Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/d2e43d-1faa-40b3-b012-ee64c6e71bfb/1/SQnsB4pgBnmpIi4TRKO7zpVO0eA.roa
File: SQnsB4pgBnmpIi4TRKO7zpVO0eA.roa (raw, json)
Hash identifier: WWdVpcd3MWSz2a/cTGWg0pR5ff1Hobu49xdGhZEZSxE=
Subject key identifier: 49:09:EC:07:8A:60:06:79:A9:22:2E:13:44:A3:BB:CE:95:4E:D1:E0
Certificate issuer: /CN=fccca62cbe743328555483a857e521863f953b41
Certificate serial: 0194206855F6FFCC0BC79634B8EC11A01CAE
Authority key identifier: FC:CC:A6:2C:BE:74:33:28:55:54:83:A8:57:E5:21:86:3F:95:3B:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_MymLL50MyhVVIOoV-Uhhj-VO0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/d2e43d-1faa-40b3-b012-ee64c6e71bfb/1/SQnsB4pgBnmpIi4TRKO7zpVO0eA.roa
Signing time: Wed 01 Jan 2025 05:48:16 +0000
ROA not before: Wed 01 Jan 2025 05:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39232
IP address blocks: 5.134.48.0/20 maxlen: 20
5.134.48.0/21 maxlen: 21
5.134.48.0/22 maxlen: 22
5.134.48.0/23 maxlen: 23
5.134.50.0/23 maxlen: 23
5.134.52.0/22 maxlen: 22
5.134.52.0/23 maxlen: 23
5.134.54.0/23 maxlen: 23
5.134.56.0/21 maxlen: 21
5.134.56.0/22 maxlen: 22
5.134.56.0/23 maxlen: 23
5.134.58.0/23 maxlen: 23
5.134.60.0/22 maxlen: 22
5.134.60.0/23 maxlen: 23
5.134.62.0/23 maxlen: 23
185.40.156.0/22 maxlen: 22
185.40.156.0/23 maxlen: 23
185.40.158.0/23 maxlen: 23
188.227.208.0/20 maxlen: 20
188.227.208.0/21 maxlen: 21
188.227.216.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/d2e43d-1faa-40b3-b012-ee64c6e71bfb/1/_MymLL50MyhVVIOoV-Uhhj-VO0E.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/d2e43d-1faa-40b3-b012-ee64c6e71bfb/1/_MymLL50MyhVVIOoV-Uhhj-VO0E.mft
rsync://rpki.ripe.net/repository/DEFAULT/_MymLL50MyhVVIOoV-Uhhj-VO0E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:55:f6:ff:cc:0b:c7:96:34:b8:ec:11:a0:1c:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fccca62cbe743328555483a857e521863f953b41
Validity
Not Before: Jan 1 05:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4909ec078a600679a9222e1344a3bbce954ed1e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:c3:06:e0:64:4b:5c:91:c2:8a:e2:1b:8a:f7:
07:d5:bd:dc:cc:de:d5:ef:9e:90:67:68:c8:b0:17:
38:d2:e2:cb:de:ee:6f:6b:0e:63:b5:49:1c:8b:41:
18:f2:a0:5a:2d:4e:55:a8:36:93:86:02:75:b4:c4:
d9:e3:32:aa:88:d3:28:4e:bb:cd:c0:de:96:e7:e8:
30:dd:af:33:7d:cd:96:11:a7:4f:ae:65:7e:d1:2b:
40:2d:62:c8:cd:12:ac:15:8f:44:e7:1c:0f:5f:98:
f9:1e:16:7d:5f:92:f5:70:f4:64:67:e3:0a:c5:c8:
96:ab:e9:f8:be:b7:f1:87:2c:08:c0:c4:df:43:cb:
df:d7:f5:2d:03:dd:ee:94:f4:46:bc:2c:0f:66:92:
51:7c:7e:0f:94:34:b8:fd:da:c8:50:d4:b1:0f:7b:
b9:8a:a1:9e:34:fe:09:c6:ed:29:82:2a:ab:01:6d:
50:b1:49:cf:bf:19:c0:33:1f:00:04:ae:02:a3:7c:
42:15:73:86:bd:94:18:9b:05:11:20:20:4f:84:00:
16:63:57:ff:45:5c:32:20:16:50:0e:03:b4:4d:40:
30:4c:5d:20:b6:4b:0d:bd:92:1e:9d:a1:89:d8:60:
22:28:9a:8a:b3:6a:b6:1a:91:6e:75:06:c8:95:b8:
5d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:09:EC:07:8A:60:06:79:A9:22:2E:13:44:A3:BB:CE:95:4E:D1:E0
X509v3 Authority Key Identifier:
keyid:FC:CC:A6:2C:BE:74:33:28:55:54:83:A8:57:E5:21:86:3F:95:3B:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_MymLL50MyhVVIOoV-Uhhj-VO0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d2e43d-1faa-40b3-b012-ee64c6e71bfb/1/SQnsB4pgBnmpIi4TRKO7zpVO0eA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d2e43d-1faa-40b3-b012-ee64c6e71bfb/1/_MymLL50MyhVVIOoV-Uhhj-VO0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.48.0/20
185.40.156.0/22
188.227.208.0/20
Signature Algorithm: sha256WithRSAEncryption
3e:a9:29:f9:80:aa:13:71:98:d3:08:41:07:10:2c:28:9c:98:
09:79:6e:32:e4:07:8b:9d:70:be:5c:f2:76:98:26:8c:0b:a1:
e5:f4:72:e3:0a:59:1c:2d:ce:4d:bc:dd:d9:54:07:43:e6:93:
ea:b3:b4:eb:2f:55:02:4f:b1:22:f4:75:1a:e4:b9:dd:d8:4b:
34:a2:d3:cf:75:4b:1b:5e:ec:a4:36:b5:66:34:64:40:e9:27:
da:9f:cf:8c:57:c2:e6:45:75:89:50:99:f6:11:c6:92:22:71:
44:e9:12:f6:ef:a1:6a:ed:16:ee:79:c8:cd:b9:4a:94:f8:f6:
41:7c:b8:11:3e:dd:bf:25:c0:bd:06:36:75:b2:57:c7:be:ae:
96:45:22:1a:ea:ca:b8:cc:ff:bb:10:c7:ad:d0:d2:ec:58:ca:
f4:20:af:f2:57:cb:20:c0:78:d0:01:f1:93:78:00:c9:ec:22:
de:07:54:71:00:3f:b7:2b:58:c1:dc:a9:ad:63:e5:f2:c7:58:
67:06:d3:46:56:a9:16:da:5e:e3:1c:e7:35:3b:02:4e:65:7d:
00:f7:b5:3d:f2:2c:71:c0:57:3c:ed:85:85:1f:20:29:37:8e:
91:d7:1f:2f:6e:54:b2:0f:e0:d7:f5:11:9e:4d:20:5e:3a:1e:
9f:a4:d8:b1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQgaFX2/8wLx5Y0uOwRoByuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjY2NhNjJjYmU3NDMzMjg1NTU0ODNhODU3ZTUyMTg2M2Y5
NTNiNDEwHhcNMjUwMTAxMDU0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTA5ZWMwNzhhNjAwNjc5YTkyMjJlMTM0NGEzYmJjZTk1NGVkMWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA98MG4GRLXJHCiuIbivcH1b3czN7V
756QZ2jIsBc40uLL3u5vaw5jtUkci0EY8qBaLU5VqDaThgJ1tMTZ4zKqiNMoTrvN
wN6W5+gw3a8zfc2WEadPrmV+0StALWLIzRKsFY9E5xwPX5j5HhZ9X5L1cPRkZ+MK
xciWq+n4vrfxhywIwMTfQ8vf1/UtA93ulPRGvCwPZpJRfH4PlDS4/drIUNSxD3u5
iqGeNP4Jxu0pgiqrAW1QsUnPvxnAMx8ABK4Co3xCFXOGvZQYmwURICBPhAAWY1f/
RVwyIBZQDgO0TUAwTF0gtksNvZIenaGJ2GAiKJqKs2q2GpFudQbIlbhd+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEkJ7AeKYAZ5qSIuE0Sju86VTtHgMB8GA1UdIwQY
MBaAFPzMpiy+dDMoVVSDqFflIYY/lTtBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX015bUxMNTBNeWhWVklPb1YtVWhoai1WTzBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9kMmU0M2QtMWZhYS00MGIzLWIwMTIt
ZWU2NGM2ZTcxYmZiLzEvU1Fuc0I0cGdCbm1wSWk0VFJLTzd6cFZPMGVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9kMmU0M2QtMWZhYS00MGIzLWIwMTItZWU2NGM2ZTcxYmZi
LzEvX015bUxMNTBNeWhWVklPb1YtVWhoai1WTzBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEBYYwAwQC
uSicAwQEvOPQMA0GCSqGSIb3DQEBCwUAA4IBAQA+qSn5gKoTcZjTCEEHECwonJgJ
eW4y5AeLnXC+XPJ2mCaMC6Hl9HLjClkcLc5NvN3ZVAdD5pPqs7TrL1UCT7Ei9HUa
5Lnd2Es0otPPdUsbXuykNrVmNGRA6Sfan8+MV8LmRXWJUJn2EcaSInFE6RL276Fq
7RbuecjNuUqU+PZBfLgRPt2/JcC9BjZ1slfHvq6WRSIa6sq4zP+7EMet0NLsWMr0
IK/yV8sgwHjQAfGTeADJ7CLeB1RxAD+3K1jB3KmtY+Xyx1hnBtNGVqkW2l7jHOc1
OwJOZX0A97U98ixxwFc87YWFHyApN46R1x8vblSyD+DX9RGeTSBeOh6fpNix
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:15:46 2025 by rpki-client