Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/fe9eb3-3b1b-4ff4-a374-5a5d0bd8760e/1/y-Jj6DyqKWn6BYWapkymjYaL5QU.roa
File: y-Jj6DyqKWn6BYWapkymjYaL5QU.roa (raw, json)
Hash identifier: gn98KweekT80SkX3KfiuOUzbXsngJC/J9zd5eWO66No=
Subject key identifier: CB:E2:63:E8:3C:AA:29:69:FA:05:85:9A:A6:4C:A6:8D:86:8B:E5:05
Certificate issuer: /CN=1f4439c757b6b646df16844f5a529ee27520736e
Certificate serial: 019420680296622150E4AF5C10C5E01A87BA
Authority key identifier: 1F:44:39:C7:57:B6:B6:46:DF:16:84:4F:5A:52:9E:E2:75:20:73:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0Q5x1e2tkbfFoRPWlKe4nUgc24.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/fe9eb3-3b1b-4ff4-a374-5a5d0bd8760e/1/y-Jj6DyqKWn6BYWapkymjYaL5QU.roa
Signing time: Wed 01 Jan 2025 05:47:54 +0000
ROA not before: Wed 01 Jan 2025 05:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15377
IP address blocks: 5.252.180.0/22 maxlen: 22
46.98.0.0/16 maxlen: 16
88.218.180.0/22 maxlen: 22
91.201.68.0/22 maxlen: 22
91.215.52.0/22 maxlen: 22
91.233.96.0/22 maxlen: 22
91.236.96.0/22 maxlen: 22
91.243.192.0/19 maxlen: 19
178.215.160.0/20 maxlen: 20
185.205.144.0/22 maxlen: 22
185.244.140.0/22 maxlen: 22
192.162.108.0/22 maxlen: 22
193.108.248.0/22 maxlen: 22
212.115.224.0/19 maxlen: 19
2a05:8dc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/fe9eb3-3b1b-4ff4-a374-5a5d0bd8760e/1/H0Q5x1e2tkbfFoRPWlKe4nUgc24.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/fe9eb3-3b1b-4ff4-a374-5a5d0bd8760e/1/H0Q5x1e2tkbfFoRPWlKe4nUgc24.mft
rsync://rpki.ripe.net/repository/DEFAULT/H0Q5x1e2tkbfFoRPWlKe4nUgc24.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:02:96:62:21:50:e4:af:5c:10:c5:e0:1a:87:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4439c757b6b646df16844f5a529ee27520736e
Validity
Not Before: Jan 1 05:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cbe263e83caa2969fa05859aa64ca68d868be505
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:5e:c3:64:d8:ad:e2:8b:15:36:a5:f2:59:89:
aa:a4:3f:25:29:41:71:e2:79:56:51:ac:a6:2b:32:
8b:77:4e:11:26:9b:da:97:22:a1:16:34:f5:7b:1d:
2f:90:76:f0:11:ef:bb:b3:2b:cd:46:23:7c:40:9e:
dc:ef:d0:f6:b5:4c:7f:68:80:d6:cd:a4:40:15:b7:
3a:75:7d:2a:0c:4a:42:be:21:ad:58:f0:74:40:28:
15:07:d6:5a:05:86:fd:35:83:98:11:67:ef:95:ec:
10:33:49:76:f8:f3:fb:05:2c:e1:92:51:f2:a8:bc:
4d:d2:a6:d9:24:fe:ba:2f:0c:ef:3f:48:fa:c2:a6:
28:de:49:df:7d:e3:d7:99:e6:24:00:86:94:d1:33:
fb:b7:6a:87:a0:57:28:eb:bb:14:64:83:d2:96:0f:
5f:88:3f:54:dd:3e:2d:90:71:48:d1:25:0b:9e:f4:
07:96:e5:80:f8:5c:61:9c:6d:29:f2:b3:05:2e:b6:
c8:9f:35:2e:f9:3c:86:23:6b:e0:97:ef:f6:c3:6e:
74:90:cf:50:b5:fd:dd:2b:64:31:f1:35:13:c1:9c:
59:31:4c:20:ab:e4:52:82:f0:f2:f4:f6:e5:09:2c:
08:02:75:d8:b2:f8:7f:dd:34:df:14:17:5a:d0:5a:
4f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:E2:63:E8:3C:AA:29:69:FA:05:85:9A:A6:4C:A6:8D:86:8B:E5:05
X509v3 Authority Key Identifier:
keyid:1F:44:39:C7:57:B6:B6:46:DF:16:84:4F:5A:52:9E:E2:75:20:73:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0Q5x1e2tkbfFoRPWlKe4nUgc24.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fe9eb3-3b1b-4ff4-a374-5a5d0bd8760e/1/y-Jj6DyqKWn6BYWapkymjYaL5QU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fe9eb3-3b1b-4ff4-a374-5a5d0bd8760e/1/H0Q5x1e2tkbfFoRPWlKe4nUgc24.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.180.0/22
46.98.0.0/16
88.218.180.0/22
91.201.68.0/22
91.215.52.0/22
91.233.96.0/22
91.236.96.0/22
91.243.192.0/19
178.215.160.0/20
185.205.144.0/22
185.244.140.0/22
192.162.108.0/22
193.108.248.0/22
212.115.224.0/19
IPv6:
2a05:8dc0::/29
Signature Algorithm: sha256WithRSAEncryption
ac:e7:91:ce:20:d6:73:94:66:f5:f8:28:79:ac:44:bc:4b:ad:
f8:d2:81:a5:0a:7b:be:77:be:c7:ed:c0:de:62:b2:b3:83:f8:
85:1c:37:e0:f8:99:a7:6f:41:a8:d9:57:d5:b2:cd:32:79:4d:
0b:17:9d:2a:51:c8:ea:b7:0c:e5:77:38:f2:34:7f:a0:0c:df:
34:da:9f:7c:94:3c:3e:62:36:7d:b9:b9:af:37:05:8f:f5:8c:
7c:bd:15:62:86:93:39:e6:5f:ad:89:30:83:84:1a:e5:42:ca:
d3:fb:44:33:04:b3:b5:62:a6:26:a5:f4:82:dc:cb:f7:17:e8:
20:52:e0:63:75:ee:d1:79:69:b5:3e:e7:af:d9:f0:6a:26:b8:
0b:ae:7f:a9:0d:34:63:2b:d0:91:97:c2:e2:8c:07:91:90:92:
18:9e:9e:75:21:6a:de:f4:59:a8:40:74:5d:2b:12:d6:d6:cf:
da:0b:38:69:0d:d1:ab:11:7b:26:7c:a0:7d:a4:7a:0d:9e:ae:
9a:4b:78:eb:03:a7:65:e0:bd:4b:63:2d:ea:6f:a2:af:e0:1c:
2a:26:28:50:35:f3:d1:fa:e1:0d:32:0e:a3:07:48:ba:4f:d8:
15:03:8e:14:81:d4:c9:d1:93:2b:bf:c5:f0:ba:bd:16:10:4c:
50:48:b5:2f
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZQgaAKWYiFQ5K9cEMXgGoe6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDQzOWM3NTdiNmI2NDZkZjE2ODQ0ZjVhNTI5ZWUyNzUy
MDczNmUwHhcNMjUwMTAxMDU0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmUyNjNlODNjYWEyOTY5ZmEwNTg1OWFhNjRjYTY4ZDg2OGJlNTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyF7DZNit4osVNqXyWYmqpD8lKUFx
4nlWUaymKzKLd04RJpvalyKhFjT1ex0vkHbwEe+7syvNRiN8QJ7c79D2tUx/aIDW
zaRAFbc6dX0qDEpCviGtWPB0QCgVB9ZaBYb9NYOYEWfvlewQM0l2+PP7BSzhklHy
qLxN0qbZJP66LwzvP0j6wqYo3knffePXmeYkAIaU0TP7t2qHoFco67sUZIPSlg9f
iD9U3T4tkHFI0SULnvQHluWA+FxhnG0p8rMFLrbInzUu+TyGI2vgl+/2w250kM9Q
tf3dK2Qx8TUTwZxZMUwgq+RSgvDy9PblCSwIAnXYsvh/3TTfFBda0FpPOwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFMviY+g8qilp+gWFmqZMpo2Gi+UFMB8GA1UdIwQY
MBaAFB9EOcdXtrZG3xaET1pSnuJ1IHNuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBRNXgxZTJ0a2JmRm9SUFdsS2U0blVnYzI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mZTllYjMtM2IxYi00ZmY0LWEzNzQt
NWE1ZDBiZDg3NjBlLzEveS1KajZEeXFLV242QllXYXBreW1qWWFMNVFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mZTllYjMtM2IxYi00ZmY0LWEzNzQtNWE1ZDBiZDg3NjBl
LzEvSDBRNXgxZTJ0a2JmRm9SUFdsS2U0blVnYzI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBZBAIAATBTAwQCBfy0AwMA
LmIDBAJY2rQDBAJbyUQDBAJb1zQDBAJb6WADBAJb7GADBAVb88ADBASy16ADBAK5
zZADBAK59IwDBALAomwDBALBbPgDBAXUc+AwDQQCAAIwBwMFAyoFjcAwDQYJKoZI
hvcNAQELBQADggEBAKznkc4g1nOUZvX4KHmsRLxLrfjSgaUKe753vsftwN5isrOD
+IUcN+D4madvQajZV9WyzTJ5TQsXnSpRyOq3DOV3OPI0f6AM3zTan3yUPD5iNn25
ua83BY/1jHy9FWKGkznmX62JMIOEGuVCytP7RDMEs7Vipial9ILcy/cX6CBS4GN1
7tF5abU+56/Z8GomuAuuf6kNNGMr0JGXwuKMB5GQkhiennUhat70WahAdF0rEtbW
z9oLOGkN0asReyZ8oH2keg2erppLeOsDp2XgvUtjLepvoq/gHComKFA189H64Q0y
DqMHSLpP2BUDjhSB1MnRkyu/xfC6vRYQTFBItS8=
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:26:53 2025 by rpki-client