Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/JWUtJ2f_fqaelId9wo2GjVb6i3I.roa
File: JWUtJ2f_fqaelId9wo2GjVb6i3I.roa (raw, json)
Hash identifier: eOAzBZvj9W7ivZAmw2Ur7lTZT2YCVmDQnUXI070cbl8=
Subject key identifier: 25:65:2D:27:67:FF:7E:A6:9E:94:87:7D:C2:8D:86:8D:56:FA:8B:72
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 0196587EDA9E6DC68BD97CFBEDD775CB3451
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/JWUtJ2f_fqaelId9wo2GjVb6i3I.roa
Signing time: Mon 21 Apr 2025 13:17:10 +0000
ROA not before: Mon 21 Apr 2025 13:17:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21341
IP address blocks: 62.220.96.0/21 maxlen: 24
62.220.104.0/21 maxlen: 24
62.220.120.0/22 maxlen: 22
62.220.124.0/23 maxlen: 23
81.12.8.0/22 maxlen: 22
81.12.12.0/22 maxlen: 22
81.12.16.0/21 maxlen: 21
81.12.48.0/22 maxlen: 24
81.12.58.0/24 maxlen: 24
81.12.59.0/24 maxlen: 24
87.107.0.0/21 maxlen: 24
87.107.24.0/22 maxlen: 22
87.107.34.0/23 maxlen: 23
87.107.40.0/24 maxlen: 24
87.107.41.0/24 maxlen: 24
87.107.42.0/23 maxlen: 23
87.107.50.0/23 maxlen: 24
87.107.51.0/24 maxlen: 24
87.107.52.0/23 maxlen: 23
87.107.68.0/22 maxlen: 24
87.107.88.0/22 maxlen: 22
87.107.96.0/22 maxlen: 24
87.107.106.0/23 maxlen: 24
87.107.112.0/22 maxlen: 24
87.107.116.0/23 maxlen: 23
87.107.120.0/21 maxlen: 24
87.107.128.0/22 maxlen: 22
87.107.132.0/22 maxlen: 23
87.107.132.0/23 maxlen: 24
87.107.160.0/22 maxlen: 24
87.107.168.0/22 maxlen: 24
87.107.173.0/24 maxlen: 24
87.107.188.0/23 maxlen: 24
87.107.192.0/19 maxlen: 24
87.107.206.0/24 maxlen: 24
87.107.226.0/23 maxlen: 24
87.107.226.0/24 maxlen: 24
87.107.232.0/24 maxlen: 24
185.60.136.0/24 maxlen: 24
185.60.137.0/24 maxlen: 24
185.60.138.0/24 maxlen: 24
185.60.139.0/24 maxlen: 24
2a00:1198::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:58:7e:da:9e:6d:c6:8b:d9:7c:fb:ed:d7:75:cb:34:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Apr 21 13:17:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25652d2767ff7ea69e94877dc28d868d56fa8b72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b2:b3:c7:db:95:d2:d3:91:35:fb:3e:5f:f7:
6d:dc:9a:fc:82:32:e3:5d:e6:bf:e2:d3:54:cc:7b:
ff:cd:e5:7d:34:6e:0f:42:ee:c2:92:17:2b:e4:a7:
28:0c:45:5e:a2:70:aa:44:5d:00:6b:60:7b:4d:88:
24:e1:99:28:49:45:c2:c9:b0:fa:6c:31:f1:e3:79:
74:b8:b4:0c:d4:a1:cc:2a:88:0e:f5:40:1b:e9:d8:
d1:96:d4:04:29:5e:4d:72:48:64:47:5e:43:db:7e:
10:68:3f:1f:9f:a4:86:ca:11:b0:42:10:a8:a5:a4:
e9:41:6d:5d:83:b2:b5:60:92:72:fd:4f:27:e1:6a:
1e:cd:03:df:18:47:e7:18:e4:91:ef:fd:98:bd:20:
32:00:aa:50:df:93:31:71:7e:bf:d5:1f:6a:05:56:
a0:1a:9e:e9:49:87:be:0b:af:3d:e2:72:8a:2b:a8:
70:04:8f:ea:58:0b:08:b6:1b:ad:aa:06:20:16:dc:
82:b3:b5:90:f9:9c:cb:57:af:ba:38:60:88:b4:69:
d1:23:f6:43:03:be:63:40:0e:35:92:5d:e0:a7:5c:
f6:ca:bf:aa:85:9a:6f:5f:16:4c:ac:b6:1f:5f:a9:
6b:61:c7:c9:ca:c0:3e:68:46:8f:74:9c:e0:b4:60:
a4:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:65:2D:27:67:FF:7E:A6:9E:94:87:7D:C2:8D:86:8D:56:FA:8B:72
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/JWUtJ2f_fqaelId9wo2GjVb6i3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.96.0/20
62.220.120.0-62.220.125.255
81.12.8.0-81.12.23.255
81.12.48.0/22
81.12.58.0/23
87.107.0.0/21
87.107.24.0/22
87.107.34.0/23
87.107.40.0/22
87.107.50.0-87.107.53.255
87.107.68.0/22
87.107.88.0/22
87.107.96.0/22
87.107.106.0/23
87.107.112.0-87.107.117.255
87.107.120.0-87.107.135.255
87.107.160.0/22
87.107.168.0/22
87.107.173.0/24
87.107.188.0/23
87.107.192.0/19
87.107.226.0/23
87.107.232.0/24
185.60.136.0/22
IPv6:
2a00:1198::/32
Signature Algorithm: sha256WithRSAEncryption
6e:51:cb:1a:13:3a:9d:0e:00:42:fc:93:21:d3:f1:25:2a:8e:
4f:e2:02:d3:c6:8d:a7:32:06:c9:da:2c:d4:71:42:16:6c:5d:
b0:d3:d5:17:f6:18:44:3c:ed:86:6a:d1:c4:38:35:61:09:7c:
0a:f1:49:9b:f5:0d:2f:c2:0c:f7:0a:83:3b:8f:f3:82:39:8f:
bb:c6:2c:5c:d6:f3:d3:91:77:dc:4a:71:59:9b:a4:93:3f:bd:
51:0a:52:35:d8:01:cd:b8:03:0d:84:55:2b:ee:a0:0a:b3:24:
b4:ab:84:be:fe:4f:73:03:d7:51:c5:48:7f:35:ed:e5:6e:b0:
1b:98:8c:81:18:15:08:cc:1a:f1:3d:c0:4d:b4:b3:7f:54:78:
b5:6a:7d:84:40:ec:54:3e:48:d2:9e:ec:e0:da:7d:d2:8d:45:
c2:5a:71:17:94:9d:9b:59:b7:94:10:ef:67:05:5c:1d:dd:35:
53:a7:7d:b3:72:4f:69:78:28:11:bb:f9:3a:76:8b:ec:b3:11:
8c:d9:8e:f2:7d:5b:5c:b0:47:39:c8:02:6a:45:a5:bd:6d:fd:
c2:59:59:e7:56:00:29:d6:fe:c4:65:77:3b:c3:1f:0d:b1:03:
2f:96:03:98:05:41:0f:fd:5f:09:d2:c4:cf:40:71:c3:ee:76:
db:3d:4a:a3
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgISAZZYftqebcaL2Xz77dd1yzRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjUwNDIxMTMxNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTY1MmQyNzY3ZmY3ZWE2OWU5NDg3N2RjMjhkODY4ZDU2ZmE4YjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbKzx9uV0tORNfs+X/dt3Jr8gjLj
Xea/4tNUzHv/zeV9NG4PQu7Ckhcr5KcoDEVeonCqRF0Aa2B7TYgk4ZkoSUXCybD6
bDHx43l0uLQM1KHMKogO9UAb6djRltQEKV5NckhkR15D234QaD8fn6SGyhGwQhCo
paTpQW1dg7K1YJJy/U8n4WoezQPfGEfnGOSR7/2YvSAyAKpQ35MxcX6/1R9qBVag
Gp7pSYe+C6894nKKK6hwBI/qWAsIthutqgYgFtyCs7WQ+ZzLV6+6OGCItGnRI/ZD
A75jQA41kl3gp1z2yr+qhZpvXxZMrLYfX6lrYcfJysA+aEaPdJzgtGCkxQIDAQAB
o4ICzzCCAsswHQYDVR0OBBYEFCVlLSdn/36mnpSHfcKNho1W+otyMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvSldVdEoyZl9mcWFlbElkOXdvMkdqVmI2aTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHkBggrBgEFBQcBBwEB/wSB1DCB0TCBvwQCAAEwgbgDBAQ+
3GAwDAMEAz7ceAMEAT7cfDAMAwQDUQwIAwQDUQwQAwQCUQwwAwQBUQw6AwQDV2sA
AwQCV2sYAwQBV2siAwQCV2soMAwDBAFXazIDBAFXazQDBAJXa0QDBAJXa1gDBAJX
a2ADBAFXa2owDAMEBFdrcAMEAVdrdDAMAwQDV2t4AwQDV2uAAwQCV2ugAwQCV2uo
AwQAV2utAwQBV2u8AwQFV2vAAwQBV2viAwQAV2voAwQCuTyIMA0EAgACMAcDBQAq
ABGYMA0GCSqGSIb3DQEBCwUAA4IBAQBuUcsaEzqdDgBC/JMh0/ElKo5P4gLTxo2n
MgbJ2izUcUIWbF2w09UX9hhEPO2GatHEODVhCXwK8Umb9Q0vwgz3CoM7j/OCOY+7
xixc1vPTkXfcSnFZm6STP71RClI12AHNuAMNhFUr7qAKsyS0q4S+/k9zA9dRxUh/
Ne3lbrAbmIyBGBUIzBrxPcBNtLN/VHi1an2EQOxUPkjSnuzg2n3SjUXCWnEXlJ2b
WbeUEO9nBVwd3TVTp32zck9peCgRu/k6dovssxGM2Y7yfVtcsEc5yAJqRaW9bf3C
WVnnVgAp1v7EZXc7wx8NsQMvlgOYBUEP/V8J0sTPQHHD7nbbPUqj
-----END CERTIFICATE-----
Generated at Tue May 6 07:07:13 2025 by rpki-client