Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/g7TVf3bKGArgGqfxt467U--LAKA.roa
File: g7TVf3bKGArgGqfxt467U--LAKA.roa (raw, json)
Hash identifier: SN0mxADlorPARrUaiHb7ObxVyocSYZ+Ef4XJxn46/aA=
Subject key identifier: 83:B4:D5:7F:76:CA:18:0A:E0:1A:A7:F1:B7:8E:BB:53:EF:8B:00:A0
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0197E92F29DF9528D86019795B171DA9A974
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/g7TVf3bKGArgGqfxt467U--LAKA.roa
Signing time: Tue 08 Jul 2025 08:37:51 +0000
ROA not before: Tue 08 Jul 2025 08:37:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 45.43.146.0/24 maxlen: 24
104.222.169.0/24 maxlen: 24
104.222.170.0/24 maxlen: 24
104.222.171.0/24 maxlen: 24
104.222.172.0/24 maxlen: 24
104.222.173.0/24 maxlen: 24
104.222.174.0/24 maxlen: 24
104.222.175.0/24 maxlen: 24
104.233.20.0/24 maxlen: 24
104.239.13.0/24 maxlen: 24
104.239.16.0/22 maxlen: 22
104.239.20.0/22 maxlen: 22
104.239.32.0/22 maxlen: 22
104.239.36.0/22 maxlen: 22
104.239.54.0/24 maxlen: 24
104.239.57.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.239.92.0/23 maxlen: 23
104.243.193.0/24 maxlen: 24
104.243.194.0/24 maxlen: 24
104.243.195.0/24 maxlen: 24
104.243.196.0/24 maxlen: 24
104.243.197.0/24 maxlen: 24
104.243.198.0/24 maxlen: 24
104.243.207.0/24 maxlen: 24
216.173.80.0/23 maxlen: 23
216.173.88.0/23 maxlen: 23
216.173.122.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e9:2f:29:df:95:28:d8:60:19:79:5b:17:1d:a9:a9:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jul 8 08:37:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83b4d57f76ca180ae01aa7f1b78ebb53ef8b00a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:04:dc:cf:8d:bb:63:48:f4:90:02:4c:05:ae:
62:b3:29:d5:57:0c:a1:a4:9f:1c:18:7f:02:b9:11:
39:8e:8d:17:3f:2c:e9:43:7c:2f:2d:8e:12:a4:c2:
f1:9e:99:2d:71:e2:b7:66:6c:09:83:08:09:86:b6:
ed:ab:fc:6e:77:dc:a2:ef:ea:a0:7b:92:14:b5:48:
fb:fd:b3:87:81:f2:0e:f1:c7:d2:70:60:20:a0:b7:
a5:83:b5:f1:b8:a5:01:c7:7f:53:9b:30:77:d4:19:
49:d3:ff:e6:6f:80:01:7b:8b:cd:c4:5a:7d:35:f5:
30:a0:43:04:72:88:25:30:33:eb:dd:79:e7:8b:61:
4d:ca:01:87:20:19:8b:e3:d1:56:99:c4:74:4e:63:
d0:fe:10:78:e9:5d:2e:c7:3f:55:8e:70:9e:87:e9:
a3:7d:d8:59:64:c2:cf:93:75:71:59:d8:6c:58:c0:
45:ac:bc:33:85:7d:ca:10:20:72:38:87:6c:c9:94:
9a:f2:c5:be:17:17:47:d4:39:72:81:26:bf:60:d6:
cd:52:1b:bd:f0:3b:4a:90:b1:4a:d8:8c:5b:54:4b:
50:f2:28:ea:f0:2c:dd:ec:c1:d8:68:17:9a:7f:aa:
69:48:45:8c:c4:1e:a8:0b:8a:66:96:c8:a6:17:45:
40:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:B4:D5:7F:76:CA:18:0A:E0:1A:A7:F1:B7:8E:BB:53:EF:8B:00:A0
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/g7TVf3bKGArgGqfxt467U--LAKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.146.0/24
104.222.169.0-104.222.175.255
104.233.20.0/24
104.239.13.0/24
104.239.16.0/21
104.239.32.0/21
104.239.54.0/24
104.239.57.0/24
104.239.90.0-104.239.93.255
104.243.193.0-104.243.198.255
104.243.207.0/24
216.173.80.0/23
216.173.88.0/23
216.173.122.0/23
Signature Algorithm: sha256WithRSAEncryption
61:8f:eb:b9:03:4a:f8:b1:d6:6d:c1:f3:d8:4d:1b:41:80:a4:
df:f6:9d:25:8e:47:e9:a6:45:da:18:10:7f:25:6d:cb:90:0c:
f8:8d:b8:38:e0:4c:6b:dd:1d:dd:01:39:32:4e:bf:e7:3e:60:
26:c2:f6:17:12:1c:6a:47:02:a4:5d:9b:ae:8e:79:64:56:5b:
70:f7:c1:f5:3e:af:56:74:63:de:46:22:0f:9a:eb:ec:a6:fe:
e2:d5:c3:31:dd:8a:13:c0:4a:d1:27:3f:31:88:08:9a:72:7a:
b6:0c:95:8b:49:2b:de:56:33:77:3a:43:6f:7a:d3:a9:3d:9a:
8e:f7:f4:be:68:2c:60:8e:b3:cf:bc:ac:f0:a8:a7:1d:03:30:
60:5c:c3:99:f6:31:a1:70:35:80:95:e5:fb:d9:e6:2e:d9:39:
42:f9:67:1b:90:f0:91:1f:c5:44:3f:30:d7:f4:46:8f:85:31:
1e:d4:b8:bf:e5:36:b7:8a:80:89:a3:a8:30:b6:e3:da:15:d1:
92:ed:f2:c9:7b:85:9c:c9:79:05:83:e3:e9:21:8e:29:3b:0c:
2a:fd:6b:5d:8a:f4:eb:ea:71:8a:c1:33:01:72:5d:18:ef:8d:
c8:e2:8e:59:fc:ac:45:54:29:24:5c:7c:01:65:23:0c:0a:8c:
3b:6c:de:13
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZfpLynflSjYYBl5Wxcdqal0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwNzA4MDgzNzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2I0ZDU3Zjc2Y2ExODBhZTAxYWE3ZjFiNzhlYmI1M2VmOGIwMGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwTcz427Y0j0kAJMBa5isynVVwyh
pJ8cGH8CuRE5jo0XPyzpQ3wvLY4SpMLxnpktceK3ZmwJgwgJhrbtq/xud9yi7+qg
e5IUtUj7/bOHgfIO8cfScGAgoLelg7XxuKUBx39TmzB31BlJ0//mb4ABe4vNxFp9
NfUwoEMEcoglMDPr3Xnni2FNygGHIBmL49FWmcR0TmPQ/hB46V0uxz9VjnCeh+mj
fdhZZMLPk3VxWdhsWMBFrLwzhX3KECByOIdsyZSa8sW+FxdH1DlygSa/YNbNUhu9
8DtKkLFK2IxbVEtQ8ijq8Czd7MHYaBeaf6ppSEWMxB6oC4pmlsimF0VA7QIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFIO01X92yhgK4Bqn8beOu1PviwCgMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvZzdUVmYzYktHQXJnR3FmeHQ0NjdVLS1MQUtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAC0rkjAM
AwQAaN6pAwQEaN6gAwQAaOkUAwQAaO8NAwQDaO8QAwQDaO8gAwQAaO82AwQAaO85
MAwDBAFo71oDBAFo71wwDAMEAGjzwQMEAGjzxgMEAGjzzwMEAditUAMEAditWAME
AditejANBgkqhkiG9w0BAQsFAAOCAQEAYY/ruQNK+LHWbcHz2E0bQYCk3/adJY5H
6aZF2hgQfyVty5AM+I24OOBMa90d3QE5Mk6/5z5gJsL2FxIcakcCpF2bro55ZFZb
cPfB9T6vVnRj3kYiD5rr7Kb+4tXDMd2KE8BK0Sc/MYgImnJ6tgyVi0kr3lYzdzpD
b3rTqT2ajvf0vmgsYI6zz7ys8KinHQMwYFzDmfYxoXA1gJXl+9nmLtk5QvlnG5Dw
kR/FRD8w1/RGj4UxHtS4v+U2t4qAiaOoMLbj2hXRku3yyXuFnMl5BYPj6SGOKTsM
Kv1rXYr06+pxisEzAXJdGO+NyOKOWfysRVQpJFx8AWUjDAqMO2zeEw==
-----END CERTIFICATE-----
Generated at Sun Jul 20 11:27:48 2025 by rpki-client