Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/lGrajh7a_wa1_LmUlCkskSpHEUA.roa
File: lGrajh7a_wa1_LmUlCkskSpHEUA.roa (raw, json)
Hash identifier: cqiS1zwnFw4W1rzDIACXMZPc8ZNVkVV3Hme04FAS5Cc=
Subject key identifier: 94:6A:DA:8E:1E:DA:FF:06:B5:FC:B9:94:94:29:2C:91:2A:47:11:40
Certificate issuer: /CN=adac830ccaa74783dd961fab241a228d7cc6f808
Certificate serial: 0194282319C51136D1A7A1CD3E021FEE7901
Authority key identifier: AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/lGrajh7a_wa1_LmUlCkskSpHEUA.roa
Signing time: Thu 02 Jan 2025 17:49:36 +0000
ROA not before: Thu 02 Jan 2025 17:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28769
IP address blocks: 31.216.160.0/22 maxlen: 24
31.216.164.0/23 maxlen: 23
31.216.166.0/24 maxlen: 24
31.216.167.0/24 maxlen: 24
31.216.168.0/23 maxlen: 23
31.216.171.0/24 maxlen: 24
31.216.172.0/22 maxlen: 22
46.166.65.0/24 maxlen: 24
46.166.66.0/24 maxlen: 24
46.166.67.0/24 maxlen: 24
46.166.78.0/24 maxlen: 24
46.166.79.0/24 maxlen: 24
46.166.84.0/23 maxlen: 23
46.166.86.0/24 maxlen: 24
46.166.87.0/24 maxlen: 24
46.166.88.0/23 maxlen: 24
46.166.91.0/24 maxlen: 24
46.166.92.0/24 maxlen: 24
46.166.93.0/24 maxlen: 24
46.166.94.0/24 maxlen: 24
46.166.98.0/24 maxlen: 24
46.166.99.0/24 maxlen: 24
46.166.104.0/22 maxlen: 22
46.166.112.0/23 maxlen: 23
46.166.114.0/24 maxlen: 24
46.166.116.0/22 maxlen: 22
46.166.120.0/21 maxlen: 21
46.182.128.0/22 maxlen: 22
46.182.131.0/24 maxlen: 24
46.182.132.0/22 maxlen: 22
80.240.32.0/24 maxlen: 24
80.240.33.0/24 maxlen: 24
80.240.34.0/24 maxlen: 24
80.240.35.0/24 maxlen: 24
80.240.36.0/23 maxlen: 23
80.240.44.0/24 maxlen: 24
80.240.47.0/24 maxlen: 24
93.188.208.0/23 maxlen: 23
93.188.210.0/24 maxlen: 24
93.188.215.0/24 maxlen: 24
2a06:e0c0::/32 maxlen: 32
2a06:e0c1::/32 maxlen: 32
2a06:e0c2::/32 maxlen: 32
2a06:e0c3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.mft
rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 12:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:19:c5:11:36:d1:a7:a1:cd:3e:02:1f:ee:79:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adac830ccaa74783dd961fab241a228d7cc6f808
Validity
Not Before: Jan 2 17:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=946ada8e1edaff06b5fcb99494292c912a471140
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c4:ee:15:e6:62:3c:4a:b7:dc:39:6d:f0:5c:
f4:b6:77:14:71:35:6a:9a:f1:97:ce:b2:4c:52:eb:
ff:64:d5:2e:39:f5:2d:6d:77:4a:5f:0e:68:e1:01:
fe:48:24:05:58:1a:f0:45:44:48:d5:a6:04:97:4c:
f2:72:31:b9:8c:4d:6d:88:7f:a4:f8:cc:42:6c:dd:
40:12:49:23:e7:bf:4c:e6:a3:67:9b:54:97:88:0c:
b0:2a:b2:b0:61:e8:59:21:1a:6b:67:1e:80:70:ba:
0e:2b:76:26:43:5d:4b:c0:69:ab:c6:7e:74:c9:ab:
9e:06:9d:94:25:b9:23:99:58:11:be:6b:2d:bb:84:
7f:d4:0a:f3:af:25:78:b3:3e:48:6e:c7:40:99:14:
be:0a:fc:e4:f8:50:67:67:00:06:be:8a:22:66:52:
1b:4c:39:75:9f:ab:e2:79:2e:87:ea:17:49:52:e6:
8f:de:11:b6:6b:0b:35:4e:44:c2:6b:ec:04:ff:04:
3e:7c:5d:1f:56:12:73:9b:af:de:6c:ee:49:6c:8e:
37:3d:6d:04:44:74:1a:c3:52:c2:18:49:23:29:6c:
b7:33:1a:f5:f0:d1:ae:db:52:c2:8d:11:14:da:1b:
48:87:c0:32:8c:fe:41:47:77:9f:ec:99:7e:a9:39:
fb:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:6A:DA:8E:1E:DA:FF:06:B5:FC:B9:94:94:29:2C:91:2A:47:11:40
X509v3 Authority Key Identifier:
keyid:AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/lGrajh7a_wa1_LmUlCkskSpHEUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.160.0-31.216.169.255
31.216.171.0-31.216.175.255
46.166.65.0-46.166.67.255
46.166.78.0/23
46.166.84.0-46.166.89.255
46.166.91.0-46.166.94.255
46.166.98.0/23
46.166.104.0/22
46.166.112.0-46.166.114.255
46.166.116.0-46.166.127.255
46.182.128.0/21
80.240.32.0-80.240.37.255
80.240.44.0/24
80.240.47.0/24
93.188.208.0-93.188.210.255
93.188.215.0/24
IPv6:
2a06:e0c0::/30
Signature Algorithm: sha256WithRSAEncryption
92:37:d3:66:f2:e5:ce:c1:8b:9c:d4:01:33:f0:3f:a8:1c:4a:
73:49:fd:e2:58:50:52:a6:8c:f6:08:4d:5d:e7:66:0d:c4:ab:
a7:92:94:04:d5:a3:2a:b6:8f:46:ff:e6:07:2e:f4:05:2d:a5:
47:20:6d:b4:bb:c8:f4:59:17:66:a3:78:67:82:d5:a1:21:a5:
bc:39:2c:b5:56:4b:b4:26:e6:83:6e:51:b0:5e:24:7d:eb:6f:
5a:05:f0:dd:fc:e1:d2:79:50:58:be:86:0a:53:e1:13:5d:6b:
6c:b4:09:33:4b:56:96:a2:42:ed:9b:7d:98:3a:5e:9a:93:b6:
0d:b6:ed:3f:ad:06:0d:96:bf:e5:e2:dd:52:f4:fc:5a:fc:b5:
9c:4d:8f:f1:65:41:b2:f7:6d:ab:a1:7e:eb:b7:9b:2c:6a:e7:
be:21:26:59:b7:97:94:70:05:89:5b:44:0a:cc:3c:44:7b:b9:
27:a8:09:a4:27:1f:77:9d:d2:78:6d:c7:80:f8:18:0f:30:ef:
cf:b6:05:bc:7b:db:f5:79:e5:c7:e5:79:8e:5c:c7:5b:54:d5:
77:0e:8c:f1:5a:c5:99:0c:ef:49:4b:5c:5d:36:49:10:aa:33:
c0:c3:f8:a4:c7:02:5d:fe:aa:74:aa:91:50:a4:cf:07:d5:7c:
23:95:87:55
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAZQoIxnFETbRp6HNPgIf7nkBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYWM4MzBjY2FhNzQ3ODNkZDk2MWZhYjI0MWEyMjhkN2Nj
NmY4MDgwHhcNMjUwMTAyMTc0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDZhZGE4ZTFlZGFmZjA2YjVmY2I5OTQ5NDI5MmM5MTJhNDcxMTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosTuFeZiPEq33Dlt8Fz0tncUcTVq
mvGXzrJMUuv/ZNUuOfUtbXdKXw5o4QH+SCQFWBrwRURI1aYEl0zycjG5jE1tiH+k
+MxCbN1AEkkj579M5qNnm1SXiAywKrKwYehZIRprZx6AcLoOK3YmQ11LwGmrxn50
yaueBp2UJbkjmVgRvmstu4R/1ArzryV4sz5IbsdAmRS+Cvzk+FBnZwAGvooiZlIb
TDl1n6vieS6H6hdJUuaP3hG2aws1TkTCa+wE/wQ+fF0fVhJzm6/ebO5JbI43PW0E
RHQaw1LCGEkjKWy3Mxr18NGu21LCjREU2htIh8AyjP5BR3ef7Jl+qTn7IQIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFJRq2o4e2v8Gtfy5lJQpLJEqRxFAMB8GA1UdIwQY
MBaAFK2sgwzKp0eD3ZYfqyQaIo18xvgIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgt
OTI5ZjdkNjM1ZjRiLzEvbEdyYWpoN2Ffd2ExX0xtVWxDa3NrU3BIRVVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgtOTI5ZjdkNjM1ZjRi
LzEvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBrwQCAAEwgagwDAME
BR/YoAMEAR/YqDAMAwQAH9irAwQEH9igMAwDBAAupkEDBAIupkADBAEupk4wDAME
Ai6mVAMEAS6mWDAMAwQALqZbAwQALqZeAwQBLqZiAwQCLqZoMAwDBAQupnADBAAu
pnIwDAMEAi6mdAMEBy6mAAMEAy62gDAMAwQFUPAgAwQBUPAkAwQAUPAsAwQAUPAv
MAwDBARdvNADBABdvNIDBABdvNcwDQQCAAIwBwMFAioG4MAwDQYJKoZIhvcNAQEL
BQADggEBAJI302by5c7Bi5zUATPwP6gcSnNJ/eJYUFKmjPYITV3nZg3Eq6eSlATV
oyq2j0b/5gcu9AUtpUcgbbS7yPRZF2ajeGeC1aEhpbw5LLVWS7Qm5oNuUbBeJH3r
b1oF8N384dJ5UFi+hgpT4RNda2y0CTNLVpaiQu2bfZg6XpqTtg227T+tBg2Wv+Xi
3VL0/Fr8tZxNj/FlQbL3bauhfuu3myxq574hJlm3l5RwBYlbRArMPER7uSeoCaQn
H3ed0nhtx4D4GA8w78+2Bbx72/V55cfleY5cx1tU1XcOjPFaxZkM70lLXF02SRCq
M8DD+KTHAl3+qnSqkVCkzwfVfCOVh1U=
-----END CERTIFICATE-----
Generated at Fri Mar 14 20:06:49 2025 by rpki-client