Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/GTSqn8ohuN-MHhN18mr9Itlt7ao.roa
File: GTSqn8ohuN-MHhN18mr9Itlt7ao.roa (raw, json)
Hash identifier: lFLyLMK3dWhD600oT7fgmI5ccuGsQ2tgFOCCKMH2dCM=
Subject key identifier: 19:34:AA:9F:CA:21:B8:DF:8C:1E:13:75:F2:6A:FD:22:D9:6D:ED:AA
Certificate issuer: /CN=3eecd4caa9a3a57715e3d5d66bccd7185afe40da
Certificate serial: 01942747D82ADC48413469EBE0B749448E75
Authority key identifier: 3E:EC:D4:CA:A9:A3:A5:77:15:E3:D5:D6:6B:CC:D7:18:5A:FE:40:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PuzUyqmjpXcV49XWa8zXGFr-QNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/GTSqn8ohuN-MHhN18mr9Itlt7ao.roa
Signing time: Thu 02 Jan 2025 13:50:07 +0000
ROA not before: Thu 02 Jan 2025 13:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12678
IP address blocks: 31.222.64.0/22 maxlen: 23
31.222.66.0/23 maxlen: 24
31.222.68.0/23 maxlen: 23
31.222.70.0/23 maxlen: 23
31.222.70.0/24 maxlen: 24
31.222.71.0/24 maxlen: 24
31.222.72.0/22 maxlen: 24
31.222.76.0/23 maxlen: 23
31.222.78.0/23 maxlen: 24
159.253.176.0/22 maxlen: 22
159.253.180.0/24 maxlen: 24
159.253.181.0/24 maxlen: 24
185.153.128.0/22 maxlen: 24
2a00:aea0:100::/40 maxlen: 40
2a00:aea0:111::/48 maxlen: 48
2a00:aea0:112::/48 maxlen: 48
2a00:aea0:113::/48 maxlen: 48
2a00:aea0:200::/40 maxlen: 40
2a00:aea0:211::/48 maxlen: 48
2a00:aea0:212::/48 maxlen: 48
2a00:aea0:213::/48 maxlen: 48
2a00:aea0:600::/40 maxlen: 40
2a00:aea0:6500::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/PuzUyqmjpXcV49XWa8zXGFr-QNo.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/PuzUyqmjpXcV49XWa8zXGFr-QNo.mft
rsync://rpki.ripe.net/repository/DEFAULT/PuzUyqmjpXcV49XWa8zXGFr-QNo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:d8:2a:dc:48:41:34:69:eb:e0:b7:49:44:8e:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eecd4caa9a3a57715e3d5d66bccd7185afe40da
Validity
Not Before: Jan 2 13:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1934aa9fca21b8df8c1e1375f26afd22d96dedaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:02:99:d6:1e:bb:c0:f6:3c:7c:db:21:78:b8:
58:82:80:1c:26:fb:ae:8a:12:33:8d:7a:70:da:d1:
0f:59:ab:47:1e:f1:be:a0:c3:af:f1:61:d3:a2:77:
92:10:dd:69:b9:e5:db:4e:ba:5f:87:f7:a1:dc:8f:
b3:c2:50:a6:12:51:74:7a:16:85:6e:12:34:96:b7:
2b:6e:34:89:71:5a:7e:a1:01:9e:7a:1a:e7:b0:1b:
99:d4:f1:44:21:6a:6b:34:7c:f5:c6:68:b7:4d:47:
90:89:ce:fe:c8:c0:58:b0:a3:17:68:99:e8:b8:e6:
8a:60:ec:e5:96:b1:90:03:62:bb:88:d5:68:84:41:
54:b7:33:ba:30:36:9d:7f:79:a4:60:04:7a:4c:74:
c8:97:59:95:52:43:ee:a4:1e:15:d1:cc:a4:b6:40:
98:06:72:b5:b9:d0:a3:ad:1a:c8:34:3a:2a:a4:32:
d1:9b:66:e0:03:d6:66:e8:1f:4f:ae:92:39:0a:83:
7f:62:74:8c:e4:37:ff:11:0a:8b:e1:7c:87:dd:8d:
ba:5d:67:29:68:d1:40:4e:8d:fd:0f:47:14:42:b4:
c3:37:06:c8:54:c0:9a:95:ca:f4:4e:7a:09:97:bb:
7a:df:83:4f:e2:d0:db:be:db:41:4e:67:f6:a7:44:
2d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:34:AA:9F:CA:21:B8:DF:8C:1E:13:75:F2:6A:FD:22:D9:6D:ED:AA
X509v3 Authority Key Identifier:
keyid:3E:EC:D4:CA:A9:A3:A5:77:15:E3:D5:D6:6B:CC:D7:18:5A:FE:40:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PuzUyqmjpXcV49XWa8zXGFr-QNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/GTSqn8ohuN-MHhN18mr9Itlt7ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/PuzUyqmjpXcV49XWa8zXGFr-QNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.64.0/20
159.253.176.0-159.253.181.255
185.153.128.0/22
IPv6:
2a00:aea0:100::-2a00:aea0:2ff:ffff:ffff:ffff:ffff:ffff
2a00:aea0:600::/40
2a00:aea0:6500::/40
Signature Algorithm: sha256WithRSAEncryption
4a:40:3d:14:c7:23:6b:a8:3f:9c:81:11:a0:b9:76:23:09:48:
c4:4d:51:a5:e1:6e:ce:89:a5:34:d7:bc:00:5c:4c:08:90:b9:
e1:32:ec:d8:81:59:7f:07:a3:f9:7b:b4:3b:3b:2c:ce:06:9f:
d2:6b:47:30:d6:3f:aa:f1:6e:82:33:b0:00:b3:4c:01:1c:c9:
3a:b1:e9:37:38:f2:9c:d9:58:94:85:91:53:0e:e9:81:bc:32:
d5:be:ef:5e:f9:a6:e0:96:da:3e:07:43:4d:93:65:cd:7a:8f:
3c:38:6b:02:27:5a:de:dc:9f:b9:ce:e4:6f:24:6b:29:8a:79:
28:3b:1b:61:e3:b9:6f:68:18:52:e4:87:bf:eb:c8:31:3c:0f:
4d:8d:11:54:ee:93:9d:f4:47:60:b0:77:71:6a:d9:89:40:df:
e6:4a:14:de:41:4c:bc:84:89:77:7f:8c:76:ef:1a:06:e5:44:
4e:78:8a:37:6a:a1:f3:15:22:6e:da:64:ec:0f:80:ac:1b:a1:
cc:35:22:41:d2:c0:f0:1c:bf:d9:f9:89:6e:42:dd:ae:a7:b0:
c7:ba:57:f0:00:cd:96:c3:1b:67:8c:a3:d7:04:9d:44:07:98:
9e:65:35:d6:c4:4b:8b:90:a1:be:57:95:17:76:cf:0b:20:b9:
f1:a3:61:51
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZQnR9gq3EhBNGnr4LdJRI51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZWNkNGNhYTlhM2E1NzcxNWUzZDVkNjZiY2NkNzE4NWFm
ZTQwZGEwHhcNMjUwMTAyMTM1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTM0YWE5ZmNhMjFiOGRmOGMxZTEzNzVmMjZhZmQyMmQ5NmRlZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gKZ1h67wPY8fNsheLhYgoAcJvuu
ihIzjXpw2tEPWatHHvG+oMOv8WHToneSEN1pueXbTrpfh/eh3I+zwlCmElF0ehaF
bhI0lrcrbjSJcVp+oQGeehrnsBuZ1PFEIWprNHz1xmi3TUeQic7+yMBYsKMXaJno
uOaKYOzllrGQA2K7iNVohEFUtzO6MDadf3mkYAR6THTIl1mVUkPupB4V0cyktkCY
BnK1udCjrRrINDoqpDLRm2bgA9Zm6B9PrpI5CoN/YnSM5Df/EQqL4XyH3Y26XWcp
aNFATo39D0cUQrTDNwbIVMCalcr0TnoJl7t634NP4tDbvttBTmf2p0QttwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFBk0qp/KIbjfjB4TdfJq/SLZbe2qMB8GA1UdIwQY
MBaAFD7s1Mqpo6V3FePV1mvM1xha/kDaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHV6VXlxbWpwWGNWNDlYV2E4elhHRnItUU5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8zNjQ1YjItYWYyZS00YzBkLTk4MTIt
NjllZWM1YjRiNTA1LzEvR1RTcW44b2h1Ti1NSGhOMThtcjlJdGx0N2FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8zNjQ1YjItYWYyZS00YzBkLTk4MTItNjllZWM1YjRiNTA1
LzEvUHV6VXlxbWpwWGNWNDlYV2E4elhHRnItUU5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAgBAIAATAaAwQEH95AMAwD
BASf/bADBAGf/bQDBAK5mYAwKAQCAAIwIjAQAwYAKgCuoAEDBgAqAK6gAgMGACoA
rqAGAwYAKgCuoGUwDQYJKoZIhvcNAQELBQADggEBAEpAPRTHI2uoP5yBEaC5diMJ
SMRNUaXhbs6JpTTXvABcTAiQueEy7NiBWX8Ho/l7tDs7LM4Gn9JrRzDWP6rxboIz
sACzTAEcyTqx6Tc48pzZWJSFkVMO6YG8MtW+7175puCW2j4HQ02TZc16jzw4awIn
Wt7cn7nO5G8kaymKeSg7G2HjuW9oGFLkh7/ryDE8D02NEVTuk530R2Cwd3Fq2YlA
3+ZKFN5BTLyEiXd/jHbvGgblRE54ijdqofMVIm7aZOwPgKwbocw1IkHSwPAcv9n5
iW5C3a6nsMe6V/AAzZbDG2eMo9cEnUQHmJ5lNdbES4uQob5XlRd2zwsgufGjYVE=
-----END CERTIFICATE-----
Generated at Mon Apr 21 23:02:59 2025 by rpki-client