Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/vj_Rx3DB5-xDUqDlrBJ7IxL_21w.roa
File: vj_Rx3DB5-xDUqDlrBJ7IxL_21w.roa (raw, json)
Hash identifier: MTWWugX6ksDRRG983kctzCkaVVEPY1cdhe4ngzPqXI4=
Subject key identifier: BE:3F:D1:C7:70:C1:E7:EC:43:52:A0:E5:AC:12:7B:23:12:FF:DB:5C
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 0196E8BE2F33F03034F010300FE9AA642479
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/vj_Rx3DB5-xDUqDlrBJ7IxL_21w.roa
Signing time: Mon 19 May 2025 13:31:39 +0000
ROA not before: Mon 19 May 2025 13:31:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 45.117.52.0/24 maxlen: 24
45.117.54.0/24 maxlen: 24
45.123.144.0/24 maxlen: 24
103.4.248.0/24 maxlen: 24
103.4.249.0/24 maxlen: 24
103.4.250.0/24 maxlen: 24
103.4.251.0/24 maxlen: 24
103.49.152.0/24 maxlen: 24
103.49.153.0/24 maxlen: 24
103.49.154.0/24 maxlen: 24
103.49.155.0/24 maxlen: 24
103.196.8.0/24 maxlen: 24
103.196.9.0/24 maxlen: 24
103.216.0.0/24 maxlen: 24
103.216.1.0/24 maxlen: 24
103.216.2.0/24 maxlen: 24
103.216.3.0/24 maxlen: 24
139.5.22.0/24 maxlen: 24
139.5.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 23:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e8:be:2f:33:f0:30:34:f0:10:30:0f:e9:aa:64:24:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: May 19 13:31:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be3fd1c770c1e7ec4352a0e5ac127b2312ffdb5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f1:20:61:2e:01:35:85:be:a2:2d:29:15:f4:
7c:4b:a5:cc:36:54:13:0f:4d:88:3d:a2:ed:f5:6a:
0a:91:d7:7d:26:b7:72:c7:6c:a0:ea:df:10:00:47:
87:e1:7e:19:55:23:98:d1:d3:04:98:a9:83:6f:d8:
ae:97:6e:1a:ce:89:81:45:8b:11:a0:b7:68:9a:01:
a0:8f:5b:8b:8b:54:c4:aa:91:03:a7:32:f7:5d:40:
30:72:29:52:70:5b:5a:9b:c5:4d:94:78:6e:ff:4a:
d9:39:0a:1d:7d:46:a7:5c:8c:50:a6:c2:b7:3b:ae:
d9:4d:05:95:ac:ec:3d:ca:59:54:90:11:a2:fe:7a:
46:f7:d8:a4:03:0f:a0:ad:85:4c:db:a8:0c:ca:df:
59:13:f7:1e:95:e9:23:57:16:31:29:1b:ed:44:5a:
90:10:8b:8c:47:c5:56:47:ee:04:ff:e0:1b:22:53:
6f:88:ae:51:02:cf:c2:d2:89:9e:ac:bc:fd:d2:94:
f1:0c:33:a6:39:86:e7:59:7b:7c:da:f3:9b:87:f0:
84:81:80:a5:96:5e:ac:f7:e9:ac:dc:0d:38:d3:15:
e6:eb:0e:0a:e1:aa:18:6e:da:3d:74:4f:6f:1f:da:
3f:75:ac:da:29:dc:81:96:5f:d9:7b:62:91:40:ae:
e0:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:3F:D1:C7:70:C1:E7:EC:43:52:A0:E5:AC:12:7B:23:12:FF:DB:5C
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/vj_Rx3DB5-xDUqDlrBJ7IxL_21w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.117.52.0/24
45.117.54.0/24
45.123.144.0/24
103.4.248.0/22
103.49.152.0/22
103.196.8.0/23
103.216.0.0/22
139.5.22.0/23
Signature Algorithm: sha256WithRSAEncryption
98:6d:a8:35:a3:e6:75:33:ec:93:33:d0:55:36:76:c4:3c:20:
18:92:5f:d0:40:75:a7:b4:02:4c:cb:f0:c5:fa:61:a8:a3:3d:
6c:57:4c:0b:69:37:8e:87:c2:9e:e2:6b:72:ac:82:03:2f:ab:
3f:f8:7a:4b:36:73:f7:8f:e5:e0:6f:3b:07:f2:34:66:aa:91:
49:08:b9:69:25:01:c1:d5:25:46:0b:b5:42:13:83:95:bd:d2:
07:e6:aa:b3:e5:22:f9:56:c0:9b:9c:44:f7:ee:12:2d:a8:2c:
9e:ac:07:8d:92:58:75:ed:b0:fc:fd:90:54:19:ae:32:e8:9a:
bb:22:80:a2:ae:d8:bf:70:b5:ef:47:8d:eb:ab:63:6c:40:96:
62:48:f0:52:fb:5a:6c:e0:ee:09:e0:44:0c:6c:cb:7b:50:ea:
53:03:c5:81:9b:42:94:8f:a7:aa:cc:cd:2c:9a:83:ca:72:79:
1b:fa:ab:6e:4d:5b:28:2a:93:3d:a6:c7:8b:72:37:cc:bd:76:
40:dd:1b:51:70:62:ab:3f:0b:62:03:85:19:74:bb:08:66:1f:
64:ed:92:ad:56:66:bb:bf:39:8b:7f:77:cb:05:2f:5c:28:48:
66:88:38:8c:74:71:00:92:f3:6c:5b:fb:7a:9d:1d:f9:6c:e4:
24:54:6d:0c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZbovi8z8DA08BAwD+mqZCR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjUwNTE5MTMzMTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTNmZDFjNzcwYzFlN2VjNDM1MmEwZTVhYzEyN2IyMzEyZmZkYjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfEgYS4BNYW+oi0pFfR8S6XMNlQT
D02IPaLt9WoKkdd9Jrdyx2yg6t8QAEeH4X4ZVSOY0dMEmKmDb9iul24azomBRYsR
oLdomgGgj1uLi1TEqpEDpzL3XUAwcilScFtam8VNlHhu/0rZOQodfUanXIxQpsK3
O67ZTQWVrOw9yllUkBGi/npG99ikAw+grYVM26gMyt9ZE/celekjVxYxKRvtRFqQ
EIuMR8VWR+4E/+AbIlNviK5RAs/C0omerLz90pTxDDOmOYbnWXt82vObh/CEgYCl
ll6s9+ms3A040xXm6w4K4aoYbto9dE9vH9o/dazaKdyBll/Ze2KRQK7gdQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFL4/0cdwwefsQ1Kg5awSeyMS/9tcMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvdmpfUngzREI1LXhEVXFEbHJCSjdJeExfMjF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALXU0AwQA
LXU2AwQALXuQAwQCZwT4AwQCZzGYAwQBZ8QIAwQCZ9gAAwQBiwUWMA0GCSqGSIb3
DQEBCwUAA4IBAQCYbag1o+Z1M+yTM9BVNnbEPCAYkl/QQHWntAJMy/DF+mGooz1s
V0wLaTeOh8Ke4mtyrIIDL6s/+HpLNnP3j+XgbzsH8jRmqpFJCLlpJQHB1SVGC7VC
E4OVvdIH5qqz5SL5VsCbnET37hItqCyerAeNklh17bD8/ZBUGa4y6Jq7IoCirti/
cLXvR43rq2NsQJZiSPBS+1ps4O4J4EQMbMt7UOpTA8WBm0KUj6eqzM0smoPKcnkb
+qtuTVsoKpM9pseLcjfMvXZA3RtRcGKrPwtiA4UZdLsIZh9k7ZKtVma7vzmLf3fL
BS9cKEhmiDiMdHEAkvNsW/t6nR35bOQkVG0M
-----END CERTIFICATE-----
Generated at Tue Jun 3 10:14:36 2025 by rpki-client