vQMR0
RL4WcSkSs+zhLDDHoqOYCaMeFGf9YVq5IU4YG+BcmPzXpgVjHOaKhP/PkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMmRSNY8gG2Bo0hDQeoVAwpdoB2HMB8GA1UdIwQY
MBaAFApKhh18FLTKXm0cfWCq7rMuqO9hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2txR0hYd1V0TXBlYlJ4OVlLcnVzeTZvNzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9lNzkyYjAtMGY3OS00ZmEyLWE1Y2It
OTRkYmYzZmQwZTJkLzEveVpGSTFqeUFiWUdqU0VOQjZoVURDbDJnSFljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9lNzkyYjAtMGY3OS00ZmEyLWE1Y2ItOTRkYmYzZmQwZTJk
LzEvQ2txR0hYd1V0TXBlYlJ4OVlLcnVzeTZvNzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1ECgMA0E
AgACMAcDBQMqDQ/AMA0GCSqGSIb3DQEBCwUAA4IBAQA3+TtKNdHJdXslVHB8cPGV
TS2O2yL+iZkgFMC6Ox8cUU22p4T14uDPYDkjCDus+lqlkI3bh49BcjwyUsX5RtpG
rfeZkSmrrE6TRWE/Mq2gkGpxEnbYbnLdwXinIjUOH6fImeXDNlvj7qiVMGz5B8fe
Yj6w9Ys6ATS1QRuQv6rr35N0JIUe15jPP9SrlrqONf3qFs0VS/tJ5ajxVmhk8Rvt
ShyByQtJACCTGYvdp2mbbOkAG12lRddHVcJerUDfohpZtGVQ+bGQHnpyd0ugOPss
aZNvxGY73c/fjlBuoPCK8ewj6FSaxo5adSgKoUk2vgIGc7CUMOEruFrSOTwwDJto
-----END CERTIFICATE-----
Generated at Sat May 10 03:53:53 2025 by rpki-client