Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/ySGsvh67MYvKSZ672BqCPtHzLsU.roa
File: ySGsvh67MYvKSZ672BqCPtHzLsU.roa (raw, json)
Hash identifier: pDVKIz1QJl+kifgxZjG1oOAyqzen5YR3gsjSQ4AiIqI=
Subject key identifier: C9:21:AC:BE:1E:BB:31:8B:CA:49:9E:BB:D8:1A:82:3E:D1:F3:2E:C5
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 019717D269A4C2118A77D507D131E5615662
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/ySGsvh67MYvKSZ672BqCPtHzLsU.roa
Signing time: Wed 28 May 2025 16:55:54 +0000
ROA not before: Wed 28 May 2025 16:55:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 89.19.57.0/24 maxlen: 24
89.19.58.0/24 maxlen: 24
89.19.59.0/24 maxlen: 24
185.59.232.0/22 maxlen: 24
185.68.245.0/24 maxlen: 24
185.79.51.0/24 maxlen: 24
185.79.79.0/24 maxlen: 24
185.81.172.0/24 maxlen: 24
185.81.173.0/24 maxlen: 24
185.81.174.0/23 maxlen: 24
185.81.174.0/24 maxlen: 24
185.81.184.0/23 maxlen: 24
185.81.186.0/23 maxlen: 24
185.89.40.0/24 maxlen: 24
185.89.108.0/22 maxlen: 24
185.95.100.0/23 maxlen: 24
185.95.102.0/23 maxlen: 24
185.96.80.0/24 maxlen: 24
185.96.83.0/24 maxlen: 24
185.97.1.0/24 maxlen: 24
185.97.3.0/24 maxlen: 24
185.98.43.0/24 maxlen: 24
185.101.203.0/24 maxlen: 24
185.104.151.0/24 maxlen: 24
185.112.56.0/23 maxlen: 24
185.175.224.0/24 maxlen: 24
185.175.225.0/24 maxlen: 24
185.185.147.0/24 maxlen: 24
193.221.215.0/24 maxlen: 24
213.170.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 10:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:17:d2:69:a4:c2:11:8a:77:d5:07:d1:31:e5:61:56:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: May 28 16:55:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c921acbe1ebb318bca499ebbd81a823ed1f32ec5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d9:82:ba:0b:7a:b3:42:91:24:33:a7:6b:42:
ad:d4:c2:b4:67:14:17:10:9b:33:e5:d4:bb:08:5a:
9c:2f:38:af:9a:35:df:25:99:e2:b4:58:50:fa:8a:
90:52:b4:21:85:2e:7f:c9:ae:8d:a8:98:0d:1b:37:
bd:46:f8:53:3e:20:8f:9c:b1:fb:83:8b:04:da:6d:
92:85:7c:25:76:26:d2:3d:7e:dd:76:41:b5:05:bc:
c6:85:2d:78:41:3b:27:19:b1:5b:ea:2e:b5:7c:ed:
76:98:72:09:e6:af:43:a5:5d:d5:47:09:d3:8c:18:
1d:a6:5c:a3:45:72:9f:7a:64:1e:91:10:43:d1:6c:
5a:27:2c:1c:3b:2a:47:a3:df:bc:d5:0b:c6:c0:e1:
a4:7d:cd:63:1b:2d:22:e9:0a:2e:df:67:2a:1f:13:
73:e3:8a:21:19:7c:e0:8d:96:13:d5:a0:62:69:6c:
c9:ea:36:5f:5b:a8:3e:2c:4f:b4:46:a4:e5:51:6f:
1d:29:8d:72:5f:19:5b:eb:04:82:7b:e7:6d:43:db:
ab:ee:99:d2:ec:1e:7f:5c:e1:7e:67:4e:f7:81:1d:
cf:79:2a:48:03:f7:83:a6:4d:0f:cb:e9:b0:84:cc:
96:95:7b:31:1d:2c:40:b1:ba:39:9f:bb:9b:76:be:
8e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:21:AC:BE:1E:BB:31:8B:CA:49:9E:BB:D8:1A:82:3E:D1:F3:2E:C5
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/ySGsvh67MYvKSZ672BqCPtHzLsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.57.0-89.19.59.255
185.59.232.0/22
185.68.245.0/24
185.79.51.0/24
185.79.79.0/24
185.81.172.0/22
185.81.184.0/22
185.89.40.0/24
185.89.108.0/22
185.95.100.0/22
185.96.80.0/24
185.96.83.0/24
185.97.1.0/24
185.97.3.0/24
185.98.43.0/24
185.101.203.0/24
185.104.151.0/24
185.112.56.0/23
185.175.224.0/23
185.185.147.0/24
193.221.215.0/24
213.170.223.0/24
Signature Algorithm: sha256WithRSAEncryption
58:0b:98:78:d2:60:6f:48:ee:61:e3:b1:ea:64:07:f5:c2:35:
b0:aa:35:4c:cd:ef:a7:a1:05:d6:34:92:e9:a4:d3:7d:8a:3b:
21:ab:d5:56:c3:17:a6:f2:ed:2b:a4:3a:be:e9:1d:42:0f:ad:
e7:c2:a9:30:71:89:53:08:c3:22:52:15:f2:a2:62:2e:d1:cc:
72:73:94:7f:42:b5:95:ea:24:a6:74:55:85:54:ab:d6:92:2a:
16:26:db:b5:22:83:e1:da:3d:ac:7c:12:f4:ff:12:36:13:89:
8e:05:a1:d9:f8:54:1d:81:dc:3b:20:45:7b:b4:fa:4b:d5:d4:
1d:81:5a:50:b1:7e:61:05:ed:0e:d5:b5:c9:89:91:c4:8d:8c:
e7:0e:9f:3e:48:ad:89:fe:b5:e7:cf:17:1a:0a:f5:5d:9d:e0:
f1:64:15:61:b4:6c:b1:90:ee:c4:d9:8f:06:d9:b0:8c:26:ce:
75:5f:3d:26:12:aa:dc:60:f8:71:59:fc:e0:61:e3:53:25:2d:
f6:a8:98:bd:f8:fe:03:3b:ec:07:54:6c:38:d1:f9:ea:97:29:
ff:46:ee:8b:46:3b:69:cf:2c:d6:62:4b:84:12:ed:25:cd:32:
1a:06:14:de:c4:d4:98:ce:72:5d:81:54:13:34:72:9e:f5:e5:
8f:df:40:4c
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZcX0mmkwhGKd9UH0THlYVZiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwNTI4MTY1NTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTIxYWNiZTFlYmIzMThiY2E0OTllYmJkODFhODIzZWQxZjMyZWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdmCugt6s0KRJDOna0Kt1MK0ZxQX
EJsz5dS7CFqcLzivmjXfJZnitFhQ+oqQUrQhhS5/ya6NqJgNGze9RvhTPiCPnLH7
g4sE2m2ShXwldibSPX7ddkG1BbzGhS14QTsnGbFb6i61fO12mHIJ5q9DpV3VRwnT
jBgdplyjRXKfemQekRBD0WxaJywcOypHo9+81QvGwOGkfc1jGy0i6Qou32cqHxNz
44ohGXzgjZYT1aBiaWzJ6jZfW6g+LE+0RqTlUW8dKY1yXxlb6wSCe+dtQ9ur7pnS
7B5/XOF+Z073gR3PeSpIA/eDpk0Py+mwhMyWlXsxHSxAsbo5n7ubdr6OqQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFMkhrL4euzGLykmeu9gagj7R8y7FMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEveVNHc3ZoNjdNWXZLU1o2NzJCcUNQdEh6THNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwwDAME
AFkTOQMEAlkTOAMEArk76AMEALlE9QMEALlPMwMEALlPTwMEArlRrAMEArlRuAME
ALlZKAMEArlZbAMEArlfZAMEALlgUAMEALlgUwMEALlhAQMEALlhAwMEALliKwME
ALllywMEALlolwMEAblwOAMEAbmv4AMEALm5kwMEAMHd1wMEANWq3zANBgkqhkiG
9w0BAQsFAAOCAQEAWAuYeNJgb0juYeOx6mQH9cI1sKo1TM3vp6EF1jSS6aTTfYo7
IavVVsMXpvLtK6Q6vukdQg+t58KpMHGJUwjDIlIV8qJiLtHMcnOUf0K1leokpnRV
hVSr1pIqFibbtSKD4do9rHwS9P8SNhOJjgWh2fhUHYHcOyBFe7T6S9XUHYFaULF+
YQXtDtW1yYmRxI2M5w6fPkitif61588XGgr1XZ3g8WQVYbRssZDuxNmPBtmwjCbO
dV89JhKq3GD4cVn84GHjUyUt9qiYvfj+AzvsB1RsONH56pcp/0bui0Y7ac8s1mJL
hBLtJc0yGgYU3sTUmM5yXYFUEzRynvXlj99ATA==
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:38:52 2025 by rpki-client