Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/gyBGqWNKS8K0vTNBAA3GKNL77Vo.roa
File: gyBGqWNKS8K0vTNBAA3GKNL77Vo.roa (raw, json)
Hash identifier: BXXbMCiaPDwWpKluJbMJNiQFpxOCWm/ZXx0AVN6V8Ew=
Subject key identifier: 83:20:46:A9:63:4A:4B:C2:B4:BD:33:41:00:0D:C6:28:D2:FB:ED:5A
Certificate issuer: /CN=ddead919b85a13051d0208b7e28ddccb398b14d6
Certificate serial: 0194266B3DC4986A5DB124C3B06A20F7CE71
Authority key identifier: DD:EA:D9:19:B8:5A:13:05:1D:02:08:B7:E2:8D:DC:CB:39:8B:14:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/gyBGqWNKS8K0vTNBAA3GKNL77Vo.roa
Signing time: Thu 02 Jan 2025 09:49:09 +0000
ROA not before: Thu 02 Jan 2025 09:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42845
IP address blocks: 37.157.224.0/21 maxlen: 24
45.137.144.0/22 maxlen: 22
77.74.208.0/21 maxlen: 24
89.46.96.0/22 maxlen: 24
95.128.144.0/21 maxlen: 24
149.255.48.0/21 maxlen: 21
185.40.224.0/22 maxlen: 22
185.135.124.0/22 maxlen: 22
185.185.116.0/22 maxlen: 22
185.232.224.0/22 maxlen: 22
193.28.233.0/24 maxlen: 24
194.150.92.0/22 maxlen: 22
2a00:7200::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.mft
rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:3d:c4:98:6a:5d:b1:24:c3:b0:6a:20:f7:ce:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddead919b85a13051d0208b7e28ddccb398b14d6
Validity
Not Before: Jan 2 09:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=832046a9634a4bc2b4bd3341000dc628d2fbed5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e9:8c:21:d2:3b:49:a2:c6:8c:3f:ab:37:69:
e6:6b:03:54:4c:a1:4b:66:b5:2c:e3:bd:24:b3:fb:
c8:76:c6:95:34:60:99:35:0d:b6:65:f9:ec:38:ef:
32:36:ad:1c:dd:54:64:46:db:0d:d5:24:e1:c1:8d:
5a:08:b6:01:5c:84:52:b7:4c:52:05:3f:f6:1b:a7:
db:1b:8a:3b:84:24:6e:74:54:6a:d6:bb:e7:c9:c7:
b2:dc:4a:41:59:e9:b6:b5:c8:65:8c:9b:bd:2d:cd:
f5:44:17:b7:a4:61:44:75:86:a0:46:7b:60:30:b7:
36:a7:c6:c7:95:c6:2a:ac:59:1a:98:db:97:06:6d:
7c:83:14:93:b1:fa:38:b5:5e:17:08:4d:34:dc:06:
40:55:99:c9:98:bb:e7:01:c4:0d:7d:ac:17:3f:66:
98:82:ac:a1:01:35:b5:66:41:41:05:48:73:1e:e9:
81:c2:51:49:c8:62:80:a0:9f:20:b4:57:05:10:ad:
3e:52:5f:b6:21:1c:57:46:88:b4:12:27:87:95:18:
7a:ad:0e:ab:14:1d:e9:51:62:3f:ec:68:34:30:d6:
b8:5f:69:1a:34:74:1c:88:89:5a:4d:4b:6c:d2:a9:
9d:85:52:ab:ac:d7:44:b2:52:10:77:02:ae:b5:62:
1b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:20:46:A9:63:4A:4B:C2:B4:BD:33:41:00:0D:C6:28:D2:FB:ED:5A
X509v3 Authority Key Identifier:
keyid:DD:EA:D9:19:B8:5A:13:05:1D:02:08:B7:E2:8D:DC:CB:39:8B:14:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/gyBGqWNKS8K0vTNBAA3GKNL77Vo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.224.0/21
45.137.144.0/22
77.74.208.0/21
89.46.96.0/22
95.128.144.0/21
149.255.48.0/21
185.40.224.0/22
185.135.124.0/22
185.185.116.0/22
185.232.224.0/22
193.28.233.0/24
194.150.92.0/22
IPv6:
2a00:7200::/32
Signature Algorithm: sha256WithRSAEncryption
82:dc:50:e0:00:82:5c:4b:fe:f2:f1:87:95:38:d1:5c:e6:39:
d4:b0:36:6f:cc:c0:21:0f:e3:01:e6:00:a2:da:76:89:07:eb:
00:ae:a3:58:b9:6c:67:d1:62:2e:8f:ce:ab:f1:ed:04:a3:d1:
c9:1f:c2:ed:ac:21:fb:65:65:97:12:81:34:75:df:f2:dd:98:
63:2e:15:c3:7b:70:a7:e1:b5:0e:93:b6:16:66:c1:98:03:d7:
a3:02:41:5f:92:a4:71:d6:39:08:3f:a8:8e:71:18:47:b5:9f:
76:63:ba:72:12:ce:1d:80:18:7d:57:91:b4:03:c3:84:d5:2b:
5b:19:ca:a7:86:f5:06:01:23:d9:a7:1b:6a:66:d0:63:db:22:
ae:17:56:ca:a0:f7:fd:5e:f5:aa:0c:cc:44:82:a6:ba:f3:49:
e8:f7:25:cd:fc:e7:7a:24:2a:d9:a2:83:69:fb:5e:10:2d:fa:
1b:bc:6e:92:77:32:a8:93:99:f7:9b:11:9f:58:8c:93:ff:f3:
45:ae:14:ff:43:dc:ae:03:ce:14:e6:f4:1d:7b:01:e0:06:0c:
a1:3a:e8:7f:f6:06:73:8d:60:29:e8:16:ba:c1:6b:58:d4:a8:
c2:bc:85:bf:3b:ea:3c:c2:cd:1a:ff:69:39:c3:25:74:41:ae:
df:d0:dc:f2
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZQmaz3EmGpdsSTDsGog985xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZWFkOTE5Yjg1YTEzMDUxZDAyMDhiN2UyOGRkY2NiMzk4
YjE0ZDYwHhcNMjUwMTAyMDk0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzIwNDZhOTYzNGE0YmMyYjRiZDMzNDEwMDBkYzYyOGQyZmJlZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsemMIdI7SaLGjD+rN2nmawNUTKFL
ZrUs470ks/vIdsaVNGCZNQ22ZfnsOO8yNq0c3VRkRtsN1SThwY1aCLYBXIRSt0xS
BT/2G6fbG4o7hCRudFRq1rvnycey3EpBWem2tchljJu9Lc31RBe3pGFEdYagRntg
MLc2p8bHlcYqrFkamNuXBm18gxSTsfo4tV4XCE003AZAVZnJmLvnAcQNfawXP2aY
gqyhATW1ZkFBBUhzHumBwlFJyGKAoJ8gtFcFEK0+Ul+2IRxXRoi0EieHlRh6rQ6r
FB3pUWI/7Gg0MNa4X2kaNHQciIlaTUts0qmdhVKrrNdEslIQdwKutWIb7wIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFIMgRqljSkvCtL0zQQANxijS++1aMB8GA1UdIwQY
MBaAFN3q2Rm4WhMFHQIIt+KN3Ms5ixTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS84ZWZmZTQtZWRiYi00ZGQ0LTg1ZDQt
NDhiOGI1YTliNDExLzEvZ3lCR3FXTktTOEswdlROQkFBM0dLTkw3N1ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS84ZWZmZTQtZWRiYi00ZGQ0LTg1ZDQtNDhiOGI1YTliNDEx
LzEvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDJZ3gAwQC
LYmQAwQDTUrQAwQCWS5gAwQDX4CQAwQDlf8wAwQCuSjgAwQCuYd8AwQCubl0AwQC
uejgAwQAwRzpAwQCwpZcMA0EAgACMAcDBQAqAHIAMA0GCSqGSIb3DQEBCwUAA4IB
AQCC3FDgAIJcS/7y8YeVONFc5jnUsDZvzMAhD+MB5gCi2naJB+sArqNYuWxn0WIu
j86r8e0Eo9HJH8LtrCH7ZWWXEoE0dd/y3ZhjLhXDe3Cn4bUOk7YWZsGYA9ejAkFf
kqRx1jkIP6iOcRhHtZ92Y7pyEs4dgBh9V5G0A8OE1StbGcqnhvUGASPZpxtqZtBj
2yKuF1bKoPf9XvWqDMxEgqa680no9yXN/Od6JCrZooNp+14QLfobvG6SdzKok5n3
mxGfWIyT//NFrhT/Q9yuA84U5vQdewHgBgyhOuh/9gZzjWAp6Ba6wWtY1KjCvIW/
O+o8ws0a/2k5wyV0Qa7f0Nzy
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:42:31 2025 by rpki-client