Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/g_n97b-ezr2pU8M_arTz7b0GI28.roa
File: g_n97b-ezr2pU8M_arTz7b0GI28.roa (raw, json)
Hash identifier: f/1b/CBZ/cmdffSZ/BO1Ow8CLoficDzJ57IxUPZ8+ZA=
Subject key identifier: 83:F9:FD:ED:BF:9E:CE:BD:A9:53:C3:3F:6A:B4:F3:ED:BD:06:23:6F
Certificate issuer: /CN=27029a36fc0cca2e0a8d045f022dfc831a517308
Certificate serial: 0194266B7529BB3973DEF4EB6020387E4355
Authority key identifier: 27:02:9A:36:FC:0C:CA:2E:0A:8D:04:5F:02:2D:FC:83:1A:51:73:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JwKaNvwMyi4KjQRfAi38gxpRcwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/g_n97b-ezr2pU8M_arTz7b0GI28.roa
Signing time: Thu 02 Jan 2025 09:49:23 +0000
ROA not before: Thu 02 Jan 2025 09:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35432
IP address blocks: 46.251.96.0/19 maxlen: 24
64.59.208.0/20 maxlen: 24
65.18.208.0/20 maxlen: 24
66.205.64.0/19 maxlen: 24
69.6.0.0/19 maxlen: 24
69.94.112.0/20 maxlen: 24
77.83.248.0/22 maxlen: 24
80.244.16.0/20 maxlen: 24
85.132.224.0/19 maxlen: 24
91.184.192.0/19 maxlen: 24
109.110.224.0/19 maxlen: 24
139.138.192.0/19 maxlen: 24
164.215.0.0/19 maxlen: 24
185.7.156.0/22 maxlen: 24
185.42.32.0/22 maxlen: 24
185.162.16.0/22 maxlen: 24
194.64.144.0/22 maxlen: 24
194.233.16.0/22 maxlen: 24
194.233.24.0/22 maxlen: 24
194.233.60.0/22 maxlen: 24
195.179.96.0/20 maxlen: 24
212.32.16.0/21 maxlen: 24
212.32.56.0/21 maxlen: 24
212.50.96.0/19 maxlen: 24
213.133.80.0/20 maxlen: 24
213.140.192.0/19 maxlen: 24
216.241.128.0/19 maxlen: 24
2a02:540::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/JwKaNvwMyi4KjQRfAi38gxpRcwg.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/JwKaNvwMyi4KjQRfAi38gxpRcwg.mft
rsync://rpki.ripe.net/repository/DEFAULT/JwKaNvwMyi4KjQRfAi38gxpRcwg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:75:29:bb:39:73:de:f4:eb:60:20:38:7e:43:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27029a36fc0cca2e0a8d045f022dfc831a517308
Validity
Not Before: Jan 2 09:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83f9fdedbf9ecebda953c33f6ab4f3edbd06236f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:43:b8:60:93:fc:31:4e:4a:49:a8:5b:15:34:
d1:ce:a8:7b:65:5e:bb:56:88:02:66:b3:ca:e4:26:
01:d6:3a:9c:76:ee:b6:c9:f9:9e:8b:4a:10:bb:a4:
c0:8e:19:8c:b4:95:c9:2b:2e:10:78:a5:f6:88:28:
a2:81:d6:31:0a:ee:4e:67:ff:24:b7:51:fa:64:9d:
8e:25:cc:46:da:cc:4c:50:62:6e:d0:75:8f:46:cb:
bf:b8:3b:4f:f6:77:66:c8:52:0e:42:f9:0b:a8:a3:
d8:99:62:8d:8e:78:4c:9b:1d:9e:b9:56:1f:5a:f3:
59:16:e8:66:75:f2:d8:2c:c7:b1:fc:8b:03:9e:e7:
57:49:4b:f3:d0:41:36:b7:a3:1b:34:f7:6c:eb:fc:
4e:48:60:52:d1:78:d6:e1:78:ad:d8:6a:ef:48:25:
a9:21:dc:d2:62:10:ad:3c:ad:da:da:6a:69:b7:1b:
46:19:b4:22:0f:eb:f8:52:90:4e:5d:ad:27:7a:30:
57:6d:73:f2:82:6b:57:72:2f:5e:15:aa:3d:36:9a:
90:54:fd:91:a2:a4:12:a1:5d:7d:1d:8e:af:61:30:
45:ac:01:34:be:05:a4:25:2b:47:b8:f1:09:01:3b:
a6:95:00:ee:c6:e3:d5:7b:ae:f8:07:41:82:b1:4b:
86:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:F9:FD:ED:BF:9E:CE:BD:A9:53:C3:3F:6A:B4:F3:ED:BD:06:23:6F
X509v3 Authority Key Identifier:
keyid:27:02:9A:36:FC:0C:CA:2E:0A:8D:04:5F:02:2D:FC:83:1A:51:73:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JwKaNvwMyi4KjQRfAi38gxpRcwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/g_n97b-ezr2pU8M_arTz7b0GI28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/JwKaNvwMyi4KjQRfAi38gxpRcwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.251.96.0/19
64.59.208.0/20
65.18.208.0/20
66.205.64.0/19
69.6.0.0/19
69.94.112.0/20
77.83.248.0/22
80.244.16.0/20
85.132.224.0/19
91.184.192.0/19
109.110.224.0/19
139.138.192.0/19
164.215.0.0/19
185.7.156.0/22
185.42.32.0/22
185.162.16.0/22
194.64.144.0/22
194.233.16.0/22
194.233.24.0/22
194.233.60.0/22
195.179.96.0/20
212.32.16.0/21
212.32.56.0/21
212.50.96.0/19
213.133.80.0/20
213.140.192.0/19
216.241.128.0/19
IPv6:
2a02:540::/32
Signature Algorithm: sha256WithRSAEncryption
99:4b:0b:28:3b:17:11:8b:a5:8c:a7:38:8c:b2:ae:27:2e:9f:
ee:ae:9e:ae:37:e8:79:13:14:88:fd:36:76:5a:0e:05:18:bb:
05:a6:7a:64:70:44:fc:9f:05:f8:66:18:06:c4:c1:c1:0b:bd:
28:2a:53:93:11:f9:9f:b0:ff:21:3a:f0:90:32:8f:a5:c2:0d:
79:0b:77:87:f3:1a:55:04:29:39:c3:e7:01:ba:9a:05:30:29:
00:86:3e:73:6e:78:00:c3:5b:01:4b:22:4f:cf:66:f6:71:2a:
32:be:95:1e:50:95:ec:01:36:c8:2a:21:92:8d:7b:db:43:e8:
d7:d6:c8:f1:4a:1c:6c:82:55:14:ec:84:ac:fe:b9:82:f6:ab:
ac:39:43:8e:36:5f:2f:a1:bf:fa:3c:9f:4e:03:54:bd:7c:b9:
2c:5d:71:fd:4c:10:15:55:6e:29:a3:7e:3d:00:db:98:dd:1d:
c5:15:96:ec:9a:72:4a:f1:99:43:08:a8:a7:8e:78:3e:dd:8a:
da:c5:b1:6c:40:31:b0:11:06:32:37:d7:54:93:4a:16:83:db:
cf:59:c4:dd:23:bc:bd:30:a8:48:0a:d8:10:b6:1b:45:8f:16:
76:f7:a5:c0:90:cd:9a:03:3b:62:8e:5e:79:07:4a:07:2d:6a:
ce:e6:c3:21
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAZQma3Upuzlz3vTrYCA4fkNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MDI5YTM2ZmMwY2NhMmUwYThkMDQ1ZjAyMmRmYzgzMWE1
MTczMDgwHhcNMjUwMTAyMDk0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2Y5ZmRlZGJmOWVjZWJkYTk1M2MzM2Y2YWI0ZjNlZGJkMDYyMzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkO4YJP8MU5KSahbFTTRzqh7ZV67
VogCZrPK5CYB1jqcdu62yfmei0oQu6TAjhmMtJXJKy4QeKX2iCiigdYxCu5OZ/8k
t1H6ZJ2OJcxG2sxMUGJu0HWPRsu/uDtP9ndmyFIOQvkLqKPYmWKNjnhMmx2euVYf
WvNZFuhmdfLYLMex/IsDnudXSUvz0EE2t6MbNPds6/xOSGBS0XjW4Xit2GrvSCWp
IdzSYhCtPK3a2mpptxtGGbQiD+v4UpBOXa0nejBXbXPygmtXci9eFao9NpqQVP2R
oqQSoV19HY6vYTBFrAE0vgWkJStHuPEJATumlQDuxuPVe674B0GCsUuGAQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFIP5/e2/ns69qVPDP2q08+29BiNvMB8GA1UdIwQY
MBaAFCcCmjb8DMouCo0EXwIt/IMaUXMIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSndLYU52d015aTRLalFSZkFpMzhneHBSY3dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS81M2JiMjMtZGZhOC00NzkyLWIzMTct
NTBkMGE1MzIzNjQxLzEvZ19uOTdiLWV6cjJwVThNX2FyVHo3YjBHSTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS81M2JiMjMtZGZhOC00NzkyLWIzMTctNTBkMGE1MzIzNjQx
LzEvSndLYU52d015aTRLalFSZkFpMzhneHBSY3dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBqQQCAAEwgaIDBAUu
+2ADBARAO9ADBARBEtADBAVCzUADBAVFBgADBARFXnADBAJNU/gDBARQ9BADBAVV
hOADBAVbuMADBAVtbuADBAWLisADBAWk1wADBAK5B5wDBAK5KiADBAK5ohADBALC
QJADBALC6RADBALC6RgDBALC6TwDBATDs2ADBAPUIBADBAPUIDgDBAXUMmADBATV
hVADBAXVjMADBAXY8YAwDQQCAAIwBwMFACoCBUAwDQYJKoZIhvcNAQELBQADggEB
AJlLCyg7FxGLpYynOIyyricun+6unq436HkTFIj9NnZaDgUYuwWmemRwRPyfBfhm
GAbEwcELvSgqU5MR+Z+w/yE68JAyj6XCDXkLd4fzGlUEKTnD5wG6mgUwKQCGPnNu
eADDWwFLIk/PZvZxKjK+lR5QlewBNsgqIZKNe9tD6NfWyPFKHGyCVRTshKz+uYL2
q6w5Q442Xy+hv/o8n04DVL18uSxdcf1MEBVVbimjfj0A25jdHcUVluyackrxmUMI
qKeOeD7ditrFsWxAMbARBjI311STShaD289ZxN0jvL0wqEgK2BC2G0WPFnb3pcCQ
zZoDO2KOXnkHSgctas7mwyE=
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:14:19 2025 by rpki-client