Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/GrQpTiQPurV6LmFRiVBRe6z-tXc.roa
File: GrQpTiQPurV6LmFRiVBRe6z-tXc.roa (raw, json)
Hash identifier: j++bLh7EDi3TlrY7sRrgqFZ6SAggfs8202QroqALD8Y=
Subject key identifier: 1A:B4:29:4E:24:0F:BA:B5:7A:2E:61:51:89:50:51:7B:AC:FE:B5:77
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0197060C3DCAC1C926276DCEEC439EBF104F
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/GrQpTiQPurV6LmFRiVBRe6z-tXc.roa
Signing time: Sun 25 May 2025 06:05:54 +0000
ROA not before: Sun 25 May 2025 06:05:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 5.102.116.0/22 maxlen: 24
5.102.120.0/22 maxlen: 24
31.186.180.0/22 maxlen: 24
46.20.210.0/23 maxlen: 24
82.163.52.0/23 maxlen: 24
92.114.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 09:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:06:0c:3d:ca:c1:c9:26:27:6d:ce:ec:43:9e:bf:10:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: May 25 06:05:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ab4294e240fbab57a2e61518950517bacfeb577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4a:1e:f6:75:f1:05:8a:13:5b:1d:87:6c:3c:
97:b3:03:f1:93:12:cb:89:37:75:e5:8b:12:14:42:
5a:48:0e:6a:b2:2e:ff:52:2b:5c:93:ea:14:19:11:
b1:d8:76:da:00:8e:8b:df:c5:fa:1d:69:24:9e:ab:
24:fa:23:89:31:16:7b:b0:e7:f4:e5:11:24:dc:f4:
9c:dc:67:75:ea:0e:c4:59:01:dc:ef:1e:f4:f3:0b:
3f:30:d3:17:24:3e:e7:7b:8c:2d:67:fe:c8:d2:0a:
dd:55:9c:b4:a3:6d:81:e9:d1:6b:4d:89:4b:d9:95:
8d:54:14:d5:3c:74:c2:7c:a8:e5:45:79:7d:d9:fb:
e9:19:f1:10:fe:81:c3:ec:62:37:f8:31:56:a8:d6:
b1:79:10:5c:d6:af:25:76:60:58:dd:6f:29:a5:08:
2a:c2:77:f8:31:1f:28:1e:4e:37:c3:69:00:d8:30:
b0:87:d5:c1:cb:36:36:a7:41:bd:fb:04:a7:44:90:
96:99:6f:72:85:3a:38:02:dd:ff:38:37:2c:ed:71:
a8:3e:b4:c3:ad:72:b1:36:36:73:80:6b:e8:03:d7:
f0:da:72:79:e1:14:58:05:8d:a9:45:5d:c7:0a:4c:
ab:4f:d7:38:2a:2e:de:7c:4c:33:21:6d:38:89:a8:
da:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:B4:29:4E:24:0F:BA:B5:7A:2E:61:51:89:50:51:7B:AC:FE:B5:77
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/GrQpTiQPurV6LmFRiVBRe6z-tXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.116.0-5.102.123.255
31.186.180.0/22
46.20.210.0/23
82.163.52.0/23
92.114.40.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:07:54:6e:25:df:df:36:4e:a4:4c:cf:43:48:f1:4e:0f:68:
d7:62:53:8b:65:32:00:02:ac:2c:d2:1a:1c:ec:9e:73:87:65:
dc:7a:d5:a1:82:e2:dd:40:60:01:f7:bd:9e:47:fc:1d:22:22:
eb:16:0f:f4:87:25:d5:9f:62:1d:7d:9a:d2:d2:99:3b:90:14:
c3:d5:52:8b:26:d3:23:69:bf:cd:d8:17:38:bc:d5:9d:31:c7:
23:9e:c9:a7:a9:59:65:22:4e:41:09:c4:64:7b:30:b3:b4:7f:
4b:a3:7a:d3:14:12:47:0f:4a:15:f0:ed:82:9d:ce:04:05:ed:
f7:45:b7:af:ea:54:38:c2:d9:59:c0:d1:ab:a5:ba:fc:7d:5b:
06:05:39:f6:da:5e:61:e7:07:93:45:7b:85:de:46:ea:85:17:
66:9c:49:ee:12:8f:23:dc:ef:2a:43:96:04:5f:75:48:66:5c:
81:46:47:23:b5:14:e8:7c:77:80:fb:79:4f:64:b6:76:a5:7f:
44:a8:80:a5:a0:e9:77:d2:8e:41:85:0a:d2:96:f4:bc:de:5a:
39:09:46:72:38:b7:be:7a:1a:51:f0:0e:86:0a:0a:c6:4b:43:
c0:32:84:16:44:d1:26:6e:85:ed:2c:1c:1e:86:21:2c:b6:0a:
4f:18:3b:fc
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZcGDD3KwckmJ23O7EOevxBPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwNTI1MDYwNTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWI0Mjk0ZTI0MGZiYWI1N2EyZTYxNTE4OTUwNTE3YmFjZmViNTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEoe9nXxBYoTWx2HbDyXswPxkxLL
iTd15YsSFEJaSA5qsi7/Uitck+oUGRGx2HbaAI6L38X6HWkknqsk+iOJMRZ7sOf0
5REk3PSc3Gd16g7EWQHc7x708ws/MNMXJD7ne4wtZ/7I0grdVZy0o22B6dFrTYlL
2ZWNVBTVPHTCfKjlRXl92fvpGfEQ/oHD7GI3+DFWqNaxeRBc1q8ldmBY3W8ppQgq
wnf4MR8oHk43w2kA2DCwh9XByzY2p0G9+wSnRJCWmW9yhTo4At3/ODcs7XGoPrTD
rXKxNjZzgGvoA9fw2nJ54RRYBY2pRV3HCkyrT9c4Ki7efEwzIW04iaja3wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBq0KU4kD7q1ei5hUYlQUXus/rV3MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvR3JRcFRpUVB1clY2TG1GUmlWQlJlNnotdFhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAIFZnQD
BAIFZngDBAIfurQDBAEuFNIDBAFSozQDBAJccigwDQYJKoZIhvcNAQELBQADggEB
AIoHVG4l3982TqRMz0NI8U4PaNdiU4tlMgACrCzSGhzsnnOHZdx61aGC4t1AYAH3
vZ5H/B0iIusWD/SHJdWfYh19mtLSmTuQFMPVUosm0yNpv83YFzi81Z0xxyOeyaep
WWUiTkEJxGR7MLO0f0ujetMUEkcPShXw7YKdzgQF7fdFt6/qVDjC2VnA0auluvx9
WwYFOfbaXmHnB5NFe4XeRuqFF2acSe4SjyPc7ypDlgRfdUhmXIFGRyO1FOh8d4D7
eU9ktnalf0SogKWg6XfSjkGFCtKW9LzeWjkJRnI4t756GlHwDoYKCsZLQ8AyhBZE
0SZuhe0sHB6GISy2Ck8YO/w=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:17:46 2025 by rpki-client