Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jLTYyTI53YOlKFNjZqRHUsOjkc4.roa
File: jLTYyTI53YOlKFNjZqRHUsOjkc4.roa (raw, json)
Hash identifier: MqLZ4VhdP7qNV18KoB64sNMIvavQE1p9ImN6jAExkag=
Subject key identifier: 8C:B4:D8:C9:32:39:DD:83:A5:28:53:63:66:A4:47:52:C3:A3:91:CE
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01976A12FA10DE7EC4B6D4CD302324C33D5C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jLTYyTI53YOlKFNjZqRHUsOjkc4.roa
Signing time: Fri 13 Jun 2025 16:15:17 +0000
ROA not before: Fri 13 Jun 2025 16:15:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 82.152.57.0/24 maxlen: 24
82.152.58.0/24 maxlen: 24
82.152.73.0/24 maxlen: 24
82.152.75.0/24 maxlen: 24
82.152.76.0/23 maxlen: 24
82.152.79.0/24 maxlen: 24
82.152.86.0/23 maxlen: 24
82.152.88.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.152.226.0/24 maxlen: 24
82.152.240.0/24 maxlen: 24
82.152.243.0/24 maxlen: 24
82.153.38.0/24 maxlen: 24
82.153.56.0/24 maxlen: 24
82.153.61.0/24 maxlen: 24
82.153.83.0/24 maxlen: 24
82.153.84.0/24 maxlen: 24
82.153.152.0/24 maxlen: 24
82.153.186.0/24 maxlen: 24
82.153.201.0/24 maxlen: 24
82.153.239.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.54.0/24 maxlen: 24
89.213.98.0/24 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
89.213.232.0/23 maxlen: 24
89.213.234.0/23 maxlen: 24
89.213.236.0/23 maxlen: 24
109.176.14.0/24 maxlen: 24
109.176.27.0/24 maxlen: 24
109.176.32.0/21 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.56.0/21 maxlen: 24
109.176.201.0/24 maxlen: 24
109.176.235.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.210.41.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6a:12:fa:10:de:7e:c4:b6:d4:cd:30:23:24:c3:3d:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 13 16:15:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8cb4d8c93239dd83a528536366a44752c3a391ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:71:0d:c8:2f:bd:4b:83:e2:ce:34:12:10:2a:
0c:e8:fa:ab:e6:bc:c0:d4:e8:cc:47:37:28:d3:c4:
62:03:20:7a:df:f5:a5:5e:07:97:88:8a:b5:7b:d3:
d8:83:63:3b:81:67:b1:0d:22:d8:bb:c1:e2:53:66:
50:6b:ff:8f:7f:9f:64:f3:1a:b6:47:3f:ef:a8:ee:
dc:9f:59:4d:23:b3:38:12:24:23:56:46:89:2c:fe:
d5:95:d1:05:ae:b8:f2:85:d4:0e:ce:93:1c:4d:5c:
8b:74:3e:ba:bf:8f:36:a6:3d:76:b6:3e:e1:b0:05:
df:d3:07:3c:36:ab:4e:0d:b1:0c:1d:e5:e4:8c:f3:
21:e6:c9:86:46:c4:f3:0a:6d:8d:04:37:8e:55:7d:
8c:5c:d3:e2:4e:a9:ec:49:a9:73:a6:12:f1:08:12:
26:ef:e3:16:b4:92:09:70:8c:2b:2f:46:0e:1e:b7:
54:da:68:df:f2:76:b9:58:60:11:85:e2:1b:62:dc:
3d:41:fa:a5:95:e0:cf:2a:63:5c:55:31:98:7a:4a:
3b:c5:05:25:a2:1b:71:74:a1:2e:11:6a:98:c6:2d:
68:c0:0c:4d:e8:52:dd:7f:f5:a1:ff:c7:01:ad:18:
94:84:e8:0b:d6:df:e2:2a:e9:10:42:a4:f6:e1:de:
bc:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:B4:D8:C9:32:39:DD:83:A5:28:53:63:66:A4:47:52:C3:A3:91:CE
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jLTYyTI53YOlKFNjZqRHUsOjkc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.57.0-82.152.58.255
82.152.73.0/24
82.152.75.0-82.152.77.255
82.152.79.0/24
82.152.86.0-82.152.88.255
82.152.109.0/24
82.152.226.0/24
82.152.240.0/24
82.152.243.0/24
82.153.38.0/24
82.153.56.0/24
82.153.61.0/24
82.153.83.0-82.153.84.255
82.153.152.0/24
82.153.186.0/24
82.153.201.0/24
82.153.239.0/24
89.213.43.0/24
89.213.54.0/24
89.213.98.0/24
89.213.159.0/24
89.213.161.0/24
89.213.232.0-89.213.237.255
109.176.14.0/24
109.176.27.0/24
109.176.32.0/19
109.176.201.0/24
109.176.235.0/24
213.130.130.0/24
213.130.149.0/24
213.210.41.0/24
213.218.214.0/24
213.218.231.0/24
213.218.239.0/24
Signature Algorithm: sha256WithRSAEncryption
69:06:f5:f0:71:81:bf:a4:49:5e:fd:8a:be:49:05:41:a6:a2:
e6:70:d7:0e:06:c0:9b:35:26:70:41:00:4d:8e:14:53:c6:74:
46:dd:fe:ae:1f:d1:2f:4f:f9:ee:57:48:1c:bb:d3:71:05:fc:
46:59:77:c5:59:8f:ae:f7:15:76:de:88:eb:2c:e0:36:dc:82:
12:9f:58:20:03:81:95:14:1d:77:3e:f2:3a:d9:09:9f:ce:e6:
6e:93:a0:8a:04:f6:b2:03:96:00:0e:ee:1a:7d:52:81:2a:b3:
2a:67:cf:86:2e:a6:fd:e2:93:63:15:d6:c4:e6:99:60:49:b2:
33:45:67:f2:93:2f:2f:2f:ea:ff:96:ff:ac:ff:b2:f3:96:a9:
82:10:49:e3:bc:89:2b:c6:b1:92:ec:90:62:93:55:26:c5:23:
c0:8a:83:45:f1:ae:96:69:87:61:4c:f6:0e:d0:b7:cc:13:1f:
00:46:49:47:25:57:30:fb:c3:76:9a:87:21:cd:d9:d9:b8:11:
7b:af:ea:5d:bc:6d:17:45:5b:f8:39:1a:7e:0e:54:41:21:23:
5d:15:1d:ad:17:a7:34:1b:45:b4:95:63:2f:4d:64:91:a6:1a:
08:7f:50:e5:db:d0:69:6c:37:ef:05:2d:64:79:ee:e3:a7:6b:
b3:b7:3e:79
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgISAZdqEvoQ3n7EttTNMCMkwz1cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNjEzMTYxNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2I0ZDhjOTMyMzlkZDgzYTUyODUzNjM2NmE0NDc1MmMzYTM5MWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHENyC+9S4PizjQSECoM6Pqr5rzA
1OjMRzco08RiAyB63/WlXgeXiIq1e9PYg2M7gWexDSLYu8HiU2ZQa/+Pf59k8xq2
Rz/vqO7cn1lNI7M4EiQjVkaJLP7VldEFrrjyhdQOzpMcTVyLdD66v482pj12tj7h
sAXf0wc8NqtODbEMHeXkjPMh5smGRsTzCm2NBDeOVX2MXNPiTqnsSalzphLxCBIm
7+MWtJIJcIwrL0YOHrdU2mjf8na5WGARheIbYtw9QfqlleDPKmNcVTGYeko7xQUl
ohtxdKEuEWqYxi1owAxN6FLdf/Wh/8cBrRiUhOgL1t/iKukQQqT24d68bQIDAQAB
o4IC/jCCAvowHQYDVR0OBBYEFIy02MkyOd2DpShTY2akR1LDo5HOMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvakxUWXlUSTUzWU9sS0ZOalpxUkhVc09qa2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEgYIKwYBBQUHAQcBAf8EggEBMIH+MIH7BAIAATCB9DAM
AwQAUpg5AwQAUpg6AwQAUphJMAwDBABSmEsDBAFSmEwDBABSmE8wDAMEAVKYVgME
AFKYWAMEAFKYbQMEAFKY4gMEAFKY8AMEAFKY8wMEAFKZJgMEAFKZOAMEAFKZPTAM
AwQAUplTAwQAUplUAwQAUpmYAwQAUpm6AwQAUpnJAwQAUpnvAwQAWdUrAwQAWdU2
AwQAWdViAwQAWdWfAwQAWdWhMAwDBANZ1egDBAFZ1ewDBABtsA4DBABtsBsDBAVt
sCADBABtsMkDBABtsOsDBADVgoIDBADVgpUDBADV0ikDBADV2tYDBADV2ucDBADV
2u8wDQYJKoZIhvcNAQELBQADggEBAGkG9fBxgb+kSV79ir5JBUGmouZw1w4GwJs1
JnBBAE2OFFPGdEbd/q4f0S9P+e5XSBy703EF/EZZd8VZj673FXbeiOss4DbcghKf
WCADgZUUHXc+8jrZCZ/O5m6ToIoE9rIDlgAO7hp9UoEqsypnz4Yupv3ik2MV1sTm
mWBJsjNFZ/KTLy8v6v+W/6z/svOWqYIQSeO8iSvGsZLskGKTVSbFI8CKg0XxrpZp
h2FM9g7Qt8wTHwBGSUclVzD7w3aahyHN2dm4EXuv6l28bRdFW/g5Gn4OVEEhI10V
Ha0XpzQbRbSVYy9NZJGmGgh/UOXb0GlsN+8FLWR57uOna7O3Pnk=
-----END CERTIFICATE-----
Generated at Sun Jun 29 01:46:09 2025 by rpki-client