Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/Sh_GeLya20N_dK8d3s1yA2LRhkU.roa
File: Sh_GeLya20N_dK8d3s1yA2LRhkU.roa (raw, json)
Hash identifier: tnFvDru4A0HVPTkInletR5WNbHusT7yAlJ6n48O4e2k=
Subject key identifier: 4A:1F:C6:78:BC:9A:DB:43:7F:74:AF:1D:DE:CD:72:03:62:D1:86:45
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 01968BA2E4B6CE12EDEDAA31EC6F3B5F81F3
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/Sh_GeLya20N_dK8d3s1yA2LRhkU.roa
Signing time: Thu 01 May 2025 11:37:10 +0000
ROA not before: Thu 01 May 2025 11:37:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5578
IP address blocks: 62.65.160.0/19 maxlen: 19
62.152.224.0/19 maxlen: 19
62.168.64.0/18 maxlen: 18
62.197.192.0/18 maxlen: 18
62.197.222.0/24 maxlen: 24
80.250.240.0/20 maxlen: 20
81.88.128.0/20 maxlen: 20
82.119.224.0/20 maxlen: 20
83.168.128.0/18 maxlen: 18
84.245.64.0/18 maxlen: 18
84.245.94.0/24 maxlen: 24
84.245.97.0/24 maxlen: 24
84.245.126.0/24 maxlen: 24
85.248.0.0/16 maxlen: 16
85.248.234.0/24 maxlen: 24
85.248.235.0/24 maxlen: 24
85.248.240.0/24 maxlen: 24
92.60.56.0/21 maxlen: 21
94.124.144.0/21 maxlen: 21
185.130.220.0/22 maxlen: 22
185.220.120.0/22 maxlen: 22
193.58.192.0/22 maxlen: 22
193.58.196.0/23 maxlen: 23
193.110.186.0/23 maxlen: 23
194.1.172.0/22 maxlen: 22
194.1.224.0/24 maxlen: 24
194.1.225.0/24 maxlen: 24
194.1.226.0/24 maxlen: 24
194.1.227.0/24 maxlen: 24
194.1.228.0/24 maxlen: 24
194.1.229.0/24 maxlen: 24
194.1.230.0/24 maxlen: 24
194.1.231.0/24 maxlen: 24
195.12.128.0/19 maxlen: 19
195.46.64.0/19 maxlen: 19
195.72.0.0/19 maxlen: 19
195.98.0.0/19 maxlen: 19
195.168.0.0/16 maxlen: 16
212.26.160.0/19 maxlen: 19
212.26.176.0/20 maxlen: 20
212.81.0.0/19 maxlen: 19
213.215.64.0/18 maxlen: 18
213.215.72.0/22 maxlen: 22
217.67.16.0/20 maxlen: 20
217.75.64.0/19 maxlen: 19
217.75.82.0/23 maxlen: 23
217.118.96.0/20 maxlen: 20
217.172.144.0/20 maxlen: 20
2001:1ba0::/32 maxlen: 32
2a00:1298::/32 maxlen: 32
2a02:770::/32 maxlen: 32
2a06:dbc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 02:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8b:a2:e4:b6:ce:12:ed:ed:aa:31:ec:6f:3b:5f:81:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: May 1 11:37:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a1fc678bc9adb437f74af1ddecd720362d18645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:85:a7:96:d4:73:76:de:3c:c6:97:73:8f:8d:
24:0a:b7:6a:5a:e3:bf:23:38:a6:0a:c6:82:77:3a:
14:06:71:af:22:b9:72:16:9b:0d:0e:cf:d0:81:6e:
a1:7d:17:df:db:89:c7:2b:12:e7:4e:44:3e:90:b8:
2a:51:7c:6e:e9:a9:7d:0c:f2:2c:d7:58:e1:09:f4:
51:cc:ba:28:1f:4b:0e:5c:a9:2b:2f:18:bf:f8:6f:
d5:2a:14:80:4c:aa:a4:4c:d8:54:e0:64:4a:b1:30:
17:35:51:8a:66:2d:e1:ac:a6:b1:c9:58:40:11:58:
5f:db:ff:4c:1a:21:4b:e9:c6:ca:1d:60:39:ca:51:
be:9f:cb:d8:3e:95:8b:78:85:50:7c:dc:88:97:01:
ee:a3:a9:ee:19:2d:b3:85:5a:84:10:1a:4a:82:53:
18:69:ca:d4:c2:33:b9:12:78:64:c6:d0:dc:93:45:
7f:71:42:5c:fc:2f:41:c2:ff:aa:2d:b9:26:76:f7:
7f:ee:a0:c5:de:4c:e5:74:75:6f:8c:9c:45:c5:b0:
6d:b8:83:fc:4b:db:5f:6c:a3:a4:52:55:6c:6c:02:
a6:c1:b9:a5:f7:cd:bb:b8:0c:17:22:b0:a3:74:90:
fc:45:c4:1d:b9:16:e8:22:4e:1c:64:78:ca:e9:be:
e9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:1F:C6:78:BC:9A:DB:43:7F:74:AF:1D:DE:CD:72:03:62:D1:86:45
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/Sh_GeLya20N_dK8d3s1yA2LRhkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.65.160.0/19
62.152.224.0/19
62.168.64.0/18
62.197.192.0/18
80.250.240.0/20
81.88.128.0/20
82.119.224.0/20
83.168.128.0/18
84.245.64.0/18
85.248.0.0/16
92.60.56.0/21
94.124.144.0/21
185.130.220.0/22
185.220.120.0/22
193.58.192.0-193.58.197.255
193.110.186.0/23
194.1.172.0/22
194.1.224.0/21
195.12.128.0/19
195.46.64.0/19
195.72.0.0/19
195.98.0.0/19
195.168.0.0/16
212.26.160.0/19
212.81.0.0/19
213.215.64.0/18
217.67.16.0/20
217.75.64.0/19
217.118.96.0/20
217.172.144.0/20
IPv6:
2001:1ba0::/32
2a00:1298::/32
2a02:770::/32
2a06:dbc0::/29
Signature Algorithm: sha256WithRSAEncryption
03:a6:f6:dd:78:c5:99:7b:ce:d3:30:ff:31:3c:d6:48:b8:5e:
63:01:7d:02:44:ef:14:3b:cf:d2:d7:8c:3f:15:7f:7f:75:e2:
c2:5c:c2:4e:ec:00:f9:ad:84:47:a9:46:85:95:f4:b5:54:db:
c3:cb:52:43:f3:df:3f:f3:6e:b3:b6:ed:4d:29:29:22:23:cd:
05:29:fa:30:60:a1:9d:12:da:d7:8b:1e:b2:85:51:1b:06:16:
6b:62:d7:60:9f:f3:b7:7f:85:93:af:e9:bd:7c:31:14:c8:ce:
3a:40:ed:f9:b0:15:2f:f0:a7:4d:fc:db:c3:a8:e0:e6:45:83:
b5:bc:a5:cb:36:4f:1b:d6:2e:b4:25:46:80:ab:d5:f5:a5:53:
fb:b8:ab:cf:d8:36:76:75:8c:0f:a4:0f:bb:e7:a2:89:8e:2c:
e5:e7:53:4c:4c:90:09:14:ad:6d:4d:f7:fc:18:08:41:c1:da:
22:40:aa:8a:0b:99:d1:b7:28:02:f2:9f:26:cf:44:c2:f9:53:
66:26:ae:e8:98:4c:82:fd:89:4b:16:84:8d:e1:08:ed:1b:ca:
cb:e4:2a:62:61:72:f1:fd:21:f6:bc:9f:18:2a:a5:c9:65:53:
d8:2d:23:a0:dc:d4:aa:ad:ac:79:50:59:e2:e9:0b:c6:4f:f8:
31:66:a3:17
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAZaLouS2zhLt7aox7G87X4HzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjUwNTAxMTEzNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTFmYzY3OGJjOWFkYjQzN2Y3NGFmMWRkZWNkNzIwMzYyZDE4NjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4WnltRzdt48xpdzj40kCrdqWuO/
IzimCsaCdzoUBnGvIrlyFpsNDs/QgW6hfRff24nHKxLnTkQ+kLgqUXxu6al9DPIs
11jhCfRRzLooH0sOXKkrLxi/+G/VKhSATKqkTNhU4GRKsTAXNVGKZi3hrKaxyVhA
EVhf2/9MGiFL6cbKHWA5ylG+n8vYPpWLeIVQfNyIlwHuo6nuGS2zhVqEEBpKglMY
acrUwjO5EnhkxtDck0V/cUJc/C9Bwv+qLbkmdvd/7qDF3kzldHVvjJxFxbBtuIP8
S9tfbKOkUlVsbAKmwbml9827uAwXIrCjdJD8RcQduRboIk4cZHjK6b7pBQIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFEofxni8mttDf3SvHd7NcgNi0YZFMB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvU2hfR2VMeWEyME5fZEs4ZDNzMXlBMkxSaGtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCBwQQCAAEwgboDBAU+
QaADBAU+mOADBAY+qEADBAY+xcADBARQ+vADBARRWIADBARSd+ADBAZTqIADBAZU
9UADAwBV+AMEA1w8OAMEA158kAMEArmC3AMEArnceDAMAwQGwTrAAwQBwTrEAwQB
wW66AwQCwgGsAwQDwgHgAwQFwwyAAwQFwy5AAwQFw0gAAwQFw2IAAwMAw6gDBAXU
GqADBAXUUQADBAbV10ADBATZQxADBAXZS0ADBATZdmADBATZrJAwIgQCAAIwHAMF
ACABG6ADBQAqABKYAwUAKgIHcAMFAyoG28AwDQYJKoZIhvcNAQELBQADggEBAAOm
9t14xZl7ztMw/zE81ki4XmMBfQJE7xQ7z9LXjD8Vf3914sJcwk7sAPmthEepRoWV
9LVU28PLUkPz3z/zbrO27U0pKSIjzQUp+jBgoZ0S2teLHrKFURsGFmti12Cf87d/
hZOv6b18MRTIzjpA7fmwFS/wp03828Oo4OZFg7W8pcs2TxvWLrQlRoCr1fWlU/u4
q8/YNnZ1jA+kD7vnoomOLOXnU0xMkAkUrW1N9/wYCEHB2iJAqooLmdG3KALynybP
RML5U2YmruiYTIL9iUsWhI3hCO0bysvkKmJhcvH9Ifa8nxgqpcllU9gtI6Dc1Kqt
rHlQWeLpC8ZP+DFmoxc=
-----END CERTIFICATE-----
Generated at Sat May 10 10:14:25 2025 by rpki-client