Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/VmjhuzrK06h5F7GtuU6dsi8hn1g.roa
File: VmjhuzrK06h5F7GtuU6dsi8hn1g.roa (raw, json)
Hash identifier: gGDiZCD/tlVCECKmAFNRX/tBWljfywnrFyxgpkW8vqI=
Subject key identifier: 56:68:E1:BB:3A:CA:D3:A8:79:17:B1:AD:B9:4E:9D:B2:2F:21:9F:58
Certificate issuer: /CN=2665c17fa028b31348f630f6b56df422ce062b3b
Certificate serial: 0194206871892F0AE6B7C5543F3701A36944
Authority key identifier: 26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/VmjhuzrK06h5F7GtuU6dsi8hn1g.roa
Signing time: Wed 01 Jan 2025 05:48:23 +0000
ROA not before: Wed 01 Jan 2025 05:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197637
IP address blocks: 31.25.152.0/21 maxlen: 21
37.99.200.0/21 maxlen: 21
37.123.120.0/21 maxlen: 21
109.75.96.0/24 maxlen: 24
109.75.97.0/24 maxlen: 24
109.75.98.0/24 maxlen: 24
109.75.99.0/24 maxlen: 24
109.75.104.0/24 maxlen: 24
109.75.106.0/24 maxlen: 24
109.75.107.0/24 maxlen: 24
109.75.108.0/22 maxlen: 22
153.92.32.0/21 maxlen: 21
185.8.86.0/23 maxlen: 23
185.62.88.0/22 maxlen: 22
185.65.198.0/23 maxlen: 23
185.68.76.0/22 maxlen: 22
185.211.16.0/22 maxlen: 22
193.57.0.0/22 maxlen: 22
195.42.244.0/22 maxlen: 22
2a04:6ec0::/29 maxlen: 29
2a04:6ec0::/32 maxlen: 32
2a0b:6240::/29 maxlen: 29
2a0c:90c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:71:89:2f:0a:e6:b7:c5:54:3f:37:01:a3:69:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2665c17fa028b31348f630f6b56df422ce062b3b
Validity
Not Before: Jan 1 05:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5668e1bb3acad3a87917b1adb94e9db22f219f58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ea:0f:22:0b:d8:20:b0:15:e0:0a:63:88:8b:
e0:b0:01:68:e6:b9:cc:44:ff:d5:38:19:c2:3f:6a:
8b:07:c2:36:c2:d2:a9:7f:57:33:f9:38:2e:98:3d:
e4:3e:af:26:b1:fd:bf:5a:c0:0e:ef:8c:9f:5f:a5:
a7:68:ad:a8:c1:c4:b9:50:27:5e:93:fc:17:f8:50:
a7:ae:70:66:34:fc:6d:85:bf:e6:6a:02:d1:ce:4c:
69:9d:81:fd:bb:3c:57:45:64:a7:7d:82:6e:b8:bf:
80:96:15:6f:53:f9:16:86:35:cc:82:04:2a:18:02:
f0:cd:4b:ae:77:34:03:25:80:07:a7:e0:ad:0a:a6:
2f:82:09:aa:46:62:f0:3d:fc:89:79:0e:a1:23:2d:
8a:84:bb:2a:4c:7a:9b:f6:af:e8:53:90:7f:64:84:
af:ca:38:96:37:c1:06:8a:7f:59:c3:9f:ec:95:b5:
94:d1:50:77:b3:3a:cd:c5:36:5e:43:9d:d1:fa:ff:
d2:58:69:33:12:9d:44:e6:14:0e:6d:c5:fb:c6:7b:
a4:20:b3:95:a6:2f:4a:1c:18:40:ed:cb:dd:13:cc:
48:7a:36:de:0e:38:35:78:81:b8:d9:3c:ed:3c:d6:
8e:e4:b9:ef:a4:f7:59:35:a4:ad:21:8b:d6:b0:59:
e6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:68:E1:BB:3A:CA:D3:A8:79:17:B1:AD:B9:4E:9D:B2:2F:21:9F:58
X509v3 Authority Key Identifier:
keyid:26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/VmjhuzrK06h5F7GtuU6dsi8hn1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.152.0/21
37.99.200.0/21
37.123.120.0/21
109.75.96.0/22
109.75.104.0/24
109.75.106.0-109.75.111.255
153.92.32.0/21
185.8.86.0/23
185.62.88.0/22
185.65.198.0/23
185.68.76.0/22
185.211.16.0/22
193.57.0.0/22
195.42.244.0/22
IPv6:
2a04:6ec0::/29
2a0b:6240::/29
2a0c:90c0::/29
Signature Algorithm: sha256WithRSAEncryption
95:0a:af:43:54:9f:98:f1:35:cf:1b:00:87:73:6b:84:2b:c1:
19:cf:8a:37:5b:4c:eb:87:9c:5c:b0:b0:ff:94:84:35:4f:66:
84:1c:7e:da:45:fa:8a:b8:29:e4:d5:db:8e:5b:4d:c8:a1:1a:
11:36:9a:e0:6d:95:d4:c8:c5:8c:cf:8a:66:9b:30:2d:68:3e:
50:07:a2:8a:76:da:92:4c:18:43:c7:f5:90:8b:32:0f:cd:4e:
8b:ba:cd:ee:b0:77:12:56:32:bf:86:e2:f0:5e:d4:8b:47:a0:
ad:e8:99:ae:58:d6:8b:ab:cd:13:8c:18:b7:97:e3:9f:4d:00:
0c:1b:ae:72:91:b9:82:8a:2c:6b:04:66:ab:08:80:73:90:e0:
d0:8b:cd:e5:2d:a6:87:61:d1:ec:5f:9a:c1:33:f3:0d:2a:a0:
41:ff:d7:44:27:62:92:ba:77:7f:ce:9e:0c:9b:b2:84:b2:ed:
dd:a8:a1:57:d7:36:3b:df:57:cd:b7:d8:65:76:09:8b:96:25:
11:54:e9:c2:f9:54:05:e6:25:aa:48:7b:7d:df:91:ca:cf:55:
48:b2:5b:31:88:d0:4b:20:5d:e1:59:fa:e1:ee:7c:c3:43:3c:
d4:d4:af:ef:f6:f1:65:b3:28:bd:92:51:f3:1c:16:70:f5:97:
4f:f5:97:c0
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZQgaHGJLwrmt8VUPzcBo2lEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjVjMTdmYTAyOGIzMTM0OGY2MzBmNmI1NmRmNDIyY2Uw
NjJiM2IwHhcNMjUwMTAxMDU0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjY4ZTFiYjNhY2FkM2E4NzkxN2IxYWRiOTRlOWRiMjJmMjE5ZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+oPIgvYILAV4ApjiIvgsAFo5rnM
RP/VOBnCP2qLB8I2wtKpf1cz+TgumD3kPq8msf2/WsAO74yfX6WnaK2owcS5UCde
k/wX+FCnrnBmNPxthb/magLRzkxpnYH9uzxXRWSnfYJuuL+AlhVvU/kWhjXMggQq
GALwzUuudzQDJYAHp+CtCqYvggmqRmLwPfyJeQ6hIy2KhLsqTHqb9q/oU5B/ZISv
yjiWN8EGin9Zw5/slbWU0VB3szrNxTZeQ53R+v/SWGkzEp1E5hQObcX7xnukILOV
pi9KHBhA7cvdE8xIejbeDjg1eIG42TztPNaO5LnvpPdZNaStIYvWsFnmZwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFFZo4bs6ytOoeRexrblOnbIvIZ9YMB8GA1UdIwQY
MBaAFCZlwX+gKLMTSPYw9rVt9CLOBis7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1YQmY2QW9zeE5JOWpEMnRXMzBJczRHS3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mYzkwYTAtODA0Yy00MGZhLWIyN2Et
YzM4M2E5MDEwMDA1LzEvVm1qaHV6ckswNmg1RjdHdHVVNmRzaThobjFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mYzkwYTAtODA0Yy00MGZhLWIyN2EtYzM4M2E5MDEwMDA1
LzEvSm1YQmY2QW9zeE5JOWpEMnRXMzBJczRHS3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBiBAIAATBcAwQDHxmY
AwQDJWPIAwQDJXt4AwQCbUtgAwQAbUtoMAwDBAFtS2oDBARtS2ADBAOZXCADBAG5
CFYDBAK5PlgDBAG5QcYDBAK5REwDBAK50xADBALBOQADBALDKvQwGwQCAAIwFQMF
AyoEbsADBQMqC2JAAwUDKgyQwDANBgkqhkiG9w0BAQsFAAOCAQEAlQqvQ1SfmPE1
zxsAh3NrhCvBGc+KN1tM64ecXLCw/5SENU9mhBx+2kX6irgp5NXbjltNyKEaETaa
4G2V1MjFjM+KZpswLWg+UAeiinbakkwYQ8f1kIsyD81Oi7rN7rB3ElYyv4bi8F7U
i0egreiZrljWi6vNE4wYt5fjn00ADBuucpG5goosawRmqwiAc5Dg0IvN5S2mh2HR
7F+awTPzDSqgQf/XRCdikrp3f86eDJuyhLLt3aihV9c2O99XzbfYZXYJi5YlEVTp
wvlUBeYlqkh7fd+Rys9VSLJbMYjQSyBd4Vn64e58w0M81NSv7/bxZbMovZJR8xwW
cPWXT/WXwA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:12:48 2025 by rpki-client