Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/GYSp_rz4QZbgBr-HBOcTzpt3X4M.roa
File: GYSp_rz4QZbgBr-HBOcTzpt3X4M.roa (raw, json)
Hash identifier: NAF/Nb6XJXh+vrFmr0juFvf2KFmgS/SmKavb4eqn3DQ=
Subject key identifier: 19:84:A9:FE:BC:F8:41:96:E0:06:BF:87:04:E7:13:CE:9B:77:5F:83
Certificate issuer: /CN=b328fe258a1b9bf6148a6ce0e8a712f18840904c
Certificate serial: 01942521881F9D4F15EDD6457F6E7C539F60
Authority key identifier: B3:28:FE:25:8A:1B:9B:F6:14:8A:6C:E0:E8:A7:12:F1:88:40:90:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syj-JYobm_YUimzg6KcS8YhAkEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/GYSp_rz4QZbgBr-HBOcTzpt3X4M.roa
Signing time: Thu 02 Jan 2025 03:49:02 +0000
ROA not before: Thu 02 Jan 2025 03:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25459
IP address blocks: 83.172.128.0/21 maxlen: 21
83.172.136.0/24 maxlen: 24
83.172.138.0/23 maxlen: 23
83.172.150.0/23 maxlen: 23
83.172.153.0/24 maxlen: 24
83.172.159.0/24 maxlen: 24
83.172.160.0/22 maxlen: 22
83.172.164.0/23 maxlen: 23
83.172.169.0/24 maxlen: 24
83.172.180.0/22 maxlen: 22
83.172.188.0/23 maxlen: 23
2a02:cec0::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/syj-JYobm_YUimzg6KcS8YhAkEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/syj-JYobm_YUimzg6KcS8YhAkEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/syj-JYobm_YUimzg6KcS8YhAkEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 06:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:88:1f:9d:4f:15:ed:d6:45:7f:6e:7c:53:9f:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b328fe258a1b9bf6148a6ce0e8a712f18840904c
Validity
Not Before: Jan 2 03:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1984a9febcf84196e006bf8704e713ce9b775f83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:11:25:b8:f0:6e:28:4b:76:ee:29:cc:be:d0:
f9:9f:16:81:0e:ae:55:01:5c:6e:56:7c:cc:1e:8f:
02:61:80:17:e1:99:c0:d7:bf:7a:42:49:4c:af:5e:
4b:2b:21:a8:b9:59:3f:5d:5f:5c:3e:97:47:ae:6c:
91:96:17:ab:15:d1:11:b1:b5:50:b4:cc:99:0c:de:
48:ee:3b:43:f5:31:d4:bd:cd:61:30:bb:04:b8:32:
ce:13:b5:68:71:c8:5a:b3:0e:67:33:cb:96:4b:ea:
6a:42:17:6c:c9:ca:fc:f1:37:fa:1c:8a:92:d2:0e:
35:c1:18:1c:57:a2:35:cb:ba:ca:f6:94:de:51:42:
b7:b6:3d:52:d5:8f:4a:03:d1:74:c6:5c:3d:cd:d1:
dc:20:77:d8:9e:73:40:df:93:ac:4a:d4:ef:0a:9d:
65:21:9d:2d:35:6b:f8:1c:54:e5:07:9a:0c:a4:03:
65:bf:d1:1b:df:c0:f8:96:52:52:64:96:1a:ab:40:
d1:0e:83:3d:94:27:8a:63:79:22:fb:f2:50:7f:3b:
7a:a4:60:72:59:a3:d9:6b:ea:5c:35:d7:f3:95:1d:
4e:c5:18:c9:83:e6:ca:90:e7:1d:ef:5a:fb:ba:06:
ec:2f:d6:5a:62:a4:9f:d4:e2:8e:2d:d3:e5:0d:f8:
eb:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:84:A9:FE:BC:F8:41:96:E0:06:BF:87:04:E7:13:CE:9B:77:5F:83
X509v3 Authority Key Identifier:
keyid:B3:28:FE:25:8A:1B:9B:F6:14:8A:6C:E0:E8:A7:12:F1:88:40:90:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syj-JYobm_YUimzg6KcS8YhAkEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/GYSp_rz4QZbgBr-HBOcTzpt3X4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/syj-JYobm_YUimzg6KcS8YhAkEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.172.128.0-83.172.136.255
83.172.138.0/23
83.172.150.0/23
83.172.153.0/24
83.172.159.0-83.172.165.255
83.172.169.0/24
83.172.180.0/22
83.172.188.0/23
IPv6:
2a02:cec0::/30
Signature Algorithm: sha256WithRSAEncryption
ba:fa:a8:ff:df:dd:1d:f4:a9:11:eb:6e:83:fc:d0:74:0f:0e:
ff:d7:db:7b:b8:72:e2:49:0e:38:03:04:92:ff:87:29:56:27:
50:04:e3:e8:30:a1:52:cf:d6:e7:f8:97:b2:95:3f:14:38:aa:
04:80:ed:8b:58:30:85:95:b2:b6:28:15:e3:1a:aa:35:28:4e:
9f:c5:df:f9:b4:3c:c7:fb:fb:ca:2f:cc:80:71:7b:a0:63:69:
1e:11:24:96:8b:0b:4d:26:90:e3:47:81:1e:b3:b9:b3:49:1c:
73:cf:bc:51:87:94:bc:f0:05:16:11:46:3f:59:87:d8:e0:96:
89:7a:01:9a:b2:ca:fb:01:bc:13:d3:85:c6:c7:44:a8:6b:57:
bf:46:0e:5c:7c:01:f6:a9:d6:92:21:99:a3:e8:92:92:90:63:
a7:4f:26:5e:ec:ae:a1:fe:e0:ab:0b:27:8b:fb:e0:6d:54:17:
49:5e:32:43:16:1a:ac:46:fb:1e:49:5b:de:86:aa:2f:62:d2:
da:fc:43:76:54:0b:58:b2:62:23:95:0d:a9:80:53:c5:82:a6:
91:21:10:c2:81:40:5c:77:1b:80:e2:5b:a0:a7:a1:53:4c:20:
7e:4a:15:69:f7:6a:8b:ad:5f:f5:b6:3f:ed:c3:a5:fd:a1:87:
86:1c:05:e1
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZQlIYgfnU8V7dZFf258U59gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMjhmZTI1OGExYjliZjYxNDhhNmNlMGU4YTcxMmYxODg0
MDkwNGMwHhcNMjUwMTAyMDM0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTg0YTlmZWJjZjg0MTk2ZTAwNmJmODcwNGU3MTNjZTliNzc1ZjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihEluPBuKEt27inMvtD5nxaBDq5V
AVxuVnzMHo8CYYAX4ZnA1796QklMr15LKyGouVk/XV9cPpdHrmyRlherFdERsbVQ
tMyZDN5I7jtD9THUvc1hMLsEuDLOE7Vocchasw5nM8uWS+pqQhdsycr88Tf6HIqS
0g41wRgcV6I1y7rK9pTeUUK3tj1S1Y9KA9F0xlw9zdHcIHfYnnNA35OsStTvCp1l
IZ0tNWv4HFTlB5oMpANlv9Eb38D4llJSZJYaq0DRDoM9lCeKY3ki+/JQfzt6pGBy
WaPZa+pcNdfzlR1OxRjJg+bKkOcd71r7ugbsL9ZaYqSf1OKOLdPlDfjrywIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFBmEqf68+EGW4Aa/hwTnE86bd1+DMB8GA1UdIwQY
MBaAFLMo/iWKG5v2FIps4OinEvGIQJBMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3lqLUpZb2JtX1lVaW16ZzZLY1M4WWhBa0V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hMTg4YmMtZGVlZS00MmVjLTgyODkt
ZWQ4NGEwMDU4YTlmLzEvR1lTcF9yejRRWmJnQnItSEJPY1R6cHQzWDRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hMTg4YmMtZGVlZS00MmVjLTgyODktZWQ4NGEwMDU4YTlm
LzEvc3lqLUpZb2JtX1lVaW16ZzZLY1M4WWhBa0V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAMAwDBAdTrIAD
BABTrIgDBAFTrIoDBAFTrJYDBABTrJkwDAMEAFOsnwMEAVOspAMEAFOsqQMEAlOs
tAMEAVOsvDANBAIAAjAHAwUCKgLOwDANBgkqhkiG9w0BAQsFAAOCAQEAuvqo/9/d
HfSpEetug/zQdA8O/9fbe7hy4kkOOAMEkv+HKVYnUATj6DChUs/W5/iXspU/FDiq
BIDti1gwhZWytigV4xqqNShOn8Xf+bQ8x/v7yi/MgHF7oGNpHhEklosLTSaQ40eB
HrO5s0kcc8+8UYeUvPAFFhFGP1mH2OCWiXoBmrLK+wG8E9OFxsdEqGtXv0YOXHwB
9qnWkiGZo+iSkpBjp08mXuyuof7gqwsni/vgbVQXSV4yQxYarEb7Hklb3oaqL2LS
2vxDdlQLWLJiI5UNqYBTxYKmkSEQwoFAXHcbgOJboKehU0wgfkoVafdqi61f9bY/
7cOl/aGHhhwF4Q==
-----END CERTIFICATE-----
Generated at Tue Apr 15 16:14:03 2025 by rpki-client