Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/d7fb6d-ebbe-43a2-b119-393c45742259/1/ggC5V29BMdNUn59EruOGoGZJaaQ.roa
File: ggC5V29BMdNUn59EruOGoGZJaaQ.roa (raw, json)
Hash identifier: ttIpUsiJ4qeM8pCSgboK+Vkbkx0DrAYP7DxfAZL+EN4=
Subject key identifier: 82:00:B9:57:6F:41:31:D3:54:9F:9F:44:AE:E3:86:A0:66:49:69:A4
Certificate issuer: /CN=b720f3ceb0e6b597a38145c5a743369c7f4966e0
Certificate serial: 0194228DD0D2E62906D7897B8F4D2E2A9521
Authority key identifier: B7:20:F3:CE:B0:E6:B5:97:A3:81:45:C5:A7:43:36:9C:7F:49:66:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyDzzrDmtZejgUXFp0M2nH9JZuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/d7fb6d-ebbe-43a2-b119-393c45742259/1/ggC5V29BMdNUn59EruOGoGZJaaQ.roa
Signing time: Wed 01 Jan 2025 15:48:26 +0000
ROA not before: Wed 01 Jan 2025 15:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25222
IP address blocks: 78.40.66.0/23 maxlen: 23
78.40.68.0/22 maxlen: 22
89.207.115.0/24 maxlen: 24
89.207.118.0/24 maxlen: 24
92.43.8.0/22 maxlen: 22
109.232.12.0/23 maxlen: 23
185.151.232.0/23 maxlen: 23
212.165.64.0/21 maxlen: 21
212.165.70.0/24 maxlen: 24
212.165.72.0/22 maxlen: 22
212.165.76.0/22 maxlen: 22
212.165.92.0/22 maxlen: 22
212.165.96.0/20 maxlen: 20
212.165.112.0/22 maxlen: 22
212.165.118.0/23 maxlen: 23
212.165.120.0/23 maxlen: 23
212.165.122.0/23 maxlen: 23
212.165.124.0/24 maxlen: 24
212.165.126.0/24 maxlen: 24
2a03:1c80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/d7fb6d-ebbe-43a2-b119-393c45742259/1/tyDzzrDmtZejgUXFp0M2nH9JZuA.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/d7fb6d-ebbe-43a2-b119-393c45742259/1/tyDzzrDmtZejgUXFp0M2nH9JZuA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tyDzzrDmtZejgUXFp0M2nH9JZuA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:d0:d2:e6:29:06:d7:89:7b:8f:4d:2e:2a:95:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b720f3ceb0e6b597a38145c5a743369c7f4966e0
Validity
Not Before: Jan 1 15:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8200b9576f4131d3549f9f44aee386a0664969a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9a:36:c2:07:42:58:b9:64:13:da:2c:fc:70:
87:af:5f:26:a0:66:51:4d:47:32:12:ec:8d:b9:e6:
80:3e:4c:ac:88:72:a4:12:ff:ef:2d:8c:fd:6c:cd:
b8:71:cc:e6:a3:46:42:1e:29:1d:dd:3d:e4:dd:0a:
d2:fd:f3:bc:36:fa:81:25:9c:b0:a9:83:c9:9c:96:
95:c0:7c:37:28:3a:02:3c:3b:a5:7c:1b:53:fe:ad:
6d:1f:fa:9d:25:b9:d1:83:45:83:8a:0c:7f:94:23:
3f:c8:8f:6d:a1:d5:80:cc:6e:f1:d1:53:9e:4f:9c:
2d:81:14:47:b3:e3:d3:28:58:72:9f:95:47:05:b1:
7d:91:77:44:18:27:a4:d7:bc:e1:6b:60:bb:92:18:
c1:31:32:1a:75:6f:1a:27:ad:f4:eb:ff:4f:50:62:
a2:a3:83:b2:a6:f9:6e:c1:bb:36:e6:91:80:60:d5:
ca:49:45:44:00:df:83:d8:dd:56:11:ca:af:ef:bf:
4e:4b:3f:b1:5f:fc:b5:8c:a9:67:57:41:bc:f0:6f:
81:60:a2:58:b5:e7:b0:b8:ac:ea:69:60:36:0a:07:
76:e5:2d:cb:8a:b8:2f:75:16:01:da:d7:a9:3f:4e:
9a:dc:5a:7e:ef:ec:2e:3e:21:12:26:bc:ce:da:f6:
5f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:00:B9:57:6F:41:31:D3:54:9F:9F:44:AE:E3:86:A0:66:49:69:A4
X509v3 Authority Key Identifier:
keyid:B7:20:F3:CE:B0:E6:B5:97:A3:81:45:C5:A7:43:36:9C:7F:49:66:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyDzzrDmtZejgUXFp0M2nH9JZuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d7fb6d-ebbe-43a2-b119-393c45742259/1/ggC5V29BMdNUn59EruOGoGZJaaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d7fb6d-ebbe-43a2-b119-393c45742259/1/tyDzzrDmtZejgUXFp0M2nH9JZuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.66.0-78.40.71.255
89.207.115.0/24
89.207.118.0/24
92.43.8.0/22
109.232.12.0/23
185.151.232.0/23
212.165.64.0/20
212.165.92.0-212.165.115.255
212.165.118.0-212.165.124.255
212.165.126.0/24
IPv6:
2a03:1c80::/32
Signature Algorithm: sha256WithRSAEncryption
34:11:f4:fa:26:a9:0b:92:a2:f1:31:fd:1e:cb:5c:05:bd:4e:
4d:80:13:b2:ef:ee:4d:3d:e8:b4:29:c4:96:49:12:51:d2:f5:
e8:c9:5f:cf:00:37:9d:a9:a9:c5:5a:dd:87:f6:69:b1:48:0d:
8f:9f:3a:83:28:a5:66:3b:85:24:80:ff:e0:a8:25:55:da:2f:
59:2c:74:d1:55:d8:fd:0f:57:14:f5:a4:4d:8d:0c:16:c9:83:
a3:ea:72:88:62:8e:72:8e:ed:77:c0:2c:44:35:94:48:37:c0:
77:97:1b:66:db:68:43:90:b2:83:85:0b:dc:0d:4c:43:43:90:
4a:b6:e7:9d:a8:d0:4e:77:a9:cb:c7:90:65:ca:f1:be:95:c3:
d6:36:bc:a5:15:7c:5f:84:d4:55:33:fe:ca:a1:57:6a:8a:87:
1d:b0:a5:46:53:f3:74:9a:11:c7:45:8e:00:d0:df:9b:3e:f1:
87:5b:d7:d6:71:be:32:5a:e3:bb:9e:c2:2a:fd:87:4b:cf:39:
24:0d:46:3c:c6:74:32:6e:61:7f:96:8a:6b:33:00:2e:a6:2c:
1b:0a:50:d0:f9:fb:45:f2:54:c7:b2:a9:2a:06:98:13:a6:0a:
97:2c:bd:f9:98:86:50:22:5c:5f:40:45:c3:54:35:ff:19:9e:
7f:8a:ca:9e
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZQijdDS5ikG14l7j00uKpUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MjBmM2NlYjBlNmI1OTdhMzgxNDVjNWE3NDMzNjljN2Y0
OTY2ZTAwHhcNMjUwMTAxMTU0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjAwYjk1NzZmNDEzMWQzNTQ5ZjlmNDRhZWUzODZhMDY2NDk2OWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJo2wgdCWLlkE9os/HCHr18moGZR
TUcyEuyNueaAPkysiHKkEv/vLYz9bM24cczmo0ZCHikd3T3k3QrS/fO8NvqBJZyw
qYPJnJaVwHw3KDoCPDulfBtT/q1tH/qdJbnRg0WDigx/lCM/yI9todWAzG7x0VOe
T5wtgRRHs+PTKFhyn5VHBbF9kXdEGCek17zha2C7khjBMTIadW8aJ6306/9PUGKi
o4Oypvluwbs25pGAYNXKSUVEAN+D2N1WEcqv779OSz+xX/y1jKlnV0G88G+BYKJY
teewuKzqaWA2Cgd25S3LirgvdRYB2tepP06a3Fp+7+wuPiESJrzO2vZfWwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFIIAuVdvQTHTVJ+fRK7jhqBmSWmkMB8GA1UdIwQY
MBaAFLcg886w5rWXo4FFxadDNpx/SWbgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlEenpyRG10WmVqZ1VYRnAwTTJuSDlKWnVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9kN2ZiNmQtZWJiZS00M2EyLWIxMTkt
MzkzYzQ1NzQyMjU5LzEvZ2dDNVYyOUJNZE5VbjU5RXJ1T0dvR1pKYWFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9kN2ZiNmQtZWJiZS00M2EyLWIxMTktMzkzYzQ1NzQyMjU5
LzEvdHlEenpyRG10WmVqZ1VYRnAwTTJuSDlKWnVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUMAwDBAFOKEID
BANOKEADBABZz3MDBABZz3YDBAJcKwgDBAFt6AwDBAG5l+gDBATUpUAwDAMEAtSl
XAMEAtSlcDAMAwQB1KV2AwQA1KV8AwQA1KV+MA0EAgACMAcDBQAqAxyAMA0GCSqG
SIb3DQEBCwUAA4IBAQA0EfT6JqkLkqLxMf0ey1wFvU5NgBOy7+5NPei0KcSWSRJR
0vXoyV/PADedqanFWt2H9mmxSA2PnzqDKKVmO4UkgP/gqCVV2i9ZLHTRVdj9D1cU
9aRNjQwWyYOj6nKIYo5yju13wCxENZRIN8B3lxtm22hDkLKDhQvcDUxDQ5BKtued
qNBOd6nLx5BlyvG+lcPWNrylFXxfhNRVM/7KoVdqiocdsKVGU/N0mhHHRY4A0N+b
PvGHW9fWcb4yWuO7nsIq/YdLzzkkDUY8xnQybmF/loprMwAupiwbClDQ+ftF8lTH
sqkqBpgTpgqXLL35mIZQIlxfQEXDVDX/GZ5/isqe
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:00:00 2025 by rpki-client