Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/8cLonLerPea1ONAnvr_dxQWYjTM.roa
File: 8cLonLerPea1ONAnvr_dxQWYjTM.roa (raw, json)
Hash identifier: nRgP46aVXwPd+6oMZ/fP0RAWOxYr2cSvaYDPxKnCP4Y=
Subject key identifier: F1:C2:E8:9C:B7:AB:3D:E6:B5:38:D0:27:BE:BF:DD:C5:05:98:8D:33
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 0196F65BD3736A13F30A9366475D090C6842
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/8cLonLerPea1ONAnvr_dxQWYjTM.roa
Signing time: Thu 22 May 2025 04:58:55 +0000
ROA not before: Thu 22 May 2025 04:58:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197450
IP address blocks: 213.201.150.0/23 maxlen: 24
213.201.152.0/22 maxlen: 24
213.201.152.0/23 maxlen: 24
213.201.156.0/23 maxlen: 24
213.201.160.0/23 maxlen: 24
213.201.164.0/22 maxlen: 24
213.201.164.0/23 maxlen: 24
213.201.168.0/23 maxlen: 24
213.201.172.0/22 maxlen: 24
213.201.172.0/23 maxlen: 24
213.201.176.0/23 maxlen: 24
213.201.180.0/22 maxlen: 24
213.201.180.0/23 maxlen: 24
213.201.184.0/23 maxlen: 24
213.201.188.0/23 maxlen: 24
213.201.192.0/22 maxlen: 24
213.201.192.0/23 maxlen: 24
213.201.212.0/22 maxlen: 24
213.201.212.0/23 maxlen: 24
213.201.216.0/23 maxlen: 24
213.201.220.0/23 maxlen: 24
213.201.232.0/22 maxlen: 24
213.201.232.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f6:5b:d3:73:6a:13:f3:0a:93:66:47:5d:09:0c:68:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: May 22 04:58:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1c2e89cb7ab3de6b538d027bebfddc505988d33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:6f:2e:ea:19:33:d1:86:9e:df:3a:b8:70:bd:
28:ce:80:7d:0a:fe:05:c6:41:62:aa:50:d3:33:d2:
9c:08:e2:b8:b6:4b:62:71:cc:7b:a4:47:3b:97:39:
25:ac:de:71:6d:60:2a:96:ff:6a:7e:9b:89:8b:d8:
27:72:e9:c6:91:48:e0:3d:4a:bb:7d:1d:94:2a:01:
5c:7a:0e:d5:49:18:f8:5c:d3:37:08:dd:82:24:46:
64:94:e9:2a:8c:7e:a1:0a:98:9f:9e:5f:33:76:dd:
1b:b8:de:46:0a:d8:05:db:95:d6:1b:cb:c8:f4:ff:
39:e3:e6:d1:bd:eb:59:8a:e8:99:7f:16:4b:46:24:
4d:13:4d:a6:b9:8b:6c:41:01:44:01:4d:c4:80:6b:
9e:2c:6c:e2:b3:3e:28:3b:b1:75:71:d0:6e:7a:1b:
71:2f:d8:bb:84:cc:86:b8:b9:e9:50:1c:08:fd:29:
36:f3:3d:fb:58:98:4e:dc:8a:79:51:92:36:2d:de:
c0:f5:16:b0:4d:29:ee:b2:18:b7:91:d8:ea:ea:23:
ee:aa:0e:ab:a8:2a:93:83:06:4d:a5:00:34:ed:0b:
f6:c5:e1:ac:a3:12:4c:08:e8:07:3a:12:e2:e2:58:
06:59:df:02:e8:e4:f3:41:e5:9e:6f:1b:a1:78:b9:
51:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C2:E8:9C:B7:AB:3D:E6:B5:38:D0:27:BE:BF:DD:C5:05:98:8D:33
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/8cLonLerPea1ONAnvr_dxQWYjTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.201.150.0-213.201.157.255
213.201.160.0/23
213.201.164.0-213.201.169.255
213.201.172.0-213.201.177.255
213.201.180.0-213.201.185.255
213.201.188.0/23
213.201.192.0/22
213.201.212.0-213.201.217.255
213.201.220.0/23
213.201.232.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:3b:19:f1:fa:d4:96:74:e2:54:e2:49:39:3c:90:4d:ab:ad:
74:ff:40:2f:6a:9f:26:08:bc:89:e1:f2:8a:8e:1d:43:66:26:
e5:e4:91:01:b0:70:c6:b3:f6:80:c4:2f:25:fd:87:6e:53:12:
db:d7:78:de:77:6e:6b:4f:3c:73:e6:79:4a:09:64:88:cc:02:
83:0e:ce:33:25:8a:1a:1a:00:c7:c5:50:9e:02:5b:bd:c7:ed:
c7:28:52:03:eb:a2:c7:ed:5d:fd:e8:f1:f3:ac:c9:83:cf:c7:
db:b3:c6:ef:33:d8:2f:19:5a:a3:2b:93:85:3f:76:2f:6b:c3:
17:2f:6e:46:3c:1b:98:a5:88:6f:9e:b0:26:df:2d:72:d9:66:
05:d6:ba:9c:4a:37:b5:4f:b8:e4:9c:f6:b8:01:20:89:f3:46:
26:61:26:19:10:34:9d:37:e7:51:41:e9:6b:72:52:46:37:9c:
cb:37:5f:9b:65:e8:68:f7:62:45:cb:61:c7:64:57:ad:63:dc:
d4:fe:f2:7d:8d:53:d6:e6:da:3d:dd:58:9f:d7:ff:b3:64:cc:
6c:9b:d1:5b:e8:be:87:84:ea:99:a1:57:c8:a7:13:0f:78:cd:
6c:fa:6a:7d:f2:f9:b4:e4:cb:ca:a5:dc:87:42:33:20:2a:3b:
ef:06:4f:c9
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZb2W9NzahPzCpNmR10JDGhCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwNTIyMDQ1ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWMyZTg5Y2I3YWIzZGU2YjUzOGQwMjdiZWJmZGRjNTA1OTg4ZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2W8u6hkz0Yae3zq4cL0ozoB9Cv4F
xkFiqlDTM9KcCOK4tkticcx7pEc7lzklrN5xbWAqlv9qfpuJi9gncunGkUjgPUq7
fR2UKgFceg7VSRj4XNM3CN2CJEZklOkqjH6hCpifnl8zdt0buN5GCtgF25XWG8vI
9P854+bRvetZiuiZfxZLRiRNE02muYtsQQFEAU3EgGueLGzisz4oO7F1cdBuehtx
L9i7hMyGuLnpUBwI/Sk28z37WJhO3Ip5UZI2Ld7A9RawTSnushi3kdjq6iPuqg6r
qCqTgwZNpQA07Qv2xeGsoxJMCOgHOhLi4lgGWd8C6OTzQeWebxuheLlR+QIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFPHC6Jy3qz3mtTjQJ76/3cUFmI0zMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvOGNMb25MZXJQZWExT05BbnZyX2R4UVdZalRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkMAwDBAHVyZYD
BAHVyZwDBAHVyaAwDAMEAtXJpAMEAdXJqDAMAwQC1cmsAwQB1cmwMAwDBALVybQD
BAHVybgDBAHVybwDBALVycAwDAMEAtXJ1AMEAdXJ2AMEAdXJ3AMEAtXJ6DANBgkq
hkiG9w0BAQsFAAOCAQEATjsZ8frUlnTiVOJJOTyQTautdP9AL2qfJgi8ieHyio4d
Q2Ym5eSRAbBwxrP2gMQvJf2HblMS29d43ndua088c+Z5SglkiMwCgw7OMyWKGhoA
x8VQngJbvcftxyhSA+uix+1d/ejx86zJg8/H27PG7zPYLxlaoyuThT92L2vDFy9u
RjwbmKWIb56wJt8tctlmBda6nEo3tU+45Jz2uAEgifNGJmEmGRA0nTfnUUHpa3JS
Rjecyzdfm2XoaPdiRcthx2RXrWPc1P7yfY1T1ubaPd1Yn9f/s2TMbJvRW+i+h4Tq
maFXyKcTD3jNbPpqffL5tOTLyqXch0IzICo77wZPyQ==
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:54:38 2025 by rpki-client