Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/evYLEFvdvSvmkbuLm6rh3tZsvKw.roa
File: evYLEFvdvSvmkbuLm6rh3tZsvKw.roa (raw, json)
Hash identifier: 52BX1RaGCebJiVa5KK5DyLHFtzsT7REGB3uiL5jegrk=
Subject key identifier: 7A:F6:0B:10:5B:DD:BD:2B:E6:91:BB:8B:9B:AA:E1:DE:D6:6C:BC:AC
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 0197242292633FE3439DB7CDF371F0B22FDF
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/evYLEFvdvSvmkbuLm6rh3tZsvKw.roa
Signing time: Sat 31 May 2025 02:18:54 +0000
ROA not before: Sat 31 May 2025 02:18:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 141718
IP address blocks: 45.155.90.0/24 maxlen: 24
45.155.226.0/24 maxlen: 24
45.156.222.0/24 maxlen: 24
45.156.223.0/24 maxlen: 24
103.100.169.0/24 maxlen: 24
103.211.103.0/24 maxlen: 24
185.233.17.0/24 maxlen: 24
202.71.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:24:22:92:63:3f:e3:43:9d:b7:cd:f3:71:f0:b2:2f:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: May 31 02:18:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7af60b105bddbd2be691bb8b9baae1ded66cbcac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:df:21:43:2d:cc:71:28:48:0b:d0:73:d0:f3:
6b:7d:96:2d:e9:63:56:4f:9f:99:4e:be:ef:85:49:
d4:7c:f4:3d:fb:3d:44:4f:91:71:98:f6:01:0e:e8:
00:f4:23:f8:e4:65:05:c9:c2:d1:07:ff:07:9e:f3:
0f:ab:b8:fe:d5:de:8e:bf:5f:89:9c:be:28:b4:ac:
8d:e0:47:0f:7b:09:b5:b3:8e:a5:30:b3:41:44:77:
a2:8e:1c:5f:1a:03:3e:0b:56:98:3c:30:3a:87:6a:
79:44:3c:41:37:c1:2e:a3:8c:ae:07:76:48:4c:fc:
54:63:d0:f8:6a:57:a1:56:fd:9a:de:60:b8:73:ea:
43:fb:e0:31:bf:a0:0c:1b:58:2d:b1:b6:e8:44:e5:
4d:1f:e6:d9:87:71:c9:5b:43:98:30:fc:b5:c4:ac:
1d:0a:6a:67:95:9b:6d:7e:ba:8c:e2:cb:d1:60:13:
16:e5:29:83:0c:d7:98:5b:61:cf:d9:d5:a3:3b:54:
38:74:a5:13:ee:a1:64:64:84:ba:8d:1c:3d:d8:5e:
d9:a7:f8:19:1f:da:ea:c1:07:33:b4:b9:3b:bf:5a:
7c:bb:b5:61:62:f7:ea:c6:f8:6c:2c:1d:8a:3f:a5:
8f:b0:b9:8a:a0:17:12:8c:dc:ab:60:a1:98:64:88:
d1:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:F6:0B:10:5B:DD:BD:2B:E6:91:BB:8B:9B:AA:E1:DE:D6:6C:BC:AC
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/evYLEFvdvSvmkbuLm6rh3tZsvKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.90.0/24
45.155.226.0/24
45.156.222.0/23
103.100.169.0/24
103.211.103.0/24
185.233.17.0/24
202.71.10.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:3c:df:6d:d3:66:91:fc:c0:e6:be:bc:20:a3:e4:99:ea:9f:
80:9c:0e:b9:b2:e0:eb:47:68:34:5a:ff:c4:bb:86:8b:8e:52:
a1:7e:bc:cd:98:8d:7f:05:1c:13:82:8f:d1:8a:cc:29:50:6a:
28:d6:8e:35:a8:0f:18:1a:95:29:71:14:cc:0a:5a:b9:9f:e1:
89:6c:5b:2b:48:22:51:9d:e5:23:4e:19:21:92:d2:4e:db:2f:
6e:e0:3f:bd:50:a1:10:d4:bf:8e:ba:bf:cf:b6:72:49:84:2f:
3d:54:18:13:77:95:39:94:3c:82:3a:fc:96:ad:43:59:ea:25:
99:a6:d7:09:b1:f5:0f:ba:3d:36:b9:23:5e:53:f1:3c:50:2e:
d1:9e:a6:70:92:9b:d2:5a:ab:19:3a:10:ff:e0:ff:fe:49:a2:
51:5a:62:b7:44:9e:af:41:21:25:dc:5f:26:8d:5f:39:f4:f4:
4f:66:15:24:e8:69:16:dc:48:50:ff:f5:3a:1b:29:9b:fc:4d:
4d:98:d1:79:14:86:2a:41:4c:0e:d7:23:99:c3:c4:40:a6:a2:
8d:6d:f1:55:8d:30:10:90:fa:52:a1:d9:dc:c0:09:9a:a4:29:
44:4c:db:a1:49:49:64:b1:7d:75:e5:66:b6:c3:84:5e:bd:6b:
ab:ac:fd:04
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZckIpJjP+NDnbfN83Hwsi/fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjUwNTMxMDIxODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWY2MGIxMDViZGRiZDJiZTY5MWJiOGI5YmFhZTFkZWQ2NmNiY2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5t8hQy3McShIC9Bz0PNrfZYt6WNW
T5+ZTr7vhUnUfPQ9+z1ET5FxmPYBDugA9CP45GUFycLRB/8HnvMPq7j+1d6Ov1+J
nL4otKyN4EcPewm1s46lMLNBRHeijhxfGgM+C1aYPDA6h2p5RDxBN8Euo4yuB3ZI
TPxUY9D4alehVv2a3mC4c+pD++Axv6AMG1gtsbboROVNH+bZh3HJW0OYMPy1xKwd
CmpnlZttfrqM4svRYBMW5SmDDNeYW2HP2dWjO1Q4dKUT7qFkZIS6jRw92F7Zp/gZ
H9rqwQcztLk7v1p8u7VhYvfqxvhsLB2KP6WPsLmKoBcSjNyrYKGYZIjRNwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHr2CxBb3b0r5pG7i5uq4d7WbLysMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvZXZZTEVGdmR2U3Zta2J1TG02cmgzdFpzdkt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALZtaAwQA
LZviAwQBLZzeAwQAZ2SpAwQAZ9NnAwQAuekRAwQAykcKMA0GCSqGSIb3DQEBCwUA
A4IBAQAvPN9t02aR/MDmvrwgo+SZ6p+AnA65suDrR2g0Wv/Eu4aLjlKhfrzNmI1/
BRwTgo/RiswpUGoo1o41qA8YGpUpcRTMClq5n+GJbFsrSCJRneUjThkhktJO2y9u
4D+9UKEQ1L+Our/PtnJJhC89VBgTd5U5lDyCOvyWrUNZ6iWZptcJsfUPuj02uSNe
U/E8UC7RnqZwkpvSWqsZOhD/4P/+SaJRWmK3RJ6vQSEl3F8mjV859PRPZhUk6GkW
3EhQ//U6Gymb/E1NmNF5FIYqQUwO1yOZw8RApqKNbfFVjTAQkPpSodncwAmapClE
TNuhSUlksX115Wa2w4RevWurrP0E
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:51:21 2025 by rpki-client