Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/JoOIhSAqKdpIXX40gcKLusWeNyE.roa
File: JoOIhSAqKdpIXX40gcKLusWeNyE.roa (raw, json)
Hash identifier: XGkJT13q1QJrNBJYi9R9LyTuLa34GhQ10YEFypzjsJU=
Subject key identifier: 26:83:88:85:20:2A:29:DA:48:5D:7E:34:81:C2:8B:BA:C5:9E:37:21
Certificate issuer: /CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Certificate serial: 0196A4D500EDF2BEE6D41FA1D0CA212FE54B
Authority key identifier: D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/JoOIhSAqKdpIXX40gcKLusWeNyE.roa
Signing time: Tue 06 May 2025 09:02:24 +0000
ROA not before: Tue 06 May 2025 09:02:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49544
IP address blocks: 5.180.216.0/23 maxlen: 23
5.180.218.0/23 maxlen: 23
5.200.0.0/19 maxlen: 24
31.204.128.0/19 maxlen: 24
31.204.132.0/22 maxlen: 22
31.204.136.0/23 maxlen: 23
31.204.140.0/22 maxlen: 22
31.204.144.0/24 maxlen: 24
89.104.168.0/23 maxlen: 23
89.104.170.0/23 maxlen: 23
89.104.172.0/22 maxlen: 22
91.195.234.0/23 maxlen: 23
91.198.152.0/24 maxlen: 24
91.216.207.0/24 maxlen: 24
104.153.84.0/22 maxlen: 22
109.200.192.0/19 maxlen: 24
109.200.194.0/23 maxlen: 23
109.200.208.0/22 maxlen: 22
138.128.136.0/22 maxlen: 22
138.128.140.0/22 maxlen: 22
146.247.76.0/22 maxlen: 22
162.244.52.0/22 maxlen: 23
162.245.204.0/22 maxlen: 22
185.41.140.0/22 maxlen: 22
185.50.104.0/22 maxlen: 22
185.52.12.0/22 maxlen: 24
185.179.200.0/23 maxlen: 24
185.179.202.0/23 maxlen: 24
185.197.24.0/22 maxlen: 23
188.122.64.0/19 maxlen: 24
193.43.218.0/23 maxlen: 23
212.19.224.0/22 maxlen: 22
213.163.64.0/19 maxlen: 24
213.179.192.0/19 maxlen: 19
213.179.192.0/22 maxlen: 22
213.179.196.0/22 maxlen: 22
213.179.200.0/22 maxlen: 22
213.179.204.0/22 maxlen: 22
213.179.209.0/24 maxlen: 24
213.179.210.0/23 maxlen: 23
213.179.212.0/22 maxlen: 22
213.179.216.0/22 maxlen: 22
213.179.220.0/23 maxlen: 23
2a00:1630::/29 maxlen: 32
2a00:1630::/32 maxlen: 48
2a00:1631::/32 maxlen: 32
2a00:1632::/32 maxlen: 32
2a00:1637::/32 maxlen: 32
2a00:1d20::/29 maxlen: 32
2a00:1d20::/34 maxlen: 34
2a00:1d20:4000::/34 maxlen: 34
2a00:1d26::/32 maxlen: 34
2a01:9580::/32 maxlen: 34
2a01:9580:c000::/34 maxlen: 34
2a04:c600::/29 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.mft
rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 15 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a4:d5:00:ed:f2:be:e6:d4:1f:a1:d0:ca:21:2f:e5:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Validity
Not Before: May 6 09:02:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=26838885202a29da485d7e3481c28bbac59e3721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4d:50:7d:92:81:20:b6:37:ac:fb:eb:1c:55:
e4:5c:fe:a9:a0:7b:c7:27:51:80:11:c8:fd:b9:75:
61:e6:cc:6d:d3:35:a4:9d:90:6d:48:83:1d:74:fb:
8f:14:00:c5:a0:6a:7b:e9:ca:dc:bd:da:12:45:7c:
22:af:3f:3a:be:c4:e7:16:aa:38:5e:95:5a:96:61:
9f:63:dd:fe:5e:e2:bc:20:14:2b:9a:d5:b7:59:64:
c2:75:3c:9a:a9:4f:d2:02:3f:d5:84:4e:fd:78:20:
f2:f0:7b:d2:45:5e:7b:b6:34:61:0b:e6:c5:7d:8d:
55:a7:f7:79:48:37:04:ea:f3:dd:04:0f:4c:f9:9b:
32:a8:37:11:5f:11:9a:6c:0d:a8:da:04:24:09:d2:
ce:d1:f9:7d:cb:72:3f:98:36:dd:e7:bb:11:94:1a:
a0:a7:ad:bc:ee:f8:f2:f8:1d:b8:ca:d0:d2:6a:7f:
a2:1c:26:87:15:0d:8e:65:eb:74:47:72:6b:13:22:
eb:c4:b5:08:ed:aa:cb:4b:39:da:5c:2b:b4:0c:11:
23:f4:66:93:69:17:48:21:e3:c9:e4:46:14:8e:b8:
b0:f1:a1:4b:90:f9:91:4c:75:3c:e5:e6:9e:3e:57:
82:23:4b:3d:06:e7:a6:90:bf:26:05:92:0c:19:53:
39:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:83:88:85:20:2A:29:DA:48:5D:7E:34:81:C2:8B:BA:C5:9E:37:21
X509v3 Authority Key Identifier:
keyid:D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/JoOIhSAqKdpIXX40gcKLusWeNyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.216.0/22
5.200.0.0/19
31.204.128.0/19
89.104.168.0/21
91.195.234.0/23
91.198.152.0/24
91.216.207.0/24
104.153.84.0/22
109.200.192.0/19
138.128.136.0/21
146.247.76.0/22
162.244.52.0/22
162.245.204.0/22
185.41.140.0/22
185.50.104.0/22
185.52.12.0/22
185.179.200.0/22
185.197.24.0/22
188.122.64.0/19
193.43.218.0/23
212.19.224.0/22
213.163.64.0/19
213.179.192.0/19
IPv6:
2a00:1630::/29
2a00:1d20::/29
2a01:9580::/32
2a04:c600::/29
Signature Algorithm: sha256WithRSAEncryption
0d:f1:d0:68:e0:79:c5:75:b2:7b:9f:6e:35:d9:6a:4e:be:be:
6f:34:18:7e:31:5a:98:30:bf:be:a0:b4:6d:bd:42:ef:34:a9:
57:7a:41:4c:5c:81:4a:70:77:06:80:a1:47:71:8b:bc:93:b4:
a2:35:43:f9:e6:bf:d6:74:0c:96:0a:7e:e5:5b:93:04:94:f8:
80:06:3f:5b:f0:cf:8a:9f:45:f4:9a:86:50:e5:f4:f3:fa:cf:
10:4c:bb:52:15:0e:92:7c:b9:a8:8a:ef:27:01:c6:3b:85:bf:
af:f2:59:8a:61:c1:12:fe:d4:8b:4b:b0:c2:27:d1:67:96:6b:
db:ce:8d:00:6d:be:45:ae:9e:29:16:e8:eb:8f:f9:7e:b2:64:
a4:ec:71:34:5c:54:2e:a1:89:c5:17:b4:09:b4:fd:5a:0e:7f:
19:0b:e8:da:37:1f:ef:02:9f:19:fd:52:26:cd:2d:6c:42:22:
1f:95:f1:e9:59:83:b7:db:79:e1:06:78:b2:b8:ae:80:2e:95:
28:23:04:16:e4:a6:eb:14:c0:93:b8:4e:0b:b4:4b:f0:a3:0c:
7c:63:4e:a3:ac:97:0e:e8:bb:1f:51:ca:ec:64:aa:d6:ef:50:
9b:49:65:23:b9:01:3e:37:27:62:37:f4:d4:97:19:28:69:12:
a6:3c:b5:5e
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZak1QDt8r7m1B+h0MohL+VLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTcwM2RiMzAyMGNjMWVmMmZkNzEwOTFhNDY4ZjRhNjQ5
YzIzOGYwHhcNMjUwNTA2MDkwMjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjgzODg4NTIwMmEyOWRhNDg1ZDdlMzQ4MWMyOGJiYWM1OWUzNzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt01QfZKBILY3rPvrHFXkXP6poHvH
J1GAEcj9uXVh5sxt0zWknZBtSIMddPuPFADFoGp76crcvdoSRXwirz86vsTnFqo4
XpValmGfY93+XuK8IBQrmtW3WWTCdTyaqU/SAj/VhE79eCDy8HvSRV57tjRhC+bF
fY1Vp/d5SDcE6vPdBA9M+ZsyqDcRXxGabA2o2gQkCdLO0fl9y3I/mDbd57sRlBqg
p6287vjy+B24ytDSan+iHCaHFQ2OZet0R3JrEyLrxLUI7arLSznaXCu0DBEj9GaT
aRdIIePJ5EYUjriw8aFLkPmRTHU85eaePleCI0s9BuemkL8mBZIMGVM5EwIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFCaDiIUgKinaSF1+NIHCi7rFnjchMB8GA1UdIwQY
MBaAFNQXA9swIMwe8v1xCRpGj0pknCOPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYt
NDhkMzFjNzVmMzFlLzEvSm9PSWhTQXFLZHBJWFg0MGdjS0x1c1dlTnlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYtNDhkMzFjNzVmMzFl
LzEvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBkQQCAAEwgYoDBAIF
tNgDBAUFyAADBAUfzIADBANZaKgDBAFbw+oDBABbxpgDBABb2M8DBAJomVQDBAVt
yMADBAOKgIgDBAKS90wDBAKi9DQDBAKi9cwDBAK5KYwDBAK5MmgDBAK5NAwDBAK5
s8gDBAK5xRgDBAW8ekADBAHBK9oDBALUE+ADBAXVo0ADBAXVs8AwIgQCAAIwHAMF
AyoAFjADBQMqAB0gAwUAKgGVgAMFAyoExgAwDQYJKoZIhvcNAQELBQADggEBAA3x
0GjgecV1snufbjXZak6+vm80GH4xWpgwv76gtG29Qu80qVd6QUxcgUpwdwaAoUdx
i7yTtKI1Q/nmv9Z0DJYKfuVbkwSU+IAGP1vwz4qfRfSahlDl9PP6zxBMu1IVDpJ8
uaiK7ycBxjuFv6/yWYphwRL+1ItLsMIn0WeWa9vOjQBtvkWunikW6OuP+X6yZKTs
cTRcVC6hicUXtAm0/VoOfxkL6No3H+8Cnxn9UibNLWxCIh+V8elZg7fbeeEGeLK4
roAulSgjBBbkpusUwJO4Tgu0S/CjDHxjTqOslw7oux9RyuxkqtbvUJtJZSO5AT43
J2I39NSXGShpEqY8tV4=
-----END CERTIFICATE-----
Generated at Thu May 15 06:58:29 2025 by rpki-client