Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/WIgYr5JYPXYMftdONSWv5Do5-Gk.roa
File: WIgYr5JYPXYMftdONSWv5Do5-Gk.roa (raw, json)
Hash identifier: Z2h27NPSq0u/AueWae1+/QX3Wc6gNsL5Ji2s5jEoznc=
Subject key identifier: 58:88:18:AF:92:58:3D:76:0C:7E:D7:4E:35:25:AF:E4:3A:39:F8:69
Certificate issuer: /CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Certificate serial: 0194258E49C9562E4E5BFD9EB96F6E89487B
Authority key identifier: E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/WIgYr5JYPXYMftdONSWv5Do5-Gk.roa
Signing time: Thu 02 Jan 2025 05:47:49 +0000
ROA not before: Thu 02 Jan 2025 05:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43350
IP address blocks: 5.104.136.0/21 maxlen: 24
37.143.32.0/21 maxlen: 24
37.153.168.0/22 maxlen: 22
37.156.228.0/24 maxlen: 24
46.166.128.0/19 maxlen: 24
46.166.176.0/20 maxlen: 24
77.247.176.0/21 maxlen: 21
77.247.176.0/24 maxlen: 24
85.159.232.0/21 maxlen: 24
89.38.160.0/22 maxlen: 22
92.114.100.0/22 maxlen: 22
92.114.100.0/24 maxlen: 24
109.201.128.0/19 maxlen: 19
176.126.232.0/24 maxlen: 24
176.126.233.0/24 maxlen: 24
185.7.76.0/22 maxlen: 24
185.11.144.0/24 maxlen: 24
185.107.36.0/24 maxlen: 24
185.107.37.0/24 maxlen: 24
185.107.38.0/24 maxlen: 24
185.107.44.0/22 maxlen: 24
185.107.45.0/24 maxlen: 24
185.107.56.0/22 maxlen: 22
185.107.68.0/22 maxlen: 22
185.107.80.0/22 maxlen: 22
185.107.92.0/22 maxlen: 22
185.107.100.0/22 maxlen: 24
185.107.116.0/22 maxlen: 24
188.209.55.0/24 maxlen: 24
188.209.56.0/24 maxlen: 24
188.209.57.0/24 maxlen: 24
212.92.104.0/21 maxlen: 21
212.92.112.0/21 maxlen: 21
212.92.120.0/22 maxlen: 22
212.92.124.0/23 maxlen: 23
2a00:1768::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 12:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:49:c9:56:2e:4e:5b:fd:9e:b9:6f:6e:89:48:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Validity
Not Before: Jan 2 05:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=588818af92583d760c7ed74e3525afe43a39f869
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:bf:ec:0e:05:91:0f:7e:5e:45:9d:ec:6e:55:
a7:7b:1d:eb:17:4a:c0:d1:ca:c1:9a:d6:3a:9a:f2:
51:33:41:9b:c1:24:d7:d4:7e:9a:ce:2a:4e:35:a7:
a6:8b:c0:26:12:5e:05:5c:4c:28:7c:86:71:d2:e5:
a5:24:0f:ae:aa:5c:3c:9e:be:0a:28:43:03:bf:36:
47:77:9a:13:2a:96:e9:62:f8:03:06:bb:53:17:4f:
76:b8:0a:3d:9f:7e:55:52:26:1b:36:7f:8c:6b:98:
31:91:83:ca:63:d5:ce:cf:79:43:7e:04:85:6c:e6:
db:a6:45:d7:e1:9b:26:9c:8f:7d:05:ba:d5:f9:85:
2b:3c:c3:b5:58:f1:93:a8:81:dc:34:35:09:80:25:
43:c5:c2:8b:5f:68:7b:e0:7f:f9:10:34:61:c5:ce:
52:62:3d:f1:cf:db:74:85:82:52:2c:0b:db:2c:4a:
6d:f9:13:69:7d:a8:df:14:79:84:85:8c:66:fc:37:
54:6a:b3:68:68:fe:d9:10:8a:a1:bd:66:79:85:a8:
fa:98:55:34:e5:de:f6:75:9a:1f:52:80:22:2b:9d:
96:01:21:f5:67:70:80:c9:55:a9:67:c9:74:ab:b8:
79:44:89:a4:cc:cc:82:72:8b:1a:f9:52:dc:fb:90:
fe:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:88:18:AF:92:58:3D:76:0C:7E:D7:4E:35:25:AF:E4:3A:39:F8:69
X509v3 Authority Key Identifier:
keyid:E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/WIgYr5JYPXYMftdONSWv5Do5-Gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.136.0/21
37.143.32.0/21
37.153.168.0/22
37.156.228.0/24
46.166.128.0/19
46.166.176.0/20
77.247.176.0/21
85.159.232.0/21
89.38.160.0/22
92.114.100.0/22
109.201.128.0/19
176.126.232.0/23
185.7.76.0/22
185.11.144.0/24
185.107.36.0-185.107.38.255
185.107.44.0/22
185.107.56.0/22
185.107.68.0/22
185.107.80.0/22
185.107.92.0/22
185.107.100.0/22
185.107.116.0/22
188.209.55.0-188.209.57.255
212.92.104.0-212.92.125.255
IPv6:
2a00:1768::/32
Signature Algorithm: sha256WithRSAEncryption
90:0a:41:4a:0c:14:ff:0b:eb:5c:38:ac:92:eb:5f:29:91:47:
d2:3f:83:65:09:e4:36:5c:e8:e4:10:ca:0a:af:cd:13:2e:ca:
34:99:e7:68:fa:58:c4:cd:67:49:bc:b3:ea:b3:c2:b6:f1:05:
10:3f:dc:4d:01:db:79:3d:88:2c:ca:66:9d:83:f1:f0:55:df:
c9:43:92:ab:2a:73:85:4a:c8:df:cf:9f:45:a3:9b:3f:b5:08:
a8:a2:f9:b6:ae:01:04:77:65:83:26:a6:b9:1b:84:95:ab:7b:
f1:62:71:46:76:1c:26:11:d3:df:13:6a:00:32:d4:5b:e2:43:
c0:7f:15:2c:f2:0b:63:43:bb:fd:ef:8e:95:3c:3e:ca:7d:fb:
9b:99:22:37:aa:2e:26:14:f3:f6:15:23:0b:2c:57:1f:22:a5:
ca:82:f7:47:54:25:e6:82:9b:96:cd:36:a9:85:92:2f:b3:64:
39:f2:99:ae:fd:a6:a4:49:6a:c7:cc:b0:00:b2:a7:84:c3:78:
77:5a:48:ad:4c:a9:16:70:c8:cf:6f:bd:d1:32:9f:ae:a5:d8:
99:46:37:7d:16:e3:fc:a2:ef:74:d6:e0:9d:5c:e0:d0:6a:14:
35:ad:c2:1a:f9:a6:31:db:e8:09:2e:f5:b0:a0:97:40:90:a1:
eb:7f:55:c3
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAZQljknJVi5OW/2euW9uiUh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMzhlYzI0MmE0M2U5YzlkNGNlYjI1ZGM5MGU1NDUzMzcz
ZDNmNDYwHhcNMjUwMTAyMDU0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODg4MThhZjkyNTgzZDc2MGM3ZWQ3NGUzNTI1YWZlNDNhMzlmODY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApr/sDgWRD35eRZ3sblWnex3rF0rA
0crBmtY6mvJRM0GbwSTX1H6azipONaemi8AmEl4FXEwofIZx0uWlJA+uqlw8nr4K
KEMDvzZHd5oTKpbpYvgDBrtTF092uAo9n35VUiYbNn+Ma5gxkYPKY9XOz3lDfgSF
bObbpkXX4ZsmnI99BbrV+YUrPMO1WPGTqIHcNDUJgCVDxcKLX2h74H/5EDRhxc5S
Yj3xz9t0hYJSLAvbLEpt+RNpfajfFHmEhYxm/DdUarNoaP7ZEIqhvWZ5haj6mFU0
5d72dZofUoAiK52WASH1Z3CAyVWpZ8l0q7h5RImkzMyCcosa+VLc+5D+lQIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFFiIGK+SWD12DH7XTjUlr+Q6OfhpMB8GA1UdIwQY
MBaAFOE47CQqQ+nJ1M6yXckOVFM3PT9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgt
Njc4NWNkNDU2ODcxLzEvV0lnWXI1SllQWFlNZnRkT05TV3Y1RG81LUdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgtNjc4NWNkNDU2ODcx
LzEvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBrwQCAAEwgagDBAMF
aIgDBAMljyADBAIlmagDBAAlnOQDBAUupoADBAQuprADBANN97ADBANVn+gDBAJZ
JqADBAJccmQDBAVtyYADBAGwfugDBAK5B0wDBAC5C5AwDAMEArlrJAMEALlrJgME
ArlrLAMEArlrOAMEArlrRAMEArlrUAMEArlrXAMEArlrZAMEArlrdDAMAwQAvNE3
AwQBvNE4MAwDBAPUXGgDBAHUXHwwDQQCAAIwBwMFACoAF2gwDQYJKoZIhvcNAQEL
BQADggEBAJAKQUoMFP8L61w4rJLrXymRR9I/g2UJ5DZc6OQQygqvzRMuyjSZ52j6
WMTNZ0m8s+qzwrbxBRA/3E0B23k9iCzKZp2D8fBV38lDkqsqc4VKyN/Pn0Wjmz+1
CKii+bauAQR3ZYMmprkbhJWre/FicUZ2HCYR098TagAy1FviQ8B/FSzyC2NDu/3v
jpU8Psp9+5uZIjeqLiYU8/YVIwssVx8ipcqC90dUJeaCm5bNNqmFki+zZDnyma79
pqRJasfMsACyp4TDeHdaSK1MqRZwyM9vvdEyn66l2JlGN30W4/yi73TW4J1c4NBq
FDWtwhr5pjHb6Aku9bCgl0CQoet/VcM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:52:49 2025 by rpki-client