Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/Y8SRLYUIdW_joHTz3PksrXah_rw.roa
File: Y8SRLYUIdW_joHTz3PksrXah_rw.roa (raw, json)
Hash identifier: VwC43mv96BdBo/MF0MD6doZlRHk6o8P7NRY9bJBrem0=
Subject key identifier: 63:C4:91:2D:85:08:75:6F:E3:A0:74:F3:DC:F9:2C:AD:76:A1:FE:BC
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 01970B02138F133EC14AAA6FDEAB5A138BA7
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/Y8SRLYUIdW_joHTz3PksrXah_rw.roa
Signing time: Mon 26 May 2025 05:12:54 +0000
ROA not before: Mon 26 May 2025 05:12:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202958
IP address blocks: 37.140.243.0/24 maxlen: 24
46.226.123.0/24 maxlen: 24
77.246.247.0/24 maxlen: 24
86.107.198.0/24 maxlen: 24
86.107.199.0/24 maxlen: 24
89.207.248.0/24 maxlen: 24
89.207.249.0/24 maxlen: 24
89.207.250.0/24 maxlen: 24
89.207.251.0/24 maxlen: 24
89.207.252.0/24 maxlen: 24
89.207.253.0/24 maxlen: 24
89.207.254.0/24 maxlen: 24
89.207.255.0/24 maxlen: 24
91.243.71.0/24 maxlen: 24
93.115.14.0/24 maxlen: 24
185.98.4.0/24 maxlen: 24
185.100.66.0/24 maxlen: 24
185.113.133.0/24 maxlen: 24
185.116.192.0/24 maxlen: 24
185.116.193.0/24 maxlen: 24
185.116.194.0/24 maxlen: 24
185.116.195.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.121.81.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.83.0/24 maxlen: 24
185.125.88.0/24 maxlen: 24
185.125.89.0/24 maxlen: 24
185.125.90.0/24 maxlen: 24
185.125.91.0/24 maxlen: 24
185.249.194.0/24 maxlen: 24
185.249.195.0/24 maxlen: 24
188.244.115.0/24 maxlen: 24
194.4.56.0/24 maxlen: 24
194.4.57.0/24 maxlen: 24
194.4.58.0/24 maxlen: 24
194.4.59.0/24 maxlen: 24
194.146.40.0/24 maxlen: 24
194.146.41.0/24 maxlen: 24
194.146.42.0/24 maxlen: 24
194.146.43.0/24 maxlen: 24
213.109.146.0/24 maxlen: 24
2a06:941::/48 maxlen: 48
2a06:941:1::/48 maxlen: 48
2a06:941:2::/48 maxlen: 48
2a06:941:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 23:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0b:02:13:8f:13:3e:c1:4a:aa:6f:de:ab:5a:13:8b:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: May 26 05:12:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63c4912d8508756fe3a074f3dcf92cad76a1febc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:cb:d1:f6:19:db:fd:05:4a:81:c9:8d:17:2e:
8f:fd:6a:a0:55:bf:96:52:ea:b4:96:7f:8a:6c:27:
41:98:7e:6b:d4:00:8e:c6:41:b5:ad:08:a0:71:11:
fe:4e:d2:99:3e:7f:c9:13:92:e5:79:9f:90:91:5d:
61:f4:a0:aa:c1:3c:1f:7f:0c:24:c8:b9:cd:24:ae:
0f:a2:19:3a:08:bc:4f:9c:c0:ae:1b:81:8c:c9:e5:
ce:d2:74:cd:a7:c6:35:08:86:a6:54:8c:c0:dc:6c:
7b:c3:12:98:3e:5b:d0:11:35:d9:94:cd:39:4a:17:
28:9d:e4:8f:95:8b:33:26:dd:0f:ae:cd:05:2d:f1:
f5:59:1d:32:99:ad:9c:44:23:4e:7c:07:7f:85:f1:
0f:40:80:3a:69:03:5c:32:ef:1f:48:c4:8c:1f:5d:
b9:ca:0d:80:b0:e2:9e:73:bc:de:c3:ca:84:44:b8:
b9:41:fa:62:43:7a:61:dc:83:5d:65:be:2c:97:54:
bb:2f:5b:1e:2c:41:3b:da:ec:6f:cd:85:14:b7:84:
1a:87:79:0a:56:d9:78:17:5c:88:75:27:0c:8b:58:
80:bb:41:72:1d:b0:73:59:f5:d6:f9:d4:49:29:f6:
1b:15:4a:c9:41:79:84:5b:1d:44:df:58:20:7f:66:
00:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C4:91:2D:85:08:75:6F:E3:A0:74:F3:DC:F9:2C:AD:76:A1:FE:BC
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/Y8SRLYUIdW_joHTz3PksrXah_rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.243.0/24
46.226.123.0/24
77.246.247.0/24
86.107.198.0/23
89.207.248.0/21
91.243.71.0/24
93.115.14.0/24
185.98.4.0/24
185.100.66.0/24
185.113.133.0/24
185.116.192.0/22
185.121.80.0/22
185.125.88.0/22
185.249.194.0/23
188.244.115.0/24
194.4.56.0/22
194.146.40.0/22
213.109.146.0/24
IPv6:
2a06:941::/46
Signature Algorithm: sha256WithRSAEncryption
65:57:d0:ac:57:11:f6:b8:82:f0:8d:cc:08:a3:04:79:97:21:
86:56:d2:31:0c:a0:2d:d7:22:fd:52:bc:82:11:b6:f1:cb:d8:
b8:a5:ae:64:1b:f4:1c:67:2c:36:71:33:64:66:0c:41:24:24:
7b:8d:cf:0c:ca:02:3e:7f:53:1c:bd:56:08:78:28:43:e8:bd:
15:fa:d5:64:22:e7:83:96:15:28:84:d5:66:fd:65:4f:74:08:
b9:cc:76:87:69:b5:3f:44:85:54:22:35:13:ef:f3:da:c7:d7:
b7:ad:9d:cf:dc:f7:2f:6b:b9:36:df:23:e7:c1:e9:0d:70:c4:
a8:7b:56:e9:c0:98:9c:10:df:e1:27:b8:24:3a:38:73:28:4d:
39:78:99:46:5b:de:d1:61:ed:c0:82:45:39:5a:c3:18:3b:55:
f9:00:c2:e0:cf:69:95:91:e2:d3:48:1c:2b:91:f5:e8:ac:9d:
cc:7e:fe:c2:ba:97:95:c9:47:ae:14:5b:fa:fa:2a:ca:19:95:
3d:d9:76:ff:51:34:87:5d:49:a1:08:d1:70:85:ba:1f:b9:f4:
2a:66:f5:da:11:27:75:ea:04:c6:a1:ec:93:df:a0:ee:1a:bf:
11:d7:73:77:1c:1a:24:5e:43:5b:37:1c:5b:8c:6c:4d:7d:b8:
41:62:bf:81
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZcLAhOPEz7BSqpv3qtaE4unMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjUwNTI2MDUxMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2M0OTEyZDg1MDg3NTZmZTNhMDc0ZjNkY2Y5MmNhZDc2YTFmZWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcvR9hnb/QVKgcmNFy6P/WqgVb+W
Uuq0ln+KbCdBmH5r1ACOxkG1rQigcRH+TtKZPn/JE5LleZ+QkV1h9KCqwTwffwwk
yLnNJK4Pohk6CLxPnMCuG4GMyeXO0nTNp8Y1CIamVIzA3Gx7wxKYPlvQETXZlM05
ShconeSPlYszJt0Prs0FLfH1WR0yma2cRCNOfAd/hfEPQIA6aQNcMu8fSMSMH125
yg2AsOKec7zew8qERLi5QfpiQ3ph3INdZb4sl1S7L1seLEE72uxvzYUUt4Qah3kK
Vtl4F1yIdScMi1iAu0FyHbBzWfXW+dRJKfYbFUrJQXmEWx1E31ggf2YAIQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFGPEkS2FCHVv46B089z5LK12of68MB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEvWThTUkxZVUlkV19qb0hUejNQa3NyWGFoX3J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTByBAIAATBsAwQAJYzz
AwQALuJ7AwQATfb3AwQBVmvGAwQDWc/4AwQAW/NHAwQAXXMOAwQAuWIEAwQAuWRC
AwQAuXGFAwQCuXTAAwQCuXlQAwQCuX1YAwQBufnCAwQAvPRzAwQCwgQ4AwQCwpIo
AwQA1W2SMA8EAgACMAkDBwIqBglBAAAwDQYJKoZIhvcNAQELBQADggEBAGVX0KxX
Efa4gvCNzAijBHmXIYZW0jEMoC3XIv1SvIIRtvHL2LilrmQb9BxnLDZxM2RmDEEk
JHuNzwzKAj5/Uxy9Vgh4KEPovRX61WQi54OWFSiE1Wb9ZU90CLnMdodptT9EhVQi
NRPv89rH17etnc/c9y9ruTbfI+fB6Q1wxKh7VunAmJwQ3+EnuCQ6OHMoTTl4mUZb
3tFh7cCCRTlawxg7VfkAwuDPaZWR4tNIHCuR9eisncx+/sK6l5XJR64UW/r6KsoZ
lT3Zdv9RNIddSaEI0XCFuh+59Cpm9doRJ3XqBMah7JPfoO4avxHXc3ccGiReQ1s3
HFuMbE19uEFiv4E=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:55:09 2025 by rpki-client