Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/4OLg7vGD7W_gy7_tpKRA_zW4uNg.roa
File: 4OLg7vGD7W_gy7_tpKRA_zW4uNg.roa (raw, json)
Hash identifier: yDLgpGJGH+ZrJDaHPQ3nu8EUnTsSgDMLsJFC8T4DJnU=
Subject key identifier: E0:E2:E0:EE:F1:83:ED:6F:E0:CB:BF:ED:A4:A4:40:FF:35:B8:B8:D8
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0195CC82F7BD4ECF8C4419347751C5840233
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/4OLg7vGD7W_gy7_tpKRA_zW4uNg.roa
Signing time: Tue 25 Mar 2025 08:54:49 +0000
ROA not before: Tue 25 Mar 2025 08:54:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 31.210.48.0/24 maxlen: 24
31.210.50.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.145.0/24 maxlen: 24
77.92.146.0/24 maxlen: 24
78.135.66.0/24 maxlen: 24
78.135.92.0/24 maxlen: 24
78.135.93.0/24 maxlen: 24
78.135.100.0/24 maxlen: 24
78.135.104.0/24 maxlen: 24
185.17.139.0/24 maxlen: 24
188.132.129.0/24 maxlen: 24
188.132.130.0/24 maxlen: 24
188.132.153.0/24 maxlen: 24
188.132.165.0/24 maxlen: 24
188.132.168.0/24 maxlen: 24
188.132.183.0/24 maxlen: 24
188.132.184.0/24 maxlen: 24
188.132.185.0/24 maxlen: 24
188.132.186.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.199.0/24 maxlen: 24
188.132.201.0/24 maxlen: 24
188.132.202.0/24 maxlen: 24
188.132.209.0/24 maxlen: 24
188.132.234.0/24 maxlen: 24
188.132.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cc:82:f7:bd:4e:cf:8c:44:19:34:77:51:c5:84:02:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Mar 25 08:54:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0e2e0eef183ed6fe0cbbfeda4a440ff35b8b8d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e9:4c:6b:e0:dd:96:4d:18:f2:92:c6:99:48:
d4:1a:2c:90:74:ef:8a:9b:ab:db:42:74:e9:38:a4:
b9:2b:10:5e:57:0b:45:92:56:e9:07:0c:e6:f6:4b:
24:b2:73:01:2a:37:8f:72:23:8e:8b:e7:12:5e:ed:
57:ba:a4:79:12:48:b4:81:55:8d:b8:d5:4c:ab:97:
f0:d6:c9:38:3b:6d:aa:c7:6c:50:2f:06:08:91:b1:
3a:4d:76:a4:1b:16:c2:a7:85:80:ee:46:7d:0f:12:
a5:8f:3c:5d:29:9c:f1:2e:f7:f5:0d:27:c6:0a:b6:
ce:bd:9e:ee:98:5f:c4:9e:ad:1a:51:57:02:68:07:
2e:c3:11:cc:1b:6d:0f:dd:f0:c7:8e:92:a0:07:51:
11:fc:1e:c2:b0:64:ac:b8:e7:89:94:90:75:33:2d:
c6:ea:a8:8c:84:d3:52:04:7f:3a:82:cf:bb:f9:8b:
44:dd:59:1c:34:64:4b:fb:b2:dc:f1:76:00:9f:21:
69:a0:f0:ec:8c:f4:e6:e7:aa:61:07:58:ad:08:77:
a3:09:03:a9:cb:e4:08:a9:c8:6e:7e:ae:61:d1:a3:
52:5f:c9:6e:4f:3a:a6:e5:e5:95:55:14:d6:48:d2:
af:98:39:8a:de:73:36:00:49:df:fc:cf:0b:d1:e6:
66:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:E2:E0:EE:F1:83:ED:6F:E0:CB:BF:ED:A4:A4:40:FF:35:B8:B8:D8
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/4OLg7vGD7W_gy7_tpKRA_zW4uNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.48.0/24
31.210.50.0/24
77.92.143.0/24
77.92.145.0-77.92.146.255
78.135.66.0/24
78.135.92.0/23
78.135.100.0/24
78.135.104.0/24
185.17.139.0/24
188.132.129.0-188.132.130.255
188.132.153.0/24
188.132.165.0/24
188.132.168.0/24
188.132.183.0-188.132.186.255
188.132.189.0/24
188.132.199.0/24
188.132.201.0-188.132.202.255
188.132.209.0/24
188.132.234.0/23
Signature Algorithm: sha256WithRSAEncryption
11:47:27:69:f4:13:74:40:16:8f:40:56:5e:cd:7c:8c:43:ac:
ad:f9:78:b4:c9:50:5a:7c:a1:0c:27:2f:9a:bd:60:1c:c4:c0:
e8:44:fd:2f:e6:b0:80:9a:c4:82:7f:51:8b:d1:97:3a:c7:cf:
04:ea:bd:97:6f:36:e5:31:25:3f:fb:b1:14:b3:ca:be:e8:00:
66:b4:31:e1:0d:a7:27:d4:46:05:5c:41:96:3b:15:f8:3a:a6:
c9:ce:3f:28:b3:88:6b:c9:3b:97:87:cd:c9:f1:14:35:8d:a2:
87:f4:02:7f:7a:3b:b4:d0:55:ce:ad:64:2e:7e:bb:b9:a5:7e:
e1:f3:df:59:8a:4c:14:fc:9e:29:e6:86:e0:9b:12:ff:ef:4d:
0e:8c:b6:92:de:e8:f0:ac:4b:4d:6d:37:6c:89:6e:ed:f6:7b:
98:fd:7f:13:89:b2:59:35:42:98:33:3a:e2:b2:8b:ac:8b:f3:
9c:9d:95:f5:2e:ef:7f:64:32:60:e2:a3:d2:6b:17:0e:8b:d6:
75:91:fe:61:c9:46:6b:b6:ae:f2:52:b2:8a:a3:1d:a1:8c:e9:
a9:3c:7d:42:76:4a:ca:b2:07:69:88:57:62:07:84:4c:7d:ee:
a7:53:01:e2:5f:8d:06:cd:d0:4a:a7:a3:c7:6a:7d:42:5f:01:
fa:5e:76:e2
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAZXMgve9Ts+MRBk0d1HFhAIzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMzI1MDg1NDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGUyZTBlZWYxODNlZDZmZTBjYmJmZWRhNGE0NDBmZjM1YjhiOGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOlMa+Ddlk0Y8pLGmUjUGiyQdO+K
m6vbQnTpOKS5KxBeVwtFklbpBwzm9ksksnMBKjePciOOi+cSXu1XuqR5Eki0gVWN
uNVMq5fw1sk4O22qx2xQLwYIkbE6TXakGxbCp4WA7kZ9DxKljzxdKZzxLvf1DSfG
CrbOvZ7umF/Enq0aUVcCaAcuwxHMG20P3fDHjpKgB1ER/B7CsGSsuOeJlJB1My3G
6qiMhNNSBH86gs+7+YtE3VkcNGRL+7Lc8XYAnyFpoPDsjPTm56phB1itCHejCQOp
y+QIqchufq5h0aNSX8luTzqm5eWVVRTWSNKvmDmK3nM2AEnf/M8L0eZmbwIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFODi4O7xg+1v4Mu/7aSkQP81uLjYMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvNE9MZzd2R0Q3V19neTdfdHBLUkFfelc0dU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBAAf
0jADBAAf0jIDBABNXI8wDAMEAE1ckQMEAE1ckgMEAE6HQgMEAU6HXAMEAE6HZAME
AE6HaAMEALkRizAMAwQAvISBAwQAvISCAwQAvISZAwQAvISlAwQAvISoMAwDBAC8
hLcDBAC8hLoDBAC8hL0DBAC8hMcwDAMEALyEyQMEALyEygMEALyE0QMEAbyE6jAN
BgkqhkiG9w0BAQsFAAOCAQEAEUcnafQTdEAWj0BWXs18jEOsrfl4tMlQWnyhDCcv
mr1gHMTA6ET9L+awgJrEgn9Ri9GXOsfPBOq9l2825TElP/uxFLPKvugAZrQx4Q2n
J9RGBVxBljsV+Dqmyc4/KLOIa8k7l4fNyfEUNY2ih/QCf3o7tNBVzq1kLn67uaV+
4fPfWYpMFPyeKeaG4JsS/+9NDoy2kt7o8KxLTW03bIlu7fZ7mP1/E4myWTVCmDM6
4rKLrIvznJ2V9S7vf2QyYOKj0msXDovWdZH+YclGa7au8lKyiqMdoYzpqTx9QnZK
yrIHaYhXYgeETH3up1MB4l+NBs3QSqejx2p9Ql8B+l524g==
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:43:21 2025 by rpki-client