Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/zYugFckyhdtiZyGM5Ie37gEwqcc.roa
File: zYugFckyhdtiZyGM5Ie37gEwqcc.roa (raw, json)
Hash identifier: 2kt81eUfRTF87g4j+jzQSxt89NGbGeNjjo00+6BAcRo=
Subject key identifier: CD:8B:A0:15:C9:32:85:DB:62:67:21:8C:E4:87:B7:EE:01:30:A9:C7
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0194274834717D50A22279CA29EE82338FC2
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/zYugFckyhdtiZyGM5Ie37gEwqcc.roa
Signing time: Thu 02 Jan 2025 13:50:30 +0000
ROA not before: Thu 02 Jan 2025 13:50:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 27882
IP address blocks: 181.41.144.0/21 maxlen: 21
181.41.144.0/22 maxlen: 24
181.41.144.0/23 maxlen: 23
181.41.144.0/24 maxlen: 24
181.41.145.0/24 maxlen: 24
181.41.146.0/23 maxlen: 23
181.41.146.0/24 maxlen: 24
181.41.147.0/24 maxlen: 24
181.41.148.0/22 maxlen: 22
181.41.148.0/23 maxlen: 23
181.41.148.0/24 maxlen: 24
181.41.149.0/24 maxlen: 24
181.41.150.0/23 maxlen: 23
181.41.150.0/24 maxlen: 24
181.41.151.0/24 maxlen: 24
181.41.156.0/22 maxlen: 22
181.41.156.0/23 maxlen: 23
181.41.156.0/24 maxlen: 24
181.41.157.0/24 maxlen: 24
181.41.158.0/23 maxlen: 23
181.41.158.0/24 maxlen: 24
181.41.159.0/24 maxlen: 24
189.28.64.0/19 maxlen: 19
189.28.64.0/20 maxlen: 20
189.28.64.0/21 maxlen: 21
189.28.64.0/22 maxlen: 22
189.28.64.0/23 maxlen: 23
189.28.64.0/24 maxlen: 24
189.28.65.0/24 maxlen: 24
189.28.66.0/23 maxlen: 23
189.28.66.0/24 maxlen: 24
189.28.67.0/24 maxlen: 24
189.28.68.0/22 maxlen: 22
189.28.68.0/23 maxlen: 23
189.28.68.0/24 maxlen: 24
189.28.69.0/24 maxlen: 24
189.28.70.0/23 maxlen: 23
189.28.70.0/24 maxlen: 24
189.28.71.0/24 maxlen: 24
189.28.72.0/21 maxlen: 21
189.28.72.0/22 maxlen: 22
189.28.72.0/23 maxlen: 23
189.28.72.0/24 maxlen: 24
189.28.73.0/24 maxlen: 24
189.28.74.0/23 maxlen: 23
189.28.74.0/24 maxlen: 24
189.28.75.0/24 maxlen: 24
189.28.76.0/22 maxlen: 22
189.28.76.0/23 maxlen: 23
189.28.76.0/24 maxlen: 24
189.28.77.0/24 maxlen: 24
189.28.78.0/23 maxlen: 23
189.28.78.0/24 maxlen: 24
189.28.79.0/24 maxlen: 24
189.28.80.0/20 maxlen: 20
189.28.80.0/21 maxlen: 21
189.28.80.0/22 maxlen: 22
189.28.80.0/23 maxlen: 23
189.28.80.0/24 maxlen: 24
189.28.81.0/24 maxlen: 24
189.28.82.0/23 maxlen: 23
189.28.82.0/24 maxlen: 24
189.28.83.0/24 maxlen: 24
189.28.84.0/22 maxlen: 22
189.28.84.0/23 maxlen: 23
189.28.84.0/24 maxlen: 24
189.28.85.0/24 maxlen: 24
189.28.86.0/23 maxlen: 23
189.28.86.0/24 maxlen: 24
189.28.87.0/24 maxlen: 24
189.28.88.0/21 maxlen: 21
189.28.88.0/22 maxlen: 22
189.28.88.0/23 maxlen: 23
189.28.88.0/24 maxlen: 24
189.28.89.0/24 maxlen: 24
189.28.90.0/23 maxlen: 23
189.28.90.0/24 maxlen: 24
189.28.91.0/24 maxlen: 24
189.28.92.0/22 maxlen: 22
189.28.92.0/23 maxlen: 23
189.28.92.0/24 maxlen: 24
189.28.93.0/24 maxlen: 24
189.28.94.0/23 maxlen: 23
189.28.94.0/24 maxlen: 24
189.28.95.0/24 maxlen: 24
203.88.96.0/22 maxlen: 22
203.88.96.0/23 maxlen: 23
203.88.96.0/24 maxlen: 24
203.88.97.0/24 maxlen: 24
203.88.98.0/23 maxlen: 23
203.88.98.0/24 maxlen: 24
203.88.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 16:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:34:71:7d:50:a2:22:79:ca:29:ee:82:33:8f:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 2 13:50:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd8ba015c93285db6267218ce487b7ee0130a9c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:32:cc:9c:3c:72:0f:ea:ed:01:9f:3f:8e:83:
f0:b2:ff:b2:12:53:0d:b0:8f:bf:fb:a3:75:43:bc:
91:e7:72:66:23:5a:fb:8a:93:91:42:c6:c7:7d:b1:
8f:1a:4e:03:1e:eb:4c:a0:4b:a7:cb:fc:81:b6:a1:
2e:e9:46:5d:eb:a1:10:d2:c4:b5:72:7c:5f:42:e0:
1d:0c:d4:7c:a7:35:e2:79:12:61:d1:e5:17:b1:2f:
5f:bc:1f:96:8a:bf:51:0f:db:ff:82:7c:ef:ba:fd:
56:21:fd:64:ad:32:1c:8a:c8:d6:87:d5:c1:5e:71:
29:b9:9b:15:1d:56:c2:20:b3:ce:cb:01:4c:d5:e0:
f3:fb:86:d4:f2:ef:6f:ca:e9:f1:7f:22:45:e9:16:
c7:4c:91:f0:6f:dd:6a:7c:63:ac:d4:86:79:a0:b1:
6f:42:cf:71:41:39:17:3a:c0:95:21:e6:fd:5a:2f:
46:ee:84:21:c9:fd:05:ff:df:f3:71:64:0f:40:84:
7c:ff:d6:c9:b3:28:59:d0:e0:76:12:75:18:12:20:
d5:90:56:61:90:80:e1:6d:7f:df:66:cb:30:9f:7c:
a6:2c:1b:90:d2:3d:ef:49:f3:89:f6:3c:9f:57:20:
5d:4e:0c:a1:91:13:7d:11:6c:3d:69:9c:73:16:bc:
12:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:8B:A0:15:C9:32:85:DB:62:67:21:8C:E4:87:B7:EE:01:30:A9:C7
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/zYugFckyhdtiZyGM5Ie37gEwqcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.41.144.0/21
181.41.156.0/22
189.28.64.0/19
203.88.96.0/22
Signature Algorithm: sha256WithRSAEncryption
80:35:dc:cb:17:0c:00:56:25:9f:97:cb:15:ab:74:9a:35:ff:
5a:df:2b:64:90:6f:f2:b1:84:85:41:00:f0:c3:43:cd:a2:5c:
75:87:30:8e:a6:fd:3f:81:da:85:e8:16:53:12:db:53:a0:20:
e2:06:1e:b7:36:f7:1a:e7:28:91:96:2c:1d:c2:aa:89:e2:2b:
10:c4:15:e8:f2:ea:ea:b8:9f:58:9c:89:b1:8b:9c:1d:75:b9:
d5:56:f9:b8:3c:93:7c:53:22:e4:f8:b4:9c:ba:8e:79:e5:9f:
12:aa:53:43:eb:46:7f:7d:64:f6:ae:5a:8d:c2:ba:4f:bf:54:
0a:2a:98:97:5c:77:80:cc:ff:f1:bc:19:48:30:06:b9:4b:51:
09:73:6b:86:8c:a6:4f:dc:3e:7c:f4:f0:24:f7:86:6e:7f:5b:
1b:fd:3b:13:94:ff:74:1f:1d:21:3d:f5:74:b7:9d:34:6e:f6:
84:61:6e:51:c7:38:6c:10:03:9e:b2:30:0d:42:ce:50:fe:9a:
77:38:57:d7:fc:7b:98:b6:25:a8:69:2a:ff:00:09:01:84:00:
5a:b4:b8:43:4d:77:8a:21:8b:a7:42:49:9f:6d:38:a4:4b:36:
f8:6c:7b:f2:d5:f4:84:08:65:6d:ef:da:b2:1b:6a:21:72:36:
98:25:9d:01
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnSDRxfVCiInnKKe6CM4/CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMTAyMTM1MDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDhiYTAxNWM5MzI4NWRiNjI2NzIxOGNlNDg3YjdlZTAxMzBhOWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7TLMnDxyD+rtAZ8/joPwsv+yElMN
sI+/+6N1Q7yR53JmI1r7ipORQsbHfbGPGk4DHutMoEuny/yBtqEu6UZd66EQ0sS1
cnxfQuAdDNR8pzXieRJh0eUXsS9fvB+Wir9RD9v/gnzvuv1WIf1krTIcisjWh9XB
XnEpuZsVHVbCILPOywFM1eDz+4bU8u9vyunxfyJF6RbHTJHwb91qfGOs1IZ5oLFv
Qs9xQTkXOsCVIeb9Wi9G7oQhyf0F/9/zcWQPQIR8/9bJsyhZ0OB2EnUYEiDVkFZh
kIDhbX/fZsswn3ymLBuQ0j3vSfOJ9jyfVyBdTgyhkRN9EWw9aZxzFrwSDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM2LoBXJMoXbYmchjOSHt+4BMKnHMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvell1Z0Zja3loZHRpWnlHTTVJZTM3Z0V3cWNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDtSmQAwQC
tSmcAwQFvRxAAwQCy1hgMA0GCSqGSIb3DQEBCwUAA4IBAQCANdzLFwwAViWfl8sV
q3SaNf9a3ytkkG/ysYSFQQDww0PNolx1hzCOpv0/gdqF6BZTEttToCDiBh63Nvca
5yiRliwdwqqJ4isQxBXo8urquJ9YnImxi5wddbnVVvm4PJN8UyLk+LScuo555Z8S
qlND60Z/fWT2rlqNwrpPv1QKKpiXXHeAzP/xvBlIMAa5S1EJc2uGjKZP3D589PAk
94Zuf1sb/TsTlP90Hx0hPfV0t500bvaEYW5RxzhsEAOesjANQs5Q/pp3OFfX/HuY
tiWoaSr/AAkBhABatLhDTXeKIYunQkmfbTikSzb4bHvy1fSECGVt79qyG2ohcjaY
JZ0B
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:17:31 2025 by rpki-client