Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/QmJcakWH1CARNak1a46tlM2ytyE.roa
File: QmJcakWH1CARNak1a46tlM2ytyE.roa (raw, json)
Hash identifier: v8cGIzbtBdgrBgCJGkJKF+awirm33gkAmHePtYlNHWc=
Subject key identifier: 42:62:5C:6A:45:87:D4:20:11:35:A9:35:6B:8E:AD:94:CD:B2:B7:21
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 019427B5300E84F8AE0572813A26AB75E697
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/QmJcakWH1CARNak1a46tlM2ytyE.roa
Signing time: Thu 02 Jan 2025 15:49:33 +0000
ROA not before: Thu 02 Jan 2025 15:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8708
IP address blocks: 5.2.128.0/17 maxlen: 24
5.12.0.0/14 maxlen: 24
31.14.224.0/22 maxlen: 24
62.231.64.0/18 maxlen: 24
62.231.120.0/24 maxlen: 24
79.114.0.0/15 maxlen: 24
79.118.0.0/15 maxlen: 24
79.118.155.0/24 maxlen: 24
81.18.64.0/19 maxlen: 24
81.196.0.0/16 maxlen: 24
82.76.0.0/14 maxlen: 24
82.79.10.0/24 maxlen: 24
82.137.0.0/18 maxlen: 24
82.137.0.0/21 maxlen: 24
82.137.16.0/20 maxlen: 24
82.137.32.0/19 maxlen: 24
84.232.128.0/17 maxlen: 24
84.232.149.0/24 maxlen: 24
86.120.0.0/13 maxlen: 24
86.121.222.0/24 maxlen: 24
86.127.54.0/24 maxlen: 24
86.127.59.0/24 maxlen: 24
89.43.180.0/23 maxlen: 24
89.46.12.0/22 maxlen: 24
93.113.40.0/22 maxlen: 24
185.129.36.0/22 maxlen: 22
188.24.0.0/15 maxlen: 24
188.26.0.0/17 maxlen: 24
188.26.128.0/18 maxlen: 24
188.26.224.0/19 maxlen: 24
188.27.0.0/16 maxlen: 24
188.27.120.0/24 maxlen: 24
193.111.232.0/24 maxlen: 24
194.102.80.0/24 maxlen: 24
194.102.81.0/24 maxlen: 24
212.54.96.0/19 maxlen: 24
212.54.120.0/24 maxlen: 24
212.54.122.0/24 maxlen: 24
212.54.123.0/24 maxlen: 24
212.93.128.0/19 maxlen: 24
212.93.143.0/24 maxlen: 24
213.154.100.0/24 maxlen: 24
213.157.160.0/19 maxlen: 24
213.157.189.0/24 maxlen: 24
2a02:2f00::/28 maxlen: 48
2a02:2f01:100::/48 maxlen: 48
2a02:2f09:3100::/48 maxlen: 48
2a02:2f0c:8002::/48 maxlen: 48
2a03:9c20::/32 maxlen: 32
2a03:9c20:1000::/48 maxlen: 48
2a03:9c20:f000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.mft
rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 19:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:30:0e:84:f8:ae:05:72:81:3a:26:ab:75:e6:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: Jan 2 15:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42625c6a4587d4201135a9356b8ead94cdb2b721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:7c:31:cb:0f:66:dd:3b:0d:3f:f0:f7:20:d3:
8e:1e:3e:3f:b6:16:2f:db:ba:08:f7:91:15:c6:4a:
60:9b:0a:6e:8d:74:5f:78:d6:31:bb:89:c6:be:f1:
67:4c:98:d2:16:c1:d4:8a:6f:57:61:c9:6c:52:2b:
70:63:c4:7c:ba:e1:e9:55:58:08:82:af:1a:1b:ff:
6e:69:4d:98:a8:31:f8:15:8d:e7:00:45:ef:56:47:
4a:68:fa:22:3d:04:28:68:7a:d8:b5:75:ad:94:f4:
c6:23:56:66:29:4e:bd:13:35:62:d3:b6:92:f4:84:
bb:c4:8d:bb:5e:1d:3c:3e:7a:8d:d0:76:da:61:d6:
9d:ed:c4:62:19:55:4f:19:ef:56:3b:4e:49:76:2f:
01:36:56:63:22:06:a5:a7:ec:64:db:ae:8b:bf:4f:
4d:61:25:8e:75:27:a4:97:11:c4:60:68:87:6a:57:
f3:af:31:44:57:a2:a4:c6:57:45:37:07:e2:46:12:
49:3f:a7:5d:6f:ba:4c:52:6c:f8:33:7d:41:94:96:
c8:9e:84:a9:cc:9e:c9:a0:82:7f:07:49:19:0a:8a:
5a:c6:ec:8b:b8:8f:17:63:21:79:43:0f:c1:d0:84:
51:b4:30:a7:19:ad:34:65:8e:e3:e2:96:8c:c8:9c:
09:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:62:5C:6A:45:87:D4:20:11:35:A9:35:6B:8E:AD:94:CD:B2:B7:21
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/QmJcakWH1CARNak1a46tlM2ytyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.128.0/17
5.12.0.0/14
31.14.224.0/22
62.231.64.0/18
79.114.0.0/15
79.118.0.0/15
81.18.64.0/19
81.196.0.0/16
82.76.0.0/14
82.137.0.0/18
84.232.128.0/17
86.120.0.0/13
89.43.180.0/23
89.46.12.0/22
93.113.40.0/22
185.129.36.0/22
188.24.0.0-188.26.191.255
188.26.224.0-188.27.255.255
193.111.232.0/24
194.102.80.0/23
212.54.96.0/19
212.93.128.0/19
213.154.100.0/24
213.157.160.0/19
IPv6:
2a02:2f00::/28
2a03:9c20::/32
Signature Algorithm: sha256WithRSAEncryption
71:f2:d2:73:2b:7d:45:18:e8:86:1a:18:28:24:e8:51:a3:7d:
89:21:92:5e:f9:0b:27:8b:6d:e0:b9:03:e4:2f:96:cc:34:1b:
eb:61:e4:d9:87:80:1d:58:5a:b0:aa:58:09:7d:d4:d0:79:70:
7d:d7:3e:55:98:f9:10:0a:8b:62:39:03:3f:77:25:3f:ca:da:
d6:6b:d3:39:eb:23:c2:96:7b:bd:be:f5:09:e4:0c:6c:30:70:
ad:00:52:30:dd:db:39:07:ba:cb:e0:fd:ed:36:ec:cf:d8:a3:
78:3a:48:31:8e:42:1f:3b:18:3c:60:9f:bf:c4:a8:50:44:78:
ab:d6:7f:49:d3:f9:3d:d2:3a:2e:5e:9c:52:c1:1a:db:10:33:
5e:43:9d:b5:e3:ca:2a:25:a9:bc:44:dc:8d:19:22:33:b3:d3:
00:8f:ad:b6:a5:d2:1e:8a:f7:39:b1:57:bf:26:31:72:37:a1:
41:fa:13:81:27:05:4d:46:aa:1a:0d:cc:65:6a:32:1a:c8:39:
f4:56:ef:f1:23:8a:72:17:d7:ff:af:07:af:6f:88:dd:fd:31:
88:79:9a:a5:69:f7:2a:e1:53:85:2a:a3:5a:94:81:9f:3d:c8:
73:59:43:77:ed:1b:99:97:e2:db:3c:9c:38:34:bc:c2:81:a2:
11:af:77:19
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZQntTAOhPiuBXKBOiardeaXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3
OWRjMTYwHhcNMjUwMTAyMTU0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjYyNWM2YTQ1ODdkNDIwMTEzNWE5MzU2YjhlYWQ5NGNkYjJiNzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Hwxyw9m3TsNP/D3INOOHj4/thYv
27oI95EVxkpgmwpujXRfeNYxu4nGvvFnTJjSFsHUim9XYclsUitwY8R8uuHpVVgI
gq8aG/9uaU2YqDH4FY3nAEXvVkdKaPoiPQQoaHrYtXWtlPTGI1ZmKU69EzVi07aS
9IS7xI27Xh08PnqN0HbaYdad7cRiGVVPGe9WO05Jdi8BNlZjIgalp+xk266Lv09N
YSWOdSeklxHEYGiHalfzrzFEV6KkxldFNwfiRhJJP6ddb7pMUmz4M31BlJbInoSp
zJ7JoIJ/B0kZCopaxuyLuI8XYyF5Qw/B0IRRtDCnGa00ZY7j4paMyJwJUQIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFEJiXGpFh9QgETWpNWuOrZTNsrchMB8GA1UdIwQY
MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt
ZDJiYmYzN2RhYmI0LzEvUW1KY2FrV0gxQ0FSTmFrMWE0NnRsTTJ5dHlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0
LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBnwQCAAEwgZgDBAcF
AoADAwIFDAMEAh8O4AMEBj7nQAMDAU9yAwMBT3YDBAVREkADAwBRxAMDAlJMAwQG
UokAAwQHVOiAAwMDVngDBAFZK7QDBAJZLgwDBAJdcSgDBAK5gSQwCwMDA7wYAwQG
vBqAMAsDBAW8GuADAwK8GAMEAMFv6AMEAcJmUAMEBdQ2YAMEBdRdgAMEANWaZAME
BdWdoDAUBAIAAjAOAwUEKgIvAAMFACoDnCAwDQYJKoZIhvcNAQELBQADggEBAHHy
0nMrfUUY6IYaGCgk6FGjfYkhkl75CyeLbeC5A+Qvlsw0G+th5NmHgB1YWrCqWAl9
1NB5cH3XPlWY+RAKi2I5Az93JT/K2tZr0znrI8KWe72+9QnkDGwwcK0AUjDd2zkH
usvg/e027M/Yo3g6SDGOQh87GDxgn7/EqFBEeKvWf0nT+T3SOi5enFLBGtsQM15D
nbXjyiolqbxE3I0ZIjOz0wCPrbal0h6K9zmxV78mMXI3oUH6E4EnBU1GqhoNzGVq
MhrIOfRW7/EjinIX1/+vB69viN39MYh5mqVp9yrhU4Uqo1qUgZ89yHNZQ3ftG5mX
4ts8nDg0vMKBohGvdxk=
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:26:26 2025 by rpki-client