Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/9JYLRbAyBiZx1C4OYbnwWphquZ4.roa
File: 9JYLRbAyBiZx1C4OYbnwWphquZ4.roa (raw, json)
Hash identifier: IXG5gmo6XuX7z6I59d8WQFp9CPf9KqOZ7R0eb0+uGzE=
Subject key identifier: F4:96:0B:45:B0:32:06:26:71:D4:2E:0E:61:B9:F0:5A:98:6A:B9:9E
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 0194B1707C2A7716E181AB93C7C75C6F9DEA
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/9JYLRbAyBiZx1C4OYbnwWphquZ4.roa
Signing time: Wed 29 Jan 2025 09:42:06 +0000
ROA not before: Wed 29 Jan 2025 09:42:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48159
IP address blocks: 2.176.128.0/17 maxlen: 17
2.177.0.0/16 maxlen: 16
2.182.0.0/16 maxlen: 24
2.182.128.0/21 maxlen: 21
2.185.0.0/16 maxlen: 16
2.185.0.0/20 maxlen: 20
2.185.18.0/24 maxlen: 24
2.185.40.0/21 maxlen: 21
2.185.88.0/22 maxlen: 22
2.185.160.0/19 maxlen: 19
2.185.164.0/24 maxlen: 24
2.188.0.0/24 maxlen: 24
2.188.1.0/24 maxlen: 24
2.188.22.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
2.188.64.0/21 maxlen: 21
2.188.76.0/24 maxlen: 24
2.188.179.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.187.0/24 maxlen: 24
2.189.42.0/23 maxlen: 23
2.189.42.0/24 maxlen: 24
2.189.43.0/24 maxlen: 24
2.189.56.0/24 maxlen: 24
2.189.58.0/24 maxlen: 24
2.189.68.0/24 maxlen: 24
2.189.72.0/24 maxlen: 24
2.191.0.0/16 maxlen: 16
78.38.0.0/16 maxlen: 24
78.38.160.0/19 maxlen: 19
78.38.243.0/24 maxlen: 24
78.38.246.0/24 maxlen: 24
78.38.248.0/24 maxlen: 24
78.38.250.0/24 maxlen: 24
78.38.251.0/24 maxlen: 24
78.38.254.0/24 maxlen: 24
78.39.0.0/16 maxlen: 24
78.39.40.0/24 maxlen: 24
78.39.43.0/24 maxlen: 24
78.39.46.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
78.39.48.0/24 maxlen: 24
78.39.49.0/24 maxlen: 24
78.39.50.0/24 maxlen: 24
78.39.51.0/24 maxlen: 24
78.39.53.0/24 maxlen: 24
78.39.54.0/24 maxlen: 24
78.39.55.0/24 maxlen: 24
78.39.56.0/24 maxlen: 24
78.39.57.0/24 maxlen: 24
78.39.58.0/24 maxlen: 24
78.39.59.0/24 maxlen: 24
78.39.62.0/23 maxlen: 24
78.39.149.0/24 maxlen: 24
78.39.150.0/24 maxlen: 24
78.39.151.0/24 maxlen: 24
78.39.153.0/24 maxlen: 24
78.39.155.0/24 maxlen: 24
78.39.156.0/24 maxlen: 24
78.39.240.0/24 maxlen: 24
80.191.0.0/16 maxlen: 16
80.191.56.0/24 maxlen: 24
217.218.0.0/16 maxlen: 24
217.218.67.0/24 maxlen: 24
217.219.0.0/16 maxlen: 24
217.219.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.mft
rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b1:70:7c:2a:77:16:e1:81:ab:93:c7:c7:5c:6f:9d:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 29 09:42:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4960b45b032062671d42e0e61b9f05a986ab99e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:2f:57:1a:22:65:70:fe:58:2e:43:b3:39:bc:
bb:29:7b:64:64:20:3f:8c:eb:44:df:c4:1b:52:ef:
c4:86:42:71:25:cc:ce:bd:f3:8c:f1:d2:ff:b1:5d:
77:6b:7e:4a:40:89:21:0e:57:bc:c7:1b:cb:7e:cb:
5d:4c:c2:38:fd:58:42:37:f2:ca:d3:73:e8:21:21:
0a:bf:f5:d3:9d:76:5f:78:e2:b7:d6:eb:4c:47:c0:
03:cb:07:f6:50:a4:e4:50:01:26:43:55:69:96:02:
40:4a:20:4f:90:f5:70:47:fa:9a:41:dd:ec:02:60:
b5:5c:22:a8:74:8e:4c:81:7e:91:44:cf:d5:e7:8d:
09:91:b4:6c:e9:2c:00:cf:2b:b0:12:d8:70:96:11:
ec:61:1c:a9:9b:bf:f5:f8:9e:1c:94:b8:2d:03:f1:
f7:70:22:22:c0:a6:c5:67:1b:97:d4:fc:69:0f:c7:
0e:e6:cf:b0:46:61:eb:92:4d:5a:83:2b:6d:2c:7d:
01:aa:85:d6:75:ef:f7:37:43:02:b6:0a:c1:85:5b:
5e:43:b6:53:9d:1d:7d:7c:40:af:e0:ee:62:2a:cb:
c2:24:d3:53:ad:66:64:ba:b3:f3:16:66:45:9d:10:
e3:03:2e:d4:c0:fe:30:e3:70:e1:f6:27:b9:42:df:
47:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:96:0B:45:B0:32:06:26:71:D4:2E:0E:61:B9:F0:5A:98:6A:B9:9E
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/9JYLRbAyBiZx1C4OYbnwWphquZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.128.0-2.177.255.255
2.182.0.0/16
2.185.0.0/16
2.188.0.0/23
2.188.22.0/24
2.188.28.0/24
2.188.64.0/21
2.188.76.0/24
2.188.179.0/24
2.188.184.0/23
2.188.187.0/24
2.189.42.0/23
2.189.56.0/24
2.189.58.0/24
2.189.68.0/24
2.189.72.0/24
2.191.0.0/16
78.38.0.0/15
80.191.0.0/16
217.218.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7c:4c:9b:bc:55:1c:52:f3:b8:45:ea:78:74:88:fa:48:f4:dd:
66:f9:45:05:ea:38:2b:5f:a7:6f:ec:03:0a:f8:ab:27:d2:8e:
67:ad:a0:a3:d7:0a:d3:a8:5d:e2:2b:1b:1e:53:46:44:32:85:
f4:b7:50:fd:02:51:fc:bf:54:b7:e0:46:ac:c3:17:fb:ba:1f:
22:a5:ef:ac:ec:3c:93:d0:cc:1a:3e:25:70:45:10:b5:4b:f8:
cd:3d:d6:30:40:0b:52:5c:ff:0b:0d:8c:91:c7:83:d8:82:ce:
b9:88:ae:0f:82:66:e0:15:3d:48:96:6c:c4:d7:5a:a2:7f:5c:
80:c4:b6:ea:5d:c5:a1:9f:ea:2f:9a:3b:f0:96:e2:19:75:35:
ef:52:a5:aa:09:65:86:63:4e:b5:09:58:3e:a2:3b:16:ce:a8:
5c:f9:86:d4:89:5b:e1:12:dd:9b:7b:9c:34:9f:6b:4f:a2:b1:
ea:8f:04:fc:55:e0:b7:cc:11:25:7e:09:24:87:a1:24:f2:7e:
89:65:b3:43:13:fe:82:be:17:6d:da:e3:53:b6:cb:61:42:69:
4f:b8:db:2a:7b:45:3a:25:1e:ab:8e:75:8e:65:93:14:17:72:
ca:72:51:08:63:ea:6d:3d:21:08:b8:7c:39:da:5e:b1:73:38:
00:97:ee:70
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZSxcHwqdxbhgauTx8dcb53qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjUwMTI5MDk0MjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDk2MGI0NWIwMzIwNjI2NzFkNDJlMGU2MWI5ZjA1YTk4NmFiOTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4S9XGiJlcP5YLkOzOby7KXtkZCA/
jOtE38QbUu/EhkJxJczOvfOM8dL/sV13a35KQIkhDle8xxvLfstdTMI4/VhCN/LK
03PoISEKv/XTnXZfeOK31utMR8ADywf2UKTkUAEmQ1VplgJASiBPkPVwR/qaQd3s
AmC1XCKodI5MgX6RRM/V540JkbRs6SwAzyuwEthwlhHsYRypm7/1+J4clLgtA/H3
cCIiwKbFZxuX1PxpD8cO5s+wRmHrkk1agyttLH0BqoXWde/3N0MCtgrBhVteQ7ZT
nR19fECv4O5iKsvCJNNTrWZkurPzFmZFnRDjAy7UwP4w43Dh9ie5Qt9HuwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFPSWC0WwMgYmcdQuDmG58FqYarmeMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvOUpZTFJiQXlCaVp4MUM0T1libndXcGhxdVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTB/BAIAATB5MAsDBAcC
sIADAwECsAMDAAK2AwMAArkDBAECvAADBAACvBYDBAACvBwDBAMCvEADBAACvEwD
BAACvLMDBAECvLgDBAACvLsDBAECvSoDBAACvTgDBAACvToDBAACvUQDBAACvUgD
AwACvwMDAU4mAwMAUL8DAwHZ2jANBgkqhkiG9w0BAQsFAAOCAQEAfEybvFUcUvO4
Rep4dIj6SPTdZvlFBeo4K1+nb+wDCvirJ9KOZ62go9cK06hd4isbHlNGRDKF9LdQ
/QJR/L9Ut+BGrMMX+7ofIqXvrOw8k9DMGj4lcEUQtUv4zT3WMEALUlz/Cw2MkceD
2ILOuYiuD4Jm4BU9SJZsxNdaon9cgMS26l3FoZ/qL5o78JbiGXU171KlqgllhmNO
tQlYPqI7Fs6oXPmG1Ilb4RLdm3ucNJ9rT6Kx6o8E/FXgt8wRJX4JJIehJPJ+iWWz
QxP+gr4XbdrjU7bLYUJpT7jbKntFOiUeq451jmWTFBdyynJRCGPqbT0hCLh8Odpe
sXM4AJfucA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:28:52 2025 by rpki-client