Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/gLJC-FPMB6JG4uvuoXfj1y1VVB4.roa
File: gLJC-FPMB6JG4uvuoXfj1y1VVB4.roa (raw, json)
Hash identifier: bJcY81wfY+5zVAZK4pJVEqgscj1+3rGIYBuBLom9f1Q=
Subject key identifier: 80:B2:42:F8:53:CC:07:A2:46:E2:EB:EE:A1:77:E3:D7:2D:55:54:1E
Certificate issuer: /CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Certificate serial: 019424B39BFB516D7A6440322D52D48D70A5
Authority key identifier: A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/gLJC-FPMB6JG4uvuoXfj1y1VVB4.roa
Signing time: Thu 02 Jan 2025 01:48:58 +0000
ROA not before: Thu 02 Jan 2025 01:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33891
IP address blocks: 5.56.16.0/21 maxlen: 21
31.7.176.0/20 maxlen: 20
31.7.182.0/24 maxlen: 24
31.7.183.0/24 maxlen: 24
80.255.0.0/20 maxlen: 20
81.95.0.0/20 maxlen: 20
81.95.8.0/24 maxlen: 24
81.95.9.0/24 maxlen: 24
82.199.128.0/19 maxlen: 19
82.199.128.0/24 maxlen: 24
82.199.130.0/24 maxlen: 24
82.199.131.0/24 maxlen: 24
82.199.138.0/24 maxlen: 24
82.199.141.0/24 maxlen: 24
82.199.142.0/24 maxlen: 24
82.199.143.0/24 maxlen: 24
82.199.144.0/24 maxlen: 24
82.199.145.0/24 maxlen: 24
82.199.146.0/24 maxlen: 24
82.199.147.0/24 maxlen: 24
82.199.148.0/24 maxlen: 24
82.199.149.0/24 maxlen: 24
82.199.151.0/24 maxlen: 24
82.199.152.0/24 maxlen: 24
82.199.153.0/24 maxlen: 24
82.199.154.0/24 maxlen: 24
82.199.157.0/24 maxlen: 24
82.199.158.0/24 maxlen: 24
82.199.159.0/24 maxlen: 24
83.142.80.0/21 maxlen: 21
92.43.104.0/21 maxlen: 21
92.43.106.0/24 maxlen: 24
92.43.107.0/24 maxlen: 24
92.43.108.0/24 maxlen: 24
92.43.109.0/24 maxlen: 24
92.43.110.0/24 maxlen: 24
195.138.248.0/21 maxlen: 21
195.138.249.0/24 maxlen: 24
195.138.250.0/24 maxlen: 24
2a01:4a0::/29 maxlen: 29
2a01:4a0::/32 maxlen: 32
2a01:4a0:5::/48 maxlen: 48
2a01:4a0:b::/48 maxlen: 48
2a01:4a0:e::/48 maxlen: 48
2a01:4a0:17::/48 maxlen: 48
2a01:4a0:30::/48 maxlen: 48
2a01:4a0:38::/48 maxlen: 48
2a01:4a0:42::/48 maxlen: 48
2a01:4a0:43::/48 maxlen: 48
2a01:4a0:45::/48 maxlen: 48
2a01:4a0:46::/48 maxlen: 48
2a01:4a0:47::/48 maxlen: 48
2a01:4a0:48::/48 maxlen: 48
2a01:4a0:50::/48 maxlen: 48
2a01:4a0:56::/48 maxlen: 48
2a01:4a0:62::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 10:02:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:9b:fb:51:6d:7a:64:40:32:2d:52:d4:8d:70:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Validity
Not Before: Jan 2 01:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80b242f853cc07a246e2ebeea177e3d72d55541e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:15:42:5b:04:36:d6:81:28:48:a3:29:8f:e3:
a1:f6:ec:4e:e0:0a:10:db:9b:5a:cf:24:41:92:1e:
02:9c:56:bd:cd:45:8c:25:71:37:6f:a4:0d:ea:88:
17:00:c6:13:49:d4:ef:28:bb:aa:67:58:af:21:5b:
5e:6e:51:07:bc:58:81:57:4a:4b:be:b8:d4:3d:26:
39:a9:a2:ee:a8:aa:4d:0b:26:2a:5e:47:92:dc:af:
4d:43:10:18:b1:1f:df:51:92:ad:15:4c:88:7b:e6:
25:13:3f:0b:a0:ff:b3:05:2c:f1:d3:b6:3a:29:e0:
ee:03:6c:17:1f:04:ef:ad:5f:e9:a6:22:64:a5:56:
5a:a0:22:f9:34:de:b2:bd:5d:85:69:1d:92:06:d1:
93:2d:97:38:8f:4b:3e:9a:e9:52:9d:39:b6:7d:d6:
4e:55:2e:84:0f:d7:2e:54:46:93:5f:d2:7a:08:4e:
d4:74:a9:a9:d0:e5:04:aa:d4:b0:58:75:fd:d2:f7:
fc:38:d5:f7:d8:cd:49:ce:91:63:f3:43:7a:e7:3d:
fd:6d:c6:45:e8:6c:20:b4:af:c5:12:95:a1:62:ad:
b8:9c:31:08:23:96:8b:07:02:13:f4:b8:16:1a:1b:
35:76:93:5c:1f:90:36:de:4b:86:63:3d:63:da:35:
ab:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:B2:42:F8:53:CC:07:A2:46:E2:EB:EE:A1:77:E3:D7:2D:55:54:1E
X509v3 Authority Key Identifier:
keyid:A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/gLJC-FPMB6JG4uvuoXfj1y1VVB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.16.0/21
31.7.176.0/20
80.255.0.0/20
81.95.0.0/20
82.199.128.0/19
83.142.80.0/21
92.43.104.0/21
195.138.248.0/21
IPv6:
2a01:4a0::/29
Signature Algorithm: sha256WithRSAEncryption
04:96:a1:da:bd:cc:46:10:62:6f:b3:64:7b:76:e3:83:fb:31:
13:ae:10:e7:18:2e:c5:bc:f4:57:a0:6b:a2:f4:c7:f3:9f:9e:
02:56:1d:30:43:d4:cb:48:c6:b1:75:93:c9:72:79:70:ee:07:
c0:f1:e4:fa:bc:65:0c:ae:5b:77:15:41:65:0d:d5:42:71:f8:
8b:51:b9:fb:a7:6d:e4:b1:8e:8f:0c:29:c7:78:98:8d:5e:99:
93:4d:a9:22:52:4d:8e:61:0a:c9:67:5a:90:44:b2:15:e7:3e:
76:c2:8a:16:26:1e:64:c8:ac:91:95:ad:4d:ab:0e:66:c0:bf:
39:e7:b6:35:64:12:cb:ee:34:fe:9b:f8:9c:99:b0:ef:f0:62:
d1:5e:98:b4:d6:be:bc:0f:c7:ad:11:3d:fd:50:57:f9:31:b2:
00:94:bb:8f:83:b6:a1:f2:da:a4:82:f1:48:27:a3:27:21:4c:
a9:49:13:3b:ce:1e:cc:a1:4f:28:be:e7:20:3c:14:06:e9:fd:
c5:d1:9b:fe:75:07:1e:ed:71:24:8a:be:5d:33:6a:fd:e2:1c:
4a:e0:ec:8a:52:f1:87:32:b9:df:47:7e:6d:b8:92:0b:7c:a9:
e4:a4:f8:ed:c6:23:b1:41:bd:00:1a:f0:6d:28:22:6f:15:9f:
dc:c1:d2:44
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQks5v7UW16ZEAyLVLUjXClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5Yjc1YjY0ZDVkYTE3ZDcwYmJhYmQ4MTFhMzlhNjAyZGRh
Zjk2M2EwHhcNMjUwMTAyMDE0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGIyNDJmODUzY2MwN2EyNDZlMmViZWVhMTc3ZTNkNzJkNTU1NDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhVCWwQ21oEoSKMpj+Oh9uxO4AoQ
25tazyRBkh4CnFa9zUWMJXE3b6QN6ogXAMYTSdTvKLuqZ1ivIVteblEHvFiBV0pL
vrjUPSY5qaLuqKpNCyYqXkeS3K9NQxAYsR/fUZKtFUyIe+YlEz8LoP+zBSzx07Y6
KeDuA2wXHwTvrV/ppiJkpVZaoCL5NN6yvV2FaR2SBtGTLZc4j0s+mulSnTm2fdZO
VS6ED9cuVEaTX9J6CE7UdKmp0OUEqtSwWHX90vf8ONX32M1JzpFj80N65z39bcZF
6GwgtK/FEpWhYq24nDEII5aLBwIT9LgWGhs1dpNcH5A23kuGYz1j2jWrNQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFICyQvhTzAeiRuLr7qF349ctVVQeMB8GA1UdIwQY
MBaAFKm3W2TV2hfXC7q9gRo5pgLdr5Y6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUt
OWIxMTgwNGVjZDM5LzEvZ0xKQy1GUE1CNkpHNHV2dW9YZmoxeTFWVkI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUtOWIxMTgwNGVjZDM5
LzEvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDBTgQAwQE
HwewAwQEUP8AAwQEUV8AAwQFUseAAwQDU45QAwQDXCtoAwQDw4r4MA0EAgACMAcD
BQMqAQSgMA0GCSqGSIb3DQEBCwUAA4IBAQAElqHavcxGEGJvs2R7duOD+zETrhDn
GC7FvPRXoGui9Mfzn54CVh0wQ9TLSMaxdZPJcnlw7gfA8eT6vGUMrlt3FUFlDdVC
cfiLUbn7p23ksY6PDCnHeJiNXpmTTakiUk2OYQrJZ1qQRLIV5z52wooWJh5kyKyR
la1Nqw5mwL8557Y1ZBLL7jT+m/icmbDv8GLRXpi01r68D8etET39UFf5MbIAlLuP
g7ah8tqkgvFIJ6MnIUypSRM7zh7MoU8ovucgPBQG6f3F0Zv+dQce7XEkir5dM2r9
4hxK4OyKUvGHMrnfR35tuJILfKnkpPjtxiOxQb0AGvBtKCJvFZ/cwdJE
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:46:56 2025 by rpki-client