Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/76aee1-e220-4e22-9cb5-8fe3a0f61437/1/gDn1RHCMxQyNW_pGfUDeAoFsteY.roa
File: gDn1RHCMxQyNW_pGfUDeAoFsteY.roa (raw, json)
Hash identifier: aOveJJ3ah1WLjPcvfI87OOrTavXERjpgS9XWi0GEgq4=
Subject key identifier: 80:39:F5:44:70:8C:C5:0C:8D:5B:FA:46:7D:40:DE:02:81:6C:B5:E6
Certificate issuer: /CN=dde36e98021264f5a8070106780be29d48a16c67
Certificate serial: 01963366D6E2367DF6988EDCAB0010632FB6
Authority key identifier: DD:E3:6E:98:02:12:64:F5:A8:07:01:06:78:0B:E2:9D:48:A1:6C:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3eNumAISZPWoBwEGeAvinUihbGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/76aee1-e220-4e22-9cb5-8fe3a0f61437/1/gDn1RHCMxQyNW_pGfUDeAoFsteY.roa
Signing time: Mon 14 Apr 2025 08:24:59 +0000
ROA not before: Mon 14 Apr 2025 08:24:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200484
IP address blocks: 1.179.120.0/21 maxlen: 24
77.32.128.0/18 maxlen: 24
77.32.192.0/19 maxlen: 24
94.143.16.0/21 maxlen: 24
153.92.224.0/19 maxlen: 24
172.246.0.0/18 maxlen: 24
172.246.64.0/22 maxlen: 24
172.246.240.0/20 maxlen: 24
185.24.144.0/22 maxlen: 24
185.41.28.0/22 maxlen: 24
185.107.232.0/22 maxlen: 24
212.146.192.0/18 maxlen: 24
213.32.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/76aee1-e220-4e22-9cb5-8fe3a0f61437/1/3eNumAISZPWoBwEGeAvinUihbGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/76aee1-e220-4e22-9cb5-8fe3a0f61437/1/3eNumAISZPWoBwEGeAvinUihbGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/3eNumAISZPWoBwEGeAvinUihbGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:33:66:d6:e2:36:7d:f6:98:8e:dc:ab:00:10:63:2f:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dde36e98021264f5a8070106780be29d48a16c67
Validity
Not Before: Apr 14 08:24:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8039f544708cc50c8d5bfa467d40de02816cb5e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1d:9f:a4:2b:ab:19:18:f5:d6:79:84:8c:98:
bb:f6:1b:ab:91:46:76:2e:19:70:6c:35:b5:be:f1:
9f:e6:38:17:71:f8:73:0e:d0:58:68:ed:49:dc:ee:
9f:d2:3d:7e:17:6a:85:ee:cf:03:e6:ff:6d:ee:d2:
4d:51:53:42:df:4c:38:3a:67:54:43:5f:28:ba:a2:
7d:f2:d8:b3:9e:7a:81:85:ce:d1:4b:e2:ad:05:92:
09:88:2f:83:82:9c:a6:9c:46:34:fc:fb:ee:e3:68:
67:89:8a:52:55:ff:25:c1:ff:07:31:37:76:fa:5a:
6c:86:32:ef:07:27:de:dd:82:cd:53:b8:02:db:ef:
9a:fa:68:98:de:06:2c:a4:15:81:3e:2d:ac:69:64:
ba:bb:81:59:3a:4a:cc:d2:b1:b7:da:d3:80:24:a9:
4b:6e:52:5f:37:f0:99:d0:a7:b6:a3:42:0a:52:2c:
1b:1d:61:4d:4a:09:a6:ff:be:d3:d3:32:90:c8:e5:
a5:1f:3f:13:0a:8e:41:ea:36:f3:e6:1f:2e:52:5e:
87:ee:05:24:e0:72:c6:59:09:58:73:30:9f:dd:70:
41:95:00:b5:d5:61:56:e6:e2:2f:0b:4f:c1:40:2d:
03:ee:5e:a0:94:33:6f:93:08:57:8b:5e:72:f8:3f:
76:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:39:F5:44:70:8C:C5:0C:8D:5B:FA:46:7D:40:DE:02:81:6C:B5:E6
X509v3 Authority Key Identifier:
keyid:DD:E3:6E:98:02:12:64:F5:A8:07:01:06:78:0B:E2:9D:48:A1:6C:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3eNumAISZPWoBwEGeAvinUihbGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/76aee1-e220-4e22-9cb5-8fe3a0f61437/1/gDn1RHCMxQyNW_pGfUDeAoFsteY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/76aee1-e220-4e22-9cb5-8fe3a0f61437/1/3eNumAISZPWoBwEGeAvinUihbGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
1.179.120.0/21
77.32.128.0-77.32.223.255
94.143.16.0/21
153.92.224.0/19
172.246.0.0-172.246.67.255
172.246.240.0/20
185.24.144.0/22
185.41.28.0/22
185.107.232.0/22
212.146.192.0/18
213.32.128.0/18
Signature Algorithm: sha256WithRSAEncryption
6d:f6:51:e0:9c:a9:d5:00:17:d2:cd:e1:84:70:f4:cc:69:a5:
4b:b3:5a:ab:ef:4b:f8:7d:de:92:7f:22:a0:f4:ce:27:78:2c:
79:04:80:3e:b3:39:78:97:11:6e:9f:b0:0b:e6:a8:c7:15:11:
16:d2:54:a9:a6:96:0f:19:b4:3c:65:7b:bc:c6:b0:0d:a4:6a:
99:a6:e5:f9:7d:be:bc:2e:71:2b:58:fd:42:cc:fb:b5:85:b2:
23:b4:65:4a:a2:e5:a0:ee:ba:33:d4:4d:22:34:80:bc:bb:5f:
fd:07:21:dd:27:ce:2f:ca:5b:7e:eb:af:1a:59:46:ca:f1:ae:
74:94:32:6f:8c:6b:4b:05:54:26:5e:5f:e1:27:ec:2e:0d:a6:
4c:55:34:15:d8:f7:53:14:66:86:7c:e1:4d:a2:b5:5a:ea:c9:
75:1f:7e:51:a3:dd:14:39:04:40:31:fc:e3:a0:3e:fa:ad:94:
6c:94:f2:51:02:ad:b5:77:e3:dd:3b:ad:1c:7c:7c:8e:39:9e:
cb:13:dd:6a:90:c2:07:cf:a4:ff:d3:91:ea:af:81:a4:76:59:
c9:4a:5c:fe:52:d8:cf:b5:1b:86:90:d7:87:11:27:dc:2f:b6:
74:d3:10:16:b4:ae:c6:37:33:62:84:db:79:69:2c:50:ab:a3:
1e:35:21:e2
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZYzZtbiNn32mI7cqwAQYy+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZTM2ZTk4MDIxMjY0ZjVhODA3MDEwNjc4MGJlMjlkNDhh
MTZjNjcwHhcNMjUwNDE0MDgyNDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDM5ZjU0NDcwOGNjNTBjOGQ1YmZhNDY3ZDQwZGUwMjgxNmNiNWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqB2fpCurGRj11nmEjJi79hurkUZ2
LhlwbDW1vvGf5jgXcfhzDtBYaO1J3O6f0j1+F2qF7s8D5v9t7tJNUVNC30w4OmdU
Q18ouqJ98tiznnqBhc7RS+KtBZIJiC+DgpymnEY0/Pvu42hniYpSVf8lwf8HMTd2
+lpshjLvByfe3YLNU7gC2++a+miY3gYspBWBPi2saWS6u4FZOkrM0rG32tOAJKlL
blJfN/CZ0Ke2o0IKUiwbHWFNSgmm/77T0zKQyOWlHz8TCo5B6jbz5h8uUl6H7gUk
4HLGWQlYczCf3XBBlQC11WFW5uIvC0/BQC0D7l6glDNvkwhXi15y+D92IwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFIA59URwjMUMjVv6Rn1A3gKBbLXmMB8GA1UdIwQY
MBaAFN3jbpgCEmT1qAcBBngL4p1IoWxnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2VOdW1BSVNaUFdvQndFR2VBdmluVWloYkdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi83NmFlZTEtZTIyMC00ZTIyLTljYjUt
OGZlM2EwZjYxNDM3LzEvZ0RuMVJIQ014UXlOV19wR2ZVRGVBb0ZzdGVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi83NmFlZTEtZTIyMC00ZTIyLTljYjUtOGZlM2EwZjYxNDM3
LzEvM2VOdW1BSVNaUFdvQndFR2VBdmluVWloYkdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBXBAIAATBRAwQDAbN4MAwD
BAdNIIADBAVNIMADBANejxADBAWZXOAwCwMDAaz2AwQCrPZAAwQErPbwAwQCuRiQ
AwQCuSkcAwQCuWvoAwQG1JLAAwQG1SCAMA0GCSqGSIb3DQEBCwUAA4IBAQBt9lHg
nKnVABfSzeGEcPTMaaVLs1qr70v4fd6SfyKg9M4neCx5BIA+szl4lxFun7AL5qjH
FREW0lSpppYPGbQ8ZXu8xrANpGqZpuX5fb68LnErWP1CzPu1hbIjtGVKouWg7roz
1E0iNIC8u1/9ByHdJ84vylt+668aWUbK8a50lDJvjGtLBVQmXl/hJ+wuDaZMVTQV
2PdTFGaGfOFNorVa6sl1H35Ro90UOQRAMfzjoD76rZRslPJRAq21d+PdO60cfHyO
OZ7LE91qkMIHz6T/05Hqr4GkdlnJSlz+UtjPtRuGkNeHESfcL7Z00xAWtK7GNzNi
hNt5aSxQq6MeNSHi
-----END CERTIFICATE-----
Generated at Mon May 12 07:32:22 2025 by rpki-client