Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/42e079-6f7c-468d-b028-0462b6484d60/1/tSgs3XUIsHh7rxyC6KI4dfFcjtI.roa
File: tSgs3XUIsHh7rxyC6KI4dfFcjtI.roa (raw, json)
Hash identifier: aP/8w3eyX9ywh3RSZ1FyfaCe/EGfUTND1DeYuxP49kA=
Subject key identifier: B5:28:2C:DD:75:08:B0:78:7B:AF:1C:82:E8:A2:38:75:F1:5C:8E:D2
Certificate issuer: /CN=27069f1883dccc93a7869c41ec3e972ff5fd4b01
Certificate serial: 019744623BAB8244C6AD9E93B7896F3238CA
Authority key identifier: 27:06:9F:18:83:DC:CC:93:A7:86:9C:41:EC:3E:97:2F:F5:FD:4B:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JwafGIPczJOnhpxB7D6XL_X9SwE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/42e079-6f7c-468d-b028-0462b6484d60/1/tSgs3XUIsHh7rxyC6KI4dfFcjtI.roa
Signing time: Fri 06 Jun 2025 08:36:17 +0000
ROA not before: Fri 06 Jun 2025 08:36:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21107
IP address blocks: 31.223.208.0/20 maxlen: 20
31.223.223.0/24 maxlen: 24
62.68.96.0/19 maxlen: 19
62.68.96.0/20 maxlen: 20
62.68.112.0/20 maxlen: 20
79.142.180.0/22 maxlen: 22
79.143.160.0/20 maxlen: 20
80.242.112.0/20 maxlen: 20
92.241.128.0/19 maxlen: 19
92.241.143.0/24 maxlen: 24
92.241.144.0/24 maxlen: 24
93.180.144.0/21 maxlen: 21
134.90.128.0/21 maxlen: 21
185.32.175.0/24 maxlen: 24
185.36.84.0/22 maxlen: 22
185.39.0.0/22 maxlen: 22
185.187.4.0/22 maxlen: 22
188.124.192.0/19 maxlen: 19
188.124.192.0/20 maxlen: 20
188.124.208.0/20 maxlen: 20
188.246.64.0/19 maxlen: 19
188.246.64.0/20 maxlen: 20
188.246.80.0/20 maxlen: 20
194.41.40.0/22 maxlen: 22
213.91.72.0/21 maxlen: 21
213.91.80.0/20 maxlen: 20
217.23.192.0/20 maxlen: 20
217.23.194.0/24 maxlen: 24
217.23.196.0/24 maxlen: 24
217.23.199.0/24 maxlen: 24
217.71.49.0/24 maxlen: 24
217.71.50.0/23 maxlen: 23
217.71.52.0/22 maxlen: 22
2a00:1a98::/32 maxlen: 32
2a00:1a98::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/42e079-6f7c-468d-b028-0462b6484d60/1/JwafGIPczJOnhpxB7D6XL_X9SwE.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/42e079-6f7c-468d-b028-0462b6484d60/1/JwafGIPczJOnhpxB7D6XL_X9SwE.mft
rsync://rpki.ripe.net/repository/DEFAULT/JwafGIPczJOnhpxB7D6XL_X9SwE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:44:62:3b:ab:82:44:c6:ad:9e:93:b7:89:6f:32:38:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27069f1883dccc93a7869c41ec3e972ff5fd4b01
Validity
Not Before: Jun 6 08:36:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5282cdd7508b0787baf1c82e8a23875f15c8ed2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:08:a8:bb:bb:63:d8:03:a9:22:d1:8a:25:bf:
1c:9f:b6:f2:dd:42:e3:ea:50:42:73:89:ce:b2:89:
c7:64:db:cc:9e:0b:5d:83:4b:c5:5d:06:d3:5d:a3:
db:de:da:f0:5c:77:80:4d:e0:ef:78:b2:cd:d9:b4:
37:ae:bc:48:74:62:39:6f:88:5f:1a:66:ae:c2:d4:
f0:95:ab:86:a0:72:df:20:70:19:92:4b:58:24:04:
ea:ce:24:b9:ad:11:95:e9:37:57:83:44:e9:8a:7f:
28:bd:cb:88:b8:3b:f3:50:08:ac:eb:be:d3:90:cd:
ec:5a:09:ae:32:46:fe:25:f3:34:bb:91:36:87:56:
e6:77:ae:bc:8b:30:93:62:d4:36:99:6b:15:aa:63:
4d:d2:9c:66:8f:d1:b9:8d:2d:2f:f4:ec:eb:60:4c:
8f:1e:71:56:eb:13:53:46:28:48:9d:dd:37:3f:c9:
96:d1:34:57:73:b6:7b:7b:2e:6b:c1:db:ab:73:63:
11:1d:e3:a0:92:47:24:79:0c:e1:90:c1:f9:af:ac:
92:78:94:8b:0b:ad:ab:42:bd:9e:bc:9d:4f:8c:f4:
93:a5:f9:3c:be:5c:fc:57:1d:e5:f4:49:bf:54:b2:
69:6c:0e:70:49:79:2a:78:d5:b0:64:24:78:6e:fa:
5f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:28:2C:DD:75:08:B0:78:7B:AF:1C:82:E8:A2:38:75:F1:5C:8E:D2
X509v3 Authority Key Identifier:
keyid:27:06:9F:18:83:DC:CC:93:A7:86:9C:41:EC:3E:97:2F:F5:FD:4B:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JwafGIPczJOnhpxB7D6XL_X9SwE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/42e079-6f7c-468d-b028-0462b6484d60/1/tSgs3XUIsHh7rxyC6KI4dfFcjtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/42e079-6f7c-468d-b028-0462b6484d60/1/JwafGIPczJOnhpxB7D6XL_X9SwE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.208.0/20
62.68.96.0/19
79.142.180.0/22
79.143.160.0/20
80.242.112.0/20
92.241.128.0/19
93.180.144.0/21
134.90.128.0/21
185.32.175.0/24
185.36.84.0/22
185.39.0.0/22
185.187.4.0/22
188.124.192.0/19
188.246.64.0/19
194.41.40.0/22
213.91.72.0-213.91.95.255
217.23.192.0/20
217.71.49.0-217.71.55.255
IPv6:
2a00:1a98::/32
Signature Algorithm: sha256WithRSAEncryption
3f:cb:9a:45:c6:01:b2:ab:ac:4d:12:7f:ac:87:01:5c:94:fa:
1b:5f:bb:5a:3f:7b:ce:b0:8b:30:b1:75:14:5e:9e:06:d3:e7:
bd:62:9d:38:c9:b0:b6:4a:8a:0c:7e:a7:d6:ef:62:95:11:90:
6e:99:15:e0:8d:cc:73:46:2e:88:44:b7:83:bf:30:e9:bc:72:
1f:d2:f4:65:51:eb:7e:7c:c0:22:2f:ee:58:d3:be:53:66:92:
e1:a3:6c:75:72:fe:b0:8e:86:6c:1f:ba:9e:e6:b1:07:17:2b:
ce:b6:4a:66:ce:38:c9:53:30:d8:77:b4:00:93:d2:60:ea:1e:
13:46:66:03:c6:58:20:5a:a5:ad:22:3d:e1:a6:7e:ce:3a:93:
e8:03:b3:01:bf:4b:03:57:79:4d:b3:86:06:99:16:48:42:97:
06:39:46:92:8d:fa:d6:72:49:6b:41:88:13:37:76:a4:a8:9f:
de:54:1d:42:6c:d4:11:5d:a2:19:48:2d:a3:88:dd:95:20:7c:
31:36:da:18:54:8a:60:b4:ab:31:d1:9d:2f:49:3d:29:d2:ba:
08:4c:33:f0:19:09:2e:10:a0:b3:6e:e1:94:fa:10:e6:cd:5f:
76:70:39:fb:d6:cd:58:11:47:bd:17:b1:bb:20:bc:09:92:b9:
c2:3d:56:6f
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZdEYjurgkTGrZ6Tt4lvMjjKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MDY5ZjE4ODNkY2NjOTNhNzg2OWM0MWVjM2U5NzJmZjVm
ZDRiMDEwHhcNMjUwNjA2MDgzNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTI4MmNkZDc1MDhiMDc4N2JhZjFjODJlOGEyMzg3NWYxNWM4ZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwiou7tj2AOpItGKJb8cn7by3ULj
6lBCc4nOsonHZNvMngtdg0vFXQbTXaPb3trwXHeATeDveLLN2bQ3rrxIdGI5b4hf
GmauwtTwlauGoHLfIHAZkktYJATqziS5rRGV6TdXg0Tpin8ovcuIuDvzUAis677T
kM3sWgmuMkb+JfM0u5E2h1bmd668izCTYtQ2mWsVqmNN0pxmj9G5jS0v9OzrYEyP
HnFW6xNTRihInd03P8mW0TRXc7Z7ey5rwdurc2MRHeOgkkckeQzhkMH5r6ySeJSL
C62rQr2evJ1PjPSTpfk8vlz8Vx3l9Em/VLJpbA5wSXkqeNWwZCR4bvpfwwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFLUoLN11CLB4e68cguiiOHXxXI7SMB8GA1UdIwQY
MBaAFCcGnxiD3MyTp4acQew+ly/1/UsBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSndhZkdJUGN6Sk9uaHB4QjdENlhMX1g5U3dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi80MmUwNzktNmY3Yy00NjhkLWIwMjgt
MDQ2MmI2NDg0ZDYwLzEvdFNnczNYVUlzSGg3cnh5QzZLSTRkZkZjanRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi80MmUwNzktNmY3Yy00NjhkLWIwMjgtMDQ2MmI2NDg0ZDYw
LzEvSndhZkdJUGN6Sk9uaHB4QjdENlhMX1g5U3dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBggQCAAEwfAMEBB/f
0AMEBT5EYAMEAk+OtAMEBE+PoAMEBFDycAMEBVzxgAMEA120kAMEA4ZagAMEALkg
rwMEArkkVAMEArknAAMEArm7BAMEBbx8wAMEBbz2QAMEAsIpKDAMAwQD1VtIAwQF
1VtAAwQE2RfAMAwDBADZRzEDBAPZRzAwDQQCAAIwBwMFACoAGpgwDQYJKoZIhvcN
AQELBQADggEBAD/LmkXGAbKrrE0Sf6yHAVyU+htfu1o/e86wizCxdRRengbT571i
nTjJsLZKigx+p9bvYpURkG6ZFeCNzHNGLohEt4O/MOm8ch/S9GVR6358wCIv7ljT
vlNmkuGjbHVy/rCOhmwfup7msQcXK862SmbOOMlTMNh3tACT0mDqHhNGZgPGWCBa
pa0iPeGmfs46k+gDswG/SwNXeU2zhgaZFkhClwY5RpKN+tZySWtBiBM3dqSon95U
HUJs1BFdohlILaOI3ZUgfDE22hhUimC0qzHRnS9JPSnSughMM/AZCS4QoLNu4ZT6
EObNX3ZwOfvWzVgRR70XsbsgvAmSucI9Vm8=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:54:33 2025 by rpki-client