Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/gsCygs_SprevwXUwS8ZnM-EYuKU.roa
File: gsCygs_SprevwXUwS8ZnM-EYuKU.roa (raw, json)
Hash identifier: l1XeBh5SOrL7OGe08dB0VGh4WiJBpNY8AdAQ14ebdBA=
Subject key identifier: 82:C0:B2:82:CF:D2:A6:B7:AF:C1:75:30:4B:C6:67:33:E1:18:B8:A5
Certificate issuer: /CN=dab53f9b21d13e078e3e844d645eea8580f1cce1
Certificate serial: 0194228E243F7098054644C139D63E5EE7C0
Authority key identifier: DA:B5:3F:9B:21:D1:3E:07:8E:3E:84:4D:64:5E:EA:85:80:F1:CC:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2rU_myHRPgeOPoRNZF7qhYDxzOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/gsCygs_SprevwXUwS8ZnM-EYuKU.roa
Signing time: Wed 01 Jan 2025 15:48:48 +0000
ROA not before: Wed 01 Jan 2025 15:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33874
IP address blocks: 37.75.32.0/19 maxlen: 19
37.75.32.0/20 maxlen: 20
37.75.48.0/20 maxlen: 20
77.25.128.0/17 maxlen: 17
77.25.128.0/19 maxlen: 19
77.25.192.0/22 maxlen: 22
77.25.196.0/22 maxlen: 22
77.25.200.0/22 maxlen: 22
77.25.204.0/22 maxlen: 22
77.25.220.0/22 maxlen: 22
77.243.64.0/22 maxlen: 22
77.243.68.0/23 maxlen: 23
77.243.70.0/23 maxlen: 23
77.243.72.0/22 maxlen: 22
77.243.76.0/23 maxlen: 23
77.243.78.0/23 maxlen: 23
80.85.96.0/20 maxlen: 20
80.85.96.0/23 maxlen: 23
80.85.98.0/24 maxlen: 24
80.85.99.0/24 maxlen: 24
80.85.100.0/24 maxlen: 24
80.85.101.0/24 maxlen: 24
80.85.102.0/24 maxlen: 24
80.85.103.0/24 maxlen: 24
80.85.104.0/24 maxlen: 24
80.85.105.0/24 maxlen: 24
80.85.106.0/24 maxlen: 24
80.85.107.0/24 maxlen: 24
80.85.108.0/24 maxlen: 24
80.85.109.0/24 maxlen: 24
80.85.110.0/24 maxlen: 24
80.85.111.0/24 maxlen: 24
109.200.32.0/19 maxlen: 19
109.200.32.0/20 maxlen: 20
109.200.48.0/21 maxlen: 21
109.200.56.0/22 maxlen: 22
159.20.24.0/21 maxlen: 21
159.20.24.0/24 maxlen: 24
159.20.25.0/24 maxlen: 24
159.20.26.0/24 maxlen: 24
159.20.28.0/24 maxlen: 24
159.20.29.0/24 maxlen: 24
159.20.30.0/24 maxlen: 24
159.20.31.0/24 maxlen: 24
185.5.48.0/24 maxlen: 24
188.172.0.0/19 maxlen: 19
188.172.0.0/20 maxlen: 20
188.172.16.0/21 maxlen: 21
188.172.24.0/22 maxlen: 22
188.172.32.0/19 maxlen: 19
188.172.32.0/20 maxlen: 20
188.172.48.0/21 maxlen: 21
188.172.56.0/22 maxlen: 22
188.172.64.0/19 maxlen: 19
188.172.64.0/21 maxlen: 21
188.172.72.0/22 maxlen: 22
188.172.80.0/21 maxlen: 21
188.172.88.0/22 maxlen: 22
2a10:5500::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/2rU_myHRPgeOPoRNZF7qhYDxzOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/2rU_myHRPgeOPoRNZF7qhYDxzOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2rU_myHRPgeOPoRNZF7qhYDxzOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 06:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:24:3f:70:98:05:46:44:c1:39:d6:3e:5e:e7:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dab53f9b21d13e078e3e844d645eea8580f1cce1
Validity
Not Before: Jan 1 15:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82c0b282cfd2a6b7afc175304bc66733e118b8a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:86:87:f9:8a:6b:dd:47:76:4a:5b:f8:92:59:
cb:f5:90:77:2c:f0:9a:01:8b:e8:da:8f:92:b1:69:
cb:06:4e:61:3d:45:82:3e:60:0d:f0:7a:a0:2e:b7:
2e:f3:75:e9:9e:fd:15:f5:e8:74:d0:c1:0f:c3:8d:
1c:68:b6:ad:37:9e:8e:5e:0b:af:41:88:38:38:ca:
d8:cd:f2:0a:c1:51:2e:91:ae:42:14:c4:14:bd:a6:
d0:37:b8:ab:40:b1:f9:aa:cd:0a:08:5c:57:43:cd:
5e:22:ca:71:bc:bf:70:f3:79:a4:47:6c:81:ef:73:
86:f9:7b:70:3b:7c:69:35:91:e4:97:fb:cc:3e:84:
98:57:21:26:a7:f0:a2:59:06:03:ef:4b:38:53:33:
d8:16:e3:75:f1:fe:bd:1f:d9:d9:83:e0:1b:b0:8c:
40:ab:8b:06:9b:2f:6f:85:35:2b:0c:ea:ea:9d:d1:
b7:73:f2:f3:7c:31:fa:3e:6f:d1:04:a4:5a:4b:f8:
fc:cd:18:74:ad:58:4c:68:cc:df:d7:09:a1:a0:d4:
60:67:6d:ba:0c:2c:9d:f9:a4:11:9a:b6:01:16:92:
46:a2:b8:87:0f:a8:2b:ec:56:2d:03:6e:44:a1:cd:
29:fb:65:dc:f7:94:1a:3e:9d:bc:16:e2:7f:ef:e3:
80:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:C0:B2:82:CF:D2:A6:B7:AF:C1:75:30:4B:C6:67:33:E1:18:B8:A5
X509v3 Authority Key Identifier:
keyid:DA:B5:3F:9B:21:D1:3E:07:8E:3E:84:4D:64:5E:EA:85:80:F1:CC:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2rU_myHRPgeOPoRNZF7qhYDxzOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/gsCygs_SprevwXUwS8ZnM-EYuKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/2rU_myHRPgeOPoRNZF7qhYDxzOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.32.0/19
77.25.128.0/17
77.243.64.0/20
80.85.96.0/20
109.200.32.0/19
159.20.24.0/21
185.5.48.0/24
188.172.0.0-188.172.95.255
IPv6:
2a10:5500::/32
Signature Algorithm: sha256WithRSAEncryption
9a:85:41:b3:f6:e8:01:0f:07:84:2f:30:1a:29:f5:9e:c8:90:
1f:6c:5c:89:59:f6:b8:8a:40:a8:95:a0:80:50:51:0b:ef:72:
68:f4:b7:8d:e1:20:b6:dc:44:3a:ae:aa:d5:29:9a:95:37:4d:
73:19:f0:41:24:d7:ac:0a:c9:f1:40:b5:85:56:bc:36:09:2f:
49:12:50:8b:34:90:ee:a4:6d:99:10:16:f8:ce:61:3c:ba:3a:
1a:7c:8e:96:35:b7:19:aa:b8:58:fa:37:cf:20:ab:a3:56:18:
27:18:ab:be:a1:dd:c6:22:fd:89:fb:c9:3a:d0:1a:ea:96:71:
65:64:ab:f2:bc:82:da:75:1f:bc:83:97:38:d1:d6:c5:b0:30:
8e:18:1e:96:b4:7c:66:42:5d:21:92:0b:5b:a0:4d:f7:58:05:
d8:4f:af:78:f6:18:40:1a:b7:b1:13:bb:68:03:69:0b:2a:a9:
07:fd:c7:23:aa:1f:fd:30:22:e0:5a:8a:58:52:cc:89:23:94:
f6:2b:3a:a4:a9:31:66:12:18:64:62:df:9d:eb:8a:fb:ea:7e:
4f:10:96:c2:f4:db:51:71:cf:ab:be:c7:34:0b:58:0a:00:76:
01:f8:bf:56:8a:ed:d2:9f:56:3e:76:c2:08:c5:04:5e:d3:56:
46:8d:7e:7f
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZQijiQ/cJgFRkTBOdY+XufAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYjUzZjliMjFkMTNlMDc4ZTNlODQ0ZDY0NWVlYTg1ODBm
MWNjZTEwHhcNMjUwMTAxMTU0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmMwYjI4MmNmZDJhNmI3YWZjMTc1MzA0YmM2NjczM2UxMThiOGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6oaH+Ypr3Ud2Slv4klnL9ZB3LPCa
AYvo2o+SsWnLBk5hPUWCPmAN8HqgLrcu83Xpnv0V9eh00MEPw40caLatN56OXguv
QYg4OMrYzfIKwVEuka5CFMQUvabQN7irQLH5qs0KCFxXQ81eIspxvL9w83mkR2yB
73OG+XtwO3xpNZHkl/vMPoSYVyEmp/CiWQYD70s4UzPYFuN18f69H9nZg+AbsIxA
q4sGmy9vhTUrDOrqndG3c/LzfDH6Pm/RBKRaS/j8zRh0rVhMaMzf1wmhoNRgZ226
DCyd+aQRmrYBFpJGoriHD6gr7FYtA25Eoc0p+2Xc95QaPp28FuJ/7+OAkQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFILAsoLP0qa3r8F1MEvGZzPhGLilMB8GA1UdIwQY
MBaAFNq1P5sh0T4Hjj6ETWRe6oWA8czhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnJVX215SFJQZ2VPUG9STlpGN3FoWUR4ek9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi83ZjlhYjEtYmM3Yy00ZDBkLWE5NzAt
NWI4YmM1OTBiMTk3LzEvZ3NDeWdzX1NwcmV2d1hVd1M4Wm5NLUVZdUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi83ZjlhYjEtYmM3Yy00ZDBkLWE5NzAtNWI4YmM1OTBiMTk3
LzEvMnJVX215SFJQZ2VPUG9STlpGN3FoWUR4ek9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA9BAIAATA3AwQFJUsgAwQH
TRmAAwQETfNAAwQEUFVgAwQFbcggAwQDnxQYAwQAuQUwMAsDAwK8rAMEBbysQDAN
BAIAAjAHAwUAKhBVADANBgkqhkiG9w0BAQsFAAOCAQEAmoVBs/boAQ8HhC8wGin1
nsiQH2xciVn2uIpAqJWggFBRC+9yaPS3jeEgttxEOq6q1SmalTdNcxnwQSTXrArJ
8UC1hVa8NgkvSRJQizSQ7qRtmRAW+M5hPLo6GnyOljW3Gaq4WPo3zyCro1YYJxir
vqHdxiL9ifvJOtAa6pZxZWSr8ryC2nUfvIOXONHWxbAwjhgelrR8ZkJdIZILW6BN
91gF2E+vePYYQBq3sRO7aANpCyqpB/3HI6of/TAi4FqKWFLMiSOU9is6pKkxZhIY
ZGLfneuK++p+TxCWwvTbUXHPq77HNAtYCgB2Afi/Vort0p9WPnbCCMUEXtNWRo1+
fw==
-----END CERTIFICATE-----
Generated at Wed Apr 16 14:52:33 2025 by rpki-client