Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/GNYCBA73RNfPwbA7eeRR2Ynb_MU.roa
File: GNYCBA73RNfPwbA7eeRR2Ynb_MU.roa (raw, json)
Hash identifier: StZ632pNqDa4wkp/dODQDXg1mtBzKfLiR3mQsyHI7KM=
Subject key identifier: 18:D6:02:04:0E:F7:44:D7:CF:C1:B0:3B:79:E4:51:D9:89:DB:FC:C5
Certificate issuer: /CN=60a540ce450456345ec8e098ef4f53634d74bf1f
Certificate serial: 019422FB84265EBFEF312BAC467B756BD2B7
Authority key identifier: 60:A5:40:CE:45:04:56:34:5E:C8:E0:98:EF:4F:53:63:4D:74:BF:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YKVAzkUEVjReyOCY709TY010vx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/GNYCBA73RNfPwbA7eeRR2Ynb_MU.roa
Signing time: Wed 01 Jan 2025 17:48:16 +0000
ROA not before: Wed 01 Jan 2025 17:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 931
IP address blocks: 5.252.164.0/24 maxlen: 24
5.252.165.0/24 maxlen: 24
5.252.166.0/24 maxlen: 24
5.252.167.0/24 maxlen: 24
31.216.59.0/24 maxlen: 24
45.87.60.0/24 maxlen: 24
45.87.61.0/24 maxlen: 24
45.87.62.0/24 maxlen: 24
45.87.63.0/24 maxlen: 24
45.130.152.0/24 maxlen: 24
45.130.153.0/24 maxlen: 24
45.130.154.0/24 maxlen: 24
45.130.155.0/24 maxlen: 24
45.143.144.0/24 maxlen: 24
45.143.145.0/24 maxlen: 24
45.143.146.0/24 maxlen: 24
45.143.147.0/24 maxlen: 24
89.36.230.0/24 maxlen: 24
89.37.100.0/24 maxlen: 24
89.46.43.0/24 maxlen: 24
94.154.8.0/24 maxlen: 24
103.104.248.0/24 maxlen: 24
103.104.249.0/24 maxlen: 24
103.104.250.0/24 maxlen: 24
103.104.251.0/24 maxlen: 24
103.202.52.0/24 maxlen: 24
103.202.53.0/24 maxlen: 24
103.202.54.0/24 maxlen: 24
103.202.55.0/24 maxlen: 24
178.211.157.0/24 maxlen: 24
185.162.74.0/24 maxlen: 24
185.162.75.0/24 maxlen: 24
185.234.115.0/24 maxlen: 24
188.210.236.0/24 maxlen: 24
194.49.68.0/24 maxlen: 24
194.49.69.0/24 maxlen: 24
194.49.78.0/24 maxlen: 24
194.49.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/YKVAzkUEVjReyOCY709TY010vx8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/YKVAzkUEVjReyOCY709TY010vx8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YKVAzkUEVjReyOCY709TY010vx8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 17:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:84:26:5e:bf:ef:31:2b:ac:46:7b:75:6b:d2:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60a540ce450456345ec8e098ef4f53634d74bf1f
Validity
Not Before: Jan 1 17:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18d602040ef744d7cfc1b03b79e451d989dbfcc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ec:41:ce:62:c7:5f:cd:0f:e1:96:84:15:3e:
43:51:95:92:ac:58:84:f8:e8:46:a3:1c:c4:19:08:
47:a6:d4:fd:eb:db:de:79:5a:d0:d6:f3:c7:c3:b4:
36:22:5e:cd:5e:f8:bf:ac:05:ef:22:a0:8d:6d:9e:
8f:ae:b7:ed:bc:81:d0:4d:e1:ad:c3:dc:5f:37:f3:
53:d0:fb:c2:e4:19:db:9a:fc:b5:3a:2a:4c:62:08:
ad:e3:2e:28:5c:92:d7:c7:fc:92:9c:8f:2d:98:5a:
8c:54:8c:38:d3:9d:63:ba:a8:bf:5e:46:d8:e2:b6:
d2:69:42:cd:88:f4:5a:4f:f9:37:87:6d:ec:cf:7f:
64:a8:02:4e:68:53:e1:58:2d:ae:88:27:51:b3:7c:
a5:a0:57:ac:30:3f:41:71:93:60:9e:44:ec:b4:87:
5b:c2:8b:9a:43:f6:1f:16:29:9f:dd:ba:f6:07:22:
34:d6:5e:a7:37:2b:d0:7d:d6:63:62:19:6e:47:db:
46:12:b2:55:1f:f4:c1:60:10:01:a9:57:bc:6e:36:
f8:7f:d7:6e:1b:43:d4:00:85:ff:48:a2:89:b7:94:
d5:28:d9:6c:ff:06:4a:cc:bd:9c:11:28:e0:c4:a6:
24:52:7c:e0:f5:99:5d:af:24:56:af:7f:1b:9c:28:
6f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D6:02:04:0E:F7:44:D7:CF:C1:B0:3B:79:E4:51:D9:89:DB:FC:C5
X509v3 Authority Key Identifier:
keyid:60:A5:40:CE:45:04:56:34:5E:C8:E0:98:EF:4F:53:63:4D:74:BF:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKVAzkUEVjReyOCY709TY010vx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/GNYCBA73RNfPwbA7eeRR2Ynb_MU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/YKVAzkUEVjReyOCY709TY010vx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.164.0/22
31.216.59.0/24
45.87.60.0/22
45.130.152.0/22
45.143.144.0/22
89.36.230.0/24
89.37.100.0/24
89.46.43.0/24
94.154.8.0/24
103.104.248.0/22
103.202.52.0/22
178.211.157.0/24
185.162.74.0/23
185.234.115.0/24
188.210.236.0/24
194.49.68.0/23
194.49.78.0/23
Signature Algorithm: sha256WithRSAEncryption
76:0c:90:a9:82:9a:d6:5d:80:8d:5e:67:7a:0b:b4:29:ec:e4:
84:c3:56:58:7f:c3:dc:58:03:67:dd:d1:f5:3c:98:d0:e6:2d:
d1:d4:ef:10:b2:6b:2b:ce:56:d3:ff:07:9b:53:51:18:03:0d:
81:03:cc:55:1d:25:55:d4:48:51:89:5c:e7:9d:d5:95:99:90:
ec:bd:81:7c:c0:10:10:c3:71:ec:8c:8f:a5:8f:40:bb:3c:7e:
70:b7:39:87:dc:62:b4:51:2c:52:21:22:ff:81:18:c9:8c:00:
77:12:89:7d:3f:e8:74:7b:df:12:a8:66:63:52:01:4f:99:66:
c4:a9:0a:bf:b0:43:a1:a1:cc:46:6c:4c:45:6c:75:cd:aa:9e:
e4:51:bc:57:26:be:fe:7b:99:38:f9:68:a0:fc:c5:99:f7:41:
0b:ea:9c:73:ae:1c:53:0a:c5:44:75:e2:1f:2d:9d:12:39:d0:
ea:27:5f:0f:d8:f9:6c:3b:91:d0:b3:bd:a5:88:a9:e6:8a:7d:
97:98:24:81:e0:35:7b:29:fc:69:15:c2:4d:fd:7b:64:6d:a3:
e8:81:d6:10:78:67:72:e7:30:01:29:b4:e1:7f:07:30:1e:db:
08:96:5b:1a:22:64:b1:b1:b7:79:3b:23:7c:93:b0:94:e5:0e:
1a:b5:85:6f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZQi+4QmXr/vMSusRnt1a9K3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYTU0MGNlNDUwNDU2MzQ1ZWM4ZTA5OGVmNGY1MzYzNGQ3
NGJmMWYwHhcNMjUwMTAxMTc0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGQ2MDIwNDBlZjc0NGQ3Y2ZjMWIwM2I3OWU0NTFkOTg5ZGJmY2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOxBzmLHX80P4ZaEFT5DUZWSrFiE
+OhGoxzEGQhHptT969veeVrQ1vPHw7Q2Il7NXvi/rAXvIqCNbZ6PrrftvIHQTeGt
w9xfN/NT0PvC5Bnbmvy1OipMYgit4y4oXJLXx/ySnI8tmFqMVIw4051juqi/XkbY
4rbSaULNiPRaT/k3h23sz39kqAJOaFPhWC2uiCdRs3yloFesMD9BcZNgnkTstIdb
wouaQ/YfFimf3br2ByI01l6nNyvQfdZjYhluR9tGErJVH/TBYBABqVe8bjb4f9du
G0PUAIX/SKKJt5TVKNls/wZKzL2cESjgxKYkUnzg9ZldryRWr38bnChvwwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFBjWAgQO90TXz8GwO3nkUdmJ2/zFMB8GA1UdIwQY
MBaAFGClQM5FBFY0XsjgmO9PU2NNdL8fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUtWQXprVUVWalJleU9DWTcwOVRZMDEwdng4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xOTVhNDctYTJjYi00ZjAwLTg1MzEt
ZTQ3MzUzMWY2ZmU4LzEvR05ZQ0JBNzNSTmZQd2JBN2VlUlIyWW5iX01VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xOTVhNDctYTJjYi00ZjAwLTg1MzEtZTQ3MzUzMWY2ZmU4
LzEvWUtWQXprVUVWalJleU9DWTcwOVRZMDEwdng4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQCBfykAwQA
H9g7AwQCLVc8AwQCLYKYAwQCLY+QAwQAWSTmAwQAWSVkAwQAWS4rAwQAXpoIAwQC
Z2j4AwQCZ8o0AwQAstOdAwQBuaJKAwQAuepzAwQAvNLsAwQBwjFEAwQBwjFOMA0G
CSqGSIb3DQEBCwUAA4IBAQB2DJCpgprWXYCNXmd6C7Qp7OSEw1ZYf8PcWANn3dH1
PJjQ5i3R1O8QsmsrzlbT/webU1EYAw2BA8xVHSVV1EhRiVznndWVmZDsvYF8wBAQ
w3HsjI+lj0C7PH5wtzmH3GK0USxSISL/gRjJjAB3Eol9P+h0e98SqGZjUgFPmWbE
qQq/sEOhocxGbExFbHXNqp7kUbxXJr7+e5k4+Wig/MWZ90EL6pxzrhxTCsVEdeIf
LZ0SOdDqJ18P2PlsO5HQs72liKnmin2XmCSB4DV7KfxpFcJN/XtkbaPogdYQeGdy
5zABKbThfwcwHtsIllsaImSxsbd5OyN8k7CU5Q4atYVv
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:21:28 2025 by rpki-client