Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/4f05ce-a382-49a0-9999-e52f70c06c29/1/gM98BY1lyRIDiMmnpeavUnwI1rY.roa
File: gM98BY1lyRIDiMmnpeavUnwI1rY.roa (raw, json)
Hash identifier: ve1xDMahiOfYFvEODore+1Lgn1TnHWQyebyINSLaR/8=
Subject key identifier: 80:CF:7C:05:8D:65:C9:12:03:88:C9:A7:A5:E6:AF:52:7C:08:D6:B6
Certificate issuer: /CN=9de783e9acd56992f5835fb4882183500ca03c83
Certificate serial: 019423D6E750929A48D0334351227ADDD521
Authority key identifier: 9D:E7:83:E9:AC:D5:69:92:F5:83:5F:B4:88:21:83:50:0C:A0:3C:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/neeD6azVaZL1g1-0iCGDUAygPIM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/4f05ce-a382-49a0-9999-e52f70c06c29/1/gM98BY1lyRIDiMmnpeavUnwI1rY.roa
Signing time: Wed 01 Jan 2025 21:47:53 +0000
ROA not before: Wed 01 Jan 2025 21:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 62.182.168.0/21 maxlen: 21
62.182.168.0/24 maxlen: 24
62.182.169.0/24 maxlen: 24
62.182.170.0/24 maxlen: 24
62.182.171.0/24 maxlen: 24
62.182.172.0/24 maxlen: 24
62.182.173.0/24 maxlen: 24
62.182.174.0/24 maxlen: 24
62.182.175.0/24 maxlen: 24
83.97.96.0/21 maxlen: 21
83.97.96.0/24 maxlen: 24
83.97.97.0/24 maxlen: 24
83.97.98.0/24 maxlen: 24
83.97.99.0/24 maxlen: 24
83.97.100.0/24 maxlen: 24
83.97.101.0/24 maxlen: 24
83.97.102.0/24 maxlen: 24
83.97.103.0/24 maxlen: 24
89.47.52.0/24 maxlen: 24
89.47.252.0/24 maxlen: 24
91.202.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/4f05ce-a382-49a0-9999-e52f70c06c29/1/neeD6azVaZL1g1-0iCGDUAygPIM.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/4f05ce-a382-49a0-9999-e52f70c06c29/1/neeD6azVaZL1g1-0iCGDUAygPIM.mft
rsync://rpki.ripe.net/repository/DEFAULT/neeD6azVaZL1g1-0iCGDUAygPIM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:e7:50:92:9a:48:d0:33:43:51:22:7a:dd:d5:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9de783e9acd56992f5835fb4882183500ca03c83
Validity
Not Before: Jan 1 21:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80cf7c058d65c9120388c9a7a5e6af527c08d6b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:91:88:8f:f5:e4:02:5e:68:93:df:cb:81:1c:
3c:7c:b2:55:d0:d0:f3:23:05:ba:f0:54:13:95:c8:
f2:82:62:40:a0:ef:0f:a7:c2:4a:8e:ca:d6:8e:bf:
fd:30:7f:7a:0e:a4:83:5b:4a:89:5d:b5:e3:86:7b:
eb:f6:3a:69:cf:f6:7a:1d:e3:7d:dd:57:7f:3f:f3:
bc:c7:ce:71:01:74:e5:07:f8:f5:18:3f:69:c6:96:
a5:27:6d:85:f8:87:9f:59:68:0e:90:75:59:0c:33:
8b:13:e8:97:77:72:6e:19:bd:98:d0:07:55:3c:ed:
de:1b:bd:08:59:8f:25:b1:a0:27:80:75:cb:ff:a0:
6d:2e:18:87:13:64:18:1a:f3:74:6f:f6:56:e4:57:
00:3f:49:5b:ac:d3:d4:68:e1:ca:d5:78:94:73:df:
25:66:bd:4c:df:7a:6e:25:a8:82:57:1b:1e:d1:d3:
a2:8b:88:51:8a:4f:7e:5e:74:d6:04:26:20:bc:40:
2d:30:9a:16:41:2d:34:cb:dd:09:f3:06:66:e5:3d:
1f:3e:47:f0:c5:a5:12:74:e7:08:07:16:98:9d:eb:
89:48:4a:79:8a:59:c8:b3:16:68:2f:87:01:62:53:
f0:fc:fc:ec:c2:dd:c9:e8:be:f2:89:6a:e9:db:08:
88:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:CF:7C:05:8D:65:C9:12:03:88:C9:A7:A5:E6:AF:52:7C:08:D6:B6
X509v3 Authority Key Identifier:
keyid:9D:E7:83:E9:AC:D5:69:92:F5:83:5F:B4:88:21:83:50:0C:A0:3C:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/neeD6azVaZL1g1-0iCGDUAygPIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/4f05ce-a382-49a0-9999-e52f70c06c29/1/gM98BY1lyRIDiMmnpeavUnwI1rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/4f05ce-a382-49a0-9999-e52f70c06c29/1/neeD6azVaZL1g1-0iCGDUAygPIM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.168.0/21
83.97.96.0/21
89.47.52.0/24
89.47.252.0/24
91.202.211.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:91:5f:a1:a6:c2:8b:86:be:19:b8:ae:ab:b8:d5:fe:5b:2c:
22:c6:13:74:16:9d:97:95:88:80:86:16:d0:a5:9a:78:35:f3:
d8:64:98:27:9e:aa:ba:ad:01:3c:af:c3:58:52:9e:48:5d:b8:
fb:00:21:b9:d5:8b:42:45:92:1c:b2:ee:8e:4a:3f:fb:50:0b:
59:ce:d9:1e:21:c3:8f:1e:ae:71:bf:b8:de:e4:80:76:a9:59:
38:b0:85:a9:b9:4f:75:ae:c4:ca:3f:70:d4:a5:07:0b:82:60:
5f:47:68:66:77:da:81:99:5d:2b:f4:6c:55:18:e3:40:c0:84:
4e:3b:ca:aa:8c:c9:32:dc:b6:76:02:21:ef:53:aa:09:81:c8:
1b:b4:26:8d:2e:51:94:b8:2e:4b:3d:7d:69:45:f3:a3:fe:2a:
26:fc:7a:5f:da:40:fb:3d:5e:c1:ef:ba:c5:3d:58:1d:7b:47:
ee:d5:29:c4:3e:a3:98:91:5d:92:69:4d:f8:a4:da:d5:7b:a1:
70:a5:92:51:dc:5d:61:50:f2:74:26:0f:34:b5:eb:f3:a7:25:
bc:fa:d8:1b:48:9f:36:d7:f8:86:04:11:99:50:ff:00:6b:b6:
ca:5f:74:1f:8e:b4:81:73:b4:96:6e:bd:78:a6:f0:f1:67:11:
3d:2c:68:21
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQj1udQkppI0DNDUSJ63dUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZTc4M2U5YWNkNTY5OTJmNTgzNWZiNDg4MjE4MzUwMGNh
MDNjODMwHhcNMjUwMTAxMjE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGNmN2MwNThkNjVjOTEyMDM4OGM5YTdhNWU2YWY1MjdjMDhkNmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZGIj/XkAl5ok9/LgRw8fLJV0NDz
IwW68FQTlcjygmJAoO8Pp8JKjsrWjr/9MH96DqSDW0qJXbXjhnvr9jppz/Z6HeN9
3Vd/P/O8x85xAXTlB/j1GD9pxpalJ22F+IefWWgOkHVZDDOLE+iXd3JuGb2Y0AdV
PO3eG70IWY8lsaAngHXL/6BtLhiHE2QYGvN0b/ZW5FcAP0lbrNPUaOHK1XiUc98l
Zr1M33puJaiCVxse0dOii4hRik9+XnTWBCYgvEAtMJoWQS00y90J8wZm5T0fPkfw
xaUSdOcIBxaYneuJSEp5ilnIsxZoL4cBYlPw/Pzswt3J6L7yiWrp2wiISQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIDPfAWNZckSA4jJp6Xmr1J8CNa2MB8GA1UdIwQY
MBaAFJ3ng+ms1WmS9YNftIghg1AMoDyDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmVlRDZhelZhWkwxZzEtMGlDR0RVQXlnUElNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi80ZjA1Y2UtYTM4Mi00OWEwLTk5OTkt
ZTUyZjcwYzA2YzI5LzEvZ005OEJZMWx5UklEaU1tbnBlYXZVbndJMXJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi80ZjA1Y2UtYTM4Mi00OWEwLTk5OTktZTUyZjcwYzA2YzI5
LzEvbmVlRDZhelZhWkwxZzEtMGlDR0RVQXlnUElNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDPraoAwQD
U2FgAwQAWS80AwQAWS/8AwQAW8rTMA0GCSqGSIb3DQEBCwUAA4IBAQC3kV+hpsKL
hr4ZuK6ruNX+WywixhN0Fp2XlYiAhhbQpZp4NfPYZJgnnqq6rQE8r8NYUp5IXbj7
ACG51YtCRZIcsu6OSj/7UAtZztkeIcOPHq5xv7je5IB2qVk4sIWpuU91rsTKP3DU
pQcLgmBfR2hmd9qBmV0r9GxVGONAwIROO8qqjMky3LZ2AiHvU6oJgcgbtCaNLlGU
uC5LPX1pRfOj/iom/Hpf2kD7PV7B77rFPVgde0fu1SnEPqOYkV2SaU34pNrVe6Fw
pZJR3F1hUPJ0Jg80tevzpyW8+tgbSJ821/iGBBGZUP8Aa7bKX3QfjrSBc7SWbr14
pvDxZxE9LGgh
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:19:53 2025 by rpki-client